diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/man/po/cs.po | 413 | ||||
-rw-r--r-- | src/man/po/es.po | 417 | ||||
-rw-r--r-- | src/man/po/nl.po | 419 | ||||
-rw-r--r-- | src/man/po/pl.po | 411 | ||||
-rw-r--r-- | src/man/po/sssd-docs.pot | 403 | ||||
-rw-r--r-- | src/man/po/uk.po | 438 |
6 files changed, 1562 insertions, 939 deletions
diff --git a/src/man/po/cs.po b/src/man/po/cs.po index 512d30ec..43cc73e0 100644 --- a/src/man/po/cs.po +++ b/src/man/po/cs.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: sss_daemon 1.2.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2011-03-08 10:17-0500\n" +"POT-Creation-Date: 2011-04-27 11:41-0300\n" "PO-Revision-Date: 2010-10-25 10:46+0300\n" "Last-Translator: Automatically generated\n" "Language-Team: none\n" @@ -118,10 +118,10 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><title> #. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1008 sssd-ldap.5.xml:1389 +#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1008 sssd-ldap.5.xml:1464 #: pam_sss.8.xml:128 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 #: sssd-ipa.5.xml:206 sssd.8.xml:166 sss_obfuscate.8.xml:103 -#: sss_useradd.8.xml:167 sssd-krb5.5.xml:424 sss_groupadd.8.xml:58 +#: sss_useradd.8.xml:167 sssd-krb5.5.xml:433 sss_groupadd.8.xml:58 #: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 #: sss_usermod.8.xml:138 msgid "SEE ALSO" @@ -488,8 +488,8 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:229 sssd.conf.5.xml:353 sssd-ldap.5.xml:1015 -#: sssd-ldap.5.xml:1120 sssd-ipa.5.xml:155 +#: sssd.conf.5.xml:229 sssd.conf.5.xml:353 sssd-ldap.5.xml:1049 +#: sssd-ldap.5.xml:1154 sssd-ipa.5.xml:155 msgid "Default: true" msgstr "" @@ -1498,8 +1498,8 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><title> #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:973 sssd-ldap.5.xml:1357 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:188 sssd-krb5.5.xml:405 +#: sssd.conf.5.xml:973 sssd-ldap.5.xml:1432 sssd-simple.5.xml:126 +#: sssd-ipa.5.xml:188 sssd-krb5.5.xml:414 msgid "EXAMPLE" msgstr "" @@ -1822,7 +1822,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 sssd-ldap.5.xml:622 +#: sssd-ldap.5.xml:226 sssd-ldap.5.xml:642 msgid "Default: gidNumber" msgstr "" @@ -1894,7 +1894,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:278 sssd-ldap.5.xml:648 sssd-ldap.5.xml:741 +#: sssd-ldap.5.xml:278 sssd-ldap.5.xml:668 sssd-ldap.5.xml:761 msgid "Default: nsUniqueId" msgstr "" @@ -1906,7 +1906,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:287 sssd-ldap.5.xml:657 sssd-ldap.5.xml:750 +#: sssd-ldap.5.xml:287 sssd-ldap.5.xml:677 sssd-ldap.5.xml:770 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." @@ -1914,7 +1914,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:291 sssd-ldap.5.xml:661 sssd-ldap.5.xml:754 +#: sssd-ldap.5.xml:291 sssd-ldap.5.xml:681 sssd-ldap.5.xml:774 msgid "Default: modifyTimestamp" msgstr "" @@ -2179,7 +2179,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:504 sssd-ldap.5.xml:961 sssd-ipa.5.xml:115 sssd.8.xml:64 +#: sssd-ldap.5.xml:504 sssd-ldap.5.xml:995 sssd-ipa.5.xml:115 sssd.8.xml:64 #: sssd-krb5.5.xml:235 sssd-krb5.5.xml:266 msgid "Default: false" msgstr "" @@ -2245,7 +2245,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:550 sssd-ldap.5.xml:609 sssd-ldap.5.xml:702 +#: sssd-ldap.5.xml:550 sssd-ldap.5.xml:629 sssd-ldap.5.xml:722 msgid "Default: cn" msgstr "" @@ -2292,93 +2292,118 @@ msgstr "" msgid "Default: authorizedService" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:590 +msgid "ldap_user_authorized_host (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:593 +msgid "" +"If access_provider=ldap and ldap_access_order=host, SSSD will use the " +"presence of the host attribute in the user's LDAP entry to determine access " +"privilege." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:599 +msgid "" +"An explicit deny (!host) is resolved first. Second, SSSD searches for " +"explicit allow (host) and finally for allow_all (*)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:604 +msgid "Default: host" +msgstr "" + +# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:610 msgid "ldap_group_object_class (string)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:593 +#: sssd-ldap.5.xml:613 msgid "The object class of a group entry in LDAP." msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:616 msgid "Default: posixGroup" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:602 +#: sssd-ldap.5.xml:622 msgid "ldap_group_name (string)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:605 +#: sssd-ldap.5.xml:625 msgid "The LDAP attribute that corresponds to the group name." msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:615 +#: sssd-ldap.5.xml:635 msgid "ldap_group_gid_number (string)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:638 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:628 +#: sssd-ldap.5.xml:648 msgid "ldap_group_member (string)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:651 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:635 +#: sssd-ldap.5.xml:655 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:641 +#: sssd-ldap.5.xml:661 msgid "ldap_group_uuid (string)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 +#: sssd-ldap.5.xml:664 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:654 +#: sssd-ldap.5.xml:674 msgid "ldap_group_modify_timestamp (string)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:667 +#: sssd-ldap.5.xml:687 msgid "ldap_group_nesting_level (integer)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 +#: sssd-ldap.5.xml:690 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -2387,104 +2412,104 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:677 +#: sssd-ldap.5.xml:697 msgid "Default: 2" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:703 msgid "ldap_netgroup_object_class (string)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:686 +#: sssd-ldap.5.xml:706 msgid "The object class of a netgroup entry in LDAP." msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:689 +#: sssd-ldap.5.xml:709 msgid "Default: nisNetgroup" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:695 +#: sssd-ldap.5.xml:715 msgid "ldap_netgroup_name (string)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:718 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:728 msgid "ldap_netgroup_member (string)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 +#: sssd-ldap.5.xml:731 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:715 +#: sssd-ldap.5.xml:735 msgid "Default: memberNisNetgroup" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:721 +#: sssd-ldap.5.xml:741 msgid "ldap_netgroup_triple (string)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:724 +#: sssd-ldap.5.xml:744 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:748 msgid "Default: nisNetgroupTriple" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:734 +#: sssd-ldap.5.xml:754 msgid "ldap_netgroup_uuid (string)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:757 msgid "" "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:767 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:760 +#: sssd-ldap.5.xml:780 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:763 +#: sssd-ldap.5.xml:783 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -2492,7 +2517,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:769 +#: sssd-ldap.5.xml:789 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -2501,17 +2526,17 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 sssd-ldap.5.xml:817 sssd-ldap.5.xml:832 +#: sssd-ldap.5.xml:795 sssd-ldap.5.xml:837 sssd-ldap.5.xml:852 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:801 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:784 +#: sssd-ldap.5.xml:804 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -2520,19 +2545,19 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:791 +#: sssd-ldap.5.xml:811 msgid "Default: 60" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:797 +#: sssd-ldap.5.xml:817 msgid "ldap_network_timeout (integer)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:820 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -2544,28 +2569,45 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:823 +#: sssd-ldap.5.xml:843 msgid "ldap_opt_timeout (integer)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:826 +#: sssd-ldap.5.xml:846 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " "communicating with the KDC in case of SASL bind." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:858 +msgid "ldap_page_size (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:861 +msgid "" +"Specify the number of records to retrieve from LDAP in a single request. " +"Some LDAP servers enforce a maximum limit per-request." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:866 +msgid "Default: 1000" +msgstr "" + # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:838 +#: sssd-ldap.5.xml:872 msgid "ldap_tls_reqcert (string)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:841 +#: sssd-ldap.5.xml:875 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -2573,7 +2615,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:847 +#: sssd-ldap.5.xml:881 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -2581,7 +2623,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:851 +#: sssd-ldap.5.xml:885 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -2590,7 +2632,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:858 +#: sssd-ldap.5.xml:892 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -2599,7 +2641,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:898 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -2608,25 +2650,25 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:870 +#: sssd-ldap.5.xml:904 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:908 msgid "Default: hard" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:880 +#: sssd-ldap.5.xml:914 msgid "ldap_tls_cacert (string)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:883 +#: sssd-ldap.5.xml:917 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -2634,7 +2676,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:906 sssd-ldap.5.xml:947 +#: sssd-ldap.5.xml:922 sssd-ldap.5.xml:940 sssd-ldap.5.xml:981 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -2642,13 +2684,13 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:895 +#: sssd-ldap.5.xml:929 msgid "ldap_tls_cacertdir (string)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:898 +#: sssd-ldap.5.xml:932 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -2657,37 +2699,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:913 +#: sssd-ldap.5.xml:947 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:950 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:920 sssd-ldap.5.xml:932 sssd-krb5.5.xml:356 +#: sssd-ldap.5.xml:954 sssd-ldap.5.xml:966 sssd-ldap.5.xml:1395 +#: sssd-ldap.5.xml:1418 sssd-krb5.5.xml:356 msgid "Default: not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:960 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:963 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:972 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:941 +#: sssd-ldap.5.xml:975 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -2696,13 +2739,13 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:954 +#: sssd-ldap.5.xml:988 msgid "ldap_id_use_start_tls (boolean)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:957 +#: sssd-ldap.5.xml:991 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -2710,13 +2753,13 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:967 +#: sssd-ldap.5.xml:1001 msgid "ldap_sasl_mech (string)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:1004 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." @@ -2724,19 +2767,19 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:974 sssd-ldap.5.xml:1102 +#: sssd-ldap.5.xml:1008 sssd-ldap.5.xml:1136 msgid "Default: none" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:980 +#: sssd-ldap.5.xml:1014 msgid "ldap_sasl_authid (string)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:983 +#: sssd-ldap.5.xml:1017 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory." @@ -2744,37 +2787,37 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:988 +#: sssd-ldap.5.xml:1022 msgid "Default: host/machine.fqdn@REALM" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:994 +#: sssd-ldap.5.xml:1028 msgid "ldap_krb5_keytab (string)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:997 +#: sssd-ldap.5.xml:1031 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:1034 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1006 +#: sssd-ldap.5.xml:1040 msgid "ldap_krb5_init_creds (boolean)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1009 +#: sssd-ldap.5.xml:1043 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -2783,31 +2826,31 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1055 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1024 +#: sssd-ldap.5.xml:1058 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1028 +#: sssd-ldap.5.xml:1062 msgid "Default: 86400 (24 hours)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1034 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1068 sssd-krb5.5.xml:74 msgid "krb5_server (string)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 sssd-krb5.5.xml:77 +#: sssd-ldap.5.xml:1071 sssd-krb5.5.xml:77 msgid "" "Specifies the list of IP addresses or hostnames of the Kerberos servers to " "which SSSD should connect in the order of preference. For more information " @@ -2818,7 +2861,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1049 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1083 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -2827,7 +2870,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1054 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1088 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -2836,31 +2879,31 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1063 sssd-ipa.5.xml:165 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1097 sssd-ipa.5.xml:165 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 +#: sssd-ldap.5.xml:1100 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1069 +#: sssd-ldap.5.xml:1103 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1075 +#: sssd-ldap.5.xml:1109 msgid "ldap_pwd_policy (string)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1078 +#: sssd-ldap.5.xml:1112 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -2868,7 +2911,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1117 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -2876,7 +2919,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1088 +#: sssd-ldap.5.xml:1122 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -2886,7 +2929,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1096 +#: sssd-ldap.5.xml:1130 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -2895,19 +2938,19 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1142 msgid "ldap_referrals (boolean)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1111 +#: sssd-ldap.5.xml:1145 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1115 +#: sssd-ldap.5.xml:1149 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -2915,48 +2958,48 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1126 +#: sssd-ldap.5.xml:1160 msgid "ldap_dns_service_name (string)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1129 +#: sssd-ldap.5.xml:1163 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1133 +#: sssd-ldap.5.xml:1167 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1139 +#: sssd-ldap.5.xml:1173 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1142 +#: sssd-ldap.5.xml:1176 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1147 +#: sssd-ldap.5.xml:1181 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1187 msgid "ldap_access_filter (string)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1156 +#: sssd-ldap.5.xml:1190 msgid "" "If using access_provider = ldap, this option is mandatory. It specifies an " "LDAP search filter criteria that must be met for the user to be granted " @@ -2967,13 +3010,13 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1166 +#: sssd-ldap.5.xml:1200 sssd-ldap.5.xml:1398 msgid "Example:" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1203 #, no-wrap msgid "" "access_provider = ldap\n" @@ -2983,7 +3026,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1173 +#: sssd-ldap.5.xml:1207 msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." @@ -2991,7 +3034,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1212 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -3001,24 +3044,24 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1186 sssd-ldap.5.xml:1227 +#: sssd-ldap.5.xml:1220 sssd-ldap.5.xml:1261 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1192 +#: sssd-ldap.5.xml:1226 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1195 +#: sssd-ldap.5.xml:1229 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1199 +#: sssd-ldap.5.xml:1233 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -3026,19 +3069,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1206 +#: sssd-ldap.5.xml:1240 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1209 +#: sssd-ldap.5.xml:1243 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1214 +#: sssd-ldap.5.xml:1248 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -3047,7 +3090,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1255 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -3055,39 +3098,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1267 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1236 +#: sssd-ldap.5.xml:1270 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1240 +#: sssd-ldap.5.xml:1274 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1243 +#: sssd-ldap.5.xml:1277 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:1281 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1286 +msgid "<emphasis>host</emphasis>: use the host attribute to determine access" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1290 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1293 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -3095,13 +3143,13 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1262 +#: sssd-ldap.5.xml:1300 msgid "ldap_deref (string)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1265 +#: sssd-ldap.5.xml:1303 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -3109,13 +3157,13 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 +#: sssd-ldap.5.xml:1308 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1274 +#: sssd-ldap.5.xml:1312 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -3123,7 +3171,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1317 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -3131,7 +3179,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1322 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -3139,7 +3187,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1289 +#: sssd-ldap.5.xml:1327 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -3157,55 +3205,94 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><title> #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1301 +#: sssd-ldap.5.xml:1339 msgid "ADVANCED OPTIONS" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1308 +#: sssd-ldap.5.xml:1346 msgid "ldap_netgroup_search_base (string)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1311 +#: sssd-ldap.5.xml:1349 msgid "" "An optional base DN to restrict netgroup searches to a specific subtree." msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 sssd-ldap.5.xml:1329 sssd-ldap.5.xml:1343 +#: sssd-ldap.5.xml:1353 sssd-ldap.5.xml:1367 sssd-ldap.5.xml:1381 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1322 +#: sssd-ldap.5.xml:1360 msgid "ldap_user_search_base (string)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "An optional base DN to restrict user searches to a specific subtree." msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1336 +#: sssd-ldap.5.xml:1374 msgid "ldap_group_search_base (string)" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1339 +#: sssd-ldap.5.xml:1377 msgid "An optional base DN to restrict group searches to a specific subtree." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1388 +msgid "ldap_user_search_filter (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1391 +msgid "" +"This option specifies an additional LDAP search filter criteria that " +"restrict user searches." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> +#: sssd-ldap.5.xml:1401 +#, no-wrap +msgid "" +" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1404 +msgid "" +"This filter would restrict user searches to users that have their shell set " +"to /bin/tcsh." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1411 +msgid "ldap_group_search_filter (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1414 +msgid "" +"This option specifies an additional LDAP search filter criteria that " +"restrict group searches." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1303 +#: sssd-ldap.5.xml:1341 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -3214,7 +3301,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para> #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1434 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -3223,7 +3310,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><programlisting> #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1365 +#: sssd-ldap.5.xml:1440 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -3237,20 +3324,20 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1364 sssd-simple.5.xml:134 sssd-ipa.5.xml:196 -#: sssd-krb5.5.xml:414 +#: sssd-ldap.5.xml:1439 sssd-simple.5.xml:134 sssd-ipa.5.xml:196 +#: sssd-krb5.5.xml:423 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" # type: Content of: <reference><refentry><refsect1><title> #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1378 sssd_krb5_locator_plugin.8.xml:61 +#: sssd-ldap.5.xml:1453 sssd_krb5_locator_plugin.8.xml:61 msgid "NOTES" msgstr "" # type: Content of: <reference><refentry><refsect1><para> #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1455 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -3260,7 +3347,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para> #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1391 +#: sssd-ldap.5.xml:1466 msgid "" "<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" "manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" @@ -4768,6 +4855,16 @@ msgid "" "configuration error." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:397 +msgid "krb5_fast_principal (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:400 +msgid "Specifies the server principal to use for FAST." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:65 msgid "" @@ -4780,7 +4877,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para> #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:407 +#: sssd-krb5.5.xml:416 msgid "" "The following example assumes that SSSD is correctly configured and FOO is " "one of the domains in the <replaceable>[sssd]</replaceable> section. This " @@ -4790,7 +4887,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><programlisting> #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:415 +#: sssd-krb5.5.xml:424 #, no-wrap msgid "" " [domain/FOO]\n" @@ -4801,7 +4898,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para> #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:426 +#: sssd-krb5.5.xml:435 msgid "" "<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" "manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" diff --git a/src/man/po/es.po b/src/man/po/es.po index 4800ee55..6445ef00 100644 --- a/src/man/po/es.po +++ b/src/man/po/es.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2011-03-08 10:17-0500\n" +"POT-Creation-Date: 2011-04-27 11:41-0300\n" "PO-Revision-Date: 2011-03-08 15:06+0000\n" "Last-Translator: sgallagh <sgallagh@redhat.com>\n" "Language-Team: Spanish (Castilian) <None>\n" @@ -119,10 +119,10 @@ msgstr "" "<replaceable>GROUPS</replaceable>" #. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1008 sssd-ldap.5.xml:1389 +#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1008 sssd-ldap.5.xml:1464 #: pam_sss.8.xml:128 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 #: sssd-ipa.5.xml:206 sssd.8.xml:166 sss_obfuscate.8.xml:103 -#: sss_useradd.8.xml:167 sssd-krb5.5.xml:424 sss_groupadd.8.xml:58 +#: sss_useradd.8.xml:167 sssd-krb5.5.xml:433 sss_groupadd.8.xml:58 #: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 #: sss_usermod.8.xml:138 msgid "SEE ALSO" @@ -504,8 +504,8 @@ msgid "Add a timestamp to the debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:229 sssd.conf.5.xml:353 sssd-ldap.5.xml:1015 -#: sssd-ldap.5.xml:1120 sssd-ipa.5.xml:155 +#: sssd.conf.5.xml:229 sssd.conf.5.xml:353 sssd-ldap.5.xml:1049 +#: sssd-ldap.5.xml:1154 sssd-ipa.5.xml:155 msgid "Default: true" msgstr "" @@ -1382,8 +1382,8 @@ msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:973 sssd-ldap.5.xml:1357 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:188 sssd-krb5.5.xml:405 +#: sssd.conf.5.xml:973 sssd-ldap.5.xml:1432 sssd-simple.5.xml:126 +#: sssd-ipa.5.xml:188 sssd-krb5.5.xml:414 msgid "EXAMPLE" msgstr "" @@ -1670,7 +1670,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 sssd-ldap.5.xml:622 +#: sssd-ldap.5.xml:226 sssd-ldap.5.xml:642 msgid "Default: gidNumber" msgstr "" @@ -1730,7 +1730,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:278 sssd-ldap.5.xml:648 sssd-ldap.5.xml:741 +#: sssd-ldap.5.xml:278 sssd-ldap.5.xml:668 sssd-ldap.5.xml:761 msgid "Default: nsUniqueId" msgstr "" @@ -1740,14 +1740,14 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:287 sssd-ldap.5.xml:657 sssd-ldap.5.xml:750 +#: sssd-ldap.5.xml:287 sssd-ldap.5.xml:677 sssd-ldap.5.xml:770 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:291 sssd-ldap.5.xml:661 sssd-ldap.5.xml:754 +#: sssd-ldap.5.xml:291 sssd-ldap.5.xml:681 sssd-ldap.5.xml:774 msgid "Default: modifyTimestamp" msgstr "" @@ -1983,7 +1983,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:504 sssd-ldap.5.xml:961 sssd-ipa.5.xml:115 sssd.8.xml:64 +#: sssd-ldap.5.xml:504 sssd-ldap.5.xml:995 sssd-ipa.5.xml:115 sssd.8.xml:64 #: sssd-krb5.5.xml:235 sssd-krb5.5.xml:266 msgid "Default: false" msgstr "" @@ -2039,7 +2039,7 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:550 sssd-ldap.5.xml:609 sssd-ldap.5.xml:702 +#: sssd-ldap.5.xml:550 sssd-ldap.5.xml:629 sssd-ldap.5.xml:722 msgid "Default: cn" msgstr "" @@ -2085,76 +2085,103 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:590 -msgid "ldap_group_object_class (string)" +msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:593 +msgid "" +"If access_provider=ldap and ldap_access_order=host, SSSD will use the " +"presence of the host attribute in the user's LDAP entry to determine access " +"privilege." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:599 +msgid "" +"An explicit deny (!host) is resolved first. Second, SSSD searches for " +"explicit allow (host) and finally for allow_all (*)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:604 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: host" +msgstr "Predeterminado: 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:610 +msgid "ldap_group_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:613 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:616 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:602 +#: sssd-ldap.5.xml:622 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:605 +#: sssd-ldap.5.xml:625 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:615 +#: sssd-ldap.5.xml:635 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:638 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:628 +#: sssd-ldap.5.xml:648 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:651 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:635 +#: sssd-ldap.5.xml:655 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:641 +#: sssd-ldap.5.xml:661 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 +#: sssd-ldap.5.xml:664 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:654 +#: sssd-ldap.5.xml:674 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:667 +#: sssd-ldap.5.xml:687 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 +#: sssd-ldap.5.xml:690 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -2162,89 +2189,89 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:677 +#: sssd-ldap.5.xml:697 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:703 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:686 +#: sssd-ldap.5.xml:706 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:689 +#: sssd-ldap.5.xml:709 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:695 +#: sssd-ldap.5.xml:715 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:718 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:728 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 +#: sssd-ldap.5.xml:731 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:715 +#: sssd-ldap.5.xml:735 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:721 +#: sssd-ldap.5.xml:741 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:724 +#: sssd-ldap.5.xml:744 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:748 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:734 +#: sssd-ldap.5.xml:754 msgid "ldap_netgroup_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:757 msgid "" "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:767 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:760 +#: sssd-ldap.5.xml:780 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:763 +#: sssd-ldap.5.xml:783 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -2252,7 +2279,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:769 +#: sssd-ldap.5.xml:789 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -2260,17 +2287,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 sssd-ldap.5.xml:817 sssd-ldap.5.xml:832 +#: sssd-ldap.5.xml:795 sssd-ldap.5.xml:837 sssd-ldap.5.xml:852 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:801 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:784 +#: sssd-ldap.5.xml:804 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -2278,17 +2305,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:791 +#: sssd-ldap.5.xml:811 msgid "Default: 60" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:797 +#: sssd-ldap.5.xml:817 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:820 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -2299,12 +2326,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:823 +#: sssd-ldap.5.xml:843 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:826 +#: sssd-ldap.5.xml:846 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -2312,26 +2339,45 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:838 +#: sssd-ldap.5.xml:858 +msgid "ldap_page_size (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:861 +msgid "" +"Specify the number of records to retrieve from LDAP in a single request. " +"Some LDAP servers enforce a maximum limit per-request." