diff options
-rw-r--r-- | po/LINGUAS | 15 | ||||
-rw-r--r-- | po/ja.po | 23 | ||||
-rw-r--r-- | po/pl.po | 56 | ||||
-rw-r--r-- | po/uk.po | 80 | ||||
-rw-r--r-- | src/man/po/es.po | 5411 | ||||
-rw-r--r-- | src/man/po/nl.po | 5408 | ||||
-rw-r--r-- | src/man/po/pl.po | 5328 | ||||
-rw-r--r-- | src/man/po/po4a.cfg | 2 |
8 files changed, 16217 insertions, 106 deletions
@@ -1,14 +1,13 @@ +de es -pl +fr +id +it ja nl +pl pt -de +ru sv -it -fr -id -zh_TW uk -ru - +zh_TW @@ -1,22 +1,21 @@ -# translation of sss_daemon_ja.po to Japanese +# SOME DESCRIPTIVE TITLE. # Copyright (C) YEAR Red Hat, Inc. # This file is distributed under the same license as the PACKAGE package. -# -# Noriko Mizumoto <noriko@fedoraproject.org>, 2009. +# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR. +# msgid "" msgstr "" -"Project-Id-Version: sss_daemon_ja\n" +"Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" "POT-Creation-Date: 2011-01-21 16:56-0500\n" -"PO-Revision-Date: 2009-11-18 09:48+1000\n" -"Last-Translator: Noriko Mizumoto <noriko@fedoraproject.org>\n" -"Language-Team: Japanese <fedora-trans-ja@redhat.com>\n" -"Language: ja\n" +"PO-Revision-Date: 2011-03-08 15:09+0000\n" +"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" +"Language-Team: LANGUAGE <LL@li.org>\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"X-Generator: KBabel 1.11.4\n" -"Plural-Forms: nplurals=1; plural=0;\n" +"Language: ja\n" +"Plural-Forms: nplurals=1; plural=0\n" #: src/config/SSSDConfig.py:39 msgid "Set the verbosity of the debug logging" @@ -920,8 +919,8 @@ msgstr "" #: src/tools/sss_groupmod.c:128 msgid "" -"Cannot find group in local domain, modifying groups is allowed only in local " -"domain\n" +"Cannot find group in local domain, modifying groups is allowed only in local" +" domain\n" msgstr "" #: src/tools/sss_groupmod.c:149 src/tools/sss_groupmod.c:176 @@ -1,18 +1,21 @@ -# translation of pl.po to Polish -# Piotr Drąg <piotrdrag@gmail.com>, 2009. -# +# SOME DESCRIPTIVE TITLE. +# Copyright (C) YEAR Red Hat, Inc. +# This file is distributed under the same license as the PACKAGE package. +# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR. +# msgid "" msgstr "" -"Project-Id-Version: pl\n" +"Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" "POT-Creation-Date: 2011-01-21 16:56-0500\n" -"PO-Revision-Date: 2011-01-23 17:33+0100\n" -"Last-Translator: Piotr Drąg <piotrdrag@gmail.com>\n" -"Language-Team: Polish <trans-pl@lists.fedoraproject.org>\n" -"Language: pl\n" +"PO-Revision-Date: 2011-03-08 15:07+0000\n" +"Last-Translator: sgallagh <sgallagh@redhat.com>\n" +"Language-Team: Polish <None>\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" +"Language: pl\n" +"Plural-Forms: nplurals=3; plural=(n==1 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2)\n" #: src/config/SSSDConfig.py:39 msgid "Set the verbosity of the debug logging" @@ -149,7 +152,8 @@ msgstr "Włącza wyliczanie wszystkich użytkowników/grup" #: src/config/SSSDConfig.py:80 msgid "Cache credentials for offline login" -msgstr "Dane uwierzytelniające pamięci podręcznej dla logowań w trybie offline" +msgstr "" +"Dane uwierzytelniające pamięci podręcznej dla logowań w trybie offline" #: src/config/SSSDConfig.py:81 msgid "Store password hashes" @@ -173,14 +177,14 @@ msgstr "" #: src/config/SSSDConfig.py:85 msgid "How long to keep cached entries after last successful login (days)" msgstr "" -"Jak długo utrzymywać wpisy logowania w pamięci podręcznej po ostatnim udanym " -"zalogowaniu (dni)" +"Jak długo utrzymywać wpisy logowania w pamięci podręcznej po ostatnim udanym" +" zalogowaniu (dni)" #: src/config/SSSDConfig.py:86 msgid "How long to wait for replies from DNS when resolving servers (seconds)" msgstr "" -"Jak długo czekać na odpowiedzi od serwera DNS podczas rozwiązywania serwerów " -"(sekundy)" +"Jak długo czekać na odpowiedzi od serwera DNS podczas rozwiązywania serwerów" +" (sekundy)" #: src/config/SSSDConfig.py:87 msgid "The domain part of service discovery DNS query" @@ -245,8 +249,8 @@ msgstr "Włącza sprawdzanie danych uwierzytelniających" #: src/config/SSSDConfig.py:108 msgid "Store password if offline for later online authentication" msgstr "" -"Przechowuje hasło, jeśli w trybie offline do późniejszego uwierzytelnienia w " -"trybie online" +"Przechowuje hasło, jeśli w trybie offline do późniejszego uwierzytelnienia w" +" trybie online" #: src/config/SSSDConfig.py:109 msgid "Renewable lifetime of the TGT" @@ -869,7 +873,8 @@ msgstr "Nie można utworzyć buforu poczty użytkownika: %s\n" #: src/tools/sss_useradd.c:258 msgid "Could not allocate ID for the user - domain full?\n" msgstr "" -"Nie można przydzielić identyfikatora użytkownikowi - czy domena jest pełna?\n" +"Nie można przydzielić identyfikatora użytkownikowi - czy domena jest " +"pełna?\n" #: src/tools/sss_useradd.c:262 msgid "A user or group with the same name or ID already exists\n" @@ -918,8 +923,8 @@ msgid "" "No such group in local domain. Removing groups only allowed in local " "domain.\n" msgstr "" -"Nie ma takiej grupy w lokalnej domenie. Usuwanie grup jest dozwolone tylko w " -"lokalnej domenie.\n" +"Nie ma takiej grupy w lokalnej domenie. Usuwanie grup jest dozwolone tylko w" +" lokalnej domenie.\n" #: src/tools/sss_groupdel.c:122 msgid "Internal error. Could not remove group.\n" @@ -943,8 +948,8 @@ msgstr "Proszę podać grupę do zmodyfikowania\n" #: src/tools/sss_groupmod.c:128 msgid "" -"Cannot find group in local domain, modifying groups is allowed only in local " -"domain\n" +"Cannot find group in local domain, modifying groups is allowed only in local" +" domain\n" msgstr "" "Nie można odnaleźć grupy w lokalnej domenie, modyfikowanie grup jest " "dozwolone tylko w lokalnej domenie\n" @@ -966,8 +971,8 @@ msgstr "" #: src/tools/sss_groupmod.c:218 msgid "Could not modify group - check if member group names are correct\n" msgstr "" -"Nie można zmodyfikować grupy - proszę sprawdzić, czy nazwy członków grupy są " -"poprawne\n" +"Nie można zmodyfikować grupy - proszę sprawdzić, czy nazwy członków grupy są" +" poprawne\n" #: src/tools/sss_groupmod.c:222 msgid "Could not modify group - check if groupname is correct\n" @@ -1029,8 +1034,8 @@ msgid "" "No such group in local domain. Printing groups only allowed in local " "domain.\n" msgstr "" -"Nie ma takiej grupy w lokalnej domenie. Drukowanie grup jest dozwolone tylko " -"w lokalnej domenie.\n" +"Nie ma takiej grupy w lokalnej domenie. Drukowanie grup jest dozwolone tylko" +" w lokalnej domenie.\n" #: src/tools/sss_groupshow.c:699 msgid "Internal error. Could not print group.\n" @@ -1166,4 +1171,5 @@ msgstr "%s musi zostać uruchomione jako root\n" #: src/util/util.h:67 msgid "Send the debug output to files instead of stderr" msgstr "" -"Wysyła wyjście debugowania do plików, zamiast do standardowego wyjścia błędów" +"Wysyła wyjście debugowania do plików, zamiast do standardowego wyjścia " +"błędów" @@ -1,22 +1,21 @@ +# SOME DESCRIPTIVE TITLE. # Copyright (C) YEAR Red Hat, Inc. # This file is distributed under the same license as the PACKAGE package. -# -# Yuri Chornoivan <yurchor@ukr.net>, 2010, 2011. +# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR. +# msgid "" msgstr "" -"Project-Id-Version: \n" +"Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" "POT-Creation-Date: 2011-01-21 16:56-0500\n" -"PO-Revision-Date: 2011-01-23 10:08+0200\n" -"Last-Translator: Yuri Chornoivan <yurchor@ukr.net>\n" -"Language-Team: Ukrainian <translation@linux.org.ua>\n" -"Language: uk\n" +"PO-Revision-Date: 2011-03-08 15:07+0000\n" +"Last-Translator: sgallagh <sgallagh@redhat.com>\n" +"Language-Team: LANGUAGE <LL@li.org>\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"X-Generator: Lokalize 1.2\n" -"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n" -"%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n" +"Language: uk\n" +"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2)\n" #: src/config/SSSDConfig.py:39 msgid "Set the verbosity of the debug logging" @@ -110,7 +109,8 @@ msgstr "" #: src/config/SSSDConfig.py:66 msgid "What kind of messages are displayed to the user during authentication" -msgstr "Тип повідомлень, які буде показано користувачеві під час розпізнавання" +msgstr "" +"Тип повідомлень, які буде показано користувачеві під час розпізнавання" #: src/config/SSSDConfig.py:67 msgid "How many seconds to keep identity information cached for PAM requests" @@ -184,8 +184,8 @@ msgstr "" #: src/config/SSSDConfig.py:86 msgid "How long to wait for replies from DNS when resolving servers (seconds)" msgstr "" -"Тривалість очікування на відповідь від DNS під час визначення адрес серверів " -"(у секундах)" +"Тривалість очікування на відповідь від DNS під час визначення адрес серверів" +" (у секундах)" #: src/config/SSSDConfig.py:87 msgid "The domain part of service discovery DNS query" @@ -876,8 +876,7 @@ msgstr "Не вдалося створити поштовий буфер кор #: src/tools/sss_useradd.c:258 msgid "Could not allocate ID for the user - domain full?\n" -msgstr "" -"Не вдалося отримати ідентифікатор для користувача. Домен переповнено?\n" +msgstr "Не вдалося отримати ідентифікатор для користувача. Домен переповнено?\n" #: src/tools/sss_useradd.c:262 msgid "A user or group with the same name or ID already exists\n" @@ -952,8 +951,8 @@ msgstr "Вкажіть групу, запис якої слід змінити\n #: src/tools/sss_groupmod.c:128 msgid "" -"Cannot find group in local domain, modifying groups is allowed only in local " -"domain\n" +"Cannot find group in local domain, modifying groups is allowed only in local" +" domain\n" msgstr "" "Не вдалося знайти групу у локальному домені. Зміну записів груп можна " "виконувати лише у межах локального домену\n" @@ -982,7 +981,8 @@ msgstr "" #: src/tools/sss_groupmod.c:222 msgid "Could not modify group - check if groupname is correct\n" msgstr "" -"Не вдалося змінити запис групи. Перевірте, чи правильно вказано назву групи\n" +"Не вдалося змінити запис групи. Перевірте, чи правильно вказано назву " +"групи\n" #: src/tools/sss_groupmod.c:226 msgid "Transaction error. Could not modify group.\n" @@ -1109,8 +1109,8 @@ msgstr "Не вдалося вилучити домашній каталог: %s msgid "" "No such user in local domain. Removing users only allowed in local domain.\n" msgstr "" -"У локальному домені немає такого користувача. Вилучення користувачів можливе " -"лише у межах локального домену.\n" +"У локальному домені немає такого користувача. Вилучення користувачів можливе" +" лише у межах локального домену.\n" #: src/tools/sss_userdel.c:315 msgid "Internal error. Could not remove user.\n" @@ -1176,43 +1176,3 @@ msgstr "%s слід виконувати від імені користувач #: src/util/util.h:67 msgid "Send the debug output to files instead of stderr" msgstr "Надіслати діагностичні дані до файлів, а не до stderr" - -#~ msgid "Ping timeout before restarting domain" -#~ msgstr "Час очікування відповіді на пінг перед перезапуском домену" - -#~ msgid "sssd must be run as root\n" -#~ msgstr "sssd слід запускати від імені користувача root\n" - -#~ msgid "" -#~ "nscd socket was detected. As nscd caching capabilities may conflict with " -#~ "SSSD, it is recommended to not run nscd in parallel with SSSD\n" -#~ msgstr "" -#~ "Було виявлено сокет nscd. Можливості з кешування nscd можуть " -#~ "конфліктувати з SSSD. Не рекомендуємо вам користуватися nscd паралельно з " -#~ "SSSD\n" - -#~ msgid "" -#~ "Cannot read config file %s, please check if permissions are 0600 and the " -#~ "file is owned by root.root\n" -#~ msgstr "" -#~ "Не вдалося прочитати файл налаштувань %s, будь ласка, перевірте, чи " -#~ "встановлено для цього файла права доступу 0600 і чи є парою власник-група " -#~ "файла root.root\n" - -#~ msgid "Cannot load configuration database\n" -#~ msgstr "Не вдалося завантажити базу даних налаштувань\n" - -#~ msgid "The principal of the change password service" -#~ msgstr "Реєстраційний запис служби зміни паролів" - -#~ msgid "Offline authentication" -#~ msgstr "Автономне розпізнавання" - -#~ msgid "The GID or group name of the user" -#~ msgstr "Ідентифікатор або назва групи користувача" - -#~ msgid "Cannot get group information for the user\n" -#~ msgstr "Не вдалося отримати відомості щодо групи користувача\n" - -#~ msgid "Cannot initiate search\n" -#~ msgstr "Не вдалося започаткувати пошук\n" diff --git a/src/man/po/es.po b/src/man/po/es.po new file mode 100644 index 00000000..ec42b92a --- /dev/null +++ b/src/man/po/es.po @@ -0,0 +1,5411 @@ +# SOME DESCRIPTIVE TITLE +# Copyright (C) YEAR Red Hat +# This file is distributed under the same license as the sssd-docs package. +# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR. +# +msgid "" +msgstr "" +"Project-Id-Version: SSSD\n" +"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" +"POT-Creation-Date: 2011-01-24 13:36-0500\n" +"PO-Revision-Date: 2011-03-08 15:06+0000\n" +"Last-Translator: sgallagh <sgallagh@redhat.com>\n" +"Language-Team: Spanish (Castilian) <None>\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Language: es\n" +"Plural-Forms: nplurals=2; plural=(n != 1)\n" + +#. type: Content of: <reference><title> +#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 +#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 +#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 +#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 +#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 +msgid "SSSD Manual pages" +msgstr "Páginas de manual de SSSD" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 +msgid "sss_groupmod" +msgstr "sss_groupmod" + +#. type: Content of: <reference><refentry><refmeta><manvolnum> +#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 +#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 +#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 +#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 +msgid "8" +msgstr "8" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_groupmod.8.xml:16 +msgid "modify a group" +msgstr "modifica un grupo" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_groupmod.8.xml:21 +msgid "" +"<command>sss_groupmod</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>GROUP</replaceable></arg>" +msgstr "" +"<command>sss_groupmod</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>GROUP</replaceable></arg>" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:41 +#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 +#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 +#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 +#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 +msgid "DESCRIPTION" +msgstr "DESCRIPCION" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupmod.8.xml:32 +msgid "" +"<command>sss_groupmod</command> modifies the group to reflect the changes " +"that are specified on the command line." +msgstr "" +"<command>sss_groupmod</command> modifica el grupo para reflejar los cambios " +"indicados en la línea de comandos." + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_groupmod.8.xml:39 pam_sss.8.xml:48 sssd.8.xml:42 sss_obfuscate.8.xml:59 +#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 +#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 +msgid "OPTIONS" +msgstr "OPCIONES" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 +msgid "" +"<option>-a</option>,<option>--append-group</option> " +"<replaceable>GROUPS</replaceable>" +msgstr "" +"<option>-a</option>,<option>--append-group</option> " +"<replaceable>GROUPS</replaceable>" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_groupmod.8.xml:48 +msgid "" +"Append this group to groups specified by the " +"<replaceable>GROUPS</replaceable> parameter. The " +"<replaceable>GROUPS</replaceable> parameter is a comma separated list of " +"group names." +msgstr "" +"Agrega este grupo a otros grupos que hayan sido indicados con el parámetro " +"<replaceable>GROUPS</replaceable>. El parámetros " +"<replaceable>GROUPS</replaceable> es una lista de nombres de grupos " +"separados por comas." + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 +msgid "" +"<option>-r</option>,<option>--remove-group</option> " +"<replaceable>GROUPS</replaceable>" +msgstr "" +"<option>-r</option>,<option>--remove-group</option> " +"<replaceable>GROUPS</replaceable>" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_groupmod.8.xml:62 +msgid "" +"Remove this group from groups specified by the " +"<replaceable>GROUPS</replaceable> parameter." +msgstr "" +"Elimina este grupo de los grupos especificados con el parámetro " +"<replaceable>GROUPS</replaceable>" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1008 sssd-ldap.5.xml:1389 +#: pam_sss.8.xml:128 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 +#: sssd-ipa.5.xml:191 sssd.8.xml:166 sss_obfuscate.8.xml:104 +#: sss_useradd.8.xml:167 sssd-krb5.5.xml:424 sss_groupadd.8.xml:58 +#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 +#: sss_usermod.8.xml:138 +msgid "SEE ALSO" +msgstr "VEA TAMBIEN" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupmod.8.xml:74 +msgid "" +"<citerefentry> " +"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>." +msgstr "" +"<citerefentry> " +"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>." + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd.conf.5.xml:10 sssd.conf.5.xml:16 +msgid "sssd.conf" +msgstr "sssd.conf" + +#. type: Content of: <reference><refentry><refmeta><manvolnum> +#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 +#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 +msgid "5" +msgstr "5" + +#. type: Content of: <reference><refentry><refmeta><refmiscinfo> +#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 +#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12 +msgid "File Formats and Conventions" +msgstr "Formatos de archivo y convenciones" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 +#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 +msgid "the configuration file for SSSD" +msgstr "El archivo de configuración de SSSD" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:21 +msgid "FILE FORMAT" +msgstr "Formato de archivo" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd.conf.5.xml:29 +#, no-wrap +msgid "" +" <replaceable>[section]</replaceable>\n" +" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" +" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" +" " +msgstr "" +" <replaceable>[section]</replaceable>\n" +" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" +" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" +" " + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:24 +msgid "" +"The file has an ini-style syntax and consists of sections and parameters. A " +"section begins with the name of the section in square brackets and continues" +" until the next section begins. An example of section with single and multi-" +"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" +"El archivo posee una sintaxis de tipo ini consistente de secciones y " +"parámetros. Una sección comienza con el nombre de dicha sección colocado " +"entre corchetes, y continua hasta que comienza la próxima sección. Este es " +"un ejemplo de una sección con parámetros de valores simples y múltiples: " +"<placeholder type=\"programlisting\" id=\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:36 +msgid "" +"The data types used are string (no quotes needed), integer and bool (with " +"values of <quote>TRUE/FALSE</quote>)." +msgstr "" +"Los tipos de datos utilizados son cadenas (no es necesario ingresarlos entre" +" comillas), enteros o booleanos (cuyos valores son " +"<quote>TRUE/FALSE</quote>)." + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:41 +msgid "" +"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " +"(<quote>;</quote>)" +msgstr "" +"Una línea que ha sido comentada es iniciada con el símbolo numeral " +"(<quote>#</quote>) o con un punto y coma (<quote>;</quote>)" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:46 +msgid "" +"All sections can have an optional <replaceable>description</replaceable> " +"parameter. Its function is only as a label for the section." +msgstr "" +"Todas las secciones pueden tener un parámetro opcional de " +"<replaceable>descripción</replaceable>. Su función es solo la de servir como" +" etiqueta a tal sección." + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:52 +msgid "" +"<filename>sssd.conf</filename> must be a regular file, owned by root and " +"only root may read from or write to the file." +msgstr "" +"<filename>sssd.conf</filename> debe ser un archivo regular, cuyo dueño sea " +"el usuario root, y sólo este usuario podrá tener permisos de lectura y " +"escritura sobre él." + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:58 +msgid "SPECIAL SECTIONS" +msgstr "SECCIONES ESPECIALES" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:61 +msgid "The [sssd] section" +msgstr "La sección [sssd]" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><title> +#: sssd.conf.5.xml:70 sssd.conf.5.xml:854 +msgid "Section parameters" +msgstr "Parámetros de sección" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:72 +msgid "config_file_version (integer)" +msgstr "config_file_version (entero)" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:75 +msgid "" +"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " +"version 2." +msgstr "" +"Indica cuál es la sintaxis del archivo de configuración. SSSD 0.6.0 y " +"posteriores utilizan una versión 2." + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:81 +msgid "services" +msgstr "servicios" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:84 +msgid "" +"Comma separated list of services that are started when sssd itself starts." +msgstr "" +"Una lista separadas por comas de los servicios que son iniciados cuando se " +"enciende sssd." + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:88 +msgid "Supported services: nss, pam" +msgstr "Servicios soportados: nss, pam" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:93 sssd.conf.5.xml:234 +msgid "reconnection_retries (integer)" +msgstr "reconnection_retries (entero)" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:96 sssd.conf.5.xml:237 +msgid "" +"Number of times services should attempt to reconnect in the event of a Data " +"Provider crash or restart before they give up" +msgstr "" +"Cantidad de intentos de reconexión de los servicios ante una eventual caída " +"de datos del proveedor, o de reiniciarse antes de abandonar" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:101 sssd.conf.5.xml:242 +msgid "Default: 3" +msgstr "Predeterminado: 3" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:106 +msgid "domains" +msgstr "dominios" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:109 +msgid "" +"A domain is a database containing user information. SSSD can use more " +"domains at the same time, but at least one must be configured or SSSD won't " +"start. This parameter described the list of domains in the order you want " +"them to be queried." +msgstr "" +"Un dominio es una base datos que contiene información del usuario. SSSD " +"puede utilizar varios dominios al mismo tiempo, pero al menos uno debe ser " +"configurado. De lo contrario SSSD no podrá iniciarse. Este parámetro " +"describe una lista de los dominios, en el orden en que se prefiera que sean " +"consultados." + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:119 +msgid "re_expression (string)" +msgstr "re_expression (cadena)" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:122 +msgid "" +"Regular expression that describes how to parse the string containing user " +"name and domain into these components." +msgstr "" +"Expresiones regulares que describen cómo analizar la cadena, conteniendo " +"nombre de usuariosy dominio en estos componentes." + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:126 +msgid "" +"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " +"which translates to \"the name is everything up to the <quote>@</quote> " +"sign, the domain everything after that\"" +msgstr "" +"Predeterminado: " +"<quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> que traduce " +"al \"todo lo que hay hasta el signo <quote>@</quote> es el nombre, el " +"dominio es el resto detrás de este signo\"" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:131 +msgid "" +"PLEASE NOTE: the support for non-unique named subpatterns is not available " +"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " +"version 7 or higher can support non-unique named subpatterns." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:138 +msgid "" +"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax " +"(?P<name>) to label subpatterns." +msgstr "" +"POR FAVOR TENGA EN CUENTA ADEMAS: Versiones anteriores de libpcre sólo " +"soportan la sintaxis Python (?P<name>) para identificar subpatrones." + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:145 +msgid "full_name_format (string)" +msgstr "full_name_format (cadena)" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:148 +msgid "" +"A <citerefentry> <refentrytitle>printf</refentrytitle> " +"<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes " +"how to translate a (name, domain) tuple into a fully qualified name." +msgstr "" +"Un formato compatible con <citerefentry> " +"<refentrytitle>printf</refentrytitle> <manvolnum>3</manvolnum> " +"</citerefentry> que describe cómo traducir una tupla (nombre, dominio), a un" +" nombre totalmente calificado." + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:156 +msgid "Default: <quote>%1$s@%2$s</quote>." +msgstr "Predeterminado: <quote>%1$s@%2$s</quote>." + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:161 +msgid "try_inotify (boolean)" +msgstr "try_inotify (booleano)" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:164 +msgid "" +"SSSD monitors the state of resolv.conf to identify when it needs to update " +"its internal DNS resolver. By default, we will attempt to use inotify for " +"this, and will fall back to polling resolv.conf every five seconds if " +"inotify cannot be used." +msgstr "" +"SSSD monitorea el estado de resolv.conf para saber cuando es necesario " +"actualizar su resolutor DNS interno. Por defecto, intentaremos utilizar para" +" ello la herramienta inotify, quien consultará a resolv.conf cada cinco " +"segundos en caso que inotify no pueda ser utilizado." + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:172 +msgid "" +"There are some limited situations where it is preferred that we should skip " +"even trying to use inotify. In these rare cases, this option should be set " +"to 'false'" +msgstr "" +"Existen algunas pocas situaciones en donde lo preferible es evitar el uso de" +" inotify. En estas raras excepciones, la opción debería ser definida en " +"'false' " + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:178 +msgid "" +"Default: true on platforms where inotify is supported. False on other " +"platforms." +msgstr "" +"Predeterminado: 'true' en plataformas donde inotify tenga soporte. 'False' " +"en el resto de las plataformas." + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:182 +msgid "" +"Note: this option will have no effect on platforms where inotify is " +"unavailable. On these platforms, polling will always be used." +msgstr "" +"Nota: esta opción no tendrá efecto en plataformas donde inotify no se " +"encuenytre disponible. En estas plataformas, la consulta (polling) será " +"utilizada siempre." + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sssd.conf.5.xml:63 +msgid "" +"Individual pieces of SSSD functionality are provided by special SSSD " +"services that are started and stopped together with SSSD. The services are " +"managed by a special service frequently called <quote>monitor</quote>. The " +"<quote>[sssd]</quote> section is used to configure the monitor as well as " +"some other important options like the identity domains. <placeholder " +"type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:195 +msgid "SERVICES SECTIONS" +msgstr "SECCIONES DE SERVICIOS" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:197 +msgid "" +"Settings that can be used to configure different services are described in " +"this section. They should reside in the [<replaceable>$NAME</replaceable>] " +"section, for example, for NSS service, the section would be " +"<quote>[nss]</quote>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:204 +msgid "General service configuration options" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sssd.conf.5.xml:206 +msgid "These options can be used to configure any service." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:210 +msgid "debug_level (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:213 +msgid "" +"Sets the debug level for the service. The value can be in range from 0 (only" +" critical messages) to 10 (very verbose)." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:218 sssd.conf.5.xml:312 +msgid "Default: 0" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.conf.5.xml:223 sssd.8.xml:58 +msgid "debug_timestamps (bool)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:226 sssd.8.xml:61 +msgid "Add a timestamp to the debug messages" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:229 sssd.conf.5.xml:353 sssd-ldap.5.xml:1015 +#: sssd-ldap.5.xml:1120 sssd-ipa.5.xml:155 +msgid "Default: true" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:247 +msgid "command (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:250 +msgid "" +"By default, the executable representing this service is called " +"<command>sssd_${service_name}</command>. This directive allows to change " +"the executable name for the service. In the vast majority of configurations," +" the default values should suffice." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:258 +msgid "Default: <command>sssd_${service_name}</command>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:266 +msgid "NSS configuration options" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sssd.conf.5.xml:268 +msgid "" +"These options can be used to configure the Name Service Switch (NSS) " +"service." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:273 +msgid "enum_cache_timeout (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:276 +msgid "" +"How many seconds should nss_sss cache enumerations (requests for info about " +"all users)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:280 +msgid "Default: 120" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:285 +msgid "entry_cache_nowait_percentage (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:288 +msgid "" +"The entry cache can be set to automatically update entries in the background" +" if they are requested beyond a percentage of the entry_cache_timeout value " +"for the domain." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:294 +msgid "" +"For example, if the domain's entry_cache_timeout is set to 30s and " +"entry_cache_nowait_percentage is set to 50 (percent), entries that come in " +"after 15 seconds past the last cache update will be returned immediately, " +"but the SSSD will go and update the cache on its own, so that future " +"requests will not need to block waiting for a cache update." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:304 +msgid "" +"Valid values for this option are 0-99 and represent a percentage of the " +"entry_cache_timeout for each domain. For performance reasons, this " +"percentage will never reduce the nowait timeout to less than 10 seconds. (0" +" disables this feature)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:317 +msgid "entry_negative_timeout (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:320 +msgid "" +"Specifies for how many seconds nss_sss should cache negative cache hits " +"(that is, queries for invalid database entries, like nonexistent ones) " +"before asking the back end again." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:326 sssd-krb5.5.xml:223 +msgid "Default: 15" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:331 +msgid "filter_users, filter_groups (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:334 +msgid "" +"Exclude certain users from being fetched from the sss NSS database. This is " +"particularly useful for system accounts. This option can also be set per-" +"domain or include fully-qualified names to filter only users from the " +"particular domain." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:341 +msgid "Default: root" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:346 +msgid "filter_users_in_groups (bool)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:349 +msgid "" +"If you want filtered user still be group members set this option to false." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:360 +msgid "PAM configuration options" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sssd.conf.5.xml:362 +msgid "" +"These options can be used to configure the Pluggable Authentication Module " +"(PAM) service." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:367 +msgid "offline_credentials_expiration (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:370 +msgid "" +"If the authentication provider is offline, how long should we allow cached " +"logins (in days since the last successful online login)." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:375 sssd.conf.5.xml:388 +msgid "Default: 0 (No limit)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:381 +msgid "offline_failed_login_attempts (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:384 +msgid "" +"If the authentication provider is offline, how many failed login attempts " +"are allowed." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:394 +msgid "offline_failed_login_delay (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:397 +msgid "" +"The time in minutes which has to pass after offline_failed_login_attempts " +"has been reached before a new login attempt is possible." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:402 +msgid "" +"If set to 0 the user cannot authenticate offline if " +"offline_failed_login_attempts has been reached. Only a successful online " +"authentication can enable enable offline authentication again." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:408 sssd.conf.5.xml:461 sssd.conf.5.xml:793 +msgid "Default: 5" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:414 +msgid "pam_verbosity (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:417 +msgid "" +"Controls what kind of messages are shown to the user during authentication. " +"The higher the number to more messages are displayed." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:422 +msgid "Currently sssd supports the following values:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:425 +msgid "<emphasis>0</emphasis>: do not show any message" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:428 +msgid "<emphasis>1</emphasis>: show only important messages" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:432 +msgid "<emphasis>2</emphasis>: show informational messages" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:435 +msgid "<emphasis>3</emphasis>: show all messages and debug information" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:439 +msgid "Default: 1" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:444 +msgid "pam_id_timeout (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:447 +msgid "" +"For any PAM request while SSSD is online, the SSSD will attempt to " +"immediately update the cached identity information for the user in order to " +"ensure that authentication takes place with the latest information." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:453 +msgid "" +"A complete PAM conversation may perform multiple PAM requests, such as " +"account management and session opening. This option controls (on a per-" +"client-application basis) how long (in seconds) we can cache the identity " +"information to avoid excessive round-trips to the identity provider." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:467 +msgid "pam_pwd_expiration_warning (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:470 +msgid "Display a warning N days before the password expires." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:473 +msgid "" +"Please note that the backend server has to provide information about the " +"expiration time of the password. If this information is missing, sssd " +"cannot display a warning." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:479 +msgid "Default: 7" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:488 +msgid "DOMAIN SECTIONS" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:495 +msgid "min_id,max_id (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:498 +msgid "" +"UID and GID limits for the domain. If a domain contains an entry that is " +"outside these limits, it is ignored." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:503 +msgid "" +"For users, this affects the primary GID limit. The user will not be returned" +" to NSS if either the UID or the primary GID is outside the range. For non-" +"primary group memberships, those that are in range will be reported as " +"expected." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:510 +msgid "Default: 1 for min_id, 0 (no limit) for max_id" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:516 +msgid "timeout (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:519 +msgid "" +"Timeout in seconds between heartbeats for this domain. This is used to " +"ensure that the backend process is alive and capable of answering requests." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:524 +msgid "Default: 10" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:530 +msgid "enumerate (bool)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:533 +msgid "" +"Determines if a domain can be enumerated. This parameter can have one of the" +" following values:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:537 +msgid "TRUE = Users and groups are enumerated" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:540 +msgid "FALSE = No enumerations for this domain" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:543 sssd.conf.5.xml:591 sssd.conf.5.xml:645 +msgid "Default: FALSE" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:546 +msgid "" +"Note: Enabling enumeration has a moderate performance impact on SSSD while " +"enumeration is running. It may take up to several minutes after SSSD startup" +" to fully complete enumerations. During this time, individual requests for " +"information will go directly to LDAP, though it may be slow, due to the " +"heavy enumeration processing." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:556 +msgid "" +"While the first enumeration is running, requests for the complete user or " +"group lists may return no results until it completes." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:561 +msgid "" +"Further, enabling enumeration may increase the time necessary to detect " +"network disconnection, as longer timeouts are required to ensure that " +"enumeration lookups are completed successfully. For more information, refer" +" to the man pages for the specific id_provider in use." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:572 +msgid "entry_cache_timeout (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:575 +msgid "" +"How many seconds should nss_sss consider entries valid before asking the " +"backend again" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:579 +msgid "Default: 5400" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:584 +msgid "cache_credentials (bool)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:587 +msgid "Determines if user credentials are also cached in the local LDB cache" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:596 +msgid "account_cache_expiration (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:599 +msgid "" +"Number of days entries are left in cache after last successful login before " +"being removed during a cleanup of the cache. 0 means keep forever. The " +"value of this parameter must be greater than or equal to " +"offline_credentials_expiration." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:606 +msgid "Default: 0 (unlimited)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:612 +msgid "id_provider (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:615 +msgid "The Data Provider identity backend to use for this domain." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:619 +msgid "Supported backends:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:622 +msgid "proxy: Support a legacy NSS provider" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:625 +msgid "local: SSSD internal local provider" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:628 +msgid "ldap: LDAP provider" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:634 +msgid "use_fully_qualified_names (bool)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:637 +msgid "" +"If set to TRUE, all requests to this domain must use fully qualified names. " +"For example, if used in LOCAL domain that contains a \"test\" user, " +"<command>getent passwd test</command> wouldn't find the user while " +"<command>getent passwd test@LOCAL</command> would." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:650 +msgid "auth_provider (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:653 +msgid "" +"The authentication provider used for the domain. Supported auth providers " +"are:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:657 +msgid "" +"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " +"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> for more information on configuring LDAP." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:664 +msgid "" +"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " +"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> for more information on configuring Kerberos." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:671 +msgid "" +"<quote>proxy</quote> for relaying authentication to some other PAM target." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:674 +msgid "<quote>none</quote> disables authentication explicitly." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:677 +msgid "" +"Default: <quote>id_provider</quote> is used if it is set and can handle " +"authentication requests." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:683 +msgid "access_provider (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:686 +msgid "" +"The access control provider used for the domain. There are two built-in " +"access providers (in addition to any included in installed backends) " +"Internal special providers are:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:692 +msgid "<quote>permit</quote> always allow access." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:695 +msgid "<quote>deny</quote> always deny access." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:698 +msgid "" +"<quote>simple</quote> access control based on access or deny lists. See " +"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> " +"<manvolnum>5</manvolnum></citerefentry> for more information on configuring " +"the simple access module." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:705 +msgid "Default: <quote>permit</quote>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:710 +msgid "chpass_provider (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:713 +msgid "" +"The provider which should handle change password operations for the domain." +" Supported change password providers are:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:718 +msgid "" +"<quote>ipa</quote> to change a password stored in an IPA server. See " +"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> for more information on configuring" +" IPA." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:726 +msgid "" +"<quote>ldap</quote> to change a password stored in a LDAP server. See " +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> for more information on configuring" +" LDAP." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:734 +msgid "" +"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " +"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> for more information on configuring Kerberos." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:742 +msgid "" +"<quote>proxy</quote> for relaying password changes to some other PAM target." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:746 +msgid "<quote>none</quote> disallows password changes explicitly." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:749 +msgid "" +"Default: <quote>auth_provider</quote> is used if it is set and can handle " +"change password requests." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:756 +msgid "lookup_family_order (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:759 +msgid "" +"Provides the ability to select preferred address family to use when " +"performing DNS lookups." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:763 +msgid "Supported values:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:766 +msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:769 +msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:772 +msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:775 +msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:778 +msgid "Default: ipv4_first" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:784 +msgid "dns_resolver_timeout (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:787 +msgid "" +"Defines the amount of time (in seconds) to wait for a reply from the DNS " +"resolver before assuming that it is unreachable. If this timeout is reached," +" the domain will continue to operate in offline mode." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:799 +msgid "dns_discovery_domain (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:802 +msgid "" +"If service discovery is used in the back end, specifies the domain part of " +"the service discovery DNS query." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:806 +msgid "Default: Use the domain part of machine's hostname" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:490 +msgid "" +"These configuration options can be present in a domain configuration " +"section, that is, in a section called " +"<quote>[domain/<replaceable>NAME</replaceable>]</quote> <placeholder " +"type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:818 +msgid "proxy_pam_target (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:821 +msgid "The proxy target PAM proxies to." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:824 +msgid "" +"Default: not set by default, you have to take an existing pam configuration " +"or create a new one and add the service name here." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:832 +msgid "proxy_lib_name (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:835 +msgid "" +"The name of the NSS library to use in proxy domains. The NSS functions " +"searched for in the library are in the form of _nss_$(libName)_$(function), " +"for example _nss_files_getpwent." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:814 +msgid "" +"Options valid for proxy domains. <placeholder type=\"variablelist\" " +"id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:847 +msgid "The local domain section" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sssd.conf.5.xml:849 +msgid "" +"This section contains settings for domain that stores users and groups in " +"SSSD native database, that is, a domain that uses " +"<replaceable>id_provider=local</replaceable>." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:856 +msgid "default_shell (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:859 +msgid "The default shell for users created with SSSD userspace tools." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:863 +msgid "Default: <filename>/bin/bash</filename>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:868 +msgid "base_directory (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:871 +msgid "" +"The tools append the login name to <replaceable>base_directory</replaceable>" +" and use that as the home directory." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:876 +msgid "Default: <filename>/home</filename>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:881 +msgid "create_homedir (bool)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:884 +msgid "" +"Indicate if a home directory should be created by default for new users. " +"Can be overridden on command line." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:888 sssd.conf.5.xml:900 +msgid "Default: TRUE" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:893 +msgid "remove_homedir (bool)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:896 +msgid "" +"Indicate if a home directory should be removed by default for deleted users." +" Can be overridden on command line." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:905 +msgid "homedir_umask (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:908 +msgid "" +"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " +"on a newly created home directory." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:916 +msgid "Default: 077" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:921 +msgid "skel_dir (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:924 +msgid "" +"The skeleton directory, which contains files and directories to be copied in" +" the user's home directory, when the home directory is created by " +"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:934 +msgid "Default: <filename>/etc/skel</filename>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:939 +msgid "mail_dir (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:942 +msgid "" +"The mail spool directory. This is needed to manipulate the mailbox when its " +"corresponding user account is modified or deleted. If not specified, a " +"default value is used." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:949 +msgid "Default: <filename>/var/mail</filename>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:954 +msgid "userdel_cmd (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:957 +msgid "" +"The command that is run after a user is removed. The command us passed the " +"username of the user being removed as the first and only parameter. The " +"return code of the command is not taken into account." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:963 +msgid "Default: None, no command is run" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:973 sssd-ldap.5.xml:1357 sssd-simple.5.xml:126 +#: sssd-ipa.5.xml:173 sssd-krb5.5.xml:405 +msgid "EXAMPLE" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd.conf.5.xml:979 +#, no-wrap +msgid "" +"[sssd]\n" +"domains = LDAP\n" +"services = nss, pam\n" +"config_file_version = 2\n" +"\n" +"[nss]\n" +"filter_groups = root\n" +"filter_users = root\n" +"\n" +"[pam]\n" +"\n" +"[domain/LDAP]\n" +"id_provider = ldap\n" +"ldap_uri = ldap://ldap.example.com\n" +"ldap_search_base = dc=example,dc=com\n" +"\n" +"auth_provider = krb5\n" +"krb5_server = kerberos.example.com\n" +"krb5_realm = EXAMPLE.COM\n" +"cache_credentials = true\n" +"\n" +"min_id = 10000\n" +"max_id = 20000\n" +"enumerate = False\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:975 +msgid "" +"The following example shows a typical SSSD config. It does not describe " +"configuration of the domains themselves - refer to documentation on " +"configuring domains for more details. <placeholder type=\"programlisting\" " +"id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:1010 +msgid "" +"<citerefentry> <refentrytitle>sssd-" +"ldap</refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry>" +" <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 +msgid "sssd-ldap" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:23 +msgid "" +"This manual page describes the configuration of LDAP domains for " +"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " +"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> manual page for detailed syntax " +"information." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:35 +msgid "You can configure SSSD to use more than one LDAP domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:38 +msgid "" +"LDAP back end supports id, auth, access and chpass providers. If you want to" +" authenticate against an LDAP server either TLS/SSL or LDAPS is required. " +"<command>sssd</command> <emphasis>does not</emphasis> support authentication" +" over an unencrypted channel. If the LDAP server is used only as an " +"identity provider, an encrypted channel is not needed. Please refer to " +"<quote>ldap_access_filter</quote> config option for more information about " +"using LDAP as an access provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:61 +#: sssd-krb5.5.xml:63 +msgid "CONFIGURATION OPTIONS" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:60 +msgid "ldap_uri (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:63 +msgid "" +"Specifies the list of URIs of the LDAP servers to which SSSD should connect " +"in the order of preference. Refer to the <quote>FAILOVER</quote> section for" +" more information on failover and server redundancy. If not specified, " +"service discovery is enabled. For more information, refer to the " +"<quote>SERVICE DISCOVERY</quote> section." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:73 +msgid "ldap_chpass_uri (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:76 +msgid "" +"Specifies the list of URIs of the LDAP servers to which SSSD should connect " +"in the order of preference to change the password of a user. Refer to the " +"<quote>FAILOVER</quote> section for more information on failover and server " +"redundancy." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:83 +msgid "To enable service discovery ldap_chpass_dns_service_name must be set." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:87 +msgid "Default: empty, i.e. ldap_uri is used." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:93 +msgid "ldap_search_base (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:96 +msgid "The default base DN to use for performing LDAP user operations." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:100 +msgid "" +"Default: If not set the value of the defaultNamingContext or namingContexts " +"attribute from the RootDSE of the LDAP server is used. If " +"defaultNamingContext does not exists or has an empty value namingContexts is" +" used. The namingContexts attribute must have a single value with the DN of" +" the search base of the LDAP server to make this work. Multiple values are " +"are not supported." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:114 +msgid "ldap_schema (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:117 +msgid "" +"Specifies the Schema Type in use on the target LDAP server. Depending on " +"the selected schema, the default attribute names retrieved from the servers " +"may vary. The way that some attributes are handled may also differ. Three " +"schema types are currently supported: rfc2307 rfc2307bis IPA The main " +"difference between these schema types is how group memberships are recorded " +"in the server. With rfc2307, group members are listed by name in the " +"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group " +"members are listed by DN and stored in the <emphasis>member</emphasis> " +"attribute." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:136 +msgid "Default: rfc2307" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:142 +msgid "ldap_default_bind_dn (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:145 +msgid "The default bind DN to use for performing LDAP operations." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:152 +msgid "ldap_default_authtok_type (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:155 +msgid "The type of the authentication token of the default bind DN." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:159 +msgid "The two mechanisms currently supported are:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:162 +msgid "password" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:165 +msgid "obfuscated_password" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:171 +msgid "ldap_default_authtok (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:174 +msgid "" +"The authentication token of the default bind DN. Only clear text passwords " +"are currently supported." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:181 +msgid "ldap_user_object_class (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:184 +msgid "The object class of a user entry in LDAP." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:187 +msgid "Default: posixAccount" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:193 +msgid "ldap_user_name (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:196 +msgid "The LDAP attribute that corresponds to the user's login name." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:200 +msgid "Default: uid" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:206 +msgid "ldap_user_uid_number (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:209 +msgid "The LDAP attribute that corresponds to the user's id." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:213 +msgid "Default: uidNumber" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:219 +msgid "ldap_user_gid_number (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:222 +msgid "The LDAP attribute that corresponds to the user's primary group id." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:226 sssd-ldap.5.xml:622 +msgid "Default: gidNumber" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:232 +msgid "ldap_user_gecos (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:235 +msgid "The LDAP attribute that corresponds to the user's gecos field." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:239 +msgid "Default: gecos" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:245 +msgid "ldap_user_home_directory (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:248 +msgid "" +"The LDAP attribute that contains the name of the user's home directory." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:252 +msgid "Default: homeDirectory" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:258 +msgid "ldap_user_shell (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:261 +msgid "The LDAP attribute that contains the path to the user's default shell." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:265 +msgid "Default: loginShell" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:271 +msgid "ldap_user_uuid (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:274 +msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:278 sssd-ldap.5.xml:648 sssd-ldap.5.xml:741 +msgid "Default: nsUniqueId" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:284 +msgid "ldap_user_modify_timestamp (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:287 sssd-ldap.5.xml:657 sssd-ldap.5.xml:750 +msgid "" +"The LDAP attribute that contains timestamp of the last modification of the " +"parent object." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:291 sssd-ldap.5.xml:661 sssd-ldap.5.xml:754 +msgid "Default: modifyTimestamp" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:297 +msgid "ldap_user_shadow_last_change (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:300 +msgid "" +"When using ldap_pwd_policy=shadow, this parameter contains the name of an " +"LDAP attribute corresponding to its <citerefentry> " +"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> counterpart (date of the last password change)." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:310 +msgid "Default: shadowLastChange" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:316 +msgid "ldap_user_shadow_min (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:319 +msgid "" +"When using ldap_pwd_policy=shadow, this parameter contains the name of an " +"LDAP attribute corresponding to its <citerefentry> " +"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> counterpart (minimum password age)." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:328 +msgid "Default: shadowMin" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:334 +msgid "ldap_user_shadow_max (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:337 +msgid "" +"When using ldap_pwd_policy=shadow, this parameter contains the name of an " +"LDAP attribute corresponding to its <citerefentry> " +"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> counterpart (maximum password age)." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:346 +msgid "Default: shadowMax" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:352 +msgid "ldap_user_shadow_warning (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:355 +msgid "" +"When using ldap_pwd_policy=shadow, this parameter contains the name of an " +"LDAP attribute corresponding to its <citerefentry> " +"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> counterpart (password warning period)." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:365 +msgid "Default: shadowWarning" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:371 +msgid "ldap_user_shadow_inactive (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:374 +msgid "" +"When using ldap_pwd_policy=shadow, this parameter contains the name of an " +"LDAP attribute corresponding to its <citerefentry> " +"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> counterpart (password inactivity period)." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:384 +msgid "Default: shadowInactive" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:390 +msgid "ldap_user_shadow_expire (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:393 +msgid "" +"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this" +" parameter contains the name of an LDAP attribute corresponding to its " +"<citerefentry> <refentrytitle>shadow</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> counterpart (account expiration " +"date)." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:403 +msgid "Default: shadowExpire" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:409 +msgid "ldap_user_krb_last_pwd_change (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:412 +msgid "" +"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of" +" an LDAP attribute storing the date and time of last password change in " +"kerberos." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:418 +msgid "Default: krbLastPwdChange" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:424 +msgid "ldap_user_krb_password_expiration (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:427 +msgid "" +"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of" +" an LDAP attribute storing the date and time when current password expires." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:433 +msgid "Default: krbPasswordExpiration" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:439 +msgid "ldap_user_ad_account_expires (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:442 +msgid "" +"When using ldap_account_expire_policy=ad, this parameter contains the name " +"of an LDAP attribute storing the expiration time of the account." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:447 +msgid "Default: accountExpires" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:453 +msgid "ldap_user_ad_user_account_control (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:456 +msgid "" +"When using ldap_account_expire_policy=ad, this parameter contains the name " +"of an LDAP attribute storing the user account control bit field." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:461 +msgid "Default: userAccountControl" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:467 +msgid "ldap_ns_account_lock (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:470 +msgid "" +"When using ldap_account_expire_policy=rhds or equivalent, this parameter " +"determines if access is allowed or not." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:475 +msgid "Default: nsAccountLock" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:481 +msgid "ldap_user_principal (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:484 +msgid "" +"The LDAP attribute that contains the user's Kerberos User Principal Name " +"(UPN)." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:488 +msgid "Default: krbPrincipalName" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:494 +msgid "ldap_force_upper_case_realm (boolean)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:497 +msgid "" +"Some directory servers, for example Active Directory, might deliver the " +"realm part of the UPN in lower case, which might cause the authentication to" +" fail. Set this option to a non-zero value if you want to use an upper-case " +"realm." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:504 sssd-ldap.5.xml:961 sssd-ipa.5.xml:115 sssd.8.xml:64 +#: sssd-krb5.5.xml:235 sssd-krb5.5.xml:266 +msgid "Default: false" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:510 +msgid "ldap_enumeration_refresh_timeout (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:513 +msgid "" +"The LDAP attribute that contains how many seconds SSSD has to wait before " +"refreshing its cache of enumerated records." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:518 +msgid "Default: 300" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:524 +msgid "ldap_purge_cache_timeout" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:527 +msgid "" +"Determine how often to check the cache for inactive entries (such as groups " +"with no members and users who have never logged in) and remove them to save " +"space." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:533 +msgid "Setting this option to zero will disable the cache cleanup operation." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:537 +msgid "Default: 10800 (12 hours)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:543 +msgid "ldap_user_fullname (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:546 +msgid "The LDAP attribute that corresponds to the user's full name." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:550 sssd-ldap.5.xml:609 sssd-ldap.5.xml:702 +msgid "Default: cn" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:556 +msgid "ldap_user_member_of (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:559 +msgid "The LDAP attribute that lists the user's group memberships." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:563 +msgid "Default: memberOf" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:569 +msgid "ldap_user_authorized_service (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:572 +msgid "" +"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " +"use the presence of the authorizedService attribute in the user's LDAP entry" +" to determine access privilege." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:579 +msgid "" +"An explicit deny (!svc) is resolved first. Second, SSSD searches for " +"explicit allow (svc) and finally for allow_all (*)." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:584 +msgid "Default: authorizedService" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:590 +msgid "ldap_group_object_class (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:593 +msgid "The object class of a group entry in LDAP." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:596 +msgid "Default: posixGroup" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:602 +msgid "ldap_group_name (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:605 +msgid "The LDAP attribute that corresponds to the group name." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:615 +msgid "ldap_group_gid_number (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:618 +msgid "The LDAP attribute that corresponds to the group's id." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:628 +msgid "ldap_group_member (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:631 +msgid "The LDAP attribute that contains the names of the group's members." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:635 +msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:641 +msgid "ldap_group_uuid (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:644 +msgid "" +"The LDAP attribute that contains the UUID/GUID of an LDAP group object." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:654 +msgid "ldap_group_modify_timestamp (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:667 +msgid "ldap_group_nesting_level (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:670 +msgid "" +"If ldap_schema is set to a schema format that supports nested groups (e.g. " +"RFC2307bis), then this option controls how many levels of nesting SSSD will " +"follow. This option has no effect on the RFC2307 schema." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:677 +msgid "Default: 2" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:683 +msgid "ldap_netgroup_object_class (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:686 +msgid "The object class of a netgroup entry in LDAP." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:689 +msgid "Default: nisNetgroup" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:695 +msgid "ldap_netgroup_name (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:698 +msgid "The LDAP attribute that corresponds to the netgroup name." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:708 +msgid "ldap_netgroup_member (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:711 +msgid "The LDAP attribute that contains the names of the netgroup's members." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:715 +msgid "Default: memberNisNetgroup" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:721 +msgid "ldap_netgroup_triple (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:724 +msgid "" +"The LDAP attribute that contains the (host, user, domain) netgroup triples." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:728 +msgid "Default: nisNetgroupTriple" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:734 +msgid "ldap_netgroup_uuid (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:737 +msgid "" +"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:747 +msgid "ldap_netgroup_modify_timestamp (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:760 +msgid "ldap_search_timeout (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:763 +msgid "" +"Specifies the timeout (in seconds) that ldap searches are allowed to run " +"before they are cancelled and cached results are returned (and offline mode " +"is entered)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:769 +msgid "" +"Note: this option is subject to change in future versions of the SSSD. It " +"will likely be replaced at some point by a series of timeouts for specific " +"lookup types." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:775 sssd-ldap.5.xml:817 sssd-ldap.5.xml:832 +msgid "Default: 6" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:781 +msgid "ldap_enumeration_search_timeout (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:784 +msgid "" +"Specifies the timeout (in seconds) that ldap searches for user and group " +"enumerations are allowed to run before they are cancelled and cached results" +" are returned (and offline mode is entered)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:791 +msgid "Default: 60" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:797 +msgid "ldap_network_timeout (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:800 +msgid "" +"Specifies the timeout (in seconds) after which the <citerefentry> " +"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> " +"</citerefentry>/<citerefentry> <refentrytitle>select</refentrytitle> " +"<manvolnum>2</manvolnum> </citerefentry> following a <citerefentry> " +"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> " +"</citerefentry> returns in case of no activity." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:823 +msgid "ldap_opt_timeout (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:826 +msgid "" +"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " +"will abort if no response is received. Also controls the timeout when " +"communicating with the KDC in case of SASL bind." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:838 +msgid "ldap_tls_reqcert (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:841 +msgid "" +"Specifies what checks to perform on server certificates in a TLS session, if" +" any. It can be specified as one of the following values:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:847 +msgid "" +"<emphasis>never</emphasis> = The client will not request or check any server" +" certificate." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:851 +msgid "" +"<emphasis>allow</emphasis> = The server certificate is requested. If no " +"certificate is provided, the session proceeds normally. If a bad certificate" +" is provided, it will be ignored and the session proceeds normally." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:858 +msgid "" +"<emphasis>try</emphasis> = The server certificate is requested. If no " +"certificate is provided, the session proceeds normally. If a bad certificate" +" is provided, the session is immediately terminated." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:864 +msgid "" +"<emphasis>demand</emphasis> = The server certificate is requested. If no " +"certificate is provided, or a bad certificate is provided, the session is " +"immediately terminated." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:870 +msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:874 +msgid "Default: hard" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:880 +msgid "ldap_tls_cacert (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:883 +msgid "" +"Specifies the file that contains certificates for all of the Certificate " +"Authorities that <command>sssd</command> will recognize." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:906 sssd-ldap.5.xml:947 +msgid "" +"Default: use OpenLDAP defaults, typically in " +"<filename>/etc/openldap/ldap.conf</filename>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:895 +msgid "ldap_tls_cacertdir (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:898 +msgid "" +"Specifies the path of a directory that contains Certificate Authority " +"certificates in separate individual files. Typically the file names need to " +"be the hash of the certificate followed by '.0'. If available, " +"<command>cacertdir_rehash</command> can be used to create the correct names." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:913 +msgid "ldap_tls_cert (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:916 +msgid "Specifies the file that contains the certificate for the client's key." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:920 sssd-ldap.5.xml:932 sssd-krb5.5.xml:356 +msgid "Default: not set" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:926 +msgid "ldap_tls_key (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:929 +msgid "Specifies the file that contains the client's key." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:938 +msgid "ldap_tls_cipher_suite (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:941 +msgid "" +"Specifies acceptable cipher suites. Typically this is a colon sperated " +"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " +"<manvolnum>5</manvolnum></citerefentry> for format." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:954 +msgid "ldap_id_use_start_tls (boolean)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:957 +msgid "" +"Specifies that the id_provider connection must also use <systemitem " +"class=\"protocol\">tls</systemitem> to protect the channel." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:967 +msgid "ldap_sasl_mech (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:970 +msgid "" +"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " +"supported." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:974 sssd-ldap.5.xml:1102 +msgid "Default: none" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:980 +msgid "ldap_sasl_authid (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:983 +msgid "" +"Specify the SASL authorization id to use. When GSSAPI is used, this " +"represents the Kerberos principal used for authentication to the directory." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:988 +msgid "Default: host/machine.fqdn@REALM" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:994 +msgid "ldap_krb5_keytab (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:997 +msgid "Specify the keytab to use when using SASL/GSSAPI." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1000 +msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1006 +msgid "ldap_krb5_init_creds (boolean)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1009 +msgid "" +"Specifies that the id_provider should init Kerberos credentials (TGT). This" +" action is performed only if SASL is used and the mechanism selected is " +"GSSAPI." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1021 +msgid "ldap_krb5_ticket_lifetime (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1024 +msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1028 +msgid "Default: 86400 (24 hours)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1034 sssd-krb5.5.xml:74 +msgid "krb5_server (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1037 sssd-krb5.5.xml:77 +msgid "" +"Specifies the list of IP addresses or hostnames of the Kerberos servers to " +"which SSSD should connect in the order of preference. For more information " +"on failover and server redundancy, see the <quote>FAILOVER</quote> section. " +"An optional port number (preceded by a colon) may be appended to the " +"addresses or hostnames. If empty, service discovery is enabled - for more " +"information, refer to the <quote>SERVICE DISCOVERY</quote> section." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1049 sssd-krb5.5.xml:89 +msgid "" +"When using service discovery for KDC or kpasswd servers, SSSD first searches" +" for DNS entries that specify _udp as the protocol and falls back to _tcp if" +" none are found." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1054 sssd-krb5.5.xml:94 +msgid "" +"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD." +" While the legacy name is recognized for the time being, users are advised " +"to migrate their config files to use <quote>krb5_server</quote> instead." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1063 sssd-krb5.5.xml:103 +msgid "krb5_realm (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1066 +msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1069 +msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1075 +msgid "ldap_pwd_policy (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1078 +msgid "" +"Select the policy to evaluate the password expiration on the client side. " +"The following values are allowed:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1083 +msgid "" +"<emphasis>none</emphasis> - No evaluation on the client side. This option " +"cannot disable server-side password policies." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1088 +msgid "" +"<emphasis>shadow</emphasis> - Use " +"<citerefentry><refentrytitle>shadow</refentrytitle> " +"<manvolnum>5</manvolnum></citerefentry> style attributes to evaluate if the " +"password has expired. Note that the current version of sssd cannot update " +"this attribute during a password change." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1096 +msgid "" +"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " +"to determine if the password has expired. Use chpass_provider=krb5 to update" +" these attributes when the password is changed." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1108 +msgid "ldap_referrals (boolean)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1111 +msgid "Specifies whether automatic referral chasing should be enabled." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1115 +msgid "" +"Please note that sssd only supports referral chasing when it is compiled " +"with OpenLDAP version 2.4.13 or higher." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1126 +msgid "ldap_dns_service_name (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1129 +msgid "Specifies the service name to use when service discovery is enabled." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1133 +msgid "Default: ldap" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1139 +msgid "ldap_chpass_dns_service_name (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1142 +msgid "" +"Specifies the service name to use to find an LDAP server which allows " +"password changes when service discovery is enabled." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1147 +msgid "Default: not set, i.e. service discovery is disabled" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1153 +msgid "ldap_access_filter (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1156 +msgid "" +"If using access_provider = ldap, this option is mandatory. It specifies an " +"LDAP search filter criteria that must be met for the user to be granted " +"access on this host. If access_provider = ldap and this option is not set, " +"it will result in all users being denied access. Use access_provider = allow" +" to change this default behavior." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1166 +msgid "Example:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> +#: sssd-ldap.5.xml:1169 +#, no-wrap +msgid "" +"access_provider = ldap\n" +"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" +" " +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1173 +msgid "" +"This example means that access to this host is restricted to members of the " +"\"allowedusers\" group in ldap." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1178 +msgid "" +"Offline caching for this feature is limited to determining whether the " +"user's last online login was granted access permission. If they were granted" +" access during their last login, they will continue to be granted access " +"while offline and vice-versa." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1186 sssd-ldap.5.xml:1227 +msgid "Default: Empty" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1192 +msgid "ldap_account_expire_policy (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1195 +msgid "" +"With this option a client side evaluation of access control attributes can " +"be enabled." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1199 +msgid "" +"Please note that it is always recommended to use server side access control," +" i.e. the LDAP server should deny the bind request with a suitable error " +"code even if the password is correct." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1206 +msgid "The following values are allowed:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1209 +msgid "" +"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " +"determine if the account is expired." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1214 +msgid "" +"<emphasis>ad</emphasis>: use the value of the 32bit field " +"ldap_user_ad_user_account_control and allow access if the second bit is not " +"set. If the attribute is missing access is granted. Also the expiration time" +" of the account is checked." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1221 +msgid "" +"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, " +"<emphasis>389ds</emphasis>: use the value of ldap_ns_account_lock to check " +"if access is allowed or not." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1233 +msgid "ldap_access_order (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1236 +msgid "Comma separated list of access control options. Allowed values are:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1240 +msgid "<emphasis>filter</emphasis>: use ldap_access_filter" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1243 +msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1247 +msgid "" +"<emphasis>authorized_service</emphasis>: use the authorizedService attribute" +" to determine access" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1252 +msgid "Default: filter" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1255 +msgid "" +"Please note that it is a configuration error if a value is used more than " +"once." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1262 +msgid "ldap_deref (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1265 +msgid "" +"Specifies how alias dereferencing is done when performing a search. The " +"following options are allowed:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1270 +msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1274 +msgid "" +"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " +"the base object, but not in locating the base object of the search." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1279 +msgid "" +"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " +"the base object of the search." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1284 +msgid "" +"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " +"in locating the base object of the search." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1289 +msgid "" +"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " +"client libraries)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:51 +msgid "" +"All of the common configuration options that apply to SSSD domains also " +"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " +"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> manual page for full details. " +"<placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap.5.xml:1301 +msgid "ADVANCED OPTIONS" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1308 +msgid "ldap_netgroup_search_base (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1311 +msgid "" +"An optional base DN to restrict netgroup searches to a specific subtree." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1315 sssd-ldap.5.xml:1329 sssd-ldap.5.xml:1343 +msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1322 +msgid "ldap_user_search_base (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1325 +msgid "An optional base DN to restrict user searches to a specific subtree." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1336 +msgid "ldap_group_search_base (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1339 +msgid "An optional base DN to restrict group searches to a specific subtree." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:1303 +msgid "" +"These options are supported by LDAP domains, but they should be used with " +"caution. Please include them in your configuration only if you know what you" +" are doing. <placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:1359 +msgid "" +"The following example assumes that SSSD is correctly configured and LDAP is " +"set to one of the domains in the <replaceable>[domains]</replaceable> " +"section." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd-ldap.5.xml:1365 +#, no-wrap +msgid "" +" [domain/LDAP]\n" +" id_provider = ldap\n" +" auth_provider = ldap\n" +" ldap_uri = ldap://ldap.mydomain.org\n" +" ldap_search_base = dc=mydomain,dc=org\n" +" ldap_tls_reqcert = demand\n" +" cache_credentials = true\n" +" enumerate = true\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:1364 sssd-simple.5.xml:134 sssd-ipa.5.xml:181 +#: sssd-krb5.5.xml:414 +msgid "<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap.5.xml:1378 sssd_krb5_locator_plugin.8.xml:61 +msgid "NOTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:1380 +msgid "" +"The descriptions of some of the configuration options in this manual page " +"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " +"distribution." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:1391 +msgid "" +"<citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> " +"</citerefentry>, <citerefentry> <refentrytitle>sssd-" +"krb5</refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry>" +" <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" +msgstr "" + +#. type: Content of: <refentryinfo> +#: pam_sss.8.xml:8 include/upstream.xml:2 +msgid "" +"<productname>SSSD</productname> <orgname>The SSSD upstream - " +"http://fedorahosted.org/sssd</orgname>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: pam_sss.8.xml:13 pam_sss.8.xml:18 +msgid "pam_sss" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: pam_sss.8.xml:19 +msgid "PAM module for SSSD" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: pam_sss.8.xml:24 +msgid "" +"<command>pam_sss.so</command> <arg choice='opt'> " +"<replaceable>forward_pass</replaceable> </arg> <arg choice='opt'> " +"<replaceable>use_first_pass</replaceable> </arg> <arg choice='opt'> " +"<replaceable>use_authtok</replaceable> </arg> <arg choice='opt'> " +"<replaceable>retry=N</replaceable> </arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:42 +msgid "" +"<command>pam_sss.so</command> is the PAM interface to the System Security " +"Services daemon (SSSD). Errors and results are logged through " +"<command>syslog(3)</command> with the LOG_AUTHPRIV facility." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:52 +msgid "<option>forward_pass</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:55 +msgid "" +"If <option>forward_pass</option> is set the entered password is put on the " +"stack for other PAM modules to use." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:62 +msgid "<option>use_first_pass</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:65 +msgid "" +"The argument use_first_pass forces the module to use a previous stacked " +"modules password and will never prompt the user - if no password is " +"available or the password is not appropriate, the user will be denied " +"access." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:73 +msgid "<option>use_authtok</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:76 +msgid "" +"When password changing enforce the module to set the new password to the one" +" provided by a previously stacked password module." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:83 +msgid "<option>retry=N</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:86 +msgid "" +"If specified the user is asked another N times for a password if " +"authentication fails. Default is 0." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:88 +msgid "" +"Please note that this option might not work as expected if the application " +"calling PAM handles the user dialog on its own. A typical example is " +"<command>sshd</command> with <option>PasswordAuthentication</option>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:99 +msgid "MODULE TYPES PROVIDED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:100 +msgid "" +"All module types (<option>account</option>, <option>auth</option>, " +"<option>password</option> and <option>session</option>) are provided." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:106 +msgid "FILES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:107 +msgid "" +"If a password reset by root fails, because the corresponding SSSD provider " +"does not support password resets, an individual message can be displayed. " +"This message can e.g. contain instructions about how to reset a password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:112 +msgid "" +"The message is read from the file " +"<filename>pam_sss_pw_reset_message.LOC</filename> where LOC stands for a " +"locale string returned by <citerefentry> " +"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> " +"</citerefentry>. If there is no matching file the content of " +"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be" +" the owner of the files and only root may have read and write permissions " +"while all other users must have only read permisssions." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:122 +msgid "" +"These files are searched in the directory " +"<filename>/etc/sssd/customize/DOMAIN_NAME/</filename>. If no matching file " +"is present a generic message is displayed." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:130 +msgid "" +"<citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 +msgid "sssd_krb5_locator_plugin" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:22 +msgid "" +"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " +"used by the Kerberos provider of <citerefentry> " +"<refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> </citerefentry>" +" to tell the Kerberos libraries what Realm and which KDC to use. Typically " +"this is done in <citerefentry> <refentrytitle>krb5.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> which is always read by the " +"Kerberos libraries. To simplyfy the configuration the Realm and the KDC can " +"be defined in <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> as described in <citerefentry> " +"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:48 +msgid "" +"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " +"</citerefentry> puts the Realm and the name or IP address of the KDC into " +"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " +"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " +"libraries it reads and evaluates these variable and returns them to the " +"libraries." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:63 +msgid "" +"Not all Kerberos implementations support the use of plugins. If " +"<command>sssd_krb5_locator_plugin</command> is not available on your system " +"you have to edit /etc/krb5.conf to reflect your Kerberos setup." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:69 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " +"debug messages will be sent to stderr." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:77 +msgid "" +"<citerefentry> <refentrytitle>sssd-" +"krb5</refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry>" +" <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd-simple.5.xml:10 sssd-simple.5.xml:16 +msgid "sssd-simple" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sssd-simple.5.xml:17 +msgid "the configuration file for SSSD's 'simple' access-control provider" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:24 +msgid "" +"This manual page describes the configuration of the simple access-control " +"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " +"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> manual page." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:38 +msgid "" +"The simple access provider grants or denies access based on an access or " +"deny list of user or group names. The following rules apply:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd-simple.5.xml:43 +msgid "If all lists are empty, access is granted" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd-simple.5.xml:47 +msgid "" +"If any list is provided, the order of evaluation is allow,deny. This means " +"that any matching deny rule will supersede any matched allow rule." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd-simple.5.xml:54 +msgid "" +"If either or both \"allow\" lists are provided, all users are denied unless " +"they appear in the list." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd-simple.5.xml:60 +msgid "" +"If only \"deny\" lists are provided, all users are granted access unless " +"they appear in the list." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-simple.5.xml:78 +msgid "simple_allow_users (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-simple.5.xml:81 +msgid "Comma separated list of users who are allowed to log in." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-simple.5.xml:88 +msgid "simple_deny_users (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-simple.5.xml:91 +msgid "Comma separated list of users who are explicitly denied access." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-simple.5.xml:97 +msgid "simple_allow_groups (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-simple.5.xml:100 +msgid "" +"Comma separated list of groups that are allowed to log in. This applies only" +" to groups within this SSSD domain. Local groups are not evaluated." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-simple.5.xml:108 +msgid "simple_deny_groups (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-simple.5.xml:111 +msgid "" +"Comma separated list of groups that are explicitly denied access. This " +"applies only to groups within this SSSD domain. Local groups are not " +"evaluated." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:62 +msgid "" +"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> manual page for details on the configuration of an SSSD " +"domain. <placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:120 +msgid "" +"Please note that it is an configuration error if both, simple_allow_users " +"and simple_deny_users, are defined." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:128 +msgid "" +"The following example assumes that SSSD is correctly configured and " +"example.com is one of the domains in the <replaceable>[sssd]</replaceable> " +"section. This examples shows only the simple access provider-specific " +"options." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd-simple.5.xml:135 +#, no-wrap +msgid "" +" [domain/example.com]\n" +" access_provider = simple\n" +" simple_allow_users = user1, user2\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:145 +msgid "" +"<citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 +msgid "sssd-ipa" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:23 +msgid "" +"This manual page describes the configuration of the IPA provider for " +"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " +"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " +"FORMAT</quote> section of the <citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> manual page." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:36 +msgid "" +"The IPA provider is a back end used to connect to an IPA server. (Refer to " +"the freeipa.org web site for information about IPA servers.) This provider " +"requires that the machine be joined to the IPA domain; configuration is " +"almost entirely self-discovered and obtained directly from the server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:43 +msgid "" +"The IPA provider accepts the same options used by the <citerefentry> " +"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> identity provider and the <citerefentry> <refentrytitle" +">sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> " +"authentication provider. However, it is neither necessary nor recommended " +"to set these options. IPA provider can also be used as an access and chpass" +" provider. As an access provider it uses HBAC (host-based access control) " +"rules. Please refer to freeipa.org for more information about HBAC. No " +"configuration of access provider is required on the client side." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:69 +msgid "ipa_domain (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:72 +msgid "" +"Specifies the name of the IPA domain. This is optional. If not provided, " +"the configuration domain name is used." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:80 +msgid "ipa_server (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:83 +msgid "" +"The list of IP addresses or hostnames of the IPA servers to which SSSD " +"should connect in the order of preference. For more information on failover " +"and server redundancy, see the <quote>FAILOVER</quote> section. This is " +"optional if autodiscovery is enabled. For more information on service " +"discovery, refer to the the <quote>SERVICE DISCOVERY</quote> section." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:96 +msgid "ipa_hostname (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:99 +msgid "" +"Optional. May be set on machines where the hostname(5) does not reflect the " +"fully qualified name used in the IPA domain to identify this host." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:107 +msgid "ipa_dyndns_update (boolean)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:110 +msgid "" +"Optional. This option tells SSSD to automatically update the DNS server " +"built into FreeIPA v2 with the IP address of this client." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:121 +msgid "ipa_dyndns_iface (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:124 +msgid "" +"Optional. Applicable only when ipa_dyndns_update is true. Choose the " +"interface whose IP address should be used for dynamic DNS updates." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:129 +msgid "Default: Use the IP address of the IPA LDAP connection" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:135 +msgid "ipa_hbac_search_base (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:138 +msgid "" +"Optional. Use the given string as search base for HBAC related objects." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:142 +msgid "Default: Use base DN" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:148 sssd-krb5.5.xml:229 +msgid "krb5_validate (boolean)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:151 sssd-krb5.5.xml:232 +msgid "" +"Verify with the help of krb5_keytab that the TGT obtained has not been " +"spoofed." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:158 +msgid "" +"Note that this default differs from the traditional Kerberos provider back " +"end." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:175 +msgid "" +"The following example assumes that SSSD is correctly configured and " +"example.com is one of the domains in the <replaceable>[sssd]</replaceable> " +"section. This examples shows only the ipa provider-specific options." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd-ipa.5.xml:182 +#, no-wrap +msgid "" +" [domain/example.com]\n" +" id_provider = ipa\n" +" ipa_server = ipaserver.example.com\n" +" ipa_hostname = myhost.example.com\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:193 +msgid "" +"<citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> " +"</citerefentry>, <citerefentry> <refentrytitle>sssd-" +"ldap</refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry>" +" <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd.8.xml:10 sssd.8.xml:15 +msgid "sssd" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sssd.8.xml:16 +msgid "System Security Services Daemon" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sssd.8.xml:21 +msgid "" +"<command>sssd</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.8.xml:31 +msgid "" +"<command>SSSD</command> provides a set of daemons to manage access to remote" +" directories and authentication mechanisms. It provides an NSS and PAM " +"interface toward the system and a pluggable backend system to connect to " +"multiple different account sources as well as D-Bus interface. It is also " +"the basis to provide client auditing and policy services for projects like " +"FreeIPA. It provides a more robust database to store local users as well as " +"extended user data." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:46 +msgid "" +"<option>-d</option>,<option>--debug-level</option> " +"<replaceable>LEVEL</replaceable>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:51 +msgid "" +"Debug level to run the daemon with. 0 is the default as well as the lowest " +"allowed value, 10 is the most verbose mode. This setting overrides the " +"settings from config file. This parameter implies <option>-i</option>." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:70 +msgid "<option>-f</option>,<option>--debug-to-files</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:74 +msgid "" +"Send the debug output to files instead of stderr. By default, the log files " +"are stored in <filename>/var/log/sssd</filename> and there are separate log " +"files for every SSSD service and domain." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:82 +msgid "<option>-D</option>,<option>--daemon</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:86 +msgid "Become a daemon after starting up." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:92 +msgid "<option>-i</option>,<option>--interactive</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:96 +msgid "Run in the foreground, don't become a daemon." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:102 +msgid "<option>-c</option>,<option>--config</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:106 +msgid "" +"Specify a non-default config file. The default is " +"<filename>/etc/sssd/sssd.conf</filename>. For reference on the config file " +"syntax and options, consult the <citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> manual page." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.8.xml:122 +msgid "Signals" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:125 +msgid "SIGTERM/SIGINT" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:128 +msgid "" +"Informs the SSSD to gracefully terminate all of its child processes and then" +" shut down the monitor." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:134 +msgid "SIGHUP" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:137 +msgid "" +"Tells the SSSD to stop writing to its current debug file descriptors and to " +"close and reopen them. This is meant to facilitate log rolling with programs" +" like logrotate." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:145 +msgid "SIGUSR1" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:148 +msgid "" +"Tells the SSSD to simulate offline operation for one minute. This is mostly " +"useful for testing purposes." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:154 +msgid "SIGUSR2" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:157 +msgid "" +"Tells the SSSD to go online immediately. This is mostly useful for testing " +"purposes." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.8.xml:168 +msgid "" +"<citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 +msgid "sss_obfuscate" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_obfuscate.8.xml:16 +msgid "obfuscate a clear text password" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_obfuscate.8.xml:21 +msgid "" +"<command>sss_obfuscate</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>[PASSWORD]</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_obfuscate.8.xml:32 +msgid "" +"<command>sss_obfuscate</command> converts a given password into human-" +"unreadable format and places it into appropriate domain section of the SSSD " +"config file." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_obfuscate.8.xml:37 +msgid "" +"The cleartext password can be specified as an argument to the program, read " +"from standard input or entered interactively. The obfuscated password is " +"put into <quote>ldap_default_authtok</quote> parameter of a given SSSD " +"domain and the <quote>ldap_default_authtok_type</quote> parameter is set to " +"<quote>obfuscated_password</quote>. Refer to <citerefentry> <refentrytitle" +">sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more" +" details on these parameters." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_obfuscate.8.xml:50 +msgid "" +"Please note that obfuscating the password provides <emphasis>no real " +"security benefit</emphasis> as it is still possible for an attacker to " +"reverse-engineer the password back. Using better authentication mechanisms " +"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " +"advised." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_obfuscate.8.xml:64 +msgid "<option>-s</option>,<option>--stdin</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_obfuscate.8.xml:68 +msgid "The password to obfuscate will be read from standard input." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_obfuscate.8.xml:75 +msgid "" +"<option>-d</option>,<option>--domain</option> " +"<replaceable>DOMAIN</replaceable>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_obfuscate.8.xml:80 +msgid "" +"The SSSD domain to use the password in. The default name is " +"<quote>default</quote>." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_obfuscate.8.xml:87 +msgid "" +"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_obfuscate.8.xml:92 +msgid "Read the config file specified by the positional parameter." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_obfuscate.8.xml:96 +msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_obfuscate.8.xml:106 +msgid "" +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 +msgid "sss_useradd" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_useradd.8.xml:16 +msgid "create a new user" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_useradd.8.xml:21 +msgid "" +"<command>sss_useradd</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>LOGIN</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_useradd.8.xml:32 +msgid "" +"<command>sss_useradd</command> creates a new user account using the values " +"specified on the command line plus the default values from the system." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:43 +msgid "" +"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:48 +msgid "" +"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " +"not given, it is chosen automatically." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 +msgid "" +"<option>-c</option>,<option>--gecos</option> " +"<replaceable>COMMENT</replaceable>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 +msgid "" +"Any text string describing the user. Often used as the field for the user's " +"full name." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 +msgid "" +"<option>-h</option>,<option>--home</option> " +"<replaceable>HOME_DIR</replaceable>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:72 +msgid "" +"The home directory of the user account. The default is to append the " +"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " +"that as the home directory. The base that is prepended before " +"<replaceable>LOGIN</replaceable> is tunable with " +"<quote>user_defaults/baseDirectory</quote> setting in sssd.conf." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 +msgid "" +"<option>-s</option>,<option>--shell</option> " +"<replaceable>SHELL</replaceable>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:87 +msgid "" +"The user's login shell. The default is currently " +"<filename>/bin/bash</filename>. The default can be changed with " +"<quote>user_defaults/defaultShell</quote> setting in sssd.conf." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:96 +msgid "" +"<option>-G</option>,<option>--groups</option> " +"<replaceable>GROUPS</replaceable>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:101 +msgid "A list of existing groups this user is also a member of." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:107 +msgid "<option>-m</option>,<option>--create-home</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:111 +msgid "" +"Create the user's home directory if it does not exist. The files and " +"directories contained in the skeleton directory (which can be defined with " +"the -k option or in the config file) will be copied to the home directory." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:121 +msgid "<option>-M</option>,<option>--no-create-home</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:125 +msgid "" +"Do not create the user's home directory. Overrides configuration settings." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:132 +msgid "" +"<option>-k</option>,<option>--skel</option> " +"<replaceable>SKELDIR</replaceable>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:137 +msgid "" +"The skeleton directory, which contains files and directories to be copied in" +" the user's home directory, when the home directory is created by " +"<command>sss_useradd</command>." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:143 +msgid "" +"This option is only valid if the <option>-m</option> (or <option>--create-" +"home</option>) option is specified, or creation of home directories is set " +"to TRUE in the configuration." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 +msgid "" +"<option>-Z</option>,<option>--selinux-user</option> " +"<replaceable>SELINUX_USER</replaceable>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:157 +msgid "" +"The SELinux user for the user's login. If not specified, the system default " +"will be used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_useradd.8.xml:169 +msgid "" +"<citerefentry> " +"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 +msgid "sssd-krb5" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:23 +msgid "" +"This manual page describes the configuration of the Kerberos 5 " +"authentication backend for <citerefentry> " +"<refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " +"</citerefentry>. For a detailed syntax reference, please refer to the " +"<quote>FILE FORMAT</quote> section of the <citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> manual page" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:36 +msgid "" +"The Kerberos 5 authentication backend contains auth and chpass providers. It" +" must be paired with identity provider in order to function properly (for " +"example, id_provider = ldap). Some information required by the Kerberos 5 " +"authentication backend must be provided by the identity provider, such as " +"the user's Kerberos Principal Name (UPN). The configuration of the identity " +"provider should have an entry to specify the UPN. Please refer to the man " +"page for the applicable identity provider for details on how to configure " +"this." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:47 +msgid "" +"This backend also provides access control based on the .k5login file in the " +"home directory of the user. See <citerefentry> " +"<refentrytitle>.k5login</refentrytitle><manvolnum>5</manvolnum> " +"</citerefentry> for more details. Please note that an empty .k5login file " +"will deny all access to this user. To activate this feature use " +"'access_provider = krb5' in your sssd configuration." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:55 +msgid "" +"In the case where the UPN is not available in the identity backend " +"<command>sssd</command> will construct a UPN using the format " +"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:106 +msgid "" +"The name of the Kerberos realm. This option is required and must be " +"specified." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:113 +msgid "krb5_kpasswd (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:116 +msgid "" +"If the change password service is not running on the KDC alternative servers" +" can be defined here. An optional port number (preceded by a colon) may be " +"appended to the addresses or hostnames." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:122 +msgid "" +"For more information on failover and server redundancy, see the " +"<quote>FAILOVER</quote> section. Please note that even if there are no more" +" kpasswd servers to try the back end is not switch to offline if " +"authentication against the KDC is still possible." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:129 +msgid "Default: Use the KDC" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:135 +msgid "krb5_ccachedir (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:138 +msgid "" +"Directory to store credential caches. All the substitution sequences of " +"krb5_ccname_template can be used here, too, except %d and %P. If the " +"directory does not exist it will be created. If %u, %U, %p or %h are used a " +"private directory belonging to the user is created. Otherwise a public " +"directory with restricted deletion flag (aka sticky bit, see <citerefentry> " +"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> " +"</citerefentry> for details) is created." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:151 +msgid "Default: /tmp" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:157 +msgid "krb5_ccname_template (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:166 +msgid "%u" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:167 +msgid "login name" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:170 +msgid "%U" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:171 +msgid "login UID" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:174 +msgid "%p" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:175 +msgid "principal name" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:179 +msgid "%r" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:180 +msgid "realm name" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:183 +msgid "%h" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:184 +msgid "home directory" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:188 +msgid "%d" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:189 +msgid "value of krb5ccache_dir" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:194 +msgid "%P" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:195 +msgid "the process ID of the sssd client" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:200 +msgid "%%" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:201 +msgid "a literal '%'" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:160 +msgid "" +"Location of the user's credential cache. Currently only file based " +"credential caches are supported. In the template the following sequences are" +" substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template " +"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe " +"way." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:209 +msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:215 +msgid "krb5_auth_timeout (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:218 +msgid "" +"Timeout in seconds after an online authentication or change password request" +" is aborted. If possible the authentication request is continued offline." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:241 +msgid "krb5_keytab (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:244 +msgid "" +"The location of the keytab to use when validating credentials obtained from " +"KDCs." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:248 +msgid "Default: /etc/krb5.keytab" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:254 +msgid "krb5_store_password_if_offline (boolean)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:257 +msgid "" +"Store the password of the user if the provider is offline and use it to " +"request a TGT when the provider gets online again." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:262 +msgid "" +"Please note that this feature currently only available on a Linux platform." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:272 +msgid "krb5_renewable_lifetime (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:275 +msgid "" +"Request a renewable ticket with a total lifetime given by an integer " +"immediately followed by one of the following delimiters:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:280 sssd-krb5.5.xml:316 +msgid "<emphasis>s</emphasis> seconds" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 +msgid "<emphasis>m</emphasis> minutes" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 +msgid "<emphasis>h</emphasis> hours" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 +msgid "<emphasis>d</emphasis> days." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 +msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:296 +msgid "" +"Please note that it is not possible to mix units. If you want to set the " +"renewable lifetime to one and a half hours please use '90m' instead of " +"'1h30m'." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:302 +msgid "Default: not set, i.e. the TGT is not renewable" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:308 +msgid "krb5_lifetime (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:311 +msgid "" +"Request ticket with a with a lifetime given by an integer immediately " +"followed by one of the following delimiters:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:332 +msgid "" +"Please note that it is not possible to mix units. If you want to set the " +"lifetime to one and a half hours please use '90m' instead of '1h30m'." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:337 +msgid "" +"Default: not set, i.e. the default ticket lifetime configured on the KDC." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:344 +msgid "krb5_renew_interval (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:347 +msgid "" +"The time in seconds between two checks if the TGT should be renewed. TGTs " +"are renewed if about half of their lifetime is exceeded." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:352 +msgid "If this option is not set or 0 the automatic renewal is disabled." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:362 +msgid "krb5_use_fast (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:365 +msgid "" +"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" +"authentication. The following options are supported:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:370 +msgid "" +"<emphasis>never</emphasis> use FAST, this is equivalent to not set this " +"option at all." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:374 +msgid "" +"<emphasis>try</emphasis> to use FAST, if the server does not support fast " +"continue without." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:378 +msgid "" +"<emphasis>demand</emphasis> to use FAST, fail if the server does not require" +" fast." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:382 +msgid "Default: not set, i.e. FAST is not used." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:385 +msgid "Please note that a keytab is required to use fast." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:388 +msgid "" +"Please note also that sssd supports fast only with MIT Kerberos version 1.8 " +"and above. If sssd used used with an older version using this option is a " +"configuration error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:65 +msgid "" +"If the auth-module krb5 is used in a SSSD domain, the following options must" +" be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN " +"SECTIONS</quote> for details on the configuration of a SSSD domain. " +"<placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:407 +msgid "" +"The following example assumes that SSSD is correctly configured and FOO is " +"one of the domains in the <replaceable>[sssd]</replaceable> section. This " +"example shows only configuration of Kerberos authentication, it does not " +"include any identity provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd-krb5.5.xml:415 +#, no-wrap +msgid "" +" [domain/FOO]\n" +" auth_provider = krb5\n" +" krb5_server = 192.168.1.1\n" +" krb5_realm = EXAMPLE.COM\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:426 +msgid "" +"<citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> " +"</citerefentry>, <citerefentry> <refentrytitle>sssd-" +"ldap</refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry>" +" <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 +msgid "sss_groupadd" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_groupadd.8.xml:16 +msgid "create a new group" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_groupadd.8.xml:21 +msgid "" +"<command>sss_groupadd</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>GROUP</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupadd.8.xml:32 +msgid "" +"<command>sss_groupadd</command> creates a new group. These groups are " +"compatible with POSIX groups, with the additional feature that they can " +"contain other groups as members." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_groupadd.8.xml:43 +msgid "" +"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_groupadd.8.xml:48 +msgid "" +"Set the GID of the group to the value of <replaceable>GID</replaceable>. If" +" not given, it is chosen automatically." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupadd.8.xml:60 +msgid "" +"<citerefentry> " +"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_userdel.8.xml:10 sss_userdel.8.xml:15 +msgid "sss_userdel" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_userdel.8.xml:16 +msgid "delete a user account" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_userdel.8.xml:21 +msgid "" +"<command>sss_userdel</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>LOGIN</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_userdel.8.xml:32 +msgid "" +"<command>sss_userdel</command> deletes a user identified by login name " +"<replaceable>LOGIN</replaceable> from the system." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_userdel.8.xml:44 +msgid "<option>-r</option>,<option>--remove</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_userdel.8.xml:48 +msgid "" +"Files in the user's home directory will be removed along with the home " +"directory itself and the user's mail spool. Overrides the configuration." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_userdel.8.xml:56 +msgid "<option>-R</option>,<option>--no-remove</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_userdel.8.xml:60 +msgid "" +"Files in the user's home directory will NOT be removed along with the home " +"directory itself and the user's mail spool. Overrides the configuration." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_userdel.8.xml:68 +msgid "<option>-f</option>,<option>--force</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_userdel.8.xml:72 +msgid "" +"This option forces <command>sss_userdel</command> to remove the user's home " +"directory and mail spool, even if they are not owned by the specified user." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_userdel.8.xml:80 +msgid "<option>-k</option>,<option>--kick</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_userdel.8.xml:84 +msgid "Before actually deleting the user, terminate all his processes." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_userdel.8.xml:95 +msgid "" +"<citerefentry> " +"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 +msgid "sss_groupdel" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_groupdel.8.xml:16 +msgid "delete a group" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_groupdel.8.xml:21 +msgid "" +"<command>sss_groupdel</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>GROUP</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupdel.8.xml:32 +msgid "" +"<command>sss_groupdel</command> deletes a group identified by its name " +"<replaceable>GROUP</replaceable> from the system." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupdel.8.xml:48 +msgid "" +"<citerefentry> " +"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 +msgid "sss_groupshow" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_groupshow.8.xml:16 +msgid "print properties of a group" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_groupshow.8.xml:21 +msgid "" +"<command>sss_groupshow</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>GROUP</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupshow.8.xml:32 +msgid "" +"<command>sss_groupshow</command> displays information about a group " +"identified by its name <replaceable>GROUP</replaceable>. The information " +"includes the group ID number, members of the group and the parent group." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_groupshow.8.xml:43 +msgid "<option>-R</option>,<option>--recursive</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_groupshow.8.xml:47 +msgid "" +"Also print indirect group members in a tree-like hierarchy. Note that this " +"also affects printing parent groups - without <option>R</option>, only the " +"direct parent will be printed." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupshow.8.xml:60 +msgid "" +"<citerefentry> " +"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_usermod.8.xml:10 sss_usermod.8.xml:15 +msgid "sss_usermod" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_usermod.8.xml:16 +msgid "modify a user account" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_usermod.8.xml:21 +msgid "" +"<command>sss_usermod</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>LOGIN</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_usermod.8.xml:32 +msgid "" +"<command>sss_usermod</command> modifies the account specified by " +"<replaceable>LOGIN</replaceable> to reflect the changes that are specified " +"on the command line." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_usermod.8.xml:60 +msgid "The home directory of the user account." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_usermod.8.xml:71 +msgid "The user's login shell." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_usermod.8.xml:82 +msgid "" +"Append this user to groups specified by the " +"<replaceable>GROUPS</replaceable> parameter. The " +"<replaceable>GROUPS</replaceable> parameter is a comma separated list of " +"group names." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_usermod.8.xml:96 +msgid "" +"Remove this user from groups specified by the " +"<replaceable>GROUPS</replaceable> parameter." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_usermod.8.xml:103 +msgid "<option>-l</option>,<option>--lock</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_usermod.8.xml:107 +msgid "Lock the user account. The user won't be able to log in." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_usermod.8.xml:114 +msgid "<option>-u</option>,<option>--unlock</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_usermod.8.xml:118 +msgid "Unlock the user account." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_usermod.8.xml:129 +msgid "The SELinux user for the user's login." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_usermod.8.xml:140 +msgid "" +"<citerefentry> " +"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>." +msgstr "" + +#. type: Content of: <refsect1><title> +#: include/service_discovery.xml:2 +msgid "SERVICE DISCOVERY" +msgstr "" + +#. type: Content of: <refsect1><para> +#: include/service_discovery.xml:4 +msgid "" +"The service discovery feature allows back ends to automatically find the " +"appropriate servers to connect to using a special DNS query." +msgstr "" + +#. type: Content of: <refsect1><refsect2><title> +#: include/service_discovery.xml:9 +msgid "Configuration" +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/service_discovery.xml:11 +msgid "" +"If no servers are specified, the back end automatically uses service " +"discovery to try to find a server. Optionally, the user may choose to use " +"both fixed server addresses and service discovery by inserting a special " +"keyword, <quote>_srv_</quote>, in the list of servers. The order of " +"preference is maintained. This feature is useful if, for example, the user " +"prefers to use service discovery whenever possible, and fall back to a " +"specific server when no servers can be discovered using DNS." +msgstr "" + +#. type: Content of: <refsect1><refsect2><title> +#: include/service_discovery.xml:23 +msgid "The domain name" +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/service_discovery.xml:25 +msgid "" +"Please refer to the <quote>dns_discovery_domain</quote> parameter in the " +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> manual page for more details." +msgstr "" + +#. type: Content of: <refsect1><refsect2><title> +#: include/service_discovery.xml:35 +msgid "The protocol" +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/service_discovery.xml:37 +msgid "" +"The queries usually specify _tcp as the protocol. Exceptions are documented " +"in respective option description." +msgstr "" + +#. type: Content of: <refsect1><refsect2><title> +#: include/service_discovery.xml:42 +msgid "See Also" +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/service_discovery.xml:44 +msgid "" +"For more information on the service discovery mechanism, refer to RFC 2782." +msgstr "" + +#. type: Content of: outside any tag (error?) +#: include/upstream.xml:1 +msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <refsect1><title> +#: include/failover.xml:2 +msgid "FAILOVER" +msgstr "" + +#. type: Content of: <refsect1><para> +#: include/failover.xml:4 +msgid "" +"The failover feature allows back ends to automatically switch to a different" +" server if the primary server fails." +msgstr "" + +#. type: Content of: <refsect1><refsect2><title> +#: include/failover.xml:8 +msgid "Failover Syntax" +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/failover.xml:10 +msgid "" +"The list of servers is given as a comma-separated list; any number of spaces" +" is allowed around the comma. The servers are listed in order of preference." +" The list can contain any number of servers." +msgstr "" + +#. type: Content of: <refsect1><refsect2><title> +#: include/failover.xml:17 +msgid "The Failover Mechanism" +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/failover.xml:19 +msgid "" +"The failover mechanism distinguishes between a machine and a service. The " +"back end first tries to resolve the hostname of a given machine; if this " +"resolution attempt fails, the machine is considered offline. No further " +"attempts are made to connect to this machine for any other service. If the " +"resolution attempt succeeds, the back end tries to connect to a service on " +"this machine. If the service connection attempt fails, then only this " +"particular service is considered offline and the back end automatically " +"switches over to the next service. The machine is still considered online " +"and might still be tried for another service." +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/failover.xml:32 +msgid "" +"Further connection attempts are made to machines or services marked as " +"offline after a specified period of time; this is currently hard coded to 30" +" seconds." +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/failover.xml:37 +msgid "" +"If there are no more machines to try, the back end as a whole switches to " +"offline mode, and then attempts to reconnect every 30 seconds." +msgstr "" + +#. type: Content of: <varlistentry><term> +#: include/param_help.xml:3 +msgid "<option>-h</option>,<option>--help</option>" +msgstr "" + +#. type: Content of: <varlistentry><listitem><para> +#: include/param_help.xml:7 +msgid "Display help message and exit." +msgstr "" diff --git a/src/man/po/nl.po b/src/man/po/nl.po new file mode 100644 index 00000000..7cb821d7 --- /dev/null +++ b/src/man/po/nl.po @@ -0,0 +1,5408 @@ +# SOME DESCRIPTIVE TITLE +# Copyright (C) YEAR Red Hat +# This file is distributed under the same license as the sssd-docs package. +# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR. +# +msgid "" +msgstr "" +"Project-Id-Version: SSSD\n" +"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" +"POT-Creation-Date: 2011-01-24 13:36-0500\n" +"PO-Revision-Date: 2011-03-08 15:06+0000\n" +"Last-Translator: sgallagh <sgallagh@redhat.com>\n" +"Language-Team: LANGUAGE <LL@li.org>\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Language: nl\n" +"Plural-Forms: nplurals=2; plural=(n != 1)\n" + +#. type: Content of: <reference><title> +#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 +#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 +#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 +#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 +#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 +msgid "SSSD Manual pages" +msgstr "SSSD handleiding" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 +msgid "sss_groupmod" +msgstr "sss_groupmod" + +#. type: Content of: <reference><refentry><refmeta><manvolnum> +#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 +#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 +#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 +#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 +msgid "8" +msgstr "8" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_groupmod.8.xml:16 +msgid "modify a group" +msgstr "muteer een groep" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_groupmod.8.xml:21 +msgid "" +"<command>sss_groupmod</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>GROUP</replaceable></arg>" +msgstr "" +"<command>sss_groupmod</command> <arg choice='opt'> " +"<replaceable>opties</replaceable> </arg> <arg " +"choice='plain'><replaceable>GROEP</replaceable></arg>" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:41 +#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 +#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 +#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 +#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 +msgid "DESCRIPTION" +msgstr "OMSCHRIJVING" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupmod.8.xml:32 +msgid "" +"<command>sss_groupmod</command> modifies the group to reflect the changes " +"that are specified on the command line." +msgstr "" +"<command>sss_groupmod</command> muteert de groep en maakt de aanpassingen " +"die via de opdrachtregel ingegeven zijn." + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_groupmod.8.xml:39 pam_sss.8.xml:48 sssd.8.xml:42 sss_obfuscate.8.xml:59 +#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 +#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 +msgid "OPTIONS" +msgstr "OPTIES" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 +msgid "" +"<option>-a</option>,<option>--append-group</option> " +"<replaceable>GROUPS</replaceable>" +msgstr "" +"<option>-a</option>,<option>--append-group</option> " +"<replaceable>GROEPEN</replaceable>" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_groupmod.8.xml:48 +msgid "" +"Append this group to groups specified by the " +"<replaceable>GROUPS</replaceable> parameter. The " +"<replaceable>GROUPS</replaceable> parameter is a comma separated list of " +"group names." +msgstr "" +"Voeg deze groep toe aan de groepen opgegeven met de " +"<replaceable>GROEPEN</replaceable> parameter. De " +"<replaceable>GROEPEN</replaceable> parameter is een kommagescheiden lijst " +"van groepnamen." + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 +msgid "" +"<option>-r</option>,<option>--remove-group</option> " +"<replaceable>GROUPS</replaceable>" +msgstr "" +"<option>-r</option>,<option>--remove-group</option> " +"<replaceable>GROEPEN</replaceable>" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_groupmod.8.xml:62 +msgid "" +"Remove this group from groups specified by the " +"<replaceable>GROUPS</replaceable> parameter." +msgstr "" +"Verwijder deze groep uit de groepen opgegeven in de " +"<replaceable>GROEPEN</replaceable> parameter." + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1008 sssd-ldap.5.xml:1389 +#: pam_sss.8.xml:128 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 +#: sssd-ipa.5.xml:191 sssd.8.xml:166 sss_obfuscate.8.xml:104 +#: sss_useradd.8.xml:167 sssd-krb5.5.xml:424 sss_groupadd.8.xml:58 +#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 +#: sss_usermod.8.xml:138 +msgid "SEE ALSO" +msgstr "ZIE OOK" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupmod.8.xml:74 +msgid "" +"<citerefentry> " +"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>." +msgstr "" +"<citerefentry> " +"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>." + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd.conf.5.xml:10 sssd.conf.5.xml:16 +msgid "sssd.conf" +msgstr "sssd.conf" + +#. type: Content of: <reference><refentry><refmeta><manvolnum> +#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 +#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 +msgid "5" +msgstr "5" + +#. type: Content of: <reference><refentry><refmeta><refmiscinfo> +#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 +#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12 +msgid "File Formats and Conventions" +msgstr "Bestandsformaten en conventies" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 +#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 +msgid "the configuration file for SSSD" +msgstr "het configuratiebestand voor SSSD" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:21 +msgid "FILE FORMAT" +msgstr "BESTANDSFORMAAT" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd.conf.5.xml:29 +#, no-wrap +msgid "" +" <replaceable>[section]</replaceable>\n" +" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" +" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" +" " +msgstr "" +" <replaceable>[sectie]</replaceable>\n" +" <replaceable>sleutel</replaceable> = <replaceable>waarde</replaceable>\n" +" <replaceable>sleutel2</replaceable> = <replaceable>waarde2,waarde3</replaceable>\n" +" " + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:24 +msgid "" +"The file has an ini-style syntax and consists of sections and parameters. A " +"section begins with the name of the section in square brackets and continues" +" until the next section begins. An example of section with single and multi-" +"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" +"Het bestand heeft een ini-stijl syntaxis en bestaat uit secties en " +"parameters. Een sectie begint met de naam van de sectie in rechte haken en " +"gaat verder totdat de volgende sectie begint. Een voorbeeld van een sectie " +"met een enkele en een meervoudige parameter: <placeholder " +"type=\"programlisting\" id=\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:36 +msgid "" +"The data types used are string (no quotes needed), integer and bool (with " +"values of <quote>TRUE/FALSE</quote>)." +msgstr "" +"De datatypes gebruikt zijn tekst (geen quotes vereisd), numeriek en " +"booleaans (met de waardes <quote>TRUE/FALSE</quote>)." + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:41 +msgid "" +"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " +"(<quote>;</quote>)" +msgstr "" +"Een regel met kommentaar begint met een hekje (<quote>#</quote>) of een " +"puntkomma (<quote>;</quote>)" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:46 +msgid "" +"All sections can have an optional <replaceable>description</replaceable> " +"parameter. Its function is only as a label for the section." +msgstr "" +"Alle secties kunnen een optionele <replaceable>description</replaceable> " +"parameter bevatten. Dit fungeert slechts als label voor de sectie." + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:52 +msgid "" +"<filename>sssd.conf</filename> must be a regular file, owned by root and " +"only root may read from or write to the file." +msgstr "" +"<filename>sssd.conf</filename> moet een standaardbestand zijn, de eigenaar " +"moet root zijn en alleen root mag hem lezen en schrijven." + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:58 +msgid "SPECIAL SECTIONS" +msgstr "SPECIALE SECTIES" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:61 +msgid "The [sssd] section" +msgstr "De [sssd] sectie" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><title> +#: sssd.conf.5.xml:70 sssd.conf.5.xml:854 +msgid "Section parameters" +msgstr "Sectie parameters" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:72 +msgid "config_file_version (integer)" +msgstr "config_file_version (numeriek)" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:75 +msgid "" +"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " +"version 2." +msgstr "" +"Geeft aan welke syntaxis de configuratie gebruikt. SSSD 0.6.0 en hoger " +"gebruiken versie 2." + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:81 +msgid "services" +msgstr "diensten" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:84 +msgid "" +"Comma separated list of services that are started when sssd itself starts." +msgstr "" +"Kommagescheiden lijst van diensten die gestart worden als sssd zelf start." + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:88 +msgid "Supported services: nss, pam" +msgstr "Ondersteunde diensten: nss, pam" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:93 sssd.conf.5.xml:234 +msgid "reconnection_retries (integer)" +msgstr "reconnection_retries (numeriek)" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:96 sssd.conf.5.xml:237 +msgid "" +"Number of times services should attempt to reconnect in the event of a Data " +"Provider crash or restart before they give up" +msgstr "" +"Aantal keer dat de service moet proberen om opnieuw te verbinden indien een " +"Data Aanbieder crashed of opnieuw start voordat dit opgegeven wordt" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:101 sssd.conf.5.xml:242 +msgid "Default: 3" +msgstr "Standaard: 3" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:106 +msgid "domains" +msgstr "domeinen" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:109 +msgid "" +"A domain is a database containing user information. SSSD can use more " +"domains at the same time, but at least one must be configured or SSSD won't " +"start. This parameter described the list of domains in the order you want " +"them to be queried." +msgstr "" +"Een domein is een databank met gebruikersinformatie. SSSD kan meerdere " +"domeinen tegelijkertijd gebruiken, maar er moet op zijn minst één domein " +"geconfigureerd zijn, anders start SSSD niet. Deze parameter omschrijft de " +"lijst van domeinen in de volgorde die SSSD ze moet aflopen." + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:119 +msgid "re_expression (string)" +msgstr "re_expression (tekst)" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:122 +msgid "" +"Regular expression that describes how to parse the string containing user " +"name and domain into these components." +msgstr "" +"Reguliere expressie die omschrijft hoe de tekst die de gebruikers- en " +"domeinnaam verwerkt moeten worden." + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:126 +msgid "" +"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " +"which translates to \"the name is everything up to the <quote>@</quote> " +"sign, the domain everything after that\"" +msgstr "" +"Standaard: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " +"wat zich vertaalt tot \"de gebruikersnaam is alles tot <quote>@</quote> , " +"het domein alles daarna\"" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:131 +msgid "" +"PLEASE NOTE: the support for non-unique named subpatterns is not available " +"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " +"version 7 or higher can support non-unique named subpatterns." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:138 +msgid "" +"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax " +"(?P<name>) to label subpatterns." +msgstr "" +"MER OOK OP: oudere versies van libpcre ondersteunen alleen de Pyton syntaxis" +" (?P<name>) om subpatronen aan te geven." + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:145 +msgid "full_name_format (string)" +msgstr "full_name_format (tekst)" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:148 +msgid "" +"A <citerefentry> <refentrytitle>printf</refentrytitle> " +"<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes " +"how to translate a (name, domain) tuple into a fully qualified name." +msgstr "" +"Een <citerefentry> <refentrytitle>printf</refentrytitle> " +"<manvolnum>3</manvolnum> </citerefentry>-compatibel formaat wat omschrijft " +"hoe een tuple (met name, domain) vertaald wordt in een full qualified name." + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:156 +msgid "Default: <quote>%1$s@%2$s</quote>." +msgstr "Standaard: <quote>%1$s@%2$s</quote>." + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:161 +msgid "try_inotify (boolean)" +msgstr "try_inotify (bool)" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:164 +msgid "" +"SSSD monitors the state of resolv.conf to identify when it needs to update " +"its internal DNS resolver. By default, we will attempt to use inotify for " +"this, and will fall back to polling resolv.conf every five seconds if " +"inotify cannot be used." +msgstr "" +"SSSD houdt de stat van resolv.conf in de gaten om te zien wanneer de interne" +" DNS-resolver bijgewerkt moet worden. Standaard wordt er geprobeerd om " +"inotify te gebruiken en er wordt teruggevallen op iedere vijf seconden " +"kijken of resolv.conf gewijzigd is als er geen inotify beschikbaar is." + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:172 +msgid "" +"There are some limited situations where it is preferred that we should skip " +"even trying to use inotify. In these rare cases, this option should be set " +"to 'false'" +msgstr "" +"Er zijn een aantal situaties waarin het de voorkeur heeft dat we het gebruik" +" van inotify uitschakelen. In deze zeldzame gevallen kan de optie op 'false'" +" gezet worden" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:178 +msgid "" +"Default: true on platforms where inotify is supported. False on other " +"platforms." +msgstr "" +"Standaard: true op systemen waar inotify is ondersteund. False op andere " +"systemen." + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:182 +msgid "" +"Note: this option will have no effect on platforms where inotify is " +"unavailable. On these platforms, polling will always be used." +msgstr "" +"Merk op: deze optie heeft geen effect op systemen waar inotify niet " +"beschikbaar is. Op deze systemen wordt altijd periodiek gekeken naar " +"resolv.conf." + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sssd.conf.5.xml:63 +msgid "" +"Individual pieces of SSSD functionality are provided by special SSSD " +"services that are started and stopped together with SSSD. The services are " +"managed by a special service frequently called <quote>monitor</quote>. The " +"<quote>[sssd]</quote> section is used to configure the monitor as well as " +"some other important options like the identity domains. <placeholder " +"type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:195 +msgid "SERVICES SECTIONS" +msgstr "SERVICES SECTIE" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:197 +msgid "" +"Settings that can be used to configure different services are described in " +"this section. They should reside in the [<replaceable>$NAME</replaceable>] " +"section, for example, for NSS service, the section would be " +"<quote>[nss]</quote>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:204 +msgid "General service configuration options" +msgstr "Algemene service configuratie-opties" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sssd.conf.5.xml:206 +msgid "These options can be used to configure any service." +msgstr "Deze opties kunnen gebruikt worden om services te configureren." + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:210 +msgid "debug_level (integer)" +msgstr "debug_level (numeriek)" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:213 +msgid "" +"Sets the debug level for the service. The value can be in range from 0 (only" +" critical messages) to 10 (very verbose)." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:218 sssd.conf.5.xml:312 +msgid "Default: 0" +msgstr "Standaard: 0" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.conf.5.xml:223 sssd.8.xml:58 +msgid "debug_timestamps (bool)" +msgstr "debug_timestamps (bool)" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:226 sssd.8.xml:61 +msgid "Add a timestamp to the debug messages" +msgstr "Voeg een tijdstempel toe aan de debugberichten" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:229 sssd.conf.5.xml:353 sssd-ldap.5.xml:1015 +#: sssd-ldap.5.xml:1120 sssd-ipa.5.xml:155 +msgid "Default: true" +msgstr "Standaard: true" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:247 +msgid "command (string)" +msgstr "command (tekst)" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:250 +msgid "" +"By default, the executable representing this service is called " +"<command>sssd_${service_name}</command>. This directive allows to change " +"the executable name for the service. In the vast majority of configurations," +" the default values should suffice." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:258 +msgid "Default: <command>sssd_${service_name}</command>" +msgstr "Standaard: <command>sssd_${service_name}</command>" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:266 +msgid "NSS configuration options" +msgstr "NSS configuratie-opties" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sssd.conf.5.xml:268 +msgid "" +"These options can be used to configure the Name Service Switch (NSS) " +"service." +msgstr "" +"Deze opties kunnen worden gebruikt om de Name Serice Switch (NSS) service te" +" configurere." + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:273 +msgid "enum_cache_timeout (integer)" +msgstr "enum_cache_timeout (numeriek)" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:276 +msgid "" +"How many seconds should nss_sss cache enumerations (requests for info about " +"all users)" +msgstr "" +"Hoeveel seconden zouden nss_sss cache enumeraties (verzoeken om informatie " +"over alle gebruikers)" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:280 +msgid "Default: 120" +msgstr "Standaard: 120" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:285 +msgid "entry_cache_nowait_percentage (integer)" +msgstr "entry_cache_nowait_percentage (numeriek)" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:288 +msgid "" +"The entry cache can be set to automatically update entries in the background" +" if they are requested beyond a percentage of the entry_cache_timeout value " +"for the domain." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:294 +msgid "" +"For example, if the domain's entry_cache_timeout is set to 30s and " +"entry_cache_nowait_percentage is set to 50 (percent), entries that come in " +"after 15 seconds past the last cache update will be returned immediately, " +"but the SSSD will go and update the cache on its own, so that future " +"requests will not need to block waiting for a cache update." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:304 +msgid "" +"Valid values for this option are 0-99 and represent a percentage of the " +"entry_cache_timeout for each domain. For performance reasons, this " +"percentage will never reduce the nowait timeout to less than 10 seconds. (0" +" disables this feature)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:317 +msgid "entry_negative_timeout (integer)" +msgstr "entry_negative_timeout (numeriek)" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:320 +msgid "" +"Specifies for how many seconds nss_sss should cache negative cache hits " +"(that is, queries for invalid database entries, like nonexistent ones) " +"before asking the back end again." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:326 sssd-krb5.5.xml:223 +msgid "Default: 15" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:331 +msgid "filter_users, filter_groups (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:334 +msgid "" +"Exclude certain users from being fetched from the sss NSS database. This is " +"particularly useful for system accounts. This option can also be set per-" +"domain or include fully-qualified names to filter only users from the " +"particular domain." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:341 +msgid "Default: root" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:346 +msgid "filter_users_in_groups (bool)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:349 +msgid "" +"If you want filtered user still be group members set this option to false." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:360 +msgid "PAM configuration options" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sssd.conf.5.xml:362 +msgid "" +"These options can be used to configure the Pluggable Authentication Module " +"(PAM) service." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:367 +msgid "offline_credentials_expiration (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:370 +msgid "" +"If the authentication provider is offline, how long should we allow cached " +"logins (in days since the last successful online login)." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:375 sssd.conf.5.xml:388 +msgid "Default: 0 (No limit)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:381 +msgid "offline_failed_login_attempts (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:384 +msgid "" +"If the authentication provider is offline, how many failed login attempts " +"are allowed." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:394 +msgid "offline_failed_login_delay (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:397 +msgid "" +"The time in minutes which has to pass after offline_failed_login_attempts " +"has been reached before a new login attempt is possible." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:402 +msgid "" +"If set to 0 the user cannot authenticate offline if " +"offline_failed_login_attempts has been reached. Only a successful online " +"authentication can enable enable offline authentication again." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:408 sssd.conf.5.xml:461 sssd.conf.5.xml:793 +msgid "Default: 5" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:414 +msgid "pam_verbosity (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:417 +msgid "" +"Controls what kind of messages are shown to the user during authentication. " +"The higher the number to more messages are displayed." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:422 +msgid "Currently sssd supports the following values:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:425 +msgid "<emphasis>0</emphasis>: do not show any message" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:428 +msgid "<emphasis>1</emphasis>: show only important messages" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:432 +msgid "<emphasis>2</emphasis>: show informational messages" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:435 +msgid "<emphasis>3</emphasis>: show all messages and debug information" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:439 +msgid "Default: 1" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:444 +msgid "pam_id_timeout (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:447 +msgid "" +"For any PAM request while SSSD is online, the SSSD will attempt to " +"immediately update the cached identity information for the user in order to " +"ensure that authentication takes place with the latest information." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:453 +msgid "" +"A complete PAM conversation may perform multiple PAM requests, such as " +"account management and session opening. This option controls (on a per-" +"client-application basis) how long (in seconds) we can cache the identity " +"information to avoid excessive round-trips to the identity provider." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:467 +msgid "pam_pwd_expiration_warning (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:470 +msgid "Display a warning N days before the password expires." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:473 +msgid "" +"Please note that the backend server has to provide information about the " +"expiration time of the password. If this information is missing, sssd " +"cannot display a warning." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:479 +msgid "Default: 7" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:488 +msgid "DOMAIN SECTIONS" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:495 +msgid "min_id,max_id (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:498 +msgid "" +"UID and GID limits for the domain. If a domain contains an entry that is " +"outside these limits, it is ignored." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:503 +msgid "" +"For users, this affects the primary GID limit. The user will not be returned" +" to NSS if either the UID or the primary GID is outside the range. For non-" +"primary group memberships, those that are in range will be reported as " +"expected." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:510 +msgid "Default: 1 for min_id, 0 (no limit) for max_id" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:516 +msgid "timeout (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:519 +msgid "" +"Timeout in seconds between heartbeats for this domain. This is used to " +"ensure that the backend process is alive and capable of answering requests." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:524 +msgid "Default: 10" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:530 +msgid "enumerate (bool)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:533 +msgid "" +"Determines if a domain can be enumerated. This parameter can have one of the" +" following values:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:537 +msgid "TRUE = Users and groups are enumerated" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:540 +msgid "FALSE = No enumerations for this domain" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:543 sssd.conf.5.xml:591 sssd.conf.5.xml:645 +msgid "Default: FALSE" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:546 +msgid "" +"Note: Enabling enumeration has a moderate performance impact on SSSD while " +"enumeration is running. It may take up to several minutes after SSSD startup" +" to fully complete enumerations. During this time, individual requests for " +"information will go directly to LDAP, though it may be slow, due to the " +"heavy enumeration processing." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:556 +msgid "" +"While the first enumeration is running, requests for the complete user or " +"group lists may return no results until it completes." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:561 +msgid "" +"Further, enabling enumeration may increase the time necessary to detect " +"network disconnection, as longer timeouts are required to ensure that " +"enumeration lookups are completed successfully. For more information, refer" +" to the man pages for the specific id_provider in use." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:572 +msgid "entry_cache_timeout (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:575 +msgid "" +"How many seconds should nss_sss consider entries valid before asking the " +"backend again" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:579 +msgid "Default: 5400" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:584 +msgid "cache_credentials (bool)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:587 +msgid "Determines if user credentials are also cached in the local LDB cache" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:596 +msgid "account_cache_expiration (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:599 +msgid "" +"Number of days entries are left in cache after last successful login before " +"being removed during a cleanup of the cache. 0 means keep forever. The " +"value of this parameter must be greater than or equal to " +"offline_credentials_expiration." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:606 +msgid "Default: 0 (unlimited)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:612 +msgid "id_provider (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:615 +msgid "The Data Provider identity backend to use for this domain." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:619 +msgid "Supported backends:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:622 +msgid "proxy: Support a legacy NSS provider" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:625 +msgid "local: SSSD internal local provider" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:628 +msgid "ldap: LDAP provider" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:634 +msgid "use_fully_qualified_names (bool)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:637 +msgid "" +"If set to TRUE, all requests to this domain must use fully qualified names. " +"For example, if used in LOCAL domain that contains a \"test\" user, " +"<command>getent passwd test</command> wouldn't find the user while " +"<command>getent passwd test@LOCAL</command> would." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:650 +msgid "auth_provider (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:653 +msgid "" +"The authentication provider used for the domain. Supported auth providers " +"are:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:657 +msgid "" +"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " +"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> for more information on configuring LDAP." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:664 +msgid "" +"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " +"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> for more information on configuring Kerberos." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:671 +msgid "" +"<quote>proxy</quote> for relaying authentication to some other PAM target." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:674 +msgid "<quote>none</quote> disables authentication explicitly." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:677 +msgid "" +"Default: <quote>id_provider</quote> is used if it is set and can handle " +"authentication requests." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:683 +msgid "access_provider (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:686 +msgid "" +"The access control provider used for the domain. There are two built-in " +"access providers (in addition to any included in installed backends) " +"Internal special providers are:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:692 +msgid "<quote>permit</quote> always allow access." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:695 +msgid "<quote>deny</quote> always deny access." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:698 +msgid "" +"<quote>simple</quote> access control based on access or deny lists. See " +"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> " +"<manvolnum>5</manvolnum></citerefentry> for more information on configuring " +"the simple access module." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:705 +msgid "Default: <quote>permit</quote>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:710 +msgid "chpass_provider (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:713 +msgid "" +"The provider which should handle change password operations for the domain." +" Supported change password providers are:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:718 +msgid "" +"<quote>ipa</quote> to change a password stored in an IPA server. See " +"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> for more information on configuring" +" IPA." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:726 +msgid "" +"<quote>ldap</quote> to change a password stored in a LDAP server. See " +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> for more information on configuring" +" LDAP." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:734 +msgid "" +"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " +"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> for more information on configuring Kerberos." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:742 +msgid "" +"<quote>proxy</quote> for relaying password changes to some other PAM target." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:746 +msgid "<quote>none</quote> disallows password changes explicitly." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:749 +msgid "" +"Default: <quote>auth_provider</quote> is used if it is set and can handle " +"change password requests." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:756 +msgid "lookup_family_order (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:759 +msgid "" +"Provides the ability to select preferred address family to use when " +"performing DNS lookups." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:763 +msgid "Supported values:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:766 +msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:769 +msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:772 +msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:775 +msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:778 +msgid "Default: ipv4_first" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:784 +msgid "dns_resolver_timeout (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:787 +msgid "" +"Defines the amount of time (in seconds) to wait for a reply from the DNS " +"resolver before assuming that it is unreachable. If this timeout is reached," +" the domain will continue to operate in offline mode." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:799 +msgid "dns_discovery_domain (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:802 +msgid "" +"If service discovery is used in the back end, specifies the domain part of " +"the service discovery DNS query." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:806 +msgid "Default: Use the domain part of machine's hostname" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:490 +msgid "" +"These configuration options can be present in a domain configuration " +"section, that is, in a section called " +"<quote>[domain/<replaceable>NAME</replaceable>]</quote> <placeholder " +"type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:818 +msgid "proxy_pam_target (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:821 +msgid "The proxy target PAM proxies to." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:824 +msgid "" +"Default: not set by default, you have to take an existing pam configuration " +"or create a new one and add the service name here." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:832 +msgid "proxy_lib_name (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:835 +msgid "" +"The name of the NSS library to use in proxy domains. The NSS functions " +"searched for in the library are in the form of _nss_$(libName)_$(function), " +"for example _nss_files_getpwent." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:814 +msgid "" +"Options valid for proxy domains. <placeholder type=\"variablelist\" " +"id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:847 +msgid "The local domain section" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sssd.conf.5.xml:849 +msgid "" +"This section contains settings for domain that stores users and groups in " +"SSSD native database, that is, a domain that uses " +"<replaceable>id_provider=local</replaceable>." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:856 +msgid "default_shell (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:859 +msgid "The default shell for users created with SSSD userspace tools." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:863 +msgid "Default: <filename>/bin/bash</filename>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:868 +msgid "base_directory (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:871 +msgid "" +"The tools append the login name to <replaceable>base_directory</replaceable>" +" and use that as the home directory." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:876 +msgid "Default: <filename>/home</filename>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:881 +msgid "create_homedir (bool)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:884 +msgid "" +"Indicate if a home directory should be created by default for new users. " +"Can be overridden on command line." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:888 sssd.conf.5.xml:900 +msgid "Default: TRUE" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:893 +msgid "remove_homedir (bool)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:896 +msgid "" +"Indicate if a home directory should be removed by default for deleted users." +" Can be overridden on command line." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:905 +msgid "homedir_umask (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:908 +msgid "" +"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " +"on a newly created home directory." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:916 +msgid "Default: 077" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:921 +msgid "skel_dir (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:924 +msgid "" +"The skeleton directory, which contains files and directories to be copied in" +" the user's home directory, when the home directory is created by " +"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:934 +msgid "Default: <filename>/etc/skel</filename>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:939 +msgid "mail_dir (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:942 +msgid "" +"The mail spool directory. This is needed to manipulate the mailbox when its " +"corresponding user account is modified or deleted. If not specified, a " +"default value is used." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:949 +msgid "Default: <filename>/var/mail</filename>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:954 +msgid "userdel_cmd (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:957 +msgid "" +"The command that is run after a user is removed. The command us passed the " +"username of the user being removed as the first and only parameter. The " +"return code of the command is not taken into account." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:963 +msgid "Default: None, no command is run" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:973 sssd-ldap.5.xml:1357 sssd-simple.5.xml:126 +#: sssd-ipa.5.xml:173 sssd-krb5.5.xml:405 +msgid "EXAMPLE" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd.conf.5.xml:979 +#, no-wrap +msgid "" +"[sssd]\n" +"domains = LDAP\n" +"services = nss, pam\n" +"config_file_version = 2\n" +"\n" +"[nss]\n" +"filter_groups = root\n" +"filter_users = root\n" +"\n" +"[pam]\n" +"\n" +"[domain/LDAP]\n" +"id_provider = ldap\n" +"ldap_uri = ldap://ldap.example.com\n" +"ldap_search_base = dc=example,dc=com\n" +"\n" +"auth_provider = krb5\n" +"krb5_server = kerberos.example.com\n" +"krb5_realm = EXAMPLE.COM\n" +"cache_credentials = true\n" +"\n" +"min_id = 10000\n" +"max_id = 20000\n" +"enumerate = False\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:975 +msgid "" +"The following example shows a typical SSSD config. It does not describe " +"configuration of the domains themselves - refer to documentation on " +"configuring domains for more details. <placeholder type=\"programlisting\" " +"id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:1010 +msgid "" +"<citerefentry> <refentrytitle>sssd-" +"ldap</refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry>" +" <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 +msgid "sssd-ldap" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:23 +msgid "" +"This manual page describes the configuration of LDAP domains for " +"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " +"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> manual page for detailed syntax " +"information." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:35 +msgid "You can configure SSSD to use more than one LDAP domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:38 +msgid "" +"LDAP back end supports id, auth, access and chpass providers. If you want to" +" authenticate against an LDAP server either TLS/SSL or LDAPS is required. " +"<command>sssd</command> <emphasis>does not</emphasis> support authentication" +" over an unencrypted channel. If the LDAP server is used only as an " +"identity provider, an encrypted channel is not needed. Please refer to " +"<quote>ldap_access_filter</quote> config option for more information about " +"using LDAP as an access provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:61 +#: sssd-krb5.5.xml:63 +msgid "CONFIGURATION OPTIONS" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:60 +msgid "ldap_uri (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:63 +msgid "" +"Specifies the list of URIs of the LDAP servers to which SSSD should connect " +"in the order of preference. Refer to the <quote>FAILOVER</quote> section for" +" more information on failover and server redundancy. If not specified, " +"service discovery is enabled. For more information, refer to the " +"<quote>SERVICE DISCOVERY</quote> section." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:73 +msgid "ldap_chpass_uri (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:76 +msgid "" +"Specifies the list of URIs of the LDAP servers to which SSSD should connect " +"in the order of preference to change the password of a user. Refer to the " +"<quote>FAILOVER</quote> section for more information on failover and server " +"redundancy." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:83 +msgid "To enable service discovery ldap_chpass_dns_service_name must be set." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:87 +msgid "Default: empty, i.e. ldap_uri is used." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:93 +msgid "ldap_search_base (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:96 +msgid "The default base DN to use for performing LDAP user operations." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:100 +msgid "" +"Default: If not set the value of the defaultNamingContext or namingContexts " +"attribute from the RootDSE of the LDAP server is used. If " +"defaultNamingContext does not exists or has an empty value namingContexts is" +" used. The namingContexts attribute must have a single value with the DN of" +" the search base of the LDAP server to make this work. Multiple values are " +"are not supported." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:114 +msgid "ldap_schema (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:117 +msgid "" +"Specifies the Schema Type in use on the target LDAP server. Depending on " +"the selected schema, the default attribute names retrieved from the servers " +"may vary. The way that some attributes are handled may also differ. Three " +"schema types are currently supported: rfc2307 rfc2307bis IPA The main " +"difference between these schema types is how group memberships are recorded " +"in the server. With rfc2307, group members are listed by name in the " +"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group " +"members are listed by DN and stored in the <emphasis>member</emphasis> " +"attribute." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:136 +msgid "Default: rfc2307" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:142 +msgid "ldap_default_bind_dn (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:145 +msgid "The default bind DN to use for performing LDAP operations." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:152 +msgid "ldap_default_authtok_type (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:155 +msgid "The type of the authentication token of the default bind DN." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:159 +msgid "The two mechanisms currently supported are:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:162 +msgid "password" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:165 +msgid "obfuscated_password" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:171 +msgid "ldap_default_authtok (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:174 +msgid "" +"The authentication token of the default bind DN. Only clear text passwords " +"are currently supported." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:181 +msgid "ldap_user_object_class (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:184 +msgid "The object class of a user entry in LDAP." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:187 +msgid "Default: posixAccount" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:193 +msgid "ldap_user_name (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:196 +msgid "The LDAP attribute that corresponds to the user's login name." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:200 +msgid "Default: uid" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:206 +msgid "ldap_user_uid_number (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:209 +msgid "The LDAP attribute that corresponds to the user's id." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:213 +msgid "Default: uidNumber" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:219 +msgid "ldap_user_gid_number (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:222 +msgid "The LDAP attribute that corresponds to the user's primary group id." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:226 sssd-ldap.5.xml:622 +msgid "Default: gidNumber" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:232 +msgid "ldap_user_gecos (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:235 +msgid "The LDAP attribute that corresponds to the user's gecos field." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:239 +msgid "Default: gecos" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:245 +msgid "ldap_user_home_directory (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:248 +msgid "" +"The LDAP attribute that contains the name of the user's home directory." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:252 +msgid "Default: homeDirectory" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:258 +msgid "ldap_user_shell (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:261 +msgid "The LDAP attribute that contains the path to the user's default shell." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:265 +msgid "Default: loginShell" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:271 +msgid "ldap_user_uuid (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:274 +msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:278 sssd-ldap.5.xml:648 sssd-ldap.5.xml:741 +msgid "Default: nsUniqueId" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:284 +msgid "ldap_user_modify_timestamp (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:287 sssd-ldap.5.xml:657 sssd-ldap.5.xml:750 +msgid "" +"The LDAP attribute that contains timestamp of the last modification of the " +"parent object." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:291 sssd-ldap.5.xml:661 sssd-ldap.5.xml:754 +msgid "Default: modifyTimestamp" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:297 +msgid "ldap_user_shadow_last_change (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:300 +msgid "" +"When using ldap_pwd_policy=shadow, this parameter contains the name of an " +"LDAP attribute corresponding to its <citerefentry> " +"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> counterpart (date of the last password change)." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:310 +msgid "Default: shadowLastChange" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:316 +msgid "ldap_user_shadow_min (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:319 +msgid "" +"When using ldap_pwd_policy=shadow, this parameter contains the name of an " +"LDAP attribute corresponding to its <citerefentry> " +"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> counterpart (minimum password age)." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:328 +msgid "Default: shadowMin" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:334 +msgid "ldap_user_shadow_max (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:337 +msgid "" +"When using ldap_pwd_policy=shadow, this parameter contains the name of an " +"LDAP attribute corresponding to its <citerefentry> " +"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> counterpart (maximum password age)." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:346 +msgid "Default: shadowMax" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:352 +msgid "ldap_user_shadow_warning (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:355 +msgid "" +"When using ldap_pwd_policy=shadow, this parameter contains the name of an " +"LDAP attribute corresponding to its <citerefentry> " +"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> counterpart (password warning period)." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:365 +msgid "Default: shadowWarning" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:371 +msgid "ldap_user_shadow_inactive (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:374 +msgid "" +"When using ldap_pwd_policy=shadow, this parameter contains the name of an " +"LDAP attribute corresponding to its <citerefentry> " +"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> counterpart (password inactivity period)." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:384 +msgid "Default: shadowInactive" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:390 +msgid "ldap_user_shadow_expire (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:393 +msgid "" +"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this" +" parameter contains the name of an LDAP attribute corresponding to its " +"<citerefentry> <refentrytitle>shadow</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> counterpart (account expiration " +"date)." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:403 +msgid "Default: shadowExpire" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:409 +msgid "ldap_user_krb_last_pwd_change (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:412 +msgid "" +"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of" +" an LDAP attribute storing the date and time of last password change in " +"kerberos." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:418 +msgid "Default: krbLastPwdChange" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:424 +msgid "ldap_user_krb_password_expiration (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:427 +msgid "" +"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of" +" an LDAP attribute storing the date and time when current password expires." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:433 +msgid "Default: krbPasswordExpiration" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:439 +msgid "ldap_user_ad_account_expires (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:442 +msgid "" +"When using ldap_account_expire_policy=ad, this parameter contains the name " +"of an LDAP attribute storing the expiration time of the account." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:447 +msgid "Default: accountExpires" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:453 +msgid "ldap_user_ad_user_account_control (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:456 +msgid "" +"When using ldap_account_expire_policy=ad, this parameter contains the name " +"of an LDAP attribute storing the user account control bit field." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:461 +msgid "Default: userAccountControl" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:467 +msgid "ldap_ns_account_lock (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:470 +msgid "" +"When using ldap_account_expire_policy=rhds or equivalent, this parameter " +"determines if access is allowed or not." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:475 +msgid "Default: nsAccountLock" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:481 +msgid "ldap_user_principal (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:484 +msgid "" +"The LDAP attribute that contains the user's Kerberos User Principal Name " +"(UPN)." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:488 +msgid "Default: krbPrincipalName" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:494 +msgid "ldap_force_upper_case_realm (boolean)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:497 +msgid "" +"Some directory servers, for example Active Directory, might deliver the " +"realm part of the UPN in lower case, which might cause the authentication to" +" fail. Set this option to a non-zero value if you want to use an upper-case " +"realm." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:504 sssd-ldap.5.xml:961 sssd-ipa.5.xml:115 sssd.8.xml:64 +#: sssd-krb5.5.xml:235 sssd-krb5.5.xml:266 +msgid "Default: false" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:510 +msgid "ldap_enumeration_refresh_timeout (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:513 +msgid "" +"The LDAP attribute that contains how many seconds SSSD has to wait before " +"refreshing its cache of enumerated records." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:518 +msgid "Default: 300" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:524 +msgid "ldap_purge_cache_timeout" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:527 +msgid "" +"Determine how often to check the cache for inactive entries (such as groups " +"with no members and users who have never logged in) and remove them to save " +"space." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:533 +msgid "Setting this option to zero will disable the cache cleanup operation." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:537 +msgid "Default: 10800 (12 hours)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:543 +msgid "ldap_user_fullname (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:546 +msgid "The LDAP attribute that corresponds to the user's full name." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:550 sssd-ldap.5.xml:609 sssd-ldap.5.xml:702 +msgid "Default: cn" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:556 +msgid "ldap_user_member_of (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:559 +msgid "The LDAP attribute that lists the user's group memberships." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:563 +msgid "Default: memberOf" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:569 +msgid "ldap_user_authorized_service (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:572 +msgid "" +"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " +"use the presence of the authorizedService attribute in the user's LDAP entry" +" to determine access privilege." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:579 +msgid "" +"An explicit deny (!svc) is resolved first. Second, SSSD searches for " +"explicit allow (svc) and finally for allow_all (*)." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:584 +msgid "Default: authorizedService" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:590 +msgid "ldap_group_object_class (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:593 +msgid "The object class of a group entry in LDAP." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:596 +msgid "Default: posixGroup" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:602 +msgid "ldap_group_name (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:605 +msgid "The LDAP attribute that corresponds to the group name." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:615 +msgid "ldap_group_gid_number (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:618 +msgid "The LDAP attribute that corresponds to the group's id." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:628 +msgid "ldap_group_member (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:631 +msgid "The LDAP attribute that contains the names of the group's members." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:635 +msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:641 +msgid "ldap_group_uuid (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:644 +msgid "" +"The LDAP attribute that contains the UUID/GUID of an LDAP group object." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:654 +msgid "ldap_group_modify_timestamp (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:667 +msgid "ldap_group_nesting_level (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:670 +msgid "" +"If ldap_schema is set to a schema format that supports nested groups (e.g. " +"RFC2307bis), then this option controls how many levels of nesting SSSD will " +"follow. This option has no effect on the RFC2307 schema." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:677 +msgid "Default: 2" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:683 +msgid "ldap_netgroup_object_class (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:686 +msgid "The object class of a netgroup entry in LDAP." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:689 +msgid "Default: nisNetgroup" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:695 +msgid "ldap_netgroup_name (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:698 +msgid "The LDAP attribute that corresponds to the netgroup name." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:708 +msgid "ldap_netgroup_member (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:711 +msgid "The LDAP attribute that contains the names of the netgroup's members." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:715 +msgid "Default: memberNisNetgroup" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:721 +msgid "ldap_netgroup_triple (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:724 +msgid "" +"The LDAP attribute that contains the (host, user, domain) netgroup triples." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:728 +msgid "Default: nisNetgroupTriple" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:734 +msgid "ldap_netgroup_uuid (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:737 +msgid "" +"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:747 +msgid "ldap_netgroup_modify_timestamp (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:760 +msgid "ldap_search_timeout (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:763 +msgid "" +"Specifies the timeout (in seconds) that ldap searches are allowed to run " +"before they are cancelled and cached results are returned (and offline mode " +"is entered)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:769 +msgid "" +"Note: this option is subject to change in future versions of the SSSD. It " +"will likely be replaced at some point by a series of timeouts for specific " +"lookup types." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:775 sssd-ldap.5.xml:817 sssd-ldap.5.xml:832 +msgid "Default: 6" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:781 +msgid "ldap_enumeration_search_timeout (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:784 +msgid "" +"Specifies the timeout (in seconds) that ldap searches for user and group " +"enumerations are allowed to run before they are cancelled and cached results" +" are returned (and offline mode is entered)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:791 +msgid "Default: 60" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:797 +msgid "ldap_network_timeout (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:800 +msgid "" +"Specifies the timeout (in seconds) after which the <citerefentry> " +"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> " +"</citerefentry>/<citerefentry> <refentrytitle>select</refentrytitle> " +"<manvolnum>2</manvolnum> </citerefentry> following a <citerefentry> " +"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> " +"</citerefentry> returns in case of no activity." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:823 +msgid "ldap_opt_timeout (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:826 +msgid "" +"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " +"will abort if no response is received. Also controls the timeout when " +"communicating with the KDC in case of SASL bind." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:838 +msgid "ldap_tls_reqcert (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:841 +msgid "" +"Specifies what checks to perform on server certificates in a TLS session, if" +" any. It can be specified as one of the following values:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:847 +msgid "" +"<emphasis>never</emphasis> = The client will not request or check any server" +" certificate." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:851 +msgid "" +"<emphasis>allow</emphasis> = The server certificate is requested. If no " +"certificate is provided, the session proceeds normally. If a bad certificate" +" is provided, it will be ignored and the session proceeds normally." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:858 +msgid "" +"<emphasis>try</emphasis> = The server certificate is requested. If no " +"certificate is provided, the session proceeds normally. If a bad certificate" +" is provided, the session is immediately terminated." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:864 +msgid "" +"<emphasis>demand</emphasis> = The server certificate is requested. If no " +"certificate is provided, or a bad certificate is provided, the session is " +"immediately terminated." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:870 +msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:874 +msgid "Default: hard" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:880 +msgid "ldap_tls_cacert (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:883 +msgid "" +"Specifies the file that contains certificates for all of the Certificate " +"Authorities that <command>sssd</command> will recognize." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:906 sssd-ldap.5.xml:947 +msgid "" +"Default: use OpenLDAP defaults, typically in " +"<filename>/etc/openldap/ldap.conf</filename>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:895 +msgid "ldap_tls_cacertdir (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:898 +msgid "" +"Specifies the path of a directory that contains Certificate Authority " +"certificates in separate individual files. Typically the file names need to " +"be the hash of the certificate followed by '.0'. If available, " +"<command>cacertdir_rehash</command> can be used to create the correct names." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:913 +msgid "ldap_tls_cert (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:916 +msgid "Specifies the file that contains the certificate for the client's key." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:920 sssd-ldap.5.xml:932 sssd-krb5.5.xml:356 +msgid "Default: not set" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:926 +msgid "ldap_tls_key (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:929 +msgid "Specifies the file that contains the client's key." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:938 +msgid "ldap_tls_cipher_suite (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:941 +msgid "" +"Specifies acceptable cipher suites. Typically this is a colon sperated " +"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " +"<manvolnum>5</manvolnum></citerefentry> for format." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:954 +msgid "ldap_id_use_start_tls (boolean)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:957 +msgid "" +"Specifies that the id_provider connection must also use <systemitem " +"class=\"protocol\">tls</systemitem> to protect the channel." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:967 +msgid "ldap_sasl_mech (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:970 +msgid "" +"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " +"supported." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:974 sssd-ldap.5.xml:1102 +msgid "Default: none" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:980 +msgid "ldap_sasl_authid (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:983 +msgid "" +"Specify the SASL authorization id to use. When GSSAPI is used, this " +"represents the Kerberos principal used for authentication to the directory." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:988 +msgid "Default: host/machine.fqdn@REALM" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:994 +msgid "ldap_krb5_keytab (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:997 +msgid "Specify the keytab to use when using SASL/GSSAPI." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1000 +msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1006 +msgid "ldap_krb5_init_creds (boolean)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1009 +msgid "" +"Specifies that the id_provider should init Kerberos credentials (TGT). This" +" action is performed only if SASL is used and the mechanism selected is " +"GSSAPI." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1021 +msgid "ldap_krb5_ticket_lifetime (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1024 +msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1028 +msgid "Default: 86400 (24 hours)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1034 sssd-krb5.5.xml:74 +msgid "krb5_server (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1037 sssd-krb5.5.xml:77 +msgid "" +"Specifies the list of IP addresses or hostnames of the Kerberos servers to " +"which SSSD should connect in the order of preference. For more information " +"on failover and server redundancy, see the <quote>FAILOVER</quote> section. " +"An optional port number (preceded by a colon) may be appended to the " +"addresses or hostnames. If empty, service discovery is enabled - for more " +"information, refer to the <quote>SERVICE DISCOVERY</quote> section." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1049 sssd-krb5.5.xml:89 +msgid "" +"When using service discovery for KDC or kpasswd servers, SSSD first searches" +" for DNS entries that specify _udp as the protocol and falls back to _tcp if" +" none are found." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1054 sssd-krb5.5.xml:94 +msgid "" +"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD." +" While the legacy name is recognized for the time being, users are advised " +"to migrate their config files to use <quote>krb5_server</quote> instead." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1063 sssd-krb5.5.xml:103 +msgid "krb5_realm (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1066 +msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1069 +msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1075 +msgid "ldap_pwd_policy (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1078 +msgid "" +"Select the policy to evaluate the password expiration on the client side. " +"The following values are allowed:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1083 +msgid "" +"<emphasis>none</emphasis> - No evaluation on the client side. This option " +"cannot disable server-side password policies." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1088 +msgid "" +"<emphasis>shadow</emphasis> - Use " +"<citerefentry><refentrytitle>shadow</refentrytitle> " +"<manvolnum>5</manvolnum></citerefentry> style attributes to evaluate if the " +"password has expired. Note that the current version of sssd cannot update " +"this attribute during a password change." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1096 +msgid "" +"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " +"to determine if the password has expired. Use chpass_provider=krb5 to update" +" these attributes when the password is changed." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1108 +msgid "ldap_referrals (boolean)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1111 +msgid "Specifies whether automatic referral chasing should be enabled." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1115 +msgid "" +"Please note that sssd only supports referral chasing when it is compiled " +"with OpenLDAP version 2.4.13 or higher." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1126 +msgid "ldap_dns_service_name (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1129 +msgid "Specifies the service name to use when service discovery is enabled." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1133 +msgid "Default: ldap" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1139 +msgid "ldap_chpass_dns_service_name (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1142 +msgid "" +"Specifies the service name to use to find an LDAP server which allows " +"password changes when service discovery is enabled." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1147 +msgid "Default: not set, i.e. service discovery is disabled" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1153 +msgid "ldap_access_filter (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1156 +msgid "" +"If using access_provider = ldap, this option is mandatory. It specifies an " +"LDAP search filter criteria that must be met for the user to be granted " +"access on this host. If access_provider = ldap and this option is not set, " +"it will result in all users being denied access. Use access_provider = allow" +" to change this default behavior." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1166 +msgid "Example:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> +#: sssd-ldap.5.xml:1169 +#, no-wrap +msgid "" +"access_provider = ldap\n" +"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" +" " +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1173 +msgid "" +"This example means that access to this host is restricted to members of the " +"\"allowedusers\" group in ldap." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1178 +msgid "" +"Offline caching for this feature is limited to determining whether the " +"user's last online login was granted access permission. If they were granted" +" access during their last login, they will continue to be granted access " +"while offline and vice-versa." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1186 sssd-ldap.5.xml:1227 +msgid "Default: Empty" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1192 +msgid "ldap_account_expire_policy (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1195 +msgid "" +"With this option a client side evaluation of access control attributes can " +"be enabled." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1199 +msgid "" +"Please note that it is always recommended to use server side access control," +" i.e. the LDAP server should deny the bind request with a suitable error " +"code even if the password is correct." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1206 +msgid "The following values are allowed:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1209 +msgid "" +"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " +"determine if the account is expired." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1214 +msgid "" +"<emphasis>ad</emphasis>: use the value of the 32bit field " +"ldap_user_ad_user_account_control and allow access if the second bit is not " +"set. If the attribute is missing access is granted. Also the expiration time" +" of the account is checked." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1221 +msgid "" +"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, " +"<emphasis>389ds</emphasis>: use the value of ldap_ns_account_lock to check " +"if access is allowed or not." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1233 +msgid "ldap_access_order (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1236 +msgid "Comma separated list of access control options. Allowed values are:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1240 +msgid "<emphasis>filter</emphasis>: use ldap_access_filter" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1243 +msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1247 +msgid "" +"<emphasis>authorized_service</emphasis>: use the authorizedService attribute" +" to determine access" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1252 +msgid "Default: filter" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1255 +msgid "" +"Please note that it is a configuration error if a value is used more than " +"once." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1262 +msgid "ldap_deref (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1265 +msgid "" +"Specifies how alias dereferencing is done when performing a search. The " +"following options are allowed:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1270 +msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1274 +msgid "" +"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " +"the base object, but not in locating the base object of the search." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1279 +msgid "" +"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " +"the base object of the search." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1284 +msgid "" +"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " +"in locating the base object of the search." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1289 +msgid "" +"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " +"client libraries)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:51 +msgid "" +"All of the common configuration options that apply to SSSD domains also " +"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " +"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> manual page for full details. " +"<placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap.5.xml:1301 +msgid "ADVANCED OPTIONS" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1308 +msgid "ldap_netgroup_search_base (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1311 +msgid "" +"An optional base DN to restrict netgroup searches to a specific subtree." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1315 sssd-ldap.5.xml:1329 sssd-ldap.5.xml:1343 +msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1322 +msgid "ldap_user_search_base (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1325 +msgid "An optional base DN to restrict user searches to a specific subtree." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1336 +msgid "ldap_group_search_base (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1339 +msgid "An optional base DN to restrict group searches to a specific subtree." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:1303 +msgid "" +"These options are supported by LDAP domains, but they should be used with " +"caution. Please include them in your configuration only if you know what you" +" are doing. <placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:1359 +msgid "" +"The following example assumes that SSSD is correctly configured and LDAP is " +"set to one of the domains in the <replaceable>[domains]</replaceable> " +"section." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd-ldap.5.xml:1365 +#, no-wrap +msgid "" +" [domain/LDAP]\n" +" id_provider = ldap\n" +" auth_provider = ldap\n" +" ldap_uri = ldap://ldap.mydomain.org\n" +" ldap_search_base = dc=mydomain,dc=org\n" +" ldap_tls_reqcert = demand\n" +" cache_credentials = true\n" +" enumerate = true\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:1364 sssd-simple.5.xml:134 sssd-ipa.5.xml:181 +#: sssd-krb5.5.xml:414 +msgid "<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap.5.xml:1378 sssd_krb5_locator_plugin.8.xml:61 +msgid "NOTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:1380 +msgid "" +"The descriptions of some of the configuration options in this manual page " +"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " +"distribution." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:1391 +msgid "" +"<citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> " +"</citerefentry>, <citerefentry> <refentrytitle>sssd-" +"krb5</refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry>" +" <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" +msgstr "" + +#. type: Content of: <refentryinfo> +#: pam_sss.8.xml:8 include/upstream.xml:2 +msgid "" +"<productname>SSSD</productname> <orgname>The SSSD upstream - " +"http://fedorahosted.org/sssd</orgname>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: pam_sss.8.xml:13 pam_sss.8.xml:18 +msgid "pam_sss" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: pam_sss.8.xml:19 +msgid "PAM module for SSSD" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: pam_sss.8.xml:24 +msgid "" +"<command>pam_sss.so</command> <arg choice='opt'> " +"<replaceable>forward_pass</replaceable> </arg> <arg choice='opt'> " +"<replaceable>use_first_pass</replaceable> </arg> <arg choice='opt'> " +"<replaceable>use_authtok</replaceable> </arg> <arg choice='opt'> " +"<replaceable>retry=N</replaceable> </arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:42 +msgid "" +"<command>pam_sss.so</command> is the PAM interface to the System Security " +"Services daemon (SSSD). Errors and results are logged through " +"<command>syslog(3)</command> with the LOG_AUTHPRIV facility." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:52 +msgid "<option>forward_pass</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:55 +msgid "" +"If <option>forward_pass</option> is set the entered password is put on the " +"stack for other PAM modules to use." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:62 +msgid "<option>use_first_pass</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:65 +msgid "" +"The argument use_first_pass forces the module to use a previous stacked " +"modules password and will never prompt the user - if no password is " +"available or the password is not appropriate, the user will be denied " +"access." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:73 +msgid "<option>use_authtok</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:76 +msgid "" +"When password changing enforce the module to set the new password to the one" +" provided by a previously stacked password module." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:83 +msgid "<option>retry=N</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:86 +msgid "" +"If specified the user is asked another N times for a password if " +"authentication fails. Default is 0." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:88 +msgid "" +"Please note that this option might not work as expected if the application " +"calling PAM handles the user dialog on its own. A typical example is " +"<command>sshd</command> with <option>PasswordAuthentication</option>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:99 +msgid "MODULE TYPES PROVIDED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:100 +msgid "" +"All module types (<option>account</option>, <option>auth</option>, " +"<option>password</option> and <option>session</option>) are provided." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:106 +msgid "FILES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:107 +msgid "" +"If a password reset by root fails, because the corresponding SSSD provider " +"does not support password resets, an individual message can be displayed. " +"This message can e.g. contain instructions about how to reset a password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:112 +msgid "" +"The message is read from the file " +"<filename>pam_sss_pw_reset_message.LOC</filename> where LOC stands for a " +"locale string returned by <citerefentry> " +"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> " +"</citerefentry>. If there is no matching file the content of " +"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be" +" the owner of the files and only root may have read and write permissions " +"while all other users must have only read permisssions." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:122 +msgid "" +"These files are searched in the directory " +"<filename>/etc/sssd/customize/DOMAIN_NAME/</filename>. If no matching file " +"is present a generic message is displayed." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:130 +msgid "" +"<citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 +msgid "sssd_krb5_locator_plugin" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:22 +msgid "" +"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " +"used by the Kerberos provider of <citerefentry> " +"<refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> </citerefentry>" +" to tell the Kerberos libraries what Realm and which KDC to use. Typically " +"this is done in <citerefentry> <refentrytitle>krb5.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> which is always read by the " +"Kerberos libraries. To simplyfy the configuration the Realm and the KDC can " +"be defined in <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> as described in <citerefentry> " +"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:48 +msgid "" +"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " +"</citerefentry> puts the Realm and the name or IP address of the KDC into " +"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " +"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " +"libraries it reads and evaluates these variable and returns them to the " +"libraries." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:63 +msgid "" +"Not all Kerberos implementations support the use of plugins. If " +"<command>sssd_krb5_locator_plugin</command> is not available on your system " +"you have to edit /etc/krb5.conf to reflect your Kerberos setup." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:69 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " +"debug messages will be sent to stderr." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:77 +msgid "" +"<citerefentry> <refentrytitle>sssd-" +"krb5</refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry>" +" <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd-simple.5.xml:10 sssd-simple.5.xml:16 +msgid "sssd-simple" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sssd-simple.5.xml:17 +msgid "the configuration file for SSSD's 'simple' access-control provider" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:24 +msgid "" +"This manual page describes the configuration of the simple access-control " +"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " +"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> manual page." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:38 +msgid "" +"The simple access provider grants or denies access based on an access or " +"deny list of user or group names. The following rules apply:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd-simple.5.xml:43 +msgid "If all lists are empty, access is granted" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd-simple.5.xml:47 +msgid "" +"If any list is provided, the order of evaluation is allow,deny. This means " +"that any matching deny rule will supersede any matched allow rule." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd-simple.5.xml:54 +msgid "" +"If either or both \"allow\" lists are provided, all users are denied unless " +"they appear in the list." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd-simple.5.xml:60 +msgid "" +"If only \"deny\" lists are provided, all users are granted access unless " +"they appear in the list." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-simple.5.xml:78 +msgid "simple_allow_users (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-simple.5.xml:81 +msgid "Comma separated list of users who are allowed to log in." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-simple.5.xml:88 +msgid "simple_deny_users (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-simple.5.xml:91 +msgid "Comma separated list of users who are explicitly denied access." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-simple.5.xml:97 +msgid "simple_allow_groups (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-simple.5.xml:100 +msgid "" +"Comma separated list of groups that are allowed to log in. This applies only" +" to groups within this SSSD domain. Local groups are not evaluated." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-simple.5.xml:108 +msgid "simple_deny_groups (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-simple.5.xml:111 +msgid "" +"Comma separated list of groups that are explicitly denied access. This " +"applies only to groups within this SSSD domain. Local groups are not " +"evaluated." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:62 +msgid "" +"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> manual page for details on the configuration of an SSSD " +"domain. <placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:120 +msgid "" +"Please note that it is an configuration error if both, simple_allow_users " +"and simple_deny_users, are defined." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:128 +msgid "" +"The following example assumes that SSSD is correctly configured and " +"example.com is one of the domains in the <replaceable>[sssd]</replaceable> " +"section. This examples shows only the simple access provider-specific " +"options." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd-simple.5.xml:135 +#, no-wrap +msgid "" +" [domain/example.com]\n" +" access_provider = simple\n" +" simple_allow_users = user1, user2\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:145 +msgid "" +"<citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 +msgid "sssd-ipa" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:23 +msgid "" +"This manual page describes the configuration of the IPA provider for " +"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " +"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " +"FORMAT</quote> section of the <citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> manual page." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:36 +msgid "" +"The IPA provider is a back end used to connect to an IPA server. (Refer to " +"the freeipa.org web site for information about IPA servers.) This provider " +"requires that the machine be joined to the IPA domain; configuration is " +"almost entirely self-discovered and obtained directly from the server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:43 +msgid "" +"The IPA provider accepts the same options used by the <citerefentry> " +"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> identity provider and the <citerefentry> <refentrytitle" +">sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> " +"authentication provider. However, it is neither necessary nor recommended " +"to set these options. IPA provider can also be used as an access and chpass" +" provider. As an access provider it uses HBAC (host-based access control) " +"rules. Please refer to freeipa.org for more information about HBAC. No " +"configuration of access provider is required on the client side." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:69 +msgid "ipa_domain (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:72 +msgid "" +"Specifies the name of the IPA domain. This is optional. If not provided, " +"the configuration domain name is used." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:80 +msgid "ipa_server (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:83 +msgid "" +"The list of IP addresses or hostnames of the IPA servers to which SSSD " +"should connect in the order of preference. For more information on failover " +"and server redundancy, see the <quote>FAILOVER</quote> section. This is " +"optional if autodiscovery is enabled. For more information on service " +"discovery, refer to the the <quote>SERVICE DISCOVERY</quote> section." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:96 +msgid "ipa_hostname (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:99 +msgid "" +"Optional. May be set on machines where the hostname(5) does not reflect the " +"fully qualified name used in the IPA domain to identify this host." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:107 +msgid "ipa_dyndns_update (boolean)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:110 +msgid "" +"Optional. This option tells SSSD to automatically update the DNS server " +"built into FreeIPA v2 with the IP address of this client." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:121 +msgid "ipa_dyndns_iface (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:124 +msgid "" +"Optional. Applicable only when ipa_dyndns_update is true. Choose the " +"interface whose IP address should be used for dynamic DNS updates." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:129 +msgid "Default: Use the IP address of the IPA LDAP connection" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:135 +msgid "ipa_hbac_search_base (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:138 +msgid "" +"Optional. Use the given string as search base for HBAC related objects." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:142 +msgid "Default: Use base DN" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:148 sssd-krb5.5.xml:229 +msgid "krb5_validate (boolean)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:151 sssd-krb5.5.xml:232 +msgid "" +"Verify with the help of krb5_keytab that the TGT obtained has not been " +"spoofed." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:158 +msgid "" +"Note that this default differs from the traditional Kerberos provider back " +"end." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:175 +msgid "" +"The following example assumes that SSSD is correctly configured and " +"example.com is one of the domains in the <replaceable>[sssd]</replaceable> " +"section. This examples shows only the ipa provider-specific options." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd-ipa.5.xml:182 +#, no-wrap +msgid "" +" [domain/example.com]\n" +" id_provider = ipa\n" +" ipa_server = ipaserver.example.com\n" +" ipa_hostname = myhost.example.com\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:193 +msgid "" +"<citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> " +"</citerefentry>, <citerefentry> <refentrytitle>sssd-" +"ldap</refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry>" +" <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd.8.xml:10 sssd.8.xml:15 +msgid "sssd" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sssd.8.xml:16 +msgid "System Security Services Daemon" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sssd.8.xml:21 +msgid "" +"<command>sssd</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.8.xml:31 +msgid "" +"<command>SSSD</command> provides a set of daemons to manage access to remote" +" directories and authentication mechanisms. It provides an NSS and PAM " +"interface toward the system and a pluggable backend system to connect to " +"multiple different account sources as well as D-Bus interface. It is also " +"the basis to provide client auditing and policy services for projects like " +"FreeIPA. It provides a more robust database to store local users as well as " +"extended user data." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:46 +msgid "" +"<option>-d</option>,<option>--debug-level</option> " +"<replaceable>LEVEL</replaceable>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:51 +msgid "" +"Debug level to run the daemon with. 0 is the default as well as the lowest " +"allowed value, 10 is the most verbose mode. This setting overrides the " +"settings from config file. This parameter implies <option>-i</option>." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:70 +msgid "<option>-f</option>,<option>--debug-to-files</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:74 +msgid "" +"Send the debug output to files instead of stderr. By default, the log files " +"are stored in <filename>/var/log/sssd</filename> and there are separate log " +"files for every SSSD service and domain." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:82 +msgid "<option>-D</option>,<option>--daemon</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:86 +msgid "Become a daemon after starting up." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:92 +msgid "<option>-i</option>,<option>--interactive</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:96 +msgid "Run in the foreground, don't become a daemon." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:102 +msgid "<option>-c</option>,<option>--config</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:106 +msgid "" +"Specify a non-default config file. The default is " +"<filename>/etc/sssd/sssd.conf</filename>. For reference on the config file " +"syntax and options, consult the <citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> manual page." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.8.xml:122 +msgid "Signals" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:125 +msgid "SIGTERM/SIGINT" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:128 +msgid "" +"Informs the SSSD to gracefully terminate all of its child processes and then" +" shut down the monitor." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:134 +msgid "SIGHUP" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:137 +msgid "" +"Tells the SSSD to stop writing to its current debug file descriptors and to " +"close and reopen them. This is meant to facilitate log rolling with programs" +" like logrotate." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:145 +msgid "SIGUSR1" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:148 +msgid "" +"Tells the SSSD to simulate offline operation for one minute. This is mostly " +"useful for testing purposes." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:154 +msgid "SIGUSR2" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:157 +msgid "" +"Tells the SSSD to go online immediately. This is mostly useful for testing " +"purposes." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.8.xml:168 +msgid "" +"<citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 +msgid "sss_obfuscate" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_obfuscate.8.xml:16 +msgid "obfuscate a clear text password" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_obfuscate.8.xml:21 +msgid "" +"<command>sss_obfuscate</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>[PASSWORD]</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_obfuscate.8.xml:32 +msgid "" +"<command>sss_obfuscate</command> converts a given password into human-" +"unreadable format and places it into appropriate domain section of the SSSD " +"config file." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_obfuscate.8.xml:37 +msgid "" +"The cleartext password can be specified as an argument to the program, read " +"from standard input or entered interactively. The obfuscated password is " +"put into <quote>ldap_default_authtok</quote> parameter of a given SSSD " +"domain and the <quote>ldap_default_authtok_type</quote> parameter is set to " +"<quote>obfuscated_password</quote>. Refer to <citerefentry> <refentrytitle" +">sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more" +" details on these parameters." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_obfuscate.8.xml:50 +msgid "" +"Please note that obfuscating the password provides <emphasis>no real " +"security benefit</emphasis> as it is still possible for an attacker to " +"reverse-engineer the password back. Using better authentication mechanisms " +"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " +"advised." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_obfuscate.8.xml:64 +msgid "<option>-s</option>,<option>--stdin</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_obfuscate.8.xml:68 +msgid "The password to obfuscate will be read from standard input." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_obfuscate.8.xml:75 +msgid "" +"<option>-d</option>,<option>--domain</option> " +"<replaceable>DOMAIN</replaceable>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_obfuscate.8.xml:80 +msgid "" +"The SSSD domain to use the password in. The default name is " +"<quote>default</quote>." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_obfuscate.8.xml:87 +msgid "" +"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_obfuscate.8.xml:92 +msgid "Read the config file specified by the positional parameter." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_obfuscate.8.xml:96 +msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_obfuscate.8.xml:106 +msgid "" +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 +msgid "sss_useradd" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_useradd.8.xml:16 +msgid "create a new user" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_useradd.8.xml:21 +msgid "" +"<command>sss_useradd</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>LOGIN</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_useradd.8.xml:32 +msgid "" +"<command>sss_useradd</command> creates a new user account using the values " +"specified on the command line plus the default values from the system." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:43 +msgid "" +"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:48 +msgid "" +"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " +"not given, it is chosen automatically." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 +msgid "" +"<option>-c</option>,<option>--gecos</option> " +"<replaceable>COMMENT</replaceable>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 +msgid "" +"Any text string describing the user. Often used as the field for the user's " +"full name." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 +msgid "" +"<option>-h</option>,<option>--home</option> " +"<replaceable>HOME_DIR</replaceable>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:72 +msgid "" +"The home directory of the user account. The default is to append the " +"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " +"that as the home directory. The base that is prepended before " +"<replaceable>LOGIN</replaceable> is tunable with " +"<quote>user_defaults/baseDirectory</quote> setting in sssd.conf." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 +msgid "" +"<option>-s</option>,<option>--shell</option> " +"<replaceable>SHELL</replaceable>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:87 +msgid "" +"The user's login shell. The default is currently " +"<filename>/bin/bash</filename>. The default can be changed with " +"<quote>user_defaults/defaultShell</quote> setting in sssd.conf." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:96 +msgid "" +"<option>-G</option>,<option>--groups</option> " +"<replaceable>GROUPS</replaceable>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:101 +msgid "A list of existing groups this user is also a member of." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:107 +msgid "<option>-m</option>,<option>--create-home</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:111 +msgid "" +"Create the user's home directory if it does not exist. The files and " +"directories contained in the skeleton directory (which can be defined with " +"the -k option or in the config file) will be copied to the home directory." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:121 +msgid "<option>-M</option>,<option>--no-create-home</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:125 +msgid "" +"Do not create the user's home directory. Overrides configuration settings." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:132 +msgid "" +"<option>-k</option>,<option>--skel</option> " +"<replaceable>SKELDIR</replaceable>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:137 +msgid "" +"The skeleton directory, which contains files and directories to be copied in" +" the user's home directory, when the home directory is created by " +"<command>sss_useradd</command>." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:143 +msgid "" +"This option is only valid if the <option>-m</option> (or <option>--create-" +"home</option>) option is specified, or creation of home directories is set " +"to TRUE in the configuration." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 +msgid "" +"<option>-Z</option>,<option>--selinux-user</option> " +"<replaceable>SELINUX_USER</replaceable>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:157 +msgid "" +"The SELinux user for the user's login. If not specified, the system default " +"will be used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_useradd.8.xml:169 +msgid "" +"<citerefentry> " +"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 +msgid "sssd-krb5" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:23 +msgid "" +"This manual page describes the configuration of the Kerberos 5 " +"authentication backend for <citerefentry> " +"<refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " +"</citerefentry>. For a detailed syntax reference, please refer to the " +"<quote>FILE FORMAT</quote> section of the <citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> manual page" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:36 +msgid "" +"The Kerberos 5 authentication backend contains auth and chpass providers. It" +" must be paired with identity provider in order to function properly (for " +"example, id_provider = ldap). Some information required by the Kerberos 5 " +"authentication backend must be provided by the identity provider, such as " +"the user's Kerberos Principal Name (UPN). The configuration of the identity " +"provider should have an entry to specify the UPN. Please refer to the man " +"page for the applicable identity provider for details on how to configure " +"this." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:47 +msgid "" +"This backend also provides access control based on the .k5login file in the " +"home directory of the user. See <citerefentry> " +"<refentrytitle>.k5login</refentrytitle><manvolnum>5</manvolnum> " +"</citerefentry> for more details. Please note that an empty .k5login file " +"will deny all access to this user. To activate this feature use " +"'access_provider = krb5' in your sssd configuration." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:55 +msgid "" +"In the case where the UPN is not available in the identity backend " +"<command>sssd</command> will construct a UPN using the format " +"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:106 +msgid "" +"The name of the Kerberos realm. This option is required and must be " +"specified." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:113 +msgid "krb5_kpasswd (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:116 +msgid "" +"If the change password service is not running on the KDC alternative servers" +" can be defined here. An optional port number (preceded by a colon) may be " +"appended to the addresses or hostnames." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:122 +msgid "" +"For more information on failover and server redundancy, see the " +"<quote>FAILOVER</quote> section. Please note that even if there are no more" +" kpasswd servers to try the back end is not switch to offline if " +"authentication against the KDC is still possible." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:129 +msgid "Default: Use the KDC" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:135 +msgid "krb5_ccachedir (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:138 +msgid "" +"Directory to store credential caches. All the substitution sequences of " +"krb5_ccname_template can be used here, too, except %d and %P. If the " +"directory does not exist it will be created. If %u, %U, %p or %h are used a " +"private directory belonging to the user is created. Otherwise a public " +"directory with restricted deletion flag (aka sticky bit, see <citerefentry> " +"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> " +"</citerefentry> for details) is created." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:151 +msgid "Default: /tmp" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:157 +msgid "krb5_ccname_template (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:166 +msgid "%u" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:167 +msgid "login name" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:170 +msgid "%U" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:171 +msgid "login UID" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:174 +msgid "%p" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:175 +msgid "principal name" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:179 +msgid "%r" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:180 +msgid "realm name" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:183 +msgid "%h" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:184 +msgid "home directory" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:188 +msgid "%d" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:189 +msgid "value of krb5ccache_dir" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:194 +msgid "%P" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:195 +msgid "the process ID of the sssd client" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:200 +msgid "%%" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:201 +msgid "a literal '%'" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:160 +msgid "" +"Location of the user's credential cache. Currently only file based " +"credential caches are supported. In the template the following sequences are" +" substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template " +"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe " +"way." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:209 +msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:215 +msgid "krb5_auth_timeout (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:218 +msgid "" +"Timeout in seconds after an online authentication or change password request" +" is aborted. If possible the authentication request is continued offline." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:241 +msgid "krb5_keytab (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:244 +msgid "" +"The location of the keytab to use when validating credentials obtained from " +"KDCs." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:248 +msgid "Default: /etc/krb5.keytab" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:254 +msgid "krb5_store_password_if_offline (boolean)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:257 +msgid "" +"Store the password of the user if the provider is offline and use it to " +"request a TGT when the provider gets online again." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:262 +msgid "" +"Please note that this feature currently only available on a Linux platform." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:272 +msgid "krb5_renewable_lifetime (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:275 +msgid "" +"Request a renewable ticket with a total lifetime given by an integer " +"immediately followed by one of the following delimiters:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:280 sssd-krb5.5.xml:316 +msgid "<emphasis>s</emphasis> seconds" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 +msgid "<emphasis>m</emphasis> minutes" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 +msgid "<emphasis>h</emphasis> hours" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 +msgid "<emphasis>d</emphasis> days." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 +msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:296 +msgid "" +"Please note that it is not possible to mix units. If you want to set the " +"renewable lifetime to one and a half hours please use '90m' instead of " +"'1h30m'." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:302 +msgid "Default: not set, i.e. the TGT is not renewable" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:308 +msgid "krb5_lifetime (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:311 +msgid "" +"Request ticket with a with a lifetime given by an integer immediately " +"followed by one of the following delimiters:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:332 +msgid "" +"Please note that it is not possible to mix units. If you want to set the " +"lifetime to one and a half hours please use '90m' instead of '1h30m'." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:337 +msgid "" +"Default: not set, i.e. the default ticket lifetime configured on the KDC." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:344 +msgid "krb5_renew_interval (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:347 +msgid "" +"The time in seconds between two checks if the TGT should be renewed. TGTs " +"are renewed if about half of their lifetime is exceeded." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:352 +msgid "If this option is not set or 0 the automatic renewal is disabled." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:362 +msgid "krb5_use_fast (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:365 +msgid "" +"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" +"authentication. The following options are supported:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:370 +msgid "" +"<emphasis>never</emphasis> use FAST, this is equivalent to not set this " +"option at all." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:374 +msgid "" +"<emphasis>try</emphasis> to use FAST, if the server does not support fast " +"continue without." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:378 +msgid "" +"<emphasis>demand</emphasis> to use FAST, fail if the server does not require" +" fast." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:382 +msgid "Default: not set, i.e. FAST is not used." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:385 +msgid "Please note that a keytab is required to use fast." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:388 +msgid "" +"Please note also that sssd supports fast only with MIT Kerberos version 1.8 " +"and above. If sssd used used with an older version using this option is a " +"configuration error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:65 +msgid "" +"If the auth-module krb5 is used in a SSSD domain, the following options must" +" be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN " +"SECTIONS</quote> for details on the configuration of a SSSD domain. " +"<placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:407 +msgid "" +"The following example assumes that SSSD is correctly configured and FOO is " +"one of the domains in the <replaceable>[sssd]</replaceable> section. This " +"example shows only configuration of Kerberos authentication, it does not " +"include any identity provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd-krb5.5.xml:415 +#, no-wrap +msgid "" +" [domain/FOO]\n" +" auth_provider = krb5\n" +" krb5_server = 192.168.1.1\n" +" krb5_realm = EXAMPLE.COM\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:426 +msgid "" +"<citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> " +"</citerefentry>, <citerefentry> <refentrytitle>sssd-" +"ldap</refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry>" +" <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 +msgid "sss_groupadd" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_groupadd.8.xml:16 +msgid "create a new group" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_groupadd.8.xml:21 +msgid "" +"<command>sss_groupadd</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>GROUP</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupadd.8.xml:32 +msgid "" +"<command>sss_groupadd</command> creates a new group. These groups are " +"compatible with POSIX groups, with the additional feature that they can " +"contain other groups as members." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_groupadd.8.xml:43 +msgid "" +"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_groupadd.8.xml:48 +msgid "" +"Set the GID of the group to the value of <replaceable>GID</replaceable>. If" +" not given, it is chosen automatically." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupadd.8.xml:60 +msgid "" +"<citerefentry> " +"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_userdel.8.xml:10 sss_userdel.8.xml:15 +msgid "sss_userdel" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_userdel.8.xml:16 +msgid "delete a user account" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_userdel.8.xml:21 +msgid "" +"<command>sss_userdel</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>LOGIN</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_userdel.8.xml:32 +msgid "" +"<command>sss_userdel</command> deletes a user identified by login name " +"<replaceable>LOGIN</replaceable> from the system." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_userdel.8.xml:44 +msgid "<option>-r</option>,<option>--remove</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_userdel.8.xml:48 +msgid "" +"Files in the user's home directory will be removed along with the home " +"directory itself and the user's mail spool. Overrides the configuration." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_userdel.8.xml:56 +msgid "<option>-R</option>,<option>--no-remove</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_userdel.8.xml:60 +msgid "" +"Files in the user's home directory will NOT be removed along with the home " +"directory itself and the user's mail spool. Overrides the configuration." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_userdel.8.xml:68 +msgid "<option>-f</option>,<option>--force</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_userdel.8.xml:72 +msgid "" +"This option forces <command>sss_userdel</command> to remove the user's home " +"directory and mail spool, even if they are not owned by the specified user." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_userdel.8.xml:80 +msgid "<option>-k</option>,<option>--kick</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_userdel.8.xml:84 +msgid "Before actually deleting the user, terminate all his processes." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_userdel.8.xml:95 +msgid "" +"<citerefentry> " +"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 +msgid "sss_groupdel" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_groupdel.8.xml:16 +msgid "delete a group" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_groupdel.8.xml:21 +msgid "" +"<command>sss_groupdel</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>GROUP</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupdel.8.xml:32 +msgid "" +"<command>sss_groupdel</command> deletes a group identified by its name " +"<replaceable>GROUP</replaceable> from the system." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupdel.8.xml:48 +msgid "" +"<citerefentry> " +"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 +msgid "sss_groupshow" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_groupshow.8.xml:16 +msgid "print properties of a group" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_groupshow.8.xml:21 +msgid "" +"<command>sss_groupshow</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>GROUP</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupshow.8.xml:32 +msgid "" +"<command>sss_groupshow</command> displays information about a group " +"identified by its name <replaceable>GROUP</replaceable>. The information " +"includes the group ID number, members of the group and the parent group." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_groupshow.8.xml:43 +msgid "<option>-R</option>,<option>--recursive</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_groupshow.8.xml:47 +msgid "" +"Also print indirect group members in a tree-like hierarchy. Note that this " +"also affects printing parent groups - without <option>R</option>, only the " +"direct parent will be printed." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupshow.8.xml:60 +msgid "" +"<citerefentry> " +"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_usermod.8.xml:10 sss_usermod.8.xml:15 +msgid "sss_usermod" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_usermod.8.xml:16 +msgid "modify a user account" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_usermod.8.xml:21 +msgid "" +"<command>sss_usermod</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>LOGIN</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_usermod.8.xml:32 +msgid "" +"<command>sss_usermod</command> modifies the account specified by " +"<replaceable>LOGIN</replaceable> to reflect the changes that are specified " +"on the command line." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_usermod.8.xml:60 +msgid "The home directory of the user account." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_usermod.8.xml:71 +msgid "The user's login shell." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_usermod.8.xml:82 +msgid "" +"Append this user to groups specified by the " +"<replaceable>GROUPS</replaceable> parameter. The " +"<replaceable>GROUPS</replaceable> parameter is a comma separated list of " +"group names." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_usermod.8.xml:96 +msgid "" +"Remove this user from groups specified by the " +"<replaceable>GROUPS</replaceable> parameter." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_usermod.8.xml:103 +msgid "<option>-l</option>,<option>--lock</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_usermod.8.xml:107 +msgid "Lock the user account. The user won't be able to log in." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_usermod.8.xml:114 +msgid "<option>-u</option>,<option>--unlock</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_usermod.8.xml:118 +msgid "Unlock the user account." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_usermod.8.xml:129 +msgid "The SELinux user for the user's login." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_usermod.8.xml:140 +msgid "" +"<citerefentry> " +"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>." +msgstr "" + +#. type: Content of: <refsect1><title> +#: include/service_discovery.xml:2 +msgid "SERVICE DISCOVERY" +msgstr "" + +#. type: Content of: <refsect1><para> +#: include/service_discovery.xml:4 +msgid "" +"The service discovery feature allows back ends to automatically find the " +"appropriate servers to connect to using a special DNS query." +msgstr "" + +#. type: Content of: <refsect1><refsect2><title> +#: include/service_discovery.xml:9 +msgid "Configuration" +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/service_discovery.xml:11 +msgid "" +"If no servers are specified, the back end automatically uses service " +"discovery to try to find a server. Optionally, the user may choose to use " +"both fixed server addresses and service discovery by inserting a special " +"keyword, <quote>_srv_</quote>, in the list of servers. The order of " +"preference is maintained. This feature is useful if, for example, the user " +"prefers to use service discovery whenever possible, and fall back to a " +"specific server when no servers can be discovered using DNS." +msgstr "" + +#. type: Content of: <refsect1><refsect2><title> +#: include/service_discovery.xml:23 +msgid "The domain name" +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/service_discovery.xml:25 +msgid "" +"Please refer to the <quote>dns_discovery_domain</quote> parameter in the " +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> manual page for more details." +msgstr "" + +#. type: Content of: <refsect1><refsect2><title> +#: include/service_discovery.xml:35 +msgid "The protocol" +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/service_discovery.xml:37 +msgid "" +"The queries usually specify _tcp as the protocol. Exceptions are documented " +"in respective option description." +msgstr "" + +#. type: Content of: <refsect1><refsect2><title> +#: include/service_discovery.xml:42 +msgid "See Also" +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/service_discovery.xml:44 +msgid "" +"For more information on the service discovery mechanism, refer to RFC 2782." +msgstr "" + +#. type: Content of: outside any tag (error?) +#: include/upstream.xml:1 +msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <refsect1><title> +#: include/failover.xml:2 +msgid "FAILOVER" +msgstr "" + +#. type: Content of: <refsect1><para> +#: include/failover.xml:4 +msgid "" +"The failover feature allows back ends to automatically switch to a different" +" server if the primary server fails." +msgstr "" + +#. type: Content of: <refsect1><refsect2><title> +#: include/failover.xml:8 +msgid "Failover Syntax" +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/failover.xml:10 +msgid "" +"The list of servers is given as a comma-separated list; any number of spaces" +" is allowed around the comma. The servers are listed in order of preference." +" The list can contain any number of servers." +msgstr "" + +#. type: Content of: <refsect1><refsect2><title> +#: include/failover.xml:17 +msgid "The Failover Mechanism" +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/failover.xml:19 +msgid "" +"The failover mechanism distinguishes between a machine and a service. The " +"back end first tries to resolve the hostname of a given machine; if this " +"resolution attempt fails, the machine is considered offline. No further " +"attempts are made to connect to this machine for any other service. If the " +"resolution attempt succeeds, the back end tries to connect to a service on " +"this machine. If the service connection attempt fails, then only this " +"particular service is considered offline and the back end automatically " +"switches over to the next service. The machine is still considered online " +"and might still be tried for another service." +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/failover.xml:32 +msgid "" +"Further connection attempts are made to machines or services marked as " +"offline after a specified period of time; this is currently hard coded to 30" +" seconds." +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/failover.xml:37 +msgid "" +"If there are no more machines to try, the back end as a whole switches to " +"offline mode, and then attempts to reconnect every 30 seconds." +msgstr "" + +#. type: Content of: <varlistentry><term> +#: include/param_help.xml:3 +msgid "<option>-h</option>,<option>--help</option>" +msgstr "" + +#. type: Content of: <varlistentry><listitem><para> +#: include/param_help.xml:7 +msgid "Display help message and exit." +msgstr "" diff --git a/src/man/po/pl.po b/src/man/po/pl.po new file mode 100644 index 00000000..aa0adb8d --- /dev/null +++ b/src/man/po/pl.po @@ -0,0 +1,5328 @@ +# SOME DESCRIPTIVE TITLE +# Copyright (C) YEAR Red Hat +# This file is distributed under the same license as the sssd-docs package. +# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR. +# +msgid "" +msgstr "" +"Project-Id-Version: SSSD\n" +"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" +"POT-Creation-Date: 2011-01-24 13:36-0500\n" +"PO-Revision-Date: 2011-03-08 15:06+0000\n" +"Last-Translator: sgallagh <sgallagh@redhat.com>\n" +"Language-Team: Polish <None>\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Language: pl\n" +"Plural-Forms: nplurals=3; plural=(n==1 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2)\n" + +#. type: Content of: <reference><title> +#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 +#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 +#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 +#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 +#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 +msgid "SSSD Manual pages" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 +msgid "sss_groupmod" +msgstr "" + +#. type: Content of: <reference><refentry><refmeta><manvolnum> +#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 +#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 +#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 +#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 +msgid "8" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_groupmod.8.xml:16 +msgid "modify a group" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_groupmod.8.xml:21 +msgid "" +"<command>sss_groupmod</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>GROUP</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:41 +#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 +#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 +#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 +#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 +msgid "DESCRIPTION" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupmod.8.xml:32 +msgid "" +"<command>sss_groupmod</command> modifies the group to reflect the changes " +"that are specified on the command line." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_groupmod.8.xml:39 pam_sss.8.xml:48 sssd.8.xml:42 sss_obfuscate.8.xml:59 +#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 +#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 +msgid "OPTIONS" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 +msgid "" +"<option>-a</option>,<option>--append-group</option> " +"<replaceable>GROUPS</replaceable>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_groupmod.8.xml:48 +msgid "" +"Append this group to groups specified by the " +"<replaceable>GROUPS</replaceable> parameter. The " +"<replaceable>GROUPS</replaceable> parameter is a comma separated list of " +"group names." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 +msgid "" +"<option>-r</option>,<option>--remove-group</option> " +"<replaceable>GROUPS</replaceable>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_groupmod.8.xml:62 +msgid "" +"Remove this group from groups specified by the " +"<replaceable>GROUPS</replaceable> parameter." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1008 sssd-ldap.5.xml:1389 +#: pam_sss.8.xml:128 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 +#: sssd-ipa.5.xml:191 sssd.8.xml:166 sss_obfuscate.8.xml:104 +#: sss_useradd.8.xml:167 sssd-krb5.5.xml:424 sss_groupadd.8.xml:58 +#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 +#: sss_usermod.8.xml:138 +msgid "SEE ALSO" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupmod.8.xml:74 +msgid "" +"<citerefentry> " +"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd.conf.5.xml:10 sssd.conf.5.xml:16 +msgid "sssd.conf" +msgstr "" + +#. type: Content of: <reference><refentry><refmeta><manvolnum> +#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 +#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 +msgid "5" +msgstr "" + +#. type: Content of: <reference><refentry><refmeta><refmiscinfo> +#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 +#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12 +msgid "File Formats and Conventions" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 +#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 +msgid "the configuration file for SSSD" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:21 +msgid "FILE FORMAT" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd.conf.5.xml:29 +#, no-wrap +msgid "" +" <replaceable>[section]</replaceable>\n" +" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" +" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:24 +msgid "" +"The file has an ini-style syntax and consists of sections and parameters. A " +"section begins with the name of the section in square brackets and continues" +" until the next section begins. An example of section with single and multi-" +"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:36 +msgid "" +"The data types used are string (no quotes needed), integer and bool (with " +"values of <quote>TRUE/FALSE</quote>)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:41 +msgid "" +"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " +"(<quote>;</quote>)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:46 +msgid "" +"All sections can have an optional <replaceable>description</replaceable> " +"parameter. Its function is only as a label for the section." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:52 +msgid "" +"<filename>sssd.conf</filename> must be a regular file, owned by root and " +"only root may read from or write to the file." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:58 +msgid "SPECIAL SECTIONS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:61 +msgid "The [sssd] section" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><title> +#: sssd.conf.5.xml:70 sssd.conf.5.xml:854 +msgid "Section parameters" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:72 +msgid "config_file_version (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:75 +msgid "" +"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " +"version 2." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:81 +msgid "services" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:84 +msgid "" +"Comma separated list of services that are started when sssd itself starts." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:88 +msgid "Supported services: nss, pam" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:93 sssd.conf.5.xml:234 +msgid "reconnection_retries (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:96 sssd.conf.5.xml:237 +msgid "" +"Number of times services should attempt to reconnect in the event of a Data " +"Provider crash or restart before they give up" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:101 sssd.conf.5.xml:242 +msgid "Default: 3" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:106 +msgid "domains" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:109 +msgid "" +"A domain is a database containing user information. SSSD can use more " +"domains at the same time, but at least one must be configured or SSSD won't " +"start. This parameter described the list of domains in the order you want " +"them to be queried." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:119 +msgid "re_expression (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:122 +msgid "" +"Regular expression that describes how to parse the string containing user " +"name and domain into these components." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:126 +msgid "" +"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " +"which translates to \"the name is everything up to the <quote>@</quote> " +"sign, the domain everything after that\"" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:131 +msgid "" +"PLEASE NOTE: the support for non-unique named subpatterns is not available " +"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " +"version 7 or higher can support non-unique named subpatterns." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:138 +msgid "" +"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax " +"(?P<name>) to label subpatterns." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:145 +msgid "full_name_format (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:148 +msgid "" +"A <citerefentry> <refentrytitle>printf</refentrytitle> " +"<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes " +"how to translate a (name, domain) tuple into a fully qualified name." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:156 +msgid "Default: <quote>%1$s@%2$s</quote>." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:161 +msgid "try_inotify (boolean)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:164 +msgid "" +"SSSD monitors the state of resolv.conf to identify when it needs to update " +"its internal DNS resolver. By default, we will attempt to use inotify for " +"this, and will fall back to polling resolv.conf every five seconds if " +"inotify cannot be used." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:172 +msgid "" +"There are some limited situations where it is preferred that we should skip " +"even trying to use inotify. In these rare cases, this option should be set " +"to 'false'" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:178 +msgid "" +"Default: true on platforms where inotify is supported. False on other " +"platforms." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:182 +msgid "" +"Note: this option will have no effect on platforms where inotify is " +"unavailable. On these platforms, polling will always be used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sssd.conf.5.xml:63 +msgid "" +"Individual pieces of SSSD functionality are provided by special SSSD " +"services that are started and stopped together with SSSD. The services are " +"managed by a special service frequently called <quote>monitor</quote>. The " +"<quote>[sssd]</quote> section is used to configure the monitor as well as " +"some other important options like the identity domains. <placeholder " +"type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:195 +msgid "SERVICES SECTIONS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:197 +msgid "" +"Settings that can be used to configure different services are described in " +"this section. They should reside in the [<replaceable>$NAME</replaceable>] " +"section, for example, for NSS service, the section would be " +"<quote>[nss]</quote>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:204 +msgid "General service configuration options" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sssd.conf.5.xml:206 +msgid "These options can be used to configure any service." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:210 +msgid "debug_level (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:213 +msgid "" +"Sets the debug level for the service. The value can be in range from 0 (only" +" critical messages) to 10 (very verbose)." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:218 sssd.conf.5.xml:312 +msgid "Default: 0" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.conf.5.xml:223 sssd.8.xml:58 +msgid "debug_timestamps (bool)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:226 sssd.8.xml:61 +msgid "Add a timestamp to the debug messages" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:229 sssd.conf.5.xml:353 sssd-ldap.5.xml:1015 +#: sssd-ldap.5.xml:1120 sssd-ipa.5.xml:155 +msgid "Default: true" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:247 +msgid "command (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:250 +msgid "" +"By default, the executable representing this service is called " +"<command>sssd_${service_name}</command>. This directive allows to change " +"the executable name for the service. In the vast majority of configurations," +" the default values should suffice." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:258 +msgid "Default: <command>sssd_${service_name}</command>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:266 +msgid "NSS configuration options" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sssd.conf.5.xml:268 +msgid "" +"These options can be used to configure the Name Service Switch (NSS) " +"service." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:273 +msgid "enum_cache_timeout (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:276 +msgid "" +"How many seconds should nss_sss cache enumerations (requests for info about " +"all users)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:280 +msgid "Default: 120" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:285 +msgid "entry_cache_nowait_percentage (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:288 +msgid "" +"The entry cache can be set to automatically update entries in the background" +" if they are requested beyond a percentage of the entry_cache_timeout value " +"for the domain." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:294 +msgid "" +"For example, if the domain's entry_cache_timeout is set to 30s and " +"entry_cache_nowait_percentage is set to 50 (percent), entries that come in " +"after 15 seconds past the last cache update will be returned immediately, " +"but the SSSD will go and update the cache on its own, so that future " +"requests will not need to block waiting for a cache update." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:304 +msgid "" +"Valid values for this option are 0-99 and represent a percentage of the " +"entry_cache_timeout for each domain. For performance reasons, this " +"percentage will never reduce the nowait timeout to less than 10 seconds. (0" +" disables this feature)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:317 +msgid "entry_negative_timeout (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:320 +msgid "" +"Specifies for how many seconds nss_sss should cache negative cache hits " +"(that is, queries for invalid database entries, like nonexistent ones) " +"before asking the back end again." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:326 sssd-krb5.5.xml:223 +msgid "Default: 15" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:331 +msgid "filter_users, filter_groups (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:334 +msgid "" +"Exclude certain users from being fetched from the sss NSS database. This is " +"particularly useful for system accounts. This option can also be set per-" +"domain or include fully-qualified names to filter only users from the " +"particular domain." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:341 +msgid "Default: root" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:346 +msgid "filter_users_in_groups (bool)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:349 +msgid "" +"If you want filtered user still be group members set this option to false." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:360 +msgid "PAM configuration options" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sssd.conf.5.xml:362 +msgid "" +"These options can be used to configure the Pluggable Authentication Module " +"(PAM) service." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:367 +msgid "offline_credentials_expiration (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:370 +msgid "" +"If the authentication provider is offline, how long should we allow cached " +"logins (in days since the last successful online login)." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:375 sssd.conf.5.xml:388 +msgid "Default: 0 (No limit)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:381 +msgid "offline_failed_login_attempts (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:384 +msgid "" +"If the authentication provider is offline, how many failed login attempts " +"are allowed." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:394 +msgid "offline_failed_login_delay (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:397 +msgid "" +"The time in minutes which has to pass after offline_failed_login_attempts " +"has been reached before a new login attempt is possible." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:402 +msgid "" +"If set to 0 the user cannot authenticate offline if " +"offline_failed_login_attempts has been reached. Only a successful online " +"authentication can enable enable offline authentication again." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:408 sssd.conf.5.xml:461 sssd.conf.5.xml:793 +msgid "Default: 5" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:414 +msgid "pam_verbosity (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:417 +msgid "" +"Controls what kind of messages are shown to the user during authentication. " +"The higher the number to more messages are displayed." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:422 +msgid "Currently sssd supports the following values:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:425 +msgid "<emphasis>0</emphasis>: do not show any message" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:428 +msgid "<emphasis>1</emphasis>: show only important messages" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:432 +msgid "<emphasis>2</emphasis>: show informational messages" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:435 +msgid "<emphasis>3</emphasis>: show all messages and debug information" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:439 +msgid "Default: 1" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:444 +msgid "pam_id_timeout (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:447 +msgid "" +"For any PAM request while SSSD is online, the SSSD will attempt to " +"immediately update the cached identity information for the user in order to " +"ensure that authentication takes place with the latest information." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:453 +msgid "" +"A complete PAM conversation may perform multiple PAM requests, such as " +"account management and session opening. This option controls (on a per-" +"client-application basis) how long (in seconds) we can cache the identity " +"information to avoid excessive round-trips to the identity provider." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:467 +msgid "pam_pwd_expiration_warning (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:470 +msgid "Display a warning N days before the password expires." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:473 +msgid "" +"Please note that the backend server has to provide information about the " +"expiration time of the password. If this information is missing, sssd " +"cannot display a warning." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:479 +msgid "Default: 7" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:488 +msgid "DOMAIN SECTIONS" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:495 +msgid "min_id,max_id (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:498 +msgid "" +"UID and GID limits for the domain. If a domain contains an entry that is " +"outside these limits, it is ignored." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:503 +msgid "" +"For users, this affects the primary GID limit. The user will not be returned" +" to NSS if either the UID or the primary GID is outside the range. For non-" +"primary group memberships, those that are in range will be reported as " +"expected." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:510 +msgid "Default: 1 for min_id, 0 (no limit) for max_id" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:516 +msgid "timeout (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:519 +msgid "" +"Timeout in seconds between heartbeats for this domain. This is used to " +"ensure that the backend process is alive and capable of answering requests." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:524 +msgid "Default: 10" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:530 +msgid "enumerate (bool)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:533 +msgid "" +"Determines if a domain can be enumerated. This parameter can have one of the" +" following values:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:537 +msgid "TRUE = Users and groups are enumerated" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:540 +msgid "FALSE = No enumerations for this domain" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:543 sssd.conf.5.xml:591 sssd.conf.5.xml:645 +msgid "Default: FALSE" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:546 +msgid "" +"Note: Enabling enumeration has a moderate performance impact on SSSD while " +"enumeration is running. It may take up to several minutes after SSSD startup" +" to fully complete enumerations. During this time, individual requests for " +"information will go directly to LDAP, though it may be slow, due to the " +"heavy enumeration processing." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:556 +msgid "" +"While the first enumeration is running, requests for the complete user or " +"group lists may return no results until it completes." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:561 +msgid "" +"Further, enabling enumeration may increase the time necessary to detect " +"network disconnection, as longer timeouts are required to ensure that " +"enumeration lookups are completed successfully. For more information, refer" +" to the man pages for the specific id_provider in use." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:572 +msgid "entry_cache_timeout (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:575 +msgid "" +"How many seconds should nss_sss consider entries valid before asking the " +"backend again" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:579 +msgid "Default: 5400" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:584 +msgid "cache_credentials (bool)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:587 +msgid "Determines if user credentials are also cached in the local LDB cache" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:596 +msgid "account_cache_expiration (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:599 +msgid "" +"Number of days entries are left in cache after last successful login before " +"being removed during a cleanup of the cache. 0 means keep forever. The " +"value of this parameter must be greater than or equal to " +"offline_credentials_expiration." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:606 +msgid "Default: 0 (unlimited)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:612 +msgid "id_provider (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:615 +msgid "The Data Provider identity backend to use for this domain." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:619 +msgid "Supported backends:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:622 +msgid "proxy: Support a legacy NSS provider" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:625 +msgid "local: SSSD internal local provider" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:628 +msgid "ldap: LDAP provider" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:634 +msgid "use_fully_qualified_names (bool)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:637 +msgid "" +"If set to TRUE, all requests to this domain must use fully qualified names. " +"For example, if used in LOCAL domain that contains a \"test\" user, " +"<command>getent passwd test</command> wouldn't find the user while " +"<command>getent passwd test@LOCAL</command> would." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:650 +msgid "auth_provider (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:653 +msgid "" +"The authentication provider used for the domain. Supported auth providers " +"are:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:657 +msgid "" +"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " +"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> for more information on configuring LDAP." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:664 +msgid "" +"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " +"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> for more information on configuring Kerberos." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:671 +msgid "" +"<quote>proxy</quote> for relaying authentication to some other PAM target." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:674 +msgid "<quote>none</quote> disables authentication explicitly." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:677 +msgid "" +"Default: <quote>id_provider</quote> is used if it is set and can handle " +"authentication requests." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:683 +msgid "access_provider (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:686 +msgid "" +"The access control provider used for the domain. There are two built-in " +"access providers (in addition to any included in installed backends) " +"Internal special providers are:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:692 +msgid "<quote>permit</quote> always allow access." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:695 +msgid "<quote>deny</quote> always deny access." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:698 +msgid "" +"<quote>simple</quote> access control based on access or deny lists. See " +"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> " +"<manvolnum>5</manvolnum></citerefentry> for more information on configuring " +"the simple access module." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:705 +msgid "Default: <quote>permit</quote>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:710 +msgid "chpass_provider (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:713 +msgid "" +"The provider which should handle change password operations for the domain." +" Supported change password providers are:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:718 +msgid "" +"<quote>ipa</quote> to change a password stored in an IPA server. See " +"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> for more information on configuring" +" IPA." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:726 +msgid "" +"<quote>ldap</quote> to change a password stored in a LDAP server. See " +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> for more information on configuring" +" LDAP." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:734 +msgid "" +"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " +"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> for more information on configuring Kerberos." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:742 +msgid "" +"<quote>proxy</quote> for relaying password changes to some other PAM target." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:746 +msgid "<quote>none</quote> disallows password changes explicitly." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:749 +msgid "" +"Default: <quote>auth_provider</quote> is used if it is set and can handle " +"change password requests." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:756 +msgid "lookup_family_order (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:759 +msgid "" +"Provides the ability to select preferred address family to use when " +"performing DNS lookups." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:763 +msgid "Supported values:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:766 +msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:769 +msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:772 +msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:775 +msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:778 +msgid "Default: ipv4_first" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:784 +msgid "dns_resolver_timeout (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:787 +msgid "" +"Defines the amount of time (in seconds) to wait for a reply from the DNS " +"resolver before assuming that it is unreachable. If this timeout is reached," +" the domain will continue to operate in offline mode." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:799 +msgid "dns_discovery_domain (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:802 +msgid "" +"If service discovery is used in the back end, specifies the domain part of " +"the service discovery DNS query." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:806 +msgid "Default: Use the domain part of machine's hostname" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:490 +msgid "" +"These configuration options can be present in a domain configuration " +"section, that is, in a section called " +"<quote>[domain/<replaceable>NAME</replaceable>]</quote> <placeholder " +"type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:818 +msgid "proxy_pam_target (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:821 +msgid "The proxy target PAM proxies to." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:824 +msgid "" +"Default: not set by default, you have to take an existing pam configuration " +"or create a new one and add the service name here." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:832 +msgid "proxy_lib_name (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:835 +msgid "" +"The name of the NSS library to use in proxy domains. The NSS functions " +"searched for in the library are in the form of _nss_$(libName)_$(function), " +"for example _nss_files_getpwent." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:814 +msgid "" +"Options valid for proxy domains. <placeholder type=\"variablelist\" " +"id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:847 +msgid "The local domain section" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sssd.conf.5.xml:849 +msgid "" +"This section contains settings for domain that stores users and groups in " +"SSSD native database, that is, a domain that uses " +"<replaceable>id_provider=local</replaceable>." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:856 +msgid "default_shell (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:859 +msgid "The default shell for users created with SSSD userspace tools." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:863 +msgid "Default: <filename>/bin/bash</filename>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:868 +msgid "base_directory (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:871 +msgid "" +"The tools append the login name to <replaceable>base_directory</replaceable>" +" and use that as the home directory." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:876 +msgid "Default: <filename>/home</filename>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:881 +msgid "create_homedir (bool)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:884 +msgid "" +"Indicate if a home directory should be created by default for new users. " +"Can be overridden on command line." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:888 sssd.conf.5.xml:900 +msgid "Default: TRUE" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:893 +msgid "remove_homedir (bool)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:896 +msgid "" +"Indicate if a home directory should be removed by default for deleted users." +" Can be overridden on command line." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:905 +msgid "homedir_umask (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:908 +msgid "" +"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " +"on a newly created home directory." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:916 +msgid "Default: 077" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:921 +msgid "skel_dir (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:924 +msgid "" +"The skeleton directory, which contains files and directories to be copied in" +" the user's home directory, when the home directory is created by " +"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:934 +msgid "Default: <filename>/etc/skel</filename>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:939 +msgid "mail_dir (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:942 +msgid "" +"The mail spool directory. This is needed to manipulate the mailbox when its " +"corresponding user account is modified or deleted. If not specified, a " +"default value is used." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:949 +msgid "Default: <filename>/var/mail</filename>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:954 +msgid "userdel_cmd (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:957 +msgid "" +"The command that is run after a user is removed. The command us passed the " +"username of the user being removed as the first and only parameter. The " +"return code of the command is not taken into account." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:963 +msgid "Default: None, no command is run" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:973 sssd-ldap.5.xml:1357 sssd-simple.5.xml:126 +#: sssd-ipa.5.xml:173 sssd-krb5.5.xml:405 +msgid "EXAMPLE" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd.conf.5.xml:979 +#, no-wrap +msgid "" +"[sssd]\n" +"domains = LDAP\n" +"services = nss, pam\n" +"config_file_version = 2\n" +"\n" +"[nss]\n" +"filter_groups = root\n" +"filter_users = root\n" +"\n" +"[pam]\n" +"\n" +"[domain/LDAP]\n" +"id_provider = ldap\n" +"ldap_uri = ldap://ldap.example.com\n" +"ldap_search_base = dc=example,dc=com\n" +"\n" +"auth_provider = krb5\n" +"krb5_server = kerberos.example.com\n" +"krb5_realm = EXAMPLE.COM\n" +"cache_credentials = true\n" +"\n" +"min_id = 10000\n" +"max_id = 20000\n" +"enumerate = False\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:975 +msgid "" +"The following example shows a typical SSSD config. It does not describe " +"configuration of the domains themselves - refer to documentation on " +"configuring domains for more details. <placeholder type=\"programlisting\" " +"id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:1010 +msgid "" +"<citerefentry> <refentrytitle>sssd-" +"ldap</refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry>" +" <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 +msgid "sssd-ldap" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:23 +msgid "" +"This manual page describes the configuration of LDAP domains for " +"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " +"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> manual page for detailed syntax " +"information." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:35 +msgid "You can configure SSSD to use more than one LDAP domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:38 +msgid "" +"LDAP back end supports id, auth, access and chpass providers. If you want to" +" authenticate against an LDAP server either TLS/SSL or LDAPS is required. " +"<command>sssd</command> <emphasis>does not</emphasis> support authentication" +" over an unencrypted channel. If the LDAP server is used only as an " +"identity provider, an encrypted channel is not needed. Please refer to " +"<quote>ldap_access_filter</quote> config option for more information about " +"using LDAP as an access provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:61 +#: sssd-krb5.5.xml:63 +msgid "CONFIGURATION OPTIONS" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:60 +msgid "ldap_uri (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:63 +msgid "" +"Specifies the list of URIs of the LDAP servers to which SSSD should connect " +"in the order of preference. Refer to the <quote>FAILOVER</quote> section for" +" more information on failover and server redundancy. If not specified, " +"service discovery is enabled. For more information, refer to the " +"<quote>SERVICE DISCOVERY</quote> section." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:73 +msgid "ldap_chpass_uri (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:76 +msgid "" +"Specifies the list of URIs of the LDAP servers to which SSSD should connect " +"in the order of preference to change the password of a user. Refer to the " +"<quote>FAILOVER</quote> section for more information on failover and server " +"redundancy." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:83 +msgid "To enable service discovery ldap_chpass_dns_service_name must be set." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:87 +msgid "Default: empty, i.e. ldap_uri is used." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:93 +msgid "ldap_search_base (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:96 +msgid "The default base DN to use for performing LDAP user operations." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:100 +msgid "" +"Default: If not set the value of the defaultNamingContext or namingContexts " +"attribute from the RootDSE of the LDAP server is used. If " +"defaultNamingContext does not exists or has an empty value namingContexts is" +" used. The namingContexts attribute must have a single value with the DN of" +" the search base of the LDAP server to make this work. Multiple values are " +"are not supported." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:114 +msgid "ldap_schema (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:117 +msgid "" +"Specifies the Schema Type in use on the target LDAP server. Depending on " +"the selected schema, the default attribute names retrieved from the servers " +"may vary. The way that some attributes are handled may also differ. Three " +"schema types are currently supported: rfc2307 rfc2307bis IPA The main " +"difference between these schema types is how group memberships are recorded " +"in the server. With rfc2307, group members are listed by name in the " +"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group " +"members are listed by DN and stored in the <emphasis>member</emphasis> " +"attribute." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:136 +msgid "Default: rfc2307" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:142 +msgid "ldap_default_bind_dn (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:145 +msgid "The default bind DN to use for performing LDAP operations." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:152 +msgid "ldap_default_authtok_type (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:155 +msgid "The type of the authentication token of the default bind DN." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:159 +msgid "The two mechanisms currently supported are:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:162 +msgid "password" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:165 +msgid "obfuscated_password" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:171 +msgid "ldap_default_authtok (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:174 +msgid "" +"The authentication token of the default bind DN. Only clear text passwords " +"are currently supported." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:181 +msgid "ldap_user_object_class (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:184 +msgid "The object class of a user entry in LDAP." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:187 +msgid "Default: posixAccount" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:193 +msgid "ldap_user_name (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:196 +msgid "The LDAP attribute that corresponds to the user's login name." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:200 +msgid "Default: uid" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:206 +msgid "ldap_user_uid_number (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:209 +msgid "The LDAP attribute that corresponds to the user's id." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:213 +msgid "Default: uidNumber" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:219 +msgid "ldap_user_gid_number (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:222 +msgid "The LDAP attribute that corresponds to the user's primary group id." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:226 sssd-ldap.5.xml:622 +msgid "Default: gidNumber" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:232 +msgid "ldap_user_gecos (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:235 +msgid "The LDAP attribute that corresponds to the user's gecos field." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:239 +msgid "Default: gecos" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:245 +msgid "ldap_user_home_directory (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:248 +msgid "" +"The LDAP attribute that contains the name of the user's home directory." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:252 +msgid "Default: homeDirectory" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:258 +msgid "ldap_user_shell (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:261 +msgid "The LDAP attribute that contains the path to the user's default shell." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:265 +msgid "Default: loginShell" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:271 +msgid "ldap_user_uuid (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:274 +msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:278 sssd-ldap.5.xml:648 sssd-ldap.5.xml:741 +msgid "Default: nsUniqueId" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:284 +msgid "ldap_user_modify_timestamp (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:287 sssd-ldap.5.xml:657 sssd-ldap.5.xml:750 +msgid "" +"The LDAP attribute that contains timestamp of the last modification of the " +"parent object." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:291 sssd-ldap.5.xml:661 sssd-ldap.5.xml:754 +msgid "Default: modifyTimestamp" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:297 +msgid "ldap_user_shadow_last_change (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:300 +msgid "" +"When using ldap_pwd_policy=shadow, this parameter contains the name of an " +"LDAP attribute corresponding to its <citerefentry> " +"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> counterpart (date of the last password change)." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:310 +msgid "Default: shadowLastChange" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:316 +msgid "ldap_user_shadow_min (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:319 +msgid "" +"When using ldap_pwd_policy=shadow, this parameter contains the name of an " +"LDAP attribute corresponding to its <citerefentry> " +"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> counterpart (minimum password age)." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:328 +msgid "Default: shadowMin" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:334 +msgid "ldap_user_shadow_max (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:337 +msgid "" +"When using ldap_pwd_policy=shadow, this parameter contains the name of an " +"LDAP attribute corresponding to its <citerefentry> " +"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> counterpart (maximum password age)." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:346 +msgid "Default: shadowMax" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:352 +msgid "ldap_user_shadow_warning (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:355 +msgid "" +"When using ldap_pwd_policy=shadow, this parameter contains the name of an " +"LDAP attribute corresponding to its <citerefentry> " +"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> counterpart (password warning period)." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:365 +msgid "Default: shadowWarning" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:371 +msgid "ldap_user_shadow_inactive (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:374 +msgid "" +"When using ldap_pwd_policy=shadow, this parameter contains the name of an " +"LDAP attribute corresponding to its <citerefentry> " +"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> counterpart (password inactivity period)." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:384 +msgid "Default: shadowInactive" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:390 +msgid "ldap_user_shadow_expire (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:393 +msgid "" +"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this" +" parameter contains the name of an LDAP attribute corresponding to its " +"<citerefentry> <refentrytitle>shadow</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> counterpart (account expiration " +"date)." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:403 +msgid "Default: shadowExpire" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:409 +msgid "ldap_user_krb_last_pwd_change (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:412 +msgid "" +"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of" +" an LDAP attribute storing the date and time of last password change in " +"kerberos." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:418 +msgid "Default: krbLastPwdChange" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:424 +msgid "ldap_user_krb_password_expiration (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:427 +msgid "" +"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of" +" an LDAP attribute storing the date and time when current password expires." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:433 +msgid "Default: krbPasswordExpiration" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:439 +msgid "ldap_user_ad_account_expires (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:442 +msgid "" +"When using ldap_account_expire_policy=ad, this parameter contains the name " +"of an LDAP attribute storing the expiration time of the account." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:447 +msgid "Default: accountExpires" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:453 +msgid "ldap_user_ad_user_account_control (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:456 +msgid "" +"When using ldap_account_expire_policy=ad, this parameter contains the name " +"of an LDAP attribute storing the user account control bit field." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:461 +msgid "Default: userAccountControl" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:467 +msgid "ldap_ns_account_lock (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:470 +msgid "" +"When using ldap_account_expire_policy=rhds or equivalent, this parameter " +"determines if access is allowed or not." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:475 +msgid "Default: nsAccountLock" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:481 +msgid "ldap_user_principal (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:484 +msgid "" +"The LDAP attribute that contains the user's Kerberos User Principal Name " +"(UPN)." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:488 +msgid "Default: krbPrincipalName" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:494 +msgid "ldap_force_upper_case_realm (boolean)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:497 +msgid "" +"Some directory servers, for example Active Directory, might deliver the " +"realm part of the UPN in lower case, which might cause the authentication to" +" fail. Set this option to a non-zero value if you want to use an upper-case " +"realm." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:504 sssd-ldap.5.xml:961 sssd-ipa.5.xml:115 sssd.8.xml:64 +#: sssd-krb5.5.xml:235 sssd-krb5.5.xml:266 +msgid "Default: false" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:510 +msgid "ldap_enumeration_refresh_timeout (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:513 +msgid "" +"The LDAP attribute that contains how many seconds SSSD has to wait before " +"refreshing its cache of enumerated records." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:518 +msgid "Default: 300" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:524 +msgid "ldap_purge_cache_timeout" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:527 +msgid "" +"Determine how often to check the cache for inactive entries (such as groups " +"with no members and users who have never logged in) and remove them to save " +"space." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:533 +msgid "Setting this option to zero will disable the cache cleanup operation." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:537 +msgid "Default: 10800 (12 hours)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:543 +msgid "ldap_user_fullname (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:546 +msgid "The LDAP attribute that corresponds to the user's full name." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:550 sssd-ldap.5.xml:609 sssd-ldap.5.xml:702 +msgid "Default: cn" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:556 +msgid "ldap_user_member_of (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:559 +msgid "The LDAP attribute that lists the user's group memberships." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:563 +msgid "Default: memberOf" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:569 +msgid "ldap_user_authorized_service (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:572 +msgid "" +"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " +"use the presence of the authorizedService attribute in the user's LDAP entry" +" to determine access privilege." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:579 +msgid "" +"An explicit deny (!svc) is resolved first. Second, SSSD searches for " +"explicit allow (svc) and finally for allow_all (*)." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:584 +msgid "Default: authorizedService" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:590 +msgid "ldap_group_object_class (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:593 +msgid "The object class of a group entry in LDAP." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:596 +msgid "Default: posixGroup" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:602 +msgid "ldap_group_name (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:605 +msgid "The LDAP attribute that corresponds to the group name." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:615 +msgid "ldap_group_gid_number (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:618 +msgid "The LDAP attribute that corresponds to the group's id." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:628 +msgid "ldap_group_member (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:631 +msgid "The LDAP attribute that contains the names of the group's members." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:635 +msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:641 +msgid "ldap_group_uuid (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:644 +msgid "" +"The LDAP attribute that contains the UUID/GUID of an LDAP group object." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:654 +msgid "ldap_group_modify_timestamp (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:667 +msgid "ldap_group_nesting_level (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:670 +msgid "" +"If ldap_schema is set to a schema format that supports nested groups (e.g. " +"RFC2307bis), then this option controls how many levels of nesting SSSD will " +"follow. This option has no effect on the RFC2307 schema." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:677 +msgid "Default: 2" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:683 +msgid "ldap_netgroup_object_class (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:686 +msgid "The object class of a netgroup entry in LDAP." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:689 +msgid "Default: nisNetgroup" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:695 +msgid "ldap_netgroup_name (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:698 +msgid "The LDAP attribute that corresponds to the netgroup name." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:708 +msgid "ldap_netgroup_member (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:711 +msgid "The LDAP attribute that contains the names of the netgroup's members." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:715 +msgid "Default: memberNisNetgroup" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:721 +msgid "ldap_netgroup_triple (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:724 +msgid "" +"The LDAP attribute that contains the (host, user, domain) netgroup triples." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:728 +msgid "Default: nisNetgroupTriple" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:734 +msgid "ldap_netgroup_uuid (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:737 +msgid "" +"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:747 +msgid "ldap_netgroup_modify_timestamp (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:760 +msgid "ldap_search_timeout (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:763 +msgid "" +"Specifies the timeout (in seconds) that ldap searches are allowed to run " +"before they are cancelled and cached results are returned (and offline mode " +"is entered)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:769 +msgid "" +"Note: this option is subject to change in future versions of the SSSD. It " +"will likely be replaced at some point by a series of timeouts for specific " +"lookup types." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:775 sssd-ldap.5.xml:817 sssd-ldap.5.xml:832 +msgid "Default: 6" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:781 +msgid "ldap_enumeration_search_timeout (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:784 +msgid "" +"Specifies the timeout (in seconds) that ldap searches for user and group " +"enumerations are allowed to run before they are cancelled and cached results" +" are returned (and offline mode is entered)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:791 +msgid "Default: 60" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:797 +msgid "ldap_network_timeout (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:800 +msgid "" +"Specifies the timeout (in seconds) after which the <citerefentry> " +"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> " +"</citerefentry>/<citerefentry> <refentrytitle>select</refentrytitle> " +"<manvolnum>2</manvolnum> </citerefentry> following a <citerefentry> " +"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> " +"</citerefentry> returns in case of no activity." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:823 +msgid "ldap_opt_timeout (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:826 +msgid "" +"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " +"will abort if no response is received. Also controls the timeout when " +"communicating with the KDC in case of SASL bind." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:838 +msgid "ldap_tls_reqcert (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:841 +msgid "" +"Specifies what checks to perform on server certificates in a TLS session, if" +" any. It can be specified as one of the following values:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:847 +msgid "" +"<emphasis>never</emphasis> = The client will not request or check any server" +" certificate." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:851 +msgid "" +"<emphasis>allow</emphasis> = The server certificate is requested. If no " +"certificate is provided, the session proceeds normally. If a bad certificate" +" is provided, it will be ignored and the session proceeds normally." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:858 +msgid "" +"<emphasis>try</emphasis> = The server certificate is requested. If no " +"certificate is provided, the session proceeds normally. If a bad certificate" +" is provided, the session is immediately terminated." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:864 +msgid "" +"<emphasis>demand</emphasis> = The server certificate is requested. If no " +"certificate is provided, or a bad certificate is provided, the session is " +"immediately terminated." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:870 +msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:874 +msgid "Default: hard" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:880 +msgid "ldap_tls_cacert (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:883 +msgid "" +"Specifies the file that contains certificates for all of the Certificate " +"Authorities that <command>sssd</command> will recognize." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:906 sssd-ldap.5.xml:947 +msgid "" +"Default: use OpenLDAP defaults, typically in " +"<filename>/etc/openldap/ldap.conf</filename>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:895 +msgid "ldap_tls_cacertdir (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:898 +msgid "" +"Specifies the path of a directory that contains Certificate Authority " +"certificates in separate individual files. Typically the file names need to " +"be the hash of the certificate followed by '.0'. If available, " +"<command>cacertdir_rehash</command> can be used to create the correct names." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:913 +msgid "ldap_tls_cert (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:916 +msgid "Specifies the file that contains the certificate for the client's key." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:920 sssd-ldap.5.xml:932 sssd-krb5.5.xml:356 +msgid "Default: not set" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:926 +msgid "ldap_tls_key (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:929 +msgid "Specifies the file that contains the client's key." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:938 +msgid "ldap_tls_cipher_suite (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:941 +msgid "" +"Specifies acceptable cipher suites. Typically this is a colon sperated " +"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " +"<manvolnum>5</manvolnum></citerefentry> for format." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:954 +msgid "ldap_id_use_start_tls (boolean)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:957 +msgid "" +"Specifies that the id_provider connection must also use <systemitem " +"class=\"protocol\">tls</systemitem> to protect the channel." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:967 +msgid "ldap_sasl_mech (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:970 +msgid "" +"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " +"supported." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:974 sssd-ldap.5.xml:1102 +msgid "Default: none" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:980 +msgid "ldap_sasl_authid (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:983 +msgid "" +"Specify the SASL authorization id to use. When GSSAPI is used, this " +"represents the Kerberos principal used for authentication to the directory." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:988 +msgid "Default: host/machine.fqdn@REALM" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:994 +msgid "ldap_krb5_keytab (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:997 +msgid "Specify the keytab to use when using SASL/GSSAPI." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1000 +msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1006 +msgid "ldap_krb5_init_creds (boolean)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1009 +msgid "" +"Specifies that the id_provider should init Kerberos credentials (TGT). This" +" action is performed only if SASL is used and the mechanism selected is " +"GSSAPI." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1021 +msgid "ldap_krb5_ticket_lifetime (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1024 +msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1028 +msgid "Default: 86400 (24 hours)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1034 sssd-krb5.5.xml:74 +msgid "krb5_server (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1037 sssd-krb5.5.xml:77 +msgid "" +"Specifies the list of IP addresses or hostnames of the Kerberos servers to " +"which SSSD should connect in the order of preference. For more information " +"on failover and server redundancy, see the <quote>FAILOVER</quote> section. " +"An optional port number (preceded by a colon) may be appended to the " +"addresses or hostnames. If empty, service discovery is enabled - for more " +"information, refer to the <quote>SERVICE DISCOVERY</quote> section." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1049 sssd-krb5.5.xml:89 +msgid "" +"When using service discovery for KDC or kpasswd servers, SSSD first searches" +" for DNS entries that specify _udp as the protocol and falls back to _tcp if" +" none are found." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1054 sssd-krb5.5.xml:94 +msgid "" +"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD." +" While the legacy name is recognized for the time being, users are advised " +"to migrate their config files to use <quote>krb5_server</quote> instead." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1063 sssd-krb5.5.xml:103 +msgid "krb5_realm (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1066 +msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1069 +msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1075 +msgid "ldap_pwd_policy (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1078 +msgid "" +"Select the policy to evaluate the password expiration on the client side. " +"The following values are allowed:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1083 +msgid "" +"<emphasis>none</emphasis> - No evaluation on the client side. This option " +"cannot disable server-side password policies." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1088 +msgid "" +"<emphasis>shadow</emphasis> - Use " +"<citerefentry><refentrytitle>shadow</refentrytitle> " +"<manvolnum>5</manvolnum></citerefentry> style attributes to evaluate if the " +"password has expired. Note that the current version of sssd cannot update " +"this attribute during a password change." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1096 +msgid "" +"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " +"to determine if the password has expired. Use chpass_provider=krb5 to update" +" these attributes when the password is changed." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1108 +msgid "ldap_referrals (boolean)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1111 +msgid "Specifies whether automatic referral chasing should be enabled." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1115 +msgid "" +"Please note that sssd only supports referral chasing when it is compiled " +"with OpenLDAP version 2.4.13 or higher." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1126 +msgid "ldap_dns_service_name (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1129 +msgid "Specifies the service name to use when service discovery is enabled." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1133 +msgid "Default: ldap" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1139 +msgid "ldap_chpass_dns_service_name (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1142 +msgid "" +"Specifies the service name to use to find an LDAP server which allows " +"password changes when service discovery is enabled." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1147 +msgid "Default: not set, i.e. service discovery is disabled" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1153 +msgid "ldap_access_filter (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1156 +msgid "" +"If using access_provider = ldap, this option is mandatory. It specifies an " +"LDAP search filter criteria that must be met for the user to be granted " +"access on this host. If access_provider = ldap and this option is not set, " +"it will result in all users being denied access. Use access_provider = allow" +" to change this default behavior." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1166 +msgid "Example:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> +#: sssd-ldap.5.xml:1169 +#, no-wrap +msgid "" +"access_provider = ldap\n" +"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" +" " +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1173 +msgid "" +"This example means that access to this host is restricted to members of the " +"\"allowedusers\" group in ldap." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1178 +msgid "" +"Offline caching for this feature is limited to determining whether the " +"user's last online login was granted access permission. If they were granted" +" access during their last login, they will continue to be granted access " +"while offline and vice-versa." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1186 sssd-ldap.5.xml:1227 +msgid "Default: Empty" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1192 +msgid "ldap_account_expire_policy (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1195 +msgid "" +"With this option a client side evaluation of access control attributes can " +"be enabled." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1199 +msgid "" +"Please note that it is always recommended to use server side access control," +" i.e. the LDAP server should deny the bind request with a suitable error " +"code even if the password is correct." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1206 +msgid "The following values are allowed:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1209 +msgid "" +"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " +"determine if the account is expired." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1214 +msgid "" +"<emphasis>ad</emphasis>: use the value of the 32bit field " +"ldap_user_ad_user_account_control and allow access if the second bit is not " +"set. If the attribute is missing access is granted. Also the expiration time" +" of the account is checked." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1221 +msgid "" +"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, " +"<emphasis>389ds</emphasis>: use the value of ldap_ns_account_lock to check " +"if access is allowed or not." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1233 +msgid "ldap_access_order (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1236 +msgid "Comma separated list of access control options. Allowed values are:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1240 +msgid "<emphasis>filter</emphasis>: use ldap_access_filter" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1243 +msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1247 +msgid "" +"<emphasis>authorized_service</emphasis>: use the authorizedService attribute" +" to determine access" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1252 +msgid "Default: filter" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1255 +msgid "" +"Please note that it is a configuration error if a value is used more than " +"once." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1262 +msgid "ldap_deref (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1265 +msgid "" +"Specifies how alias dereferencing is done when performing a search. The " +"following options are allowed:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1270 +msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1274 +msgid "" +"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " +"the base object, but not in locating the base object of the search." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1279 +msgid "" +"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " +"the base object of the search." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1284 +msgid "" +"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " +"in locating the base object of the search." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1289 +msgid "" +"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " +"client libraries)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:51 +msgid "" +"All of the common configuration options that apply to SSSD domains also " +"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " +"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> manual page for full details. " +"<placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap.5.xml:1301 +msgid "ADVANCED OPTIONS" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1308 +msgid "ldap_netgroup_search_base (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1311 +msgid "" +"An optional base DN to restrict netgroup searches to a specific subtree." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1315 sssd-ldap.5.xml:1329 sssd-ldap.5.xml:1343 +msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1322 +msgid "ldap_user_search_base (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1325 +msgid "An optional base DN to restrict user searches to a specific subtree." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1336 +msgid "ldap_group_search_base (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1339 +msgid "An optional base DN to restrict group searches to a specific subtree." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:1303 +msgid "" +"These options are supported by LDAP domains, but they should be used with " +"caution. Please include them in your configuration only if you know what you" +" are doing. <placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:1359 +msgid "" +"The following example assumes that SSSD is correctly configured and LDAP is " +"set to one of the domains in the <replaceable>[domains]</replaceable> " +"section." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd-ldap.5.xml:1365 +#, no-wrap +msgid "" +" [domain/LDAP]\n" +" id_provider = ldap\n" +" auth_provider = ldap\n" +" ldap_uri = ldap://ldap.mydomain.org\n" +" ldap_search_base = dc=mydomain,dc=org\n" +" ldap_tls_reqcert = demand\n" +" cache_credentials = true\n" +" enumerate = true\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:1364 sssd-simple.5.xml:134 sssd-ipa.5.xml:181 +#: sssd-krb5.5.xml:414 +msgid "<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap.5.xml:1378 sssd_krb5_locator_plugin.8.xml:61 +msgid "NOTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:1380 +msgid "" +"The descriptions of some of the configuration options in this manual page " +"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " +"distribution." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:1391 +msgid "" +"<citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> " +"</citerefentry>, <citerefentry> <refentrytitle>sssd-" +"krb5</refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry>" +" <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" +msgstr "" + +#. type: Content of: <refentryinfo> +#: pam_sss.8.xml:8 include/upstream.xml:2 +msgid "" +"<productname>SSSD</productname> <orgname>The SSSD upstream - " +"http://fedorahosted.org/sssd</orgname>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: pam_sss.8.xml:13 pam_sss.8.xml:18 +msgid "pam_sss" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: pam_sss.8.xml:19 +msgid "PAM module for SSSD" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: pam_sss.8.xml:24 +msgid "" +"<command>pam_sss.so</command> <arg choice='opt'> " +"<replaceable>forward_pass</replaceable> </arg> <arg choice='opt'> " +"<replaceable>use_first_pass</replaceable> </arg> <arg choice='opt'> " +"<replaceable>use_authtok</replaceable> </arg> <arg choice='opt'> " +"<replaceable>retry=N</replaceable> </arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:42 +msgid "" +"<command>pam_sss.so</command> is the PAM interface to the System Security " +"Services daemon (SSSD). Errors and results are logged through " +"<command>syslog(3)</command> with the LOG_AUTHPRIV facility." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:52 +msgid "<option>forward_pass</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:55 +msgid "" +"If <option>forward_pass</option> is set the entered password is put on the " +"stack for other PAM modules to use." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:62 +msgid "<option>use_first_pass</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:65 +msgid "" +"The argument use_first_pass forces the module to use a previous stacked " +"modules password and will never prompt the user - if no password is " +"available or the password is not appropriate, the user will be denied " +"access." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:73 +msgid "<option>use_authtok</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:76 +msgid "" +"When password changing enforce the module to set the new password to the one" +" provided by a previously stacked password module." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:83 +msgid "<option>retry=N</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:86 +msgid "" +"If specified the user is asked another N times for a password if " +"authentication fails. Default is 0." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:88 +msgid "" +"Please note that this option might not work as expected if the application " +"calling PAM handles the user dialog on its own. A typical example is " +"<command>sshd</command> with <option>PasswordAuthentication</option>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:99 +msgid "MODULE TYPES PROVIDED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:100 +msgid "" +"All module types (<option>account</option>, <option>auth</option>, " +"<option>password</option> and <option>session</option>) are provided." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:106 +msgid "FILES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:107 +msgid "" +"If a password reset by root fails, because the corresponding SSSD provider " +"does not support password resets, an individual message can be displayed. " +"This message can e.g. contain instructions about how to reset a password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:112 +msgid "" +"The message is read from the file " +"<filename>pam_sss_pw_reset_message.LOC</filename> where LOC stands for a " +"locale string returned by <citerefentry> " +"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> " +"</citerefentry>. If there is no matching file the content of " +"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be" +" the owner of the files and only root may have read and write permissions " +"while all other users must have only read permisssions." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:122 +msgid "" +"These files are searched in the directory " +"<filename>/etc/sssd/customize/DOMAIN_NAME/</filename>. If no matching file " +"is present a generic message is displayed." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:130 +msgid "" +"<citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 +msgid "sssd_krb5_locator_plugin" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:22 +msgid "" +"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " +"used by the Kerberos provider of <citerefentry> " +"<refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> </citerefentry>" +" to tell the Kerberos libraries what Realm and which KDC to use. Typically " +"this is done in <citerefentry> <refentrytitle>krb5.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> which is always read by the " +"Kerberos libraries. To simplyfy the configuration the Realm and the KDC can " +"be defined in <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> as described in <citerefentry> " +"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:48 +msgid "" +"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " +"</citerefentry> puts the Realm and the name or IP address of the KDC into " +"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " +"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " +"libraries it reads and evaluates these variable and returns them to the " +"libraries." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:63 +msgid "" +"Not all Kerberos implementations support the use of plugins. If " +"<command>sssd_krb5_locator_plugin</command> is not available on your system " +"you have to edit /etc/krb5.conf to reflect your Kerberos setup." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:69 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " +"debug messages will be sent to stderr." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:77 +msgid "" +"<citerefentry> <refentrytitle>sssd-" +"krb5</refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry>" +" <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd-simple.5.xml:10 sssd-simple.5.xml:16 +msgid "sssd-simple" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sssd-simple.5.xml:17 +msgid "the configuration file for SSSD's 'simple' access-control provider" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:24 +msgid "" +"This manual page describes the configuration of the simple access-control " +"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " +"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> manual page." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:38 +msgid "" +"The simple access provider grants or denies access based on an access or " +"deny list of user or group names. The following rules apply:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd-simple.5.xml:43 +msgid "If all lists are empty, access is granted" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd-simple.5.xml:47 +msgid "" +"If any list is provided, the order of evaluation is allow,deny. This means " +"that any matching deny rule will supersede any matched allow rule." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd-simple.5.xml:54 +msgid "" +"If either or both \"allow\" lists are provided, all users are denied unless " +"they appear in the list." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd-simple.5.xml:60 +msgid "" +"If only \"deny\" lists are provided, all users are granted access unless " +"they appear in the list." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-simple.5.xml:78 +msgid "simple_allow_users (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-simple.5.xml:81 +msgid "Comma separated list of users who are allowed to log in." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-simple.5.xml:88 +msgid "simple_deny_users (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-simple.5.xml:91 +msgid "Comma separated list of users who are explicitly denied access." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-simple.5.xml:97 +msgid "simple_allow_groups (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-simple.5.xml:100 +msgid "" +"Comma separated list of groups that are allowed to log in. This applies only" +" to groups within this SSSD domain. Local groups are not evaluated." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-simple.5.xml:108 +msgid "simple_deny_groups (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-simple.5.xml:111 +msgid "" +"Comma separated list of groups that are explicitly denied access. This " +"applies only to groups within this SSSD domain. Local groups are not " +"evaluated." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:62 +msgid "" +"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> manual page for details on the configuration of an SSSD " +"domain. <placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:120 +msgid "" +"Please note that it is an configuration error if both, simple_allow_users " +"and simple_deny_users, are defined." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:128 +msgid "" +"The following example assumes that SSSD is correctly configured and " +"example.com is one of the domains in the <replaceable>[sssd]</replaceable> " +"section. This examples shows only the simple access provider-specific " +"options." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd-simple.5.xml:135 +#, no-wrap +msgid "" +" [domain/example.com]\n" +" access_provider = simple\n" +" simple_allow_users = user1, user2\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:145 +msgid "" +"<citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 +msgid "sssd-ipa" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:23 +msgid "" +"This manual page describes the configuration of the IPA provider for " +"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " +"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " +"FORMAT</quote> section of the <citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> manual page." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:36 +msgid "" +"The IPA provider is a back end used to connect to an IPA server. (Refer to " +"the freeipa.org web site for information about IPA servers.) This provider " +"requires that the machine be joined to the IPA domain; configuration is " +"almost entirely self-discovered and obtained directly from the server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:43 +msgid "" +"The IPA provider accepts the same options used by the <citerefentry> " +"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> identity provider and the <citerefentry> <refentrytitle" +">sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> " +"authentication provider. However, it is neither necessary nor recommended " +"to set these options. IPA provider can also be used as an access and chpass" +" provider. As an access provider it uses HBAC (host-based access control) " +"rules. Please refer to freeipa.org for more information about HBAC. No " +"configuration of access provider is required on the client side." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:69 +msgid "ipa_domain (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:72 +msgid "" +"Specifies the name of the IPA domain. This is optional. If not provided, " +"the configuration domain name is used." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:80 +msgid "ipa_server (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:83 +msgid "" +"The list of IP addresses or hostnames of the IPA servers to which SSSD " +"should connect in the order of preference. For more information on failover " +"and server redundancy, see the <quote>FAILOVER</quote> section. This is " +"optional if autodiscovery is enabled. For more information on service " +"discovery, refer to the the <quote>SERVICE DISCOVERY</quote> section." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:96 +msgid "ipa_hostname (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:99 +msgid "" +"Optional. May be set on machines where the hostname(5) does not reflect the " +"fully qualified name used in the IPA domain to identify this host." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:107 +msgid "ipa_dyndns_update (boolean)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:110 +msgid "" +"Optional. This option tells SSSD to automatically update the DNS server " +"built into FreeIPA v2 with the IP address of this client." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:121 +msgid "ipa_dyndns_iface (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:124 +msgid "" +"Optional. Applicable only when ipa_dyndns_update is true. Choose the " +"interface whose IP address should be used for dynamic DNS updates." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:129 +msgid "Default: Use the IP address of the IPA LDAP connection" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:135 +msgid "ipa_hbac_search_base (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:138 +msgid "" +"Optional. Use the given string as search base for HBAC related objects." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:142 +msgid "Default: Use base DN" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:148 sssd-krb5.5.xml:229 +msgid "krb5_validate (boolean)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:151 sssd-krb5.5.xml:232 +msgid "" +"Verify with the help of krb5_keytab that the TGT obtained has not been " +"spoofed." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:158 +msgid "" +"Note that this default differs from the traditional Kerberos provider back " +"end." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:175 +msgid "" +"The following example assumes that SSSD is correctly configured and " +"example.com is one of the domains in the <replaceable>[sssd]</replaceable> " +"section. This examples shows only the ipa provider-specific options." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd-ipa.5.xml:182 +#, no-wrap +msgid "" +" [domain/example.com]\n" +" id_provider = ipa\n" +" ipa_server = ipaserver.example.com\n" +" ipa_hostname = myhost.example.com\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:193 +msgid "" +"<citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> " +"</citerefentry>, <citerefentry> <refentrytitle>sssd-" +"ldap</refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry>" +" <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd.8.xml:10 sssd.8.xml:15 +msgid "sssd" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sssd.8.xml:16 +msgid "System Security Services Daemon" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sssd.8.xml:21 +msgid "" +"<command>sssd</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.8.xml:31 +msgid "" +"<command>SSSD</command> provides a set of daemons to manage access to remote" +" directories and authentication mechanisms. It provides an NSS and PAM " +"interface toward the system and a pluggable backend system to connect to " +"multiple different account sources as well as D-Bus interface. It is also " +"the basis to provide client auditing and policy services for projects like " +"FreeIPA. It provides a more robust database to store local users as well as " +"extended user data." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:46 +msgid "" +"<option>-d</option>,<option>--debug-level</option> " +"<replaceable>LEVEL</replaceable>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:51 +msgid "" +"Debug level to run the daemon with. 0 is the default as well as the lowest " +"allowed value, 10 is the most verbose mode. This setting overrides the " +"settings from config file. This parameter implies <option>-i</option>." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:70 +msgid "<option>-f</option>,<option>--debug-to-files</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:74 +msgid "" +"Send the debug output to files instead of stderr. By default, the log files " +"are stored in <filename>/var/log/sssd</filename> and there are separate log " +"files for every SSSD service and domain." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:82 +msgid "<option>-D</option>,<option>--daemon</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:86 +msgid "Become a daemon after starting up." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:92 +msgid "<option>-i</option>,<option>--interactive</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:96 +msgid "Run in the foreground, don't become a daemon." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:102 +msgid "<option>-c</option>,<option>--config</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:106 +msgid "" +"Specify a non-default config file. The default is " +"<filename>/etc/sssd/sssd.conf</filename>. For reference on the config file " +"syntax and options, consult the <citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> manual page." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.8.xml:122 +msgid "Signals" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:125 +msgid "SIGTERM/SIGINT" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:128 +msgid "" +"Informs the SSSD to gracefully terminate all of its child processes and then" +" shut down the monitor." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:134 +msgid "SIGHUP" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:137 +msgid "" +"Tells the SSSD to stop writing to its current debug file descriptors and to " +"close and reopen them. This is meant to facilitate log rolling with programs" +" like logrotate." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:145 +msgid "SIGUSR1" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:148 +msgid "" +"Tells the SSSD to simulate offline operation for one minute. This is mostly " +"useful for testing purposes." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:154 +msgid "SIGUSR2" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:157 +msgid "" +"Tells the SSSD to go online immediately. This is mostly useful for testing " +"purposes." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.8.xml:168 +msgid "" +"<citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 +msgid "sss_obfuscate" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_obfuscate.8.xml:16 +msgid "obfuscate a clear text password" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_obfuscate.8.xml:21 +msgid "" +"<command>sss_obfuscate</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>[PASSWORD]</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_obfuscate.8.xml:32 +msgid "" +"<command>sss_obfuscate</command> converts a given password into human-" +"unreadable format and places it into appropriate domain section of the SSSD " +"config file." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_obfuscate.8.xml:37 +msgid "" +"The cleartext password can be specified as an argument to the program, read " +"from standard input or entered interactively. The obfuscated password is " +"put into <quote>ldap_default_authtok</quote> parameter of a given SSSD " +"domain and the <quote>ldap_default_authtok_type</quote> parameter is set to " +"<quote>obfuscated_password</quote>. Refer to <citerefentry> <refentrytitle" +">sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more" +" details on these parameters." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_obfuscate.8.xml:50 +msgid "" +"Please note that obfuscating the password provides <emphasis>no real " +"security benefit</emphasis> as it is still possible for an attacker to " +"reverse-engineer the password back. Using better authentication mechanisms " +"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " +"advised." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_obfuscate.8.xml:64 +msgid "<option>-s</option>,<option>--stdin</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_obfuscate.8.xml:68 +msgid "The password to obfuscate will be read from standard input." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_obfuscate.8.xml:75 +msgid "" +"<option>-d</option>,<option>--domain</option> " +"<replaceable>DOMAIN</replaceable>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_obfuscate.8.xml:80 +msgid "" +"The SSSD domain to use the password in. The default name is " +"<quote>default</quote>." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_obfuscate.8.xml:87 +msgid "" +"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_obfuscate.8.xml:92 +msgid "Read the config file specified by the positional parameter." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_obfuscate.8.xml:96 +msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_obfuscate.8.xml:106 +msgid "" +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 +msgid "sss_useradd" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_useradd.8.xml:16 +msgid "create a new user" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_useradd.8.xml:21 +msgid "" +"<command>sss_useradd</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>LOGIN</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_useradd.8.xml:32 +msgid "" +"<command>sss_useradd</command> creates a new user account using the values " +"specified on the command line plus the default values from the system." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:43 +msgid "" +"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:48 +msgid "" +"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " +"not given, it is chosen automatically." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 +msgid "" +"<option>-c</option>,<option>--gecos</option> " +"<replaceable>COMMENT</replaceable>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 +msgid "" +"Any text string describing the user. Often used as the field for the user's " +"full name." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 +msgid "" +"<option>-h</option>,<option>--home</option> " +"<replaceable>HOME_DIR</replaceable>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:72 +msgid "" +"The home directory of the user account. The default is to append the " +"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " +"that as the home directory. The base that is prepended before " +"<replaceable>LOGIN</replaceable> is tunable with " +"<quote>user_defaults/baseDirectory</quote> setting in sssd.conf." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 +msgid "" +"<option>-s</option>,<option>--shell</option> " +"<replaceable>SHELL</replaceable>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:87 +msgid "" +"The user's login shell. The default is currently " +"<filename>/bin/bash</filename>. The default can be changed with " +"<quote>user_defaults/defaultShell</quote> setting in sssd.conf." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:96 +msgid "" +"<option>-G</option>,<option>--groups</option> " +"<replaceable>GROUPS</replaceable>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:101 +msgid "A list of existing groups this user is also a member of." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:107 +msgid "<option>-m</option>,<option>--create-home</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:111 +msgid "" +"Create the user's home directory if it does not exist. The files and " +"directories contained in the skeleton directory (which can be defined with " +"the -k option or in the config file) will be copied to the home directory." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:121 +msgid "<option>-M</option>,<option>--no-create-home</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:125 +msgid "" +"Do not create the user's home directory. Overrides configuration settings." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:132 +msgid "" +"<option>-k</option>,<option>--skel</option> " +"<replaceable>SKELDIR</replaceable>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:137 +msgid "" +"The skeleton directory, which contains files and directories to be copied in" +" the user's home directory, when the home directory is created by " +"<command>sss_useradd</command>." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:143 +msgid "" +"This option is only valid if the <option>-m</option> (or <option>--create-" +"home</option>) option is specified, or creation of home directories is set " +"to TRUE in the configuration." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 +msgid "" +"<option>-Z</option>,<option>--selinux-user</option> " +"<replaceable>SELINUX_USER</replaceable>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:157 +msgid "" +"The SELinux user for the user's login. If not specified, the system default " +"will be used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_useradd.8.xml:169 +msgid "" +"<citerefentry> " +"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 +msgid "sssd-krb5" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:23 +msgid "" +"This manual page describes the configuration of the Kerberos 5 " +"authentication backend for <citerefentry> " +"<refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " +"</citerefentry>. For a detailed syntax reference, please refer to the " +"<quote>FILE FORMAT</quote> section of the <citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> manual page" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:36 +msgid "" +"The Kerberos 5 authentication backend contains auth and chpass providers. It" +" must be paired with identity provider in order to function properly (for " +"example, id_provider = ldap). Some information required by the Kerberos 5 " +"authentication backend must be provided by the identity provider, such as " +"the user's Kerberos Principal Name (UPN). The configuration of the identity " +"provider should have an entry to specify the UPN. Please refer to the man " +"page for the applicable identity provider for details on how to configure " +"this." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:47 +msgid "" +"This backend also provides access control based on the .k5login file in the " +"home directory of the user. See <citerefentry> " +"<refentrytitle>.k5login</refentrytitle><manvolnum>5</manvolnum> " +"</citerefentry> for more details. Please note that an empty .k5login file " +"will deny all access to this user. To activate this feature use " +"'access_provider = krb5' in your sssd configuration." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:55 +msgid "" +"In the case where the UPN is not available in the identity backend " +"<command>sssd</command> will construct a UPN using the format " +"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:106 +msgid "" +"The name of the Kerberos realm. This option is required and must be " +"specified." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:113 +msgid "krb5_kpasswd (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:116 +msgid "" +"If the change password service is not running on the KDC alternative servers" +" can be defined here. An optional port number (preceded by a colon) may be " +"appended to the addresses or hostnames." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:122 +msgid "" +"For more information on failover and server redundancy, see the " +"<quote>FAILOVER</quote> section. Please note that even if there are no more" +" kpasswd servers to try the back end is not switch to offline if " +"authentication against the KDC is still possible." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:129 +msgid "Default: Use the KDC" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:135 +msgid "krb5_ccachedir (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:138 +msgid "" +"Directory to store credential caches. All the substitution sequences of " +"krb5_ccname_template can be used here, too, except %d and %P. If the " +"directory does not exist it will be created. If %u, %U, %p or %h are used a " +"private directory belonging to the user is created. Otherwise a public " +"directory with restricted deletion flag (aka sticky bit, see <citerefentry> " +"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> " +"</citerefentry> for details) is created." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:151 +msgid "Default: /tmp" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:157 +msgid "krb5_ccname_template (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:166 +msgid "%u" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:167 +msgid "login name" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:170 +msgid "%U" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:171 +msgid "login UID" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:174 +msgid "%p" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:175 +msgid "principal name" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:179 +msgid "%r" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:180 +msgid "realm name" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:183 +msgid "%h" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:184 +msgid "home directory" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:188 +msgid "%d" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:189 +msgid "value of krb5ccache_dir" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:194 +msgid "%P" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:195 +msgid "the process ID of the sssd client" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:200 +msgid "%%" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:201 +msgid "a literal '%'" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:160 +msgid "" +"Location of the user's credential cache. Currently only file based " +"credential caches are supported. In the template the following sequences are" +" substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template " +"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe " +"way." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:209 +msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:215 +msgid "krb5_auth_timeout (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:218 +msgid "" +"Timeout in seconds after an online authentication or change password request" +" is aborted. If possible the authentication request is continued offline." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:241 +msgid "krb5_keytab (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:244 +msgid "" +"The location of the keytab to use when validating credentials obtained from " +"KDCs." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:248 +msgid "Default: /etc/krb5.keytab" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:254 +msgid "krb5_store_password_if_offline (boolean)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:257 +msgid "" +"Store the password of the user if the provider is offline and use it to " +"request a TGT when the provider gets online again." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:262 +msgid "" +"Please note that this feature currently only available on a Linux platform." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:272 +msgid "krb5_renewable_lifetime (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:275 +msgid "" +"Request a renewable ticket with a total lifetime given by an integer " +"immediately followed by one of the following delimiters:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:280 sssd-krb5.5.xml:316 +msgid "<emphasis>s</emphasis> seconds" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 +msgid "<emphasis>m</emphasis> minutes" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 +msgid "<emphasis>h</emphasis> hours" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 +msgid "<emphasis>d</emphasis> days." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 +msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:296 +msgid "" +"Please note that it is not possible to mix units. If you want to set the " +"renewable lifetime to one and a half hours please use '90m' instead of " +"'1h30m'." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:302 +msgid "Default: not set, i.e. the TGT is not renewable" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:308 +msgid "krb5_lifetime (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:311 +msgid "" +"Request ticket with a with a lifetime given by an integer immediately " +"followed by one of the following delimiters:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:332 +msgid "" +"Please note that it is not possible to mix units. If you want to set the " +"lifetime to one and a half hours please use '90m' instead of '1h30m'." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:337 +msgid "" +"Default: not set, i.e. the default ticket lifetime configured on the KDC." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:344 +msgid "krb5_renew_interval (integer)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:347 +msgid "" +"The time in seconds between two checks if the TGT should be renewed. TGTs " +"are renewed if about half of their lifetime is exceeded." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:352 +msgid "If this option is not set or 0 the automatic renewal is disabled." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:362 +msgid "krb5_use_fast (string)" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:365 +msgid "" +"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" +"authentication. The following options are supported:" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:370 +msgid "" +"<emphasis>never</emphasis> use FAST, this is equivalent to not set this " +"option at all." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:374 +msgid "" +"<emphasis>try</emphasis> to use FAST, if the server does not support fast " +"continue without." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:378 +msgid "" +"<emphasis>demand</emphasis> to use FAST, fail if the server does not require" +" fast." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:382 +msgid "Default: not set, i.e. FAST is not used." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:385 +msgid "Please note that a keytab is required to use fast." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:388 +msgid "" +"Please note also that sssd supports fast only with MIT Kerberos version 1.8 " +"and above. If sssd used used with an older version using this option is a " +"configuration error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:65 +msgid "" +"If the auth-module krb5 is used in a SSSD domain, the following options must" +" be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN " +"SECTIONS</quote> for details on the configuration of a SSSD domain. " +"<placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:407 +msgid "" +"The following example assumes that SSSD is correctly configured and FOO is " +"one of the domains in the <replaceable>[sssd]</replaceable> section. This " +"example shows only configuration of Kerberos authentication, it does not " +"include any identity provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd-krb5.5.xml:415 +#, no-wrap +msgid "" +" [domain/FOO]\n" +" auth_provider = krb5\n" +" krb5_server = 192.168.1.1\n" +" krb5_realm = EXAMPLE.COM\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:426 +msgid "" +"<citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> " +"</citerefentry>, <citerefentry> <refentrytitle>sssd-" +"ldap</refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry>" +" <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 +msgid "sss_groupadd" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_groupadd.8.xml:16 +msgid "create a new group" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_groupadd.8.xml:21 +msgid "" +"<command>sss_groupadd</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>GROUP</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupadd.8.xml:32 +msgid "" +"<command>sss_groupadd</command> creates a new group. These groups are " +"compatible with POSIX groups, with the additional feature that they can " +"contain other groups as members." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_groupadd.8.xml:43 +msgid "" +"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_groupadd.8.xml:48 +msgid "" +"Set the GID of the group to the value of <replaceable>GID</replaceable>. If" +" not given, it is chosen automatically." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupadd.8.xml:60 +msgid "" +"<citerefentry> " +"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_userdel.8.xml:10 sss_userdel.8.xml:15 +msgid "sss_userdel" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_userdel.8.xml:16 +msgid "delete a user account" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_userdel.8.xml:21 +msgid "" +"<command>sss_userdel</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>LOGIN</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_userdel.8.xml:32 +msgid "" +"<command>sss_userdel</command> deletes a user identified by login name " +"<replaceable>LOGIN</replaceable> from the system." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_userdel.8.xml:44 +msgid "<option>-r</option>,<option>--remove</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_userdel.8.xml:48 +msgid "" +"Files in the user's home directory will be removed along with the home " +"directory itself and the user's mail spool. Overrides the configuration." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_userdel.8.xml:56 +msgid "<option>-R</option>,<option>--no-remove</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_userdel.8.xml:60 +msgid "" +"Files in the user's home directory will NOT be removed along with the home " +"directory itself and the user's mail spool. Overrides the configuration." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_userdel.8.xml:68 +msgid "<option>-f</option>,<option>--force</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_userdel.8.xml:72 +msgid "" +"This option forces <command>sss_userdel</command> to remove the user's home " +"directory and mail spool, even if they are not owned by the specified user." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_userdel.8.xml:80 +msgid "<option>-k</option>,<option>--kick</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_userdel.8.xml:84 +msgid "Before actually deleting the user, terminate all his processes." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_userdel.8.xml:95 +msgid "" +"<citerefentry> " +"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 +msgid "sss_groupdel" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_groupdel.8.xml:16 +msgid "delete a group" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_groupdel.8.xml:21 +msgid "" +"<command>sss_groupdel</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>GROUP</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupdel.8.xml:32 +msgid "" +"<command>sss_groupdel</command> deletes a group identified by its name " +"<replaceable>GROUP</replaceable> from the system." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupdel.8.xml:48 +msgid "" +"<citerefentry> " +"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 +msgid "sss_groupshow" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_groupshow.8.xml:16 +msgid "print properties of a group" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_groupshow.8.xml:21 +msgid "" +"<command>sss_groupshow</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>GROUP</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupshow.8.xml:32 +msgid "" +"<command>sss_groupshow</command> displays information about a group " +"identified by its name <replaceable>GROUP</replaceable>. The information " +"includes the group ID number, members of the group and the parent group." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_groupshow.8.xml:43 +msgid "<option>-R</option>,<option>--recursive</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_groupshow.8.xml:47 +msgid "" +"Also print indirect group members in a tree-like hierarchy. Note that this " +"also affects printing parent groups - without <option>R</option>, only the " +"direct parent will be printed." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupshow.8.xml:60 +msgid "" +"<citerefentry> " +"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_usermod.8.xml:10 sss_usermod.8.xml:15 +msgid "sss_usermod" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_usermod.8.xml:16 +msgid "modify a user account" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_usermod.8.xml:21 +msgid "" +"<command>sss_usermod</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>LOGIN</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_usermod.8.xml:32 +msgid "" +"<command>sss_usermod</command> modifies the account specified by " +"<replaceable>LOGIN</replaceable> to reflect the changes that are specified " +"on the command line." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_usermod.8.xml:60 +msgid "The home directory of the user account." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_usermod.8.xml:71 +msgid "The user's login shell." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_usermod.8.xml:82 +msgid "" +"Append this user to groups specified by the " +"<replaceable>GROUPS</replaceable> parameter. The " +"<replaceable>GROUPS</replaceable> parameter is a comma separated list of " +"group names." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_usermod.8.xml:96 +msgid "" +"Remove this user from groups specified by the " +"<replaceable>GROUPS</replaceable> parameter." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_usermod.8.xml:103 +msgid "<option>-l</option>,<option>--lock</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_usermod.8.xml:107 +msgid "Lock the user account. The user won't be able to log in." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_usermod.8.xml:114 +msgid "<option>-u</option>,<option>--unlock</option>" +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_usermod.8.xml:118 +msgid "Unlock the user account." +msgstr "" + +#. type: Content of: +#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_usermod.8.xml:129 +msgid "The SELinux user for the user's login." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_usermod.8.xml:140 +msgid "" +"<citerefentry> " +"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>." +msgstr "" + +#. type: Content of: <refsect1><title> +#: include/service_discovery.xml:2 +msgid "SERVICE DISCOVERY" +msgstr "" + +#. type: Content of: <refsect1><para> +#: include/service_discovery.xml:4 +msgid "" +"The service discovery feature allows back ends to automatically find the " +"appropriate servers to connect to using a special DNS query." +msgstr "" + +#. type: Content of: <refsect1><refsect2><title> +#: include/service_discovery.xml:9 +msgid "Configuration" +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/service_discovery.xml:11 +msgid "" +"If no servers are specified, the back end automatically uses service " +"discovery to try to find a server. Optionally, the user may choose to use " +"both fixed server addresses and service discovery by inserting a special " +"keyword, <quote>_srv_</quote>, in the list of servers. The order of " +"preference is maintained. This feature is useful if, for example, the user " +"prefers to use service discovery whenever possible, and fall back to a " +"specific server when no servers can be discovered using DNS." +msgstr "" + +#. type: Content of: <refsect1><refsect2><title> +#: include/service_discovery.xml:23 +msgid "The domain name" +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/service_discovery.xml:25 +msgid "" +"Please refer to the <quote>dns_discovery_domain</quote> parameter in the " +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> manual page for more details." +msgstr "" + +#. type: Content of: <refsect1><refsect2><title> +#: include/service_discovery.xml:35 +msgid "The protocol" +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/service_discovery.xml:37 +msgid "" +"The queries usually specify _tcp as the protocol. Exceptions are documented " +"in respective option description." +msgstr "" + +#. type: Content of: <refsect1><refsect2><title> +#: include/service_discovery.xml:42 +msgid "See Also" +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/service_discovery.xml:44 +msgid "" +"For more information on the service discovery mechanism, refer to RFC 2782." +msgstr "" + +#. type: Content of: outside any tag (error?) +#: include/upstream.xml:1 +msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <refsect1><title> +#: include/failover.xml:2 +msgid "FAILOVER" +msgstr "" + +#. type: Content of: <refsect1><para> +#: include/failover.xml:4 +msgid "" +"The failover feature allows back ends to automatically switch to a different" +" server if the primary server fails." +msgstr "" + +#. type: Content of: <refsect1><refsect2><title> +#: include/failover.xml:8 +msgid "Failover Syntax" +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/failover.xml:10 +msgid "" +"The list of servers is given as a comma-separated list; any number of spaces" +" is allowed around the comma. The servers are listed in order of preference." +" The list can contain any number of servers." +msgstr "" + +#. type: Content of: <refsect1><refsect2><title> +#: include/failover.xml:17 +msgid "The Failover Mechanism" +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/failover.xml:19 +msgid "" +"The failover mechanism distinguishes between a machine and a service. The " +"back end first tries to resolve the hostname of a given machine; if this " +"resolution attempt fails, the machine is considered offline. No further " +"attempts are made to connect to this machine for any other service. If the " +"resolution attempt succeeds, the back end tries to connect to a service on " +"this machine. If the service connection attempt fails, then only this " +"particular service is considered offline and the back end automatically " +"switches over to the next service. The machine is still considered online " +"and might still be tried for another service." +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/failover.xml:32 +msgid "" +"Further connection attempts are made to machines or services marked as " +"offline after a specified period of time; this is currently hard coded to 30" +" seconds." +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/failover.xml:37 +msgid "" +"If there are no more machines to try, the back end as a whole switches to " +"offline mode, and then attempts to reconnect every 30 seconds." +msgstr "" + +#. type: Content of: <varlistentry><term> +#: include/param_help.xml:3 +msgid "<option>-h</option>,<option>--help</option>" +msgstr "" + +#. type: Content of: <varlistentry><listitem><para> +#: include/param_help.xml:7 +msgid "Display help message and exit." +msgstr "" diff --git a/src/man/po/po4a.cfg b/src/man/po/po4a.cfg index a1c1bd1e..6b793f25 100644 --- a/src/man/po/po4a.cfg +++ b/src/man/po/po4a.cfg @@ -1,4 +1,4 @@ -[po4a_langs] cs uk +[po4a_langs] cs es nl pl uk [po4a_paths] po/sssd-docs.pot $lang:po/$lang.po [type:docbook] sss_groupmod.8.xml $lang:$(builddir)/$lang/sss_groupmod.8.xml [type:docbook] sssd.conf.5.xml $lang:$(builddir)/$lang/sssd.conf.5.xml |