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:866 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: 1000" +msgstr "Predeterminado: 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:872 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:841 +#: sssd-ldap.5.xml:875 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:847 +#: sssd-ldap.5.xml:881 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:851 +#: sssd-ldap.5.xml:885 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -2339,7 +2385,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:858 +#: sssd-ldap.5.xml:892 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -2347,7 +2393,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:898 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -2355,41 +2401,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:870 +#: sssd-ldap.5.xml:904 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:908 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:880 +#: sssd-ldap.5.xml:914 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:883 +#: sssd-ldap.5.xml:917 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:906 sssd-ldap.5.xml:947 +#: sssd-ldap.5.xml:922 sssd-ldap.5.xml:940 sssd-ldap.5.xml:981 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:895 +#: sssd-ldap.5.xml:929 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:898 +#: sssd-ldap.5.xml:932 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -2398,37 +2444,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:913 +#: sssd-ldap.5.xml:947 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:950 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:920 sssd-ldap.5.xml:932 sssd-krb5.5.xml:356 +#: sssd-ldap.5.xml:954 sssd-ldap.5.xml:966 sssd-ldap.5.xml:1395 +#: sssd-ldap.5.xml:1418 sssd-krb5.5.xml:356 msgid "Default: not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:960 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:963 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:972 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:941 +#: sssd-ldap.5.xml:975 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -2436,73 +2483,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:954 +#: sssd-ldap.5.xml:988 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:957 +#: sssd-ldap.5.xml:991 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:967 +#: sssd-ldap.5.xml:1001 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:1004 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:974 sssd-ldap.5.xml:1102 +#: sssd-ldap.5.xml:1008 sssd-ldap.5.xml:1136 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:980 +#: sssd-ldap.5.xml:1014 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:983 +#: sssd-ldap.5.xml:1017 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:988 +#: sssd-ldap.5.xml:1022 msgid "Default: host/machine.fqdn@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:994 +#: sssd-ldap.5.xml:1028 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:997 +#: sssd-ldap.5.xml:1031 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:1034 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1006 +#: sssd-ldap.5.xml:1040 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1009 +#: sssd-ldap.5.xml:1043 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -2510,27 +2557,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1055 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1024 +#: sssd-ldap.5.xml:1058 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1028 +#: sssd-ldap.5.xml:1062 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1034 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1068 sssd-krb5.5.xml:74 msgid "krb5_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 sssd-krb5.5.xml:77 +#: sssd-ldap.5.xml:1071 sssd-krb5.5.xml:77 msgid "" "Specifies the list of IP addresses or hostnames of the Kerberos servers to " "which SSSD should connect in the order of preference. For more information " @@ -2541,7 +2588,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1049 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1083 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -2549,7 +2596,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1054 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1088 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -2557,41 +2604,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1063 sssd-ipa.5.xml:165 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1097 sssd-ipa.5.xml:165 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 +#: sssd-ldap.5.xml:1100 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1069 +#: sssd-ldap.5.xml:1103 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1075 +#: sssd-ldap.5.xml:1109 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1078 +#: sssd-ldap.5.xml:1112 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1117 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1088 +#: sssd-ldap.5.xml:1122 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -2600,7 +2647,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1096 +#: sssd-ldap.5.xml:1130 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -2608,61 +2655,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1142 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1111 +#: sssd-ldap.5.xml:1145 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1115 +#: sssd-ldap.5.xml:1149 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1126 +#: sssd-ldap.5.xml:1160 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1129 +#: sssd-ldap.5.xml:1163 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1133 +#: sssd-ldap.5.xml:1167 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1139 +#: sssd-ldap.5.xml:1173 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1142 +#: sssd-ldap.5.xml:1176 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1147 +#: sssd-ldap.5.xml:1181 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1187 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1156 +#: sssd-ldap.5.xml:1190 msgid "" "If using access_provider = ldap, this option is mandatory. It specifies an " "LDAP search filter criteria that must be met for the user to be granted " @@ -2672,12 +2719,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1166 +#: sssd-ldap.5.xml:1200 sssd-ldap.5.xml:1398 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1203 #, no-wrap msgid "" "access_provider = ldap\n" @@ -2686,14 +2733,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1173 +#: sssd-ldap.5.xml:1207 msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1212 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -2702,24 +2749,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1186 sssd-ldap.5.xml:1227 +#: sssd-ldap.5.xml:1220 sssd-ldap.5.xml:1261 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1192 +#: sssd-ldap.5.xml:1226 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1195 +#: sssd-ldap.5.xml:1229 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1199 +#: sssd-ldap.5.xml:1233 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -2727,19 +2774,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1206 +#: sssd-ldap.5.xml:1240 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1209 +#: sssd-ldap.5.xml:1243 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1214 +#: sssd-ldap.5.xml:1248 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -2748,7 +2795,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1255 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -2756,84 +2803,89 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1267 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1236 +#: sssd-ldap.5.xml:1270 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1240 +#: sssd-ldap.5.xml:1274 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1243 +#: sssd-ldap.5.xml:1277 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:1281 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1286 +msgid "<emphasis>host</emphasis>: use the host attribute to determine access" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1290 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1293 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1262 +#: sssd-ldap.5.xml:1300 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1265 +#: sssd-ldap.5.xml:1303 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 +#: sssd-ldap.5.xml:1308 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1274 +#: sssd-ldap.5.xml:1312 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1317 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1322 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1289 +#: sssd-ldap.5.xml:1327 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -2850,48 +2902,87 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1301 +#: sssd-ldap.5.xml:1339 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1308 +#: sssd-ldap.5.xml:1346 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1311 +#: sssd-ldap.5.xml:1349 msgid "" "An optional base DN to restrict netgroup searches to a specific subtree." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 sssd-ldap.5.xml:1329 sssd-ldap.5.xml:1343 +#: sssd-ldap.5.xml:1353 sssd-ldap.5.xml:1367 sssd-ldap.5.xml:1381 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1322 +#: sssd-ldap.5.xml:1360 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "An optional base DN to restrict user searches to a specific subtree." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1336 +#: sssd-ldap.5.xml:1374 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1339 +#: sssd-ldap.5.xml:1377 msgid "An optional base DN to restrict group searches to a specific subtree." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1388 +msgid "ldap_user_search_filter (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1391 +msgid "" +"This option specifies an additional LDAP search filter criteria that " +"restrict user searches." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> +#: sssd-ldap.5.xml:1401 +#, no-wrap +msgid "" +" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1404 +msgid "" +"This filter would restrict user searches to users that have their shell set " +"to /bin/tcsh." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1411 +msgid "ldap_group_search_filter (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1414 +msgid "" +"This option specifies an additional LDAP search filter criteria that " +"restrict group searches." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1303 +#: sssd-ldap.5.xml:1341 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -2899,7 +2990,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1434 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -2907,7 +2998,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1365 +#: sssd-ldap.5.xml:1440 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -2921,18 +3012,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1364 sssd-simple.5.xml:134 sssd-ipa.5.xml:196 -#: sssd-krb5.5.xml:414 +#: sssd-ldap.5.xml:1439 sssd-simple.5.xml:134 sssd-ipa.5.xml:196 +#: sssd-krb5.5.xml:423 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1378 sssd_krb5_locator_plugin.8.xml:61 +#: sssd-ldap.5.xml:1453 sssd_krb5_locator_plugin.8.xml:61 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1455 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -2941,7 +3032,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1391 +#: sssd-ldap.5.xml:1466 msgid "" "<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" "manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" @@ -4292,6 +4383,18 @@ msgid "" "configuration error." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:397 +#, fuzzy +#| msgid "re_expression (string)" +msgid "krb5_fast_principal (string)" +msgstr "re_expression (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:400 +msgid "Specifies the server principal to use for FAST." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:65 msgid "" @@ -4303,7 +4406,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:407 +#: sssd-krb5.5.xml:416 msgid "" "The following example assumes that SSSD is correctly configured and FOO is " "one of the domains in the <replaceable>[sssd]</replaceable> section. This " @@ -4312,7 +4415,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:415 +#: sssd-krb5.5.xml:424 #, no-wrap msgid "" " [domain/FOO]\n" @@ -4322,7 +4425,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:426 +#: sssd-krb5.5.xml:435 msgid "" "<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" "manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" diff --git a/src/man/po/nl.po b/src/man/po/nl.po index 5c3af721..bef6833f 100644 --- a/src/man/po/nl.po +++ b/src/man/po/nl.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2011-03-08 10:17-0500\n" +"POT-Creation-Date: 2011-04-27 11:41-0300\n" "PO-Revision-Date: 2011-03-08 15:06+0000\n" "Last-Translator: sgallagh <sgallagh@redhat.com>\n" "Language-Team: LANGUAGE <LL@li.org>\n" @@ -119,10 +119,10 @@ msgstr "" "replaceable> parameter." #. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1008 sssd-ldap.5.xml:1389 +#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1008 sssd-ldap.5.xml:1464 #: pam_sss.8.xml:128 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 #: sssd-ipa.5.xml:206 sssd.8.xml:166 sss_obfuscate.8.xml:103 -#: sss_useradd.8.xml:167 sssd-krb5.5.xml:424 sss_groupadd.8.xml:58 +#: sss_useradd.8.xml:167 sssd-krb5.5.xml:433 sss_groupadd.8.xml:58 #: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 #: sss_usermod.8.xml:138 msgid "SEE ALSO" @@ -500,8 +500,8 @@ msgid "Add a timestamp to the debug messages" msgstr "Voeg een tijdstempel toe aan de debugberichten" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:229 sssd.conf.5.xml:353 sssd-ldap.5.xml:1015 -#: sssd-ldap.5.xml:1120 sssd-ipa.5.xml:155 +#: sssd.conf.5.xml:229 sssd.conf.5.xml:353 sssd-ldap.5.xml:1049 +#: sssd-ldap.5.xml:1154 sssd-ipa.5.xml:155 msgid "Default: true" msgstr "Standaard: true" @@ -1382,8 +1382,8 @@ msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:973 sssd-ldap.5.xml:1357 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:188 sssd-krb5.5.xml:405 +#: sssd.conf.5.xml:973 sssd-ldap.5.xml:1432 sssd-simple.5.xml:126 +#: sssd-ipa.5.xml:188 sssd-krb5.5.xml:414 msgid "EXAMPLE" msgstr "" @@ -1670,7 +1670,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 sssd-ldap.5.xml:622 +#: sssd-ldap.5.xml:226 sssd-ldap.5.xml:642 msgid "Default: gidNumber" msgstr "" @@ -1730,7 +1730,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:278 sssd-ldap.5.xml:648 sssd-ldap.5.xml:741 +#: sssd-ldap.5.xml:278 sssd-ldap.5.xml:668 sssd-ldap.5.xml:761 msgid "Default: nsUniqueId" msgstr "" @@ -1740,14 +1740,14 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:287 sssd-ldap.5.xml:657 sssd-ldap.5.xml:750 +#: sssd-ldap.5.xml:287 sssd-ldap.5.xml:677 sssd-ldap.5.xml:770 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:291 sssd-ldap.5.xml:661 sssd-ldap.5.xml:754 +#: sssd-ldap.5.xml:291 sssd-ldap.5.xml:681 sssd-ldap.5.xml:774 msgid "Default: modifyTimestamp" msgstr "" @@ -1983,7 +1983,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:504 sssd-ldap.5.xml:961 sssd-ipa.5.xml:115 sssd.8.xml:64 +#: sssd-ldap.5.xml:504 sssd-ldap.5.xml:995 sssd-ipa.5.xml:115 sssd.8.xml:64 #: sssd-krb5.5.xml:235 sssd-krb5.5.xml:266 msgid "Default: false" msgstr "" @@ -2039,7 +2039,7 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:550 sssd-ldap.5.xml:609 sssd-ldap.5.xml:702 +#: sssd-ldap.5.xml:550 sssd-ldap.5.xml:629 sssd-ldap.5.xml:722 msgid "Default: cn" msgstr "" @@ -2085,76 +2085,103 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:590 -msgid "ldap_group_object_class (string)" +msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:593 +msgid "" +"If access_provider=ldap and ldap_access_order=host, SSSD will use the " +"presence of the host attribute in the user's LDAP entry to determine access " +"privilege." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:599 +msgid "" +"An explicit deny (!host) is resolved first. Second, SSSD searches for " +"explicit allow (host) and finally for allow_all (*)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:604 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: host" +msgstr "Standaard: 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:610 +msgid "ldap_group_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:613 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:616 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:602 +#: sssd-ldap.5.xml:622 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:605 +#: sssd-ldap.5.xml:625 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:615 +#: sssd-ldap.5.xml:635 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:638 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:628 +#: sssd-ldap.5.xml:648 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:651 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:635 +#: sssd-ldap.5.xml:655 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:641 +#: sssd-ldap.5.xml:661 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 +#: sssd-ldap.5.xml:664 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:654 +#: sssd-ldap.5.xml:674 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:667 +#: sssd-ldap.5.xml:687 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 +#: sssd-ldap.5.xml:690 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -2162,89 +2189,89 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:677 +#: sssd-ldap.5.xml:697 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:703 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:686 +#: sssd-ldap.5.xml:706 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:689 +#: sssd-ldap.5.xml:709 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:695 +#: sssd-ldap.5.xml:715 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:718 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:728 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 +#: sssd-ldap.5.xml:731 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:715 +#: sssd-ldap.5.xml:735 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:721 +#: sssd-ldap.5.xml:741 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:724 +#: sssd-ldap.5.xml:744 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:748 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:734 +#: sssd-ldap.5.xml:754 msgid "ldap_netgroup_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:757 msgid "" "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:767 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:760 +#: sssd-ldap.5.xml:780 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:763 +#: sssd-ldap.5.xml:783 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -2252,7 +2279,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:769 +#: sssd-ldap.5.xml:789 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -2260,17 +2287,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 sssd-ldap.5.xml:817 sssd-ldap.5.xml:832 +#: sssd-ldap.5.xml:795 sssd-ldap.5.xml:837 sssd-ldap.5.xml:852 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:801 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:784 +#: sssd-ldap.5.xml:804 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -2278,17 +2305,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:791 +#: sssd-ldap.5.xml:811 msgid "Default: 60" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:797 +#: sssd-ldap.5.xml:817 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:820 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -2299,12 +2326,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:823 +#: sssd-ldap.5.xml:843 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:826 +#: sssd-ldap.5.xml:846 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -2312,26 +2339,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:838 +#: sssd-ldap.5.xml:858 +#, fuzzy +#| msgid "debug_level (integer)" +msgid "ldap_page_size (integer)" +msgstr "debug_level (numeriek)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:861 +msgid "" +"Specify the number of records to retrieve from LDAP in a single request. " +"Some LDAP servers enforce a maximum limit per-request." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:866 +#, fuzzy +#| msgid "Default: 120" +msgid "Default: 1000" +msgstr "Standaard: 120" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:872 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:841 +#: sssd-ldap.5.xml:875 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:847 +#: sssd-ldap.5.xml:881 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:851 +#: sssd-ldap.5.xml:885 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -2339,7 +2387,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:858 +#: sssd-ldap.5.xml:892 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -2347,7 +2395,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:898 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -2355,41 +2403,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:870 +#: sssd-ldap.5.xml:904 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:908 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:880 +#: sssd-ldap.5.xml:914 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:883 +#: sssd-ldap.5.xml:917 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:906 sssd-ldap.5.xml:947 +#: sssd-ldap.5.xml:922 sssd-ldap.5.xml:940 sssd-ldap.5.xml:981 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:895 +#: sssd-ldap.5.xml:929 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:898 +#: sssd-ldap.5.xml:932 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -2398,37 +2446,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:913 +#: sssd-ldap.5.xml:947 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:950 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:920 sssd-ldap.5.xml:932 sssd-krb5.5.xml:356 +#: sssd-ldap.5.xml:954 sssd-ldap.5.xml:966 sssd-ldap.5.xml:1395 +#: sssd-ldap.5.xml:1418 sssd-krb5.5.xml:356 msgid "Default: not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:960 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:963 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:972 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:941 +#: sssd-ldap.5.xml:975 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -2436,73 +2485,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:954 +#: sssd-ldap.5.xml:988 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:957 +#: sssd-ldap.5.xml:991 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:967 +#: sssd-ldap.5.xml:1001 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:1004 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:974 sssd-ldap.5.xml:1102 +#: sssd-ldap.5.xml:1008 sssd-ldap.5.xml:1136 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:980 +#: sssd-ldap.5.xml:1014 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:983 +#: sssd-ldap.5.xml:1017 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:988 +#: sssd-ldap.5.xml:1022 msgid "Default: host/machine.fqdn@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:994 +#: sssd-ldap.5.xml:1028 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:997 +#: sssd-ldap.5.xml:1031 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:1034 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1006 +#: sssd-ldap.5.xml:1040 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1009 +#: sssd-ldap.5.xml:1043 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -2510,27 +2559,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1055 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1024 +#: sssd-ldap.5.xml:1058 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1028 +#: sssd-ldap.5.xml:1062 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1034 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1068 sssd-krb5.5.xml:74 msgid "krb5_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 sssd-krb5.5.xml:77 +#: sssd-ldap.5.xml:1071 sssd-krb5.5.xml:77 msgid "" "Specifies the list of IP addresses or hostnames of the Kerberos servers to " "which SSSD should connect in the order of preference. For more information " @@ -2541,7 +2590,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1049 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1083 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -2549,7 +2598,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1054 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1088 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -2557,41 +2606,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1063 sssd-ipa.5.xml:165 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1097 sssd-ipa.5.xml:165 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 +#: sssd-ldap.5.xml:1100 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1069 +#: sssd-ldap.5.xml:1103 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1075 +#: sssd-ldap.5.xml:1109 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1078 +#: sssd-ldap.5.xml:1112 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1117 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1088 +#: sssd-ldap.5.xml:1122 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -2600,7 +2649,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1096 +#: sssd-ldap.5.xml:1130 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -2608,61 +2657,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1142 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1111 +#: sssd-ldap.5.xml:1145 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1115 +#: sssd-ldap.5.xml:1149 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1126 +#: sssd-ldap.5.xml:1160 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1129 +#: sssd-ldap.5.xml:1163 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1133 +#: sssd-ldap.5.xml:1167 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1139 +#: sssd-ldap.5.xml:1173 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1142 +#: sssd-ldap.5.xml:1176 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1147 +#: sssd-ldap.5.xml:1181 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1187 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1156 +#: sssd-ldap.5.xml:1190 msgid "" "If using access_provider = ldap, this option is mandatory. It specifies an " "LDAP search filter criteria that must be met for the user to be granted " @@ -2672,12 +2721,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1166 +#: sssd-ldap.5.xml:1200 sssd-ldap.5.xml:1398 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1203 #, no-wrap msgid "" "access_provider = ldap\n" @@ -2686,14 +2735,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1173 +#: sssd-ldap.5.xml:1207 msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1212 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -2702,24 +2751,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1186 sssd-ldap.5.xml:1227 +#: sssd-ldap.5.xml:1220 sssd-ldap.5.xml:1261 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1192 +#: sssd-ldap.5.xml:1226 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1195 +#: sssd-ldap.5.xml:1229 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1199 +#: sssd-ldap.5.xml:1233 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -2727,19 +2776,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1206 +#: sssd-ldap.5.xml:1240 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1209 +#: sssd-ldap.5.xml:1243 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1214 +#: sssd-ldap.5.xml:1248 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -2748,7 +2797,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1255 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -2756,84 +2805,89 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1267 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1236 +#: sssd-ldap.5.xml:1270 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1240 +#: sssd-ldap.5.xml:1274 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1243 +#: sssd-ldap.5.xml:1277 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:1281 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1286 +msgid "<emphasis>host</emphasis>: use the host attribute to determine access" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1290 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1293 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1262 +#: sssd-ldap.5.xml:1300 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1265 +#: sssd-ldap.5.xml:1303 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 +#: sssd-ldap.5.xml:1308 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1274 +#: sssd-ldap.5.xml:1312 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1317 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1322 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1289 +#: sssd-ldap.5.xml:1327 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -2850,48 +2904,87 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1301 +#: sssd-ldap.5.xml:1339 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1308 +#: sssd-ldap.5.xml:1346 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1311 +#: sssd-ldap.5.xml:1349 msgid "" "An optional base DN to restrict netgroup searches to a specific subtree." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 sssd-ldap.5.xml:1329 sssd-ldap.5.xml:1343 +#: sssd-ldap.5.xml:1353 sssd-ldap.5.xml:1367 sssd-ldap.5.xml:1381 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1322 +#: sssd-ldap.5.xml:1360 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "An optional base DN to restrict user searches to a specific subtree." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1336 +#: sssd-ldap.5.xml:1374 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1339 +#: sssd-ldap.5.xml:1377 msgid "An optional base DN to restrict group searches to a specific subtree." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1388 +msgid "ldap_user_search_filter (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1391 +msgid "" +"This option specifies an additional LDAP search filter criteria that " +"restrict user searches." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> +#: sssd-ldap.5.xml:1401 +#, no-wrap +msgid "" +" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1404 +msgid "" +"This filter would restrict user searches to users that have their shell set " +"to /bin/tcsh." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1411 +msgid "ldap_group_search_filter (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1414 +msgid "" +"This option specifies an additional LDAP search filter criteria that " +"restrict group searches." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1303 +#: sssd-ldap.5.xml:1341 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -2899,7 +2992,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1434 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -2907,7 +3000,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1365 +#: sssd-ldap.5.xml:1440 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -2921,18 +3014,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1364 sssd-simple.5.xml:134 sssd-ipa.5.xml:196 -#: sssd-krb5.5.xml:414 +#: sssd-ldap.5.xml:1439 sssd-simple.5.xml:134 sssd-ipa.5.xml:196 +#: sssd-krb5.5.xml:423 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1378 sssd_krb5_locator_plugin.8.xml:61 +#: sssd-ldap.5.xml:1453 sssd_krb5_locator_plugin.8.xml:61 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1455 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -2941,7 +3034,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1391 +#: sssd-ldap.5.xml:1466 msgid "" "<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" "manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" @@ -4292,6 +4385,18 @@ msgid "" "configuration error." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:397 +#, fuzzy +#| msgid "re_expression (string)" +msgid "krb5_fast_principal (string)" +msgstr "re_expression (tekst)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:400 +msgid "Specifies the server principal to use for FAST." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:65 msgid "" @@ -4303,7 +4408,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:407 +#: sssd-krb5.5.xml:416 msgid "" "The following example assumes that SSSD is correctly configured and FOO is " "one of the domains in the <replaceable>[sssd]</replaceable> section. This " @@ -4312,7 +4417,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:415 +#: sssd-krb5.5.xml:424 #, no-wrap msgid "" " [domain/FOO]\n" @@ -4322,7 +4427,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:426 +#: sssd-krb5.5.xml:435 msgid "" "<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" "manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" diff --git a/src/man/po/pl.po b/src/man/po/pl.po index 24d3e5dd..46943f8b 100644 --- a/src/man/po/pl.po +++ b/src/man/po/pl.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2011-03-08 10:17-0500\n" +"POT-Creation-Date: 2011-04-27 11:41-0300\n" "PO-Revision-Date: 2011-03-08 15:06+0000\n" "Last-Translator: sgallagh <sgallagh@redhat.com>\n" "Language-Team: Polish <None>\n" @@ -106,10 +106,10 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1008 sssd-ldap.5.xml:1389 +#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1008 sssd-ldap.5.xml:1464 #: pam_sss.8.xml:128 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 #: sssd-ipa.5.xml:206 sssd.8.xml:166 sss_obfuscate.8.xml:103 -#: sss_useradd.8.xml:167 sssd-krb5.5.xml:424 sss_groupadd.8.xml:58 +#: sss_useradd.8.xml:167 sssd-krb5.5.xml:433 sss_groupadd.8.xml:58 #: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 #: sss_usermod.8.xml:138 msgid "SEE ALSO" @@ -430,8 +430,8 @@ msgid "Add a timestamp to the debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:229 sssd.conf.5.xml:353 sssd-ldap.5.xml:1015 -#: sssd-ldap.5.xml:1120 sssd-ipa.5.xml:155 +#: sssd.conf.5.xml:229 sssd.conf.5.xml:353 sssd-ldap.5.xml:1049 +#: sssd-ldap.5.xml:1154 sssd-ipa.5.xml:155 msgid "Default: true" msgstr "" @@ -1308,8 +1308,8 @@ msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:973 sssd-ldap.5.xml:1357 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:188 sssd-krb5.5.xml:405 +#: sssd.conf.5.xml:973 sssd-ldap.5.xml:1432 sssd-simple.5.xml:126 +#: sssd-ipa.5.xml:188 sssd-krb5.5.xml:414 msgid "EXAMPLE" msgstr "" @@ -1596,7 +1596,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 sssd-ldap.5.xml:622 +#: sssd-ldap.5.xml:226 sssd-ldap.5.xml:642 msgid "Default: gidNumber" msgstr "" @@ -1656,7 +1656,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:278 sssd-ldap.5.xml:648 sssd-ldap.5.xml:741 +#: sssd-ldap.5.xml:278 sssd-ldap.5.xml:668 sssd-ldap.5.xml:761 msgid "Default: nsUniqueId" msgstr "" @@ -1666,14 +1666,14 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:287 sssd-ldap.5.xml:657 sssd-ldap.5.xml:750 +#: sssd-ldap.5.xml:287 sssd-ldap.5.xml:677 sssd-ldap.5.xml:770 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:291 sssd-ldap.5.xml:661 sssd-ldap.5.xml:754 +#: sssd-ldap.5.xml:291 sssd-ldap.5.xml:681 sssd-ldap.5.xml:774 msgid "Default: modifyTimestamp" msgstr "" @@ -1909,7 +1909,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:504 sssd-ldap.5.xml:961 sssd-ipa.5.xml:115 sssd.8.xml:64 +#: sssd-ldap.5.xml:504 sssd-ldap.5.xml:995 sssd-ipa.5.xml:115 sssd.8.xml:64 #: sssd-krb5.5.xml:235 sssd-krb5.5.xml:266 msgid "Default: false" msgstr "" @@ -1965,7 +1965,7 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:550 sssd-ldap.5.xml:609 sssd-ldap.5.xml:702 +#: sssd-ldap.5.xml:550 sssd-ldap.5.xml:629 sssd-ldap.5.xml:722 msgid "Default: cn" msgstr "" @@ -2011,76 +2011,101 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:590 -msgid "ldap_group_object_class (string)" +msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:593 +msgid "" +"If access_provider=ldap and ldap_access_order=host, SSSD will use the " +"presence of the host attribute in the user's LDAP entry to determine access " +"privilege." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:599 +msgid "" +"An explicit deny (!host) is resolved first. Second, SSSD searches for " +"explicit allow (host) and finally for allow_all (*)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:604 +msgid "Default: host" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:610 +msgid "ldap_group_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:613 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:616 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:602 +#: sssd-ldap.5.xml:622 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:605 +#: sssd-ldap.5.xml:625 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:615 +#: sssd-ldap.5.xml:635 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:638 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:628 +#: sssd-ldap.5.xml:648 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:651 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:635 +#: sssd-ldap.5.xml:655 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:641 +#: sssd-ldap.5.xml:661 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 +#: sssd-ldap.5.xml:664 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:654 +#: sssd-ldap.5.xml:674 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:667 +#: sssd-ldap.5.xml:687 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 +#: sssd-ldap.5.xml:690 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -2088,89 +2113,89 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:677 +#: sssd-ldap.5.xml:697 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:703 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:686 +#: sssd-ldap.5.xml:706 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:689 +#: sssd-ldap.5.xml:709 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:695 +#: sssd-ldap.5.xml:715 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:718 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:728 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 +#: sssd-ldap.5.xml:731 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:715 +#: sssd-ldap.5.xml:735 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:721 +#: sssd-ldap.5.xml:741 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:724 +#: sssd-ldap.5.xml:744 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:748 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:734 +#: sssd-ldap.5.xml:754 msgid "ldap_netgroup_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:757 msgid "" "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:767 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:760 +#: sssd-ldap.5.xml:780 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:763 +#: sssd-ldap.5.xml:783 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -2178,7 +2203,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:769 +#: sssd-ldap.5.xml:789 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -2186,17 +2211,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 sssd-ldap.5.xml:817 sssd-ldap.5.xml:832 +#: sssd-ldap.5.xml:795 sssd-ldap.5.xml:837 sssd-ldap.5.xml:852 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:801 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:784 +#: sssd-ldap.5.xml:804 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -2204,17 +2229,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:791 +#: sssd-ldap.5.xml:811 msgid "Default: 60" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:797 +#: sssd-ldap.5.xml:817 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:820 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -2225,12 +2250,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:823 +#: sssd-ldap.5.xml:843 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:826 +#: sssd-ldap.5.xml:846 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -2238,26 +2263,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:838 +#: sssd-ldap.5.xml:858 +msgid "ldap_page_size (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:861 +msgid "" +"Specify the number of records to retrieve from LDAP in a single request. " +"Some LDAP servers enforce a maximum limit per-request." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:866 +msgid "Default: 1000" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:872 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:841 +#: sssd-ldap.5.xml:875 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:847 +#: sssd-ldap.5.xml:881 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:851 +#: sssd-ldap.5.xml:885 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -2265,7 +2307,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:858 +#: sssd-ldap.5.xml:892 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -2273,7 +2315,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:898 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -2281,41 +2323,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:870 +#: sssd-ldap.5.xml:904 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:908 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:880 +#: sssd-ldap.5.xml:914 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:883 +#: sssd-ldap.5.xml:917 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:906 sssd-ldap.5.xml:947 +#: sssd-ldap.5.xml:922 sssd-ldap.5.xml:940 sssd-ldap.5.xml:981 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:895 +#: sssd-ldap.5.xml:929 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:898 +#: sssd-ldap.5.xml:932 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -2324,37 +2366,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:913 +#: sssd-ldap.5.xml:947 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:950 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:920 sssd-ldap.5.xml:932 sssd-krb5.5.xml:356 +#: sssd-ldap.5.xml:954 sssd-ldap.5.xml:966 sssd-ldap.5.xml:1395 +#: sssd-ldap.5.xml:1418 sssd-krb5.5.xml:356 msgid "Default: not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:960 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:963 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:972 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:941 +#: sssd-ldap.5.xml:975 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -2362,73 +2405,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:954 +#: sssd-ldap.5.xml:988 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:957 +#: sssd-ldap.5.xml:991 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:967 +#: sssd-ldap.5.xml:1001 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:1004 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:974 sssd-ldap.5.xml:1102 +#: sssd-ldap.5.xml:1008 sssd-ldap.5.xml:1136 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:980 +#: sssd-ldap.5.xml:1014 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:983 +#: sssd-ldap.5.xml:1017 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:988 +#: sssd-ldap.5.xml:1022 msgid "Default: host/machine.fqdn@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:994 +#: sssd-ldap.5.xml:1028 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:997 +#: sssd-ldap.5.xml:1031 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:1034 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1006 +#: sssd-ldap.5.xml:1040 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1009 +#: sssd-ldap.5.xml:1043 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -2436,27 +2479,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1055 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1024 +#: sssd-ldap.5.xml:1058 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1028 +#: sssd-ldap.5.xml:1062 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1034 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1068 sssd-krb5.5.xml:74 msgid "krb5_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 sssd-krb5.5.xml:77 +#: sssd-ldap.5.xml:1071 sssd-krb5.5.xml:77 msgid "" "Specifies the list of IP addresses or hostnames of the Kerberos servers to " "which SSSD should connect in the order of preference. For more information " @@ -2467,7 +2510,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1049 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1083 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -2475,7 +2518,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1054 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1088 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -2483,41 +2526,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1063 sssd-ipa.5.xml:165 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1097 sssd-ipa.5.xml:165 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 +#: sssd-ldap.5.xml:1100 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1069 +#: sssd-ldap.5.xml:1103 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1075 +#: sssd-ldap.5.xml:1109 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1078 +#: sssd-ldap.5.xml:1112 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1117 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1088 +#: sssd-ldap.5.xml:1122 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -2526,7 +2569,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1096 +#: sssd-ldap.5.xml:1130 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -2534,61 +2577,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1142 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1111 +#: sssd-ldap.5.xml:1145 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1115 +#: sssd-ldap.5.xml:1149 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1126 +#: sssd-ldap.5.xml:1160 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1129 +#: sssd-ldap.5.xml:1163 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1133 +#: sssd-ldap.5.xml:1167 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1139 +#: sssd-ldap.5.xml:1173 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1142 +#: sssd-ldap.5.xml:1176 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1147 +#: sssd-ldap.5.xml:1181 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1187 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1156 +#: sssd-ldap.5.xml:1190 msgid "" "If using access_provider = ldap, this option is mandatory. It specifies an " "LDAP search filter criteria that must be met for the user to be granted " @@ -2598,12 +2641,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1166 +#: sssd-ldap.5.xml:1200 sssd-ldap.5.xml:1398 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1203 #, no-wrap msgid "" "access_provider = ldap\n" @@ -2612,14 +2655,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1173 +#: sssd-ldap.5.xml:1207 msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1212 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -2628,24 +2671,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1186 sssd-ldap.5.xml:1227 +#: sssd-ldap.5.xml:1220 sssd-ldap.5.xml:1261 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1192 +#: sssd-ldap.5.xml:1226 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1195 +#: sssd-ldap.5.xml:1229 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1199 +#: sssd-ldap.5.xml:1233 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -2653,19 +2696,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1206 +#: sssd-ldap.5.xml:1240 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1209 +#: sssd-ldap.5.xml:1243 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1214 +#: sssd-ldap.5.xml:1248 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -2674,7 +2717,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1255 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -2682,84 +2725,89 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1267 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1236 +#: sssd-ldap.5.xml:1270 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1240 +#: sssd-ldap.5.xml:1274 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1243 +#: sssd-ldap.5.xml:1277 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:1281 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1286 +msgid "<emphasis>host</emphasis>: use the host attribute to determine access" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1290 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1293 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1262 +#: sssd-ldap.5.xml:1300 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1265 +#: sssd-ldap.5.xml:1303 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 +#: sssd-ldap.5.xml:1308 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1274 +#: sssd-ldap.5.xml:1312 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1317 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1322 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1289 +#: sssd-ldap.5.xml:1327 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -2776,48 +2824,87 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1301 +#: sssd-ldap.5.xml:1339 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1308 +#: sssd-ldap.5.xml:1346 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1311 +#: sssd-ldap.5.xml:1349 msgid "" "An optional base DN to restrict netgroup searches to a specific subtree." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 sssd-ldap.5.xml:1329 sssd-ldap.5.xml:1343 +#: sssd-ldap.5.xml:1353 sssd-ldap.5.xml:1367 sssd-ldap.5.xml:1381 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1322 +#: sssd-ldap.5.xml:1360 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "An optional base DN to restrict user searches to a specific subtree." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1336 +#: sssd-ldap.5.xml:1374 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1339 +#: sssd-ldap.5.xml:1377 msgid "An optional base DN to restrict group searches to a specific subtree." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1388 +msgid "ldap_user_search_filter (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1391 +msgid "" +"This option specifies an additional LDAP search filter criteria that " +"restrict user searches." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> +#: sssd-ldap.5.xml:1401 +#, no-wrap +msgid "" +" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1404 +msgid "" +"This filter would restrict user searches to users that have their shell set " +"to /bin/tcsh." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1411 +msgid "ldap_group_search_filter (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1414 +msgid "" +"This option specifies an additional LDAP search filter criteria that " +"restrict group searches." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1303 +#: sssd-ldap.5.xml:1341 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -2825,7 +2912,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1434 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -2833,7 +2920,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1365 +#: sssd-ldap.5.xml:1440 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -2847,18 +2934,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1364 sssd-simple.5.xml:134 sssd-ipa.5.xml:196 -#: sssd-krb5.5.xml:414 +#: sssd-ldap.5.xml:1439 sssd-simple.5.xml:134 sssd-ipa.5.xml:196 +#: sssd-krb5.5.xml:423 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1378 sssd_krb5_locator_plugin.8.xml:61 +#: sssd-ldap.5.xml:1453 sssd_krb5_locator_plugin.8.xml:61 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1455 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -2867,7 +2954,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1391 +#: sssd-ldap.5.xml:1466 msgid "" "<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" "manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" @@ -4218,6 +4305,16 @@ msgid "" "configuration error." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:397 +msgid "krb5_fast_principal (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:400 +msgid "Specifies the server principal to use for FAST." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:65 msgid "" @@ -4229,7 +4326,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:407 +#: sssd-krb5.5.xml:416 msgid "" "The following example assumes that SSSD is correctly configured and FOO is " "one of the domains in the <replaceable>[sssd]</replaceable> section. This " @@ -4238,7 +4335,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:415 +#: sssd-krb5.5.xml:424 #, no-wrap msgid "" " [domain/FOO]\n" @@ -4248,7 +4345,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:426 +#: sssd-krb5.5.xml:435 msgid "" "<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" "manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" diff --git a/src/man/po/sssd-docs.pot b/src/man/po/sssd-docs.pot index 90b33cf8..3a413ed0 100644 --- a/src/man/po/sssd-docs.pot +++ b/src/man/po/sssd-docs.pot @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 1.6.0\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2011-03-08 10:17-0500\n" +"POT-Creation-Date: 2011-04-27 11:41-0300\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Language-Team: LANGUAGE <LL@li.org>\n" @@ -93,7 +93,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1008 sssd-ldap.5.xml:1389 pam_sss.8.xml:128 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 sssd-ipa.5.xml:206 sssd.8.xml:166 sss_obfuscate.8.xml:103 sss_useradd.8.xml:167 sssd-krb5.5.xml:424 sss_groupadd.8.xml:58 sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 sss_usermod.8.xml:138 +#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1008 sssd-ldap.5.xml:1464 pam_sss.8.xml:128 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 sssd-ipa.5.xml:206 sssd.8.xml:166 sss_obfuscate.8.xml:103 sss_useradd.8.xml:167 sssd-krb5.5.xml:433 sss_groupadd.8.xml:58 sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 sss_usermod.8.xml:138 msgid "SEE ALSO" msgstr "" @@ -414,7 +414,7 @@ msgid "Add a timestamp to the debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:229 sssd.conf.5.xml:353 sssd-ldap.5.xml:1015 sssd-ldap.5.xml:1120 sssd-ipa.5.xml:155 +#: sssd.conf.5.xml:229 sssd.conf.5.xml:353 sssd-ldap.5.xml:1049 sssd-ldap.5.xml:1154 sssd-ipa.5.xml:155 msgid "Default: true" msgstr "" @@ -1293,7 +1293,7 @@ msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:973 sssd-ldap.5.xml:1357 sssd-simple.5.xml:126 sssd-ipa.5.xml:188 sssd-krb5.5.xml:405 +#: sssd.conf.5.xml:973 sssd-ldap.5.xml:1432 sssd-simple.5.xml:126 sssd-ipa.5.xml:188 sssd-krb5.5.xml:414 msgid "EXAMPLE" msgstr "" @@ -1585,7 +1585,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 sssd-ldap.5.xml:622 +#: sssd-ldap.5.xml:226 sssd-ldap.5.xml:642 msgid "Default: gidNumber" msgstr "" @@ -1645,7 +1645,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:278 sssd-ldap.5.xml:648 sssd-ldap.5.xml:741 +#: sssd-ldap.5.xml:278 sssd-ldap.5.xml:668 sssd-ldap.5.xml:761 msgid "Default: nsUniqueId" msgstr "" @@ -1655,14 +1655,14 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:287 sssd-ldap.5.xml:657 sssd-ldap.5.xml:750 +#: sssd-ldap.5.xml:287 sssd-ldap.5.xml:677 sssd-ldap.5.xml:770 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:291 sssd-ldap.5.xml:661 sssd-ldap.5.xml:754 +#: sssd-ldap.5.xml:291 sssd-ldap.5.xml:681 sssd-ldap.5.xml:774 msgid "Default: modifyTimestamp" msgstr "" @@ -1899,7 +1899,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:504 sssd-ldap.5.xml:961 sssd-ipa.5.xml:115 sssd.8.xml:64 sssd-krb5.5.xml:235 sssd-krb5.5.xml:266 +#: sssd-ldap.5.xml:504 sssd-ldap.5.xml:995 sssd-ipa.5.xml:115 sssd.8.xml:64 sssd-krb5.5.xml:235 sssd-krb5.5.xml:266 msgid "Default: false" msgstr "" @@ -1954,7 +1954,7 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:550 sssd-ldap.5.xml:609 sssd-ldap.5.xml:702 +#: sssd-ldap.5.xml:550 sssd-ldap.5.xml:629 sssd-ldap.5.xml:722 msgid "Default: cn" msgstr "" @@ -2000,76 +2000,101 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:590 -msgid "ldap_group_object_class (string)" +msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:593 +msgid "" +"If access_provider=ldap and ldap_access_order=host, SSSD will use the " +"presence of the host attribute in the user's LDAP entry to determine access " +"privilege." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:599 +msgid "" +"An explicit deny (!host) is resolved first. Second, SSSD searches for " +"explicit allow (host) and finally for allow_all (*)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:604 +msgid "Default: host" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:610 +msgid "ldap_group_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:613 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:616 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:602 +#: sssd-ldap.5.xml:622 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:605 +#: sssd-ldap.5.xml:625 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:615 +#: sssd-ldap.5.xml:635 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:638 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:628 +#: sssd-ldap.5.xml:648 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:651 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:635 +#: sssd-ldap.5.xml:655 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:641 +#: sssd-ldap.5.xml:661 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 +#: sssd-ldap.5.xml:664 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:654 +#: sssd-ldap.5.xml:674 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:667 +#: sssd-ldap.5.xml:687 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 +#: sssd-ldap.5.xml:690 msgid "" "If ldap_schema is set to a schema format that supports nested groups " "(e.g. RFC2307bis), then this option controls how many levels of nesting SSSD " @@ -2077,87 +2102,87 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:677 +#: sssd-ldap.5.xml:697 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:703 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:686 +#: sssd-ldap.5.xml:706 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:689 +#: sssd-ldap.5.xml:709 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:695 +#: sssd-ldap.5.xml:715 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:718 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:728 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 +#: sssd-ldap.5.xml:731 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:715 +#: sssd-ldap.5.xml:735 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:721 +#: sssd-ldap.5.xml:741 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:724 +#: sssd-ldap.5.xml:744 msgid "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:748 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:734 +#: sssd-ldap.5.xml:754 msgid "ldap_netgroup_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:757 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:767 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:760 +#: sssd-ldap.5.xml:780 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:763 +#: sssd-ldap.5.xml:783 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -2165,7 +2190,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:769 +#: sssd-ldap.5.xml:789 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -2173,17 +2198,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 sssd-ldap.5.xml:817 sssd-ldap.5.xml:832 +#: sssd-ldap.5.xml:795 sssd-ldap.5.xml:837 sssd-ldap.5.xml:852 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:801 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:784 +#: sssd-ldap.5.xml:804 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -2191,17 +2216,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:791 +#: sssd-ldap.5.xml:811 msgid "Default: 60" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:797 +#: sssd-ldap.5.xml:817 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:820 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> " @@ -2212,12 +2237,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:823 +#: sssd-ldap.5.xml:843 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:826 +#: sssd-ldap.5.xml:846 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -2225,26 +2250,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:838 +#: sssd-ldap.5.xml:858 +msgid "ldap_page_size (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:861 +msgid "" +"Specify the number of records to retrieve from LDAP in a single " +"request. Some LDAP servers enforce a maximum limit per-request." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:866 +msgid "Default: 1000" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:872 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:841 +#: sssd-ldap.5.xml:875 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:847 +#: sssd-ldap.5.xml:881 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:851 +#: sssd-ldap.5.xml:885 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -2252,7 +2294,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:858 +#: sssd-ldap.5.xml:892 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -2260,7 +2302,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:898 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -2268,41 +2310,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:870 +#: sssd-ldap.5.xml:904 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:908 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:880 +#: sssd-ldap.5.xml:914 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:883 +#: sssd-ldap.5.xml:917 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:906 sssd-ldap.5.xml:947 +#: sssd-ldap.5.xml:922 sssd-ldap.5.xml:940 sssd-ldap.5.xml:981 msgid "" "Default: use OpenLDAP defaults, typically in " "<filename>/etc/openldap/ldap.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:895 +#: sssd-ldap.5.xml:929 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:898 +#: sssd-ldap.5.xml:932 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -2311,37 +2353,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:913 +#: sssd-ldap.5.xml:947 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:950 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:920 sssd-ldap.5.xml:932 sssd-krb5.5.xml:356 +#: sssd-ldap.5.xml:954 sssd-ldap.5.xml:966 sssd-ldap.5.xml:1395 sssd-ldap.5.xml:1418 sssd-krb5.5.xml:356 msgid "Default: not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:960 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:963 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:972 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:941 +#: sssd-ldap.5.xml:975 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -2349,73 +2391,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:954 +#: sssd-ldap.5.xml:988 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:957 +#: sssd-ldap.5.xml:991 msgid "" "Specifies that the id_provider connection must also use <systemitem " "class=\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:967 +#: sssd-ldap.5.xml:1001 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:1004 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:974 sssd-ldap.5.xml:1102 +#: sssd-ldap.5.xml:1008 sssd-ldap.5.xml:1136 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:980 +#: sssd-ldap.5.xml:1014 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:983 +#: sssd-ldap.5.xml:1017 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:988 +#: sssd-ldap.5.xml:1022 msgid "Default: host/machine.fqdn@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:994 +#: sssd-ldap.5.xml:1028 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:997 +#: sssd-ldap.5.xml:1031 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:1034 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1006 +#: sssd-ldap.5.xml:1040 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1009 +#: sssd-ldap.5.xml:1043 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -2423,27 +2465,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1055 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1024 +#: sssd-ldap.5.xml:1058 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1028 +#: sssd-ldap.5.xml:1062 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1034 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1068 sssd-krb5.5.xml:74 msgid "krb5_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 sssd-krb5.5.xml:77 +#: sssd-ldap.5.xml:1071 sssd-krb5.5.xml:77 msgid "" "Specifies the list of IP addresses or hostnames of the Kerberos servers to " "which SSSD should connect in the order of preference. For more information " @@ -2454,7 +2496,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1049 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1083 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -2462,7 +2504,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1054 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1088 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of " "SSSD. While the legacy name is recognized for the time being, users are " @@ -2471,41 +2513,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1063 sssd-ipa.5.xml:165 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1097 sssd-ipa.5.xml:165 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 +#: sssd-ldap.5.xml:1100 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1069 +#: sssd-ldap.5.xml:1103 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1075 +#: sssd-ldap.5.xml:1109 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1078 +#: sssd-ldap.5.xml:1112 msgid "" "Select the policy to evaluate the password expiration on the client " "side. The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1117 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1088 +#: sssd-ldap.5.xml:1122 msgid "" "<emphasis>shadow</emphasis> - Use " "<citerefentry><refentrytitle>shadow</refentrytitle> " @@ -2515,7 +2557,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1096 +#: sssd-ldap.5.xml:1130 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -2523,61 +2565,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1142 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1111 +#: sssd-ldap.5.xml:1145 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1115 +#: sssd-ldap.5.xml:1149 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1126 +#: sssd-ldap.5.xml:1160 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1129 +#: sssd-ldap.5.xml:1163 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1133 +#: sssd-ldap.5.xml:1167 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1139 +#: sssd-ldap.5.xml:1173 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1142 +#: sssd-ldap.5.xml:1176 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1147 +#: sssd-ldap.5.xml:1181 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1187 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1156 +#: sssd-ldap.5.xml:1190 msgid "" "If using access_provider = ldap, this option is mandatory. It specifies an " "LDAP search filter criteria that must be met for the user to be granted " @@ -2587,12 +2629,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1166 +#: sssd-ldap.5.xml:1200 sssd-ldap.5.xml:1398 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1203 #, no-wrap msgid "" "access_provider = ldap\n" @@ -2601,14 +2643,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1173 +#: sssd-ldap.5.xml:1207 msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1212 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -2617,24 +2659,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1186 sssd-ldap.5.xml:1227 +#: sssd-ldap.5.xml:1220 sssd-ldap.5.xml:1261 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1192 +#: sssd-ldap.5.xml:1226 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1195 +#: sssd-ldap.5.xml:1229 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1199 +#: sssd-ldap.5.xml:1233 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -2642,19 +2684,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1206 +#: sssd-ldap.5.xml:1240 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1209 +#: sssd-ldap.5.xml:1243 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1214 +#: sssd-ldap.5.xml:1248 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -2663,7 +2705,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1255 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, " "<emphasis>389ds</emphasis>: use the value of ldap_ns_account_lock to check " @@ -2671,84 +2713,89 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1267 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1236 +#: sssd-ldap.5.xml:1270 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1240 +#: sssd-ldap.5.xml:1274 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1243 +#: sssd-ldap.5.xml:1277 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:1281 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1286 +msgid "<emphasis>host</emphasis>: use the host attribute to determine access" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1290 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1293 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1262 +#: sssd-ldap.5.xml:1300 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1265 +#: sssd-ldap.5.xml:1303 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 +#: sssd-ldap.5.xml:1308 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1274 +#: sssd-ldap.5.xml:1312 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1317 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1322 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1289 +#: sssd-ldap.5.xml:1327 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -2765,47 +2812,87 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1301 +#: sssd-ldap.5.xml:1339 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1308 +#: sssd-ldap.5.xml:1346 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1311 +#: sssd-ldap.5.xml:1349 msgid "An optional base DN to restrict netgroup searches to a specific subtree." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 sssd-ldap.5.xml:1329 sssd-ldap.5.xml:1343 +#: sssd-ldap.5.xml:1353 sssd-ldap.5.xml:1367 sssd-ldap.5.xml:1381 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1322 +#: sssd-ldap.5.xml:1360 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "An optional base DN to restrict user searches to a specific subtree." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1336 +#: sssd-ldap.5.xml:1374 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1339 +#: sssd-ldap.5.xml:1377 msgid "An optional base DN to restrict group searches to a specific subtree." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1388 +msgid "ldap_user_search_filter (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1391 +msgid "" +"This option specifies an additional LDAP search filter criteria that " +"restrict user searches." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> +#: sssd-ldap.5.xml:1401 +#, no-wrap +msgid "" +" ldap_user_search_filter = " +"(loginShell=/bin/tcsh)\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1404 +msgid "" +"This filter would restrict user searches to users that have their shell set " +"to /bin/tcsh." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1411 +msgid "ldap_group_search_filter (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1414 +msgid "" +"This option specifies an additional LDAP search filter criteria that " +"restrict group searches." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1303 +#: sssd-ldap.5.xml:1341 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -2813,7 +2900,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1434 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -2821,7 +2908,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1365 +#: sssd-ldap.5.xml:1440 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -2835,17 +2922,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1364 sssd-simple.5.xml:134 sssd-ipa.5.xml:196 sssd-krb5.5.xml:414 +#: sssd-ldap.5.xml:1439 sssd-simple.5.xml:134 sssd-ipa.5.xml:196 sssd-krb5.5.xml:423 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1378 sssd_krb5_locator_plugin.8.xml:61 +#: sssd-ldap.5.xml:1453 sssd_krb5_locator_plugin.8.xml:61 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1455 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -2854,7 +2941,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1391 +#: sssd-ldap.5.xml:1466 msgid "" "<citerefentry> " "<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> " @@ -4225,6 +4312,16 @@ msgid "" "configuration error." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:397 +msgid "krb5_fast_principal (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:400 +msgid "Specifies the server principal to use for FAST." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:65 msgid "" @@ -4236,7 +4333,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:407 +#: sssd-krb5.5.xml:416 msgid "" "The following example assumes that SSSD is correctly configured and FOO is " "one of the domains in the <replaceable>[sssd]</replaceable> section. This " @@ -4245,7 +4342,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:415 +#: sssd-krb5.5.xml:424 #, no-wrap msgid "" " [domain/FOO]\n" @@ -4255,7 +4352,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:426 +#: sssd-krb5.5.xml:435 msgid "" "<citerefentry> " "<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> " diff --git a/src/man/po/uk.po b/src/man/po/uk.po index 1b9d262b..98e4e6c7 100644 --- a/src/man/po/uk.po +++ b/src/man/po/uk.po @@ -6,7 +6,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 1.5.0\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2011-03-08 10:17-0500\n" +"POT-Creation-Date: 2011-04-27 11:41-0300\n" "PO-Revision-Date: 2011-01-25 20:56+0200\n" "Last-Translator: Yuri Chornoivan <yurchor@ukr.net>\n" "Language-Team: Ukrainian <translation@linux.org.ua>\n" @@ -132,10 +132,10 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><title> #. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1008 sssd-ldap.5.xml:1389 +#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1008 sssd-ldap.5.xml:1464 #: pam_sss.8.xml:128 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 #: sssd-ipa.5.xml:206 sssd.8.xml:166 sss_obfuscate.8.xml:103 -#: sss_useradd.8.xml:167 sssd-krb5.5.xml:424 sss_groupadd.8.xml:58 +#: sss_useradd.8.xml:167 sssd-krb5.5.xml:433 sss_groupadd.8.xml:58 #: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 #: sss_usermod.8.xml:138 msgid "SEE ALSO" @@ -579,8 +579,8 @@ msgstr "Додати часову позначку до діагностични # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:229 sssd.conf.5.xml:353 sssd-ldap.5.xml:1015 -#: sssd-ldap.5.xml:1120 sssd-ipa.5.xml:155 +#: sssd.conf.5.xml:229 sssd.conf.5.xml:353 sssd-ldap.5.xml:1049 +#: sssd-ldap.5.xml:1154 sssd-ipa.5.xml:155 msgid "Default: true" msgstr "Типове значення: true" @@ -1644,8 +1644,8 @@ msgstr "Типове значення: None, не виконувати жодн # type: Content of: <reference><refentry><refsect1><title> #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:973 sssd-ldap.5.xml:1357 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:188 sssd-krb5.5.xml:405 +#: sssd.conf.5.xml:973 sssd-ldap.5.xml:1432 sssd-simple.5.xml:126 +#: sssd-ipa.5.xml:188 sssd-krb5.5.xml:414 msgid "EXAMPLE" msgstr "ПРИКЛАД" @@ -2015,7 +2015,7 @@ msgstr "Атрибут LDAP, що відповідає ідентифікато # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 sssd-ldap.5.xml:622 +#: sssd-ldap.5.xml:226 sssd-ldap.5.xml:642 msgid "Default: gidNumber" msgstr "Типове значення: gidNumber" @@ -2087,7 +2087,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:278 sssd-ldap.5.xml:648 sssd-ldap.5.xml:741 +#: sssd-ldap.5.xml:278 sssd-ldap.5.xml:668 sssd-ldap.5.xml:761 msgid "Default: nsUniqueId" msgstr "Типове значення: nsUniqueId" @@ -2099,7 +2099,7 @@ msgstr "ldap_user_modify_timestamp (рядок)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:287 sssd-ldap.5.xml:657 sssd-ldap.5.xml:750 +#: sssd-ldap.5.xml:287 sssd-ldap.5.xml:677 sssd-ldap.5.xml:770 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." @@ -2107,7 +2107,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:291 sssd-ldap.5.xml:661 sssd-ldap.5.xml:754 +#: sssd-ldap.5.xml:291 sssd-ldap.5.xml:681 sssd-ldap.5.xml:774 msgid "Default: modifyTimestamp" msgstr "Типове значення: modifyTimestamp" @@ -2378,7 +2378,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:504 sssd-ldap.5.xml:961 sssd-ipa.5.xml:115 sssd.8.xml:64 +#: sssd-ldap.5.xml:504 sssd-ldap.5.xml:995 sssd-ipa.5.xml:115 sssd.8.xml:64 #: sssd-krb5.5.xml:235 sssd-krb5.5.xml:266 msgid "Default: false" msgstr "Типове значення: false" @@ -2444,7 +2444,7 @@ msgstr "Атрибут LDAP, що відповідає повному імені # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:550 sssd-ldap.5.xml:609 sssd-ldap.5.xml:702 +#: sssd-ldap.5.xml:550 sssd-ldap.5.xml:629 sssd-ldap.5.xml:722 msgid "Default: cn" msgstr "Типове значення: cn" @@ -2495,90 +2495,121 @@ msgstr "Типове значення: authorizedService" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:590 +#, fuzzy +#| msgid "ldap_user_authorized_service (string)" +msgid "ldap_user_authorized_host (string)" +msgstr "ldap_user_authorized_service (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:593 +msgid "" +"If access_provider=ldap and ldap_access_order=host, SSSD will use the " +"presence of the host attribute in the user's LDAP entry to determine access " +"privilege." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:599 +msgid "" +"An explicit deny (!host) is resolved first. Second, SSSD searches for " +"explicit allow (host) and finally for allow_all (*)." +msgstr "" + +# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:604 +#, fuzzy +#| msgid "Default: root" +msgid "Default: host" +msgstr "Типове значення: root" + +# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:610 msgid "ldap_group_object_class (string)" msgstr "ldap_group_object_class (рядок)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:593 +#: sssd-ldap.5.xml:613 msgid "The object class of a group entry in LDAP." msgstr "Клас об’єктів запису групи у LDAP." # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:616 msgid "Default: posixGroup" msgstr "Типове значення: posixGroup" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:602 +#: sssd-ldap.5.xml:622 msgid "ldap_group_name (string)" msgstr "ldap_group_name (рядок)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:605 +#: sssd-ldap.5.xml:625 msgid "The LDAP attribute that corresponds to the group name." msgstr "Атрибут LDAP, що відповідає назві групи." # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:615 +#: sssd-ldap.5.xml:635 msgid "ldap_group_gid_number (string)" msgstr "ldap_group_gid_number (рядок)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:638 msgid "The LDAP attribute that corresponds to the group's id." msgstr "Атрибут LDAP, що відповідає ідентифікатору групи." # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:628 +#: sssd-ldap.5.xml:648 msgid "ldap_group_member (string)" msgstr "ldap_group_member (рядок)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:651 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:635 +#: sssd-ldap.5.xml:655 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "Типове значення: memberuid (rfc2307) / member (rfc2307bis)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:641 +#: sssd-ldap.5.xml:661 msgid "ldap_group_uuid (string)" msgstr "ldap_group_uuid (рядок)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 +#: sssd-ldap.5.xml:664 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:654 +#: sssd-ldap.5.xml:674 msgid "ldap_group_modify_timestamp (string)" msgstr "ldap_group_modify_timestamp (рядок)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:667 +#: sssd-ldap.5.xml:687 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (ціле число)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 +#: sssd-ldap.5.xml:690 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -2587,104 +2618,104 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:677 +#: sssd-ldap.5.xml:697 msgid "Default: 2" msgstr "Типове значення: 2" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:703 msgid "ldap_netgroup_object_class (string)" msgstr "ldap_netgroup_object_class (рядок)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:686 +#: sssd-ldap.5.xml:706 msgid "The object class of a netgroup entry in LDAP." msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:689 +#: sssd-ldap.5.xml:709 msgid "Default: nisNetgroup" msgstr "Типове значення: nisNetgroup" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:695 +#: sssd-ldap.5.xml:715 msgid "ldap_netgroup_name (string)" msgstr "ldap_netgroup_name (рядок)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:718 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:728 msgid "ldap_netgroup_member (string)" msgstr "ldap_netgroup_member (рядок)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 +#: sssd-ldap.5.xml:731 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:715 +#: sssd-ldap.5.xml:735 msgid "Default: memberNisNetgroup" msgstr "Типове значення: memberNisNetgroup" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:721 +#: sssd-ldap.5.xml:741 msgid "ldap_netgroup_triple (string)" msgstr "ldap_netgroup_triple (рядок)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:724 +#: sssd-ldap.5.xml:744 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:748 msgid "Default: nisNetgroupTriple" msgstr "Типове значення: nisNetgroupTriple" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:734 +#: sssd-ldap.5.xml:754 msgid "ldap_netgroup_uuid (string)" msgstr "ldap_netgroup_uuid (рядок)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:757 msgid "" "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:767 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (рядок)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:760 +#: sssd-ldap.5.xml:780 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:763 +#: sssd-ldap.5.xml:783 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -2692,7 +2723,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:769 +#: sssd-ldap.5.xml:789 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -2701,18 +2732,18 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 sssd-ldap.5.xml:817 sssd-ldap.5.xml:832 +#: sssd-ldap.5.xml:795 sssd-ldap.5.xml:837 sssd-ldap.5.xml:852 msgid "Default: 6" msgstr "Типове значення: 6" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:801 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:784 +#: sssd-ldap.5.xml:804 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -2721,19 +2752,19 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:791 +#: sssd-ldap.5.xml:811 msgid "Default: 60" msgstr "Типове значення: 60" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:797 +#: sssd-ldap.5.xml:817 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (ціле число)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:820 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -2745,13 +2776,13 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:823 +#: sssd-ldap.5.xml:843 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (ціле число)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:826 +#: sssd-ldap.5.xml:846 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -2760,13 +2791,36 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:838 +#: sssd-ldap.5.xml:858 +#, fuzzy +#| msgid "ldap_opt_timeout (integer)" +msgid "ldap_page_size (integer)" +msgstr "ldap_opt_timeout (ціле число)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:861 +msgid "" +"Specify the number of records to retrieve from LDAP in a single request. " +"Some LDAP servers enforce a maximum limit per-request." +msgstr "" + +# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:866 +#, fuzzy +#| msgid "Default: 10" +msgid "Default: 1000" +msgstr "Типове значення: 10" + +# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:872 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (рядок)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:841 +#: sssd-ldap.5.xml:875 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -2774,7 +2828,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:847 +#: sssd-ldap.5.xml:881 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -2782,7 +2836,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:851 +#: sssd-ldap.5.xml:885 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -2791,7 +2845,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:858 +#: sssd-ldap.5.xml:892 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -2800,7 +2854,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:898 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -2809,25 +2863,25 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:870 +#: sssd-ldap.5.xml:904 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = те саме, що і <quote>demand</quote>" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:908 msgid "Default: hard" msgstr "Типове значення: hard" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:880 +#: sssd-ldap.5.xml:914 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (рядок)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:883 +#: sssd-ldap.5.xml:917 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -2835,7 +2889,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:906 sssd-ldap.5.xml:947 +#: sssd-ldap.5.xml:922 sssd-ldap.5.xml:940 sssd-ldap.5.xml:981 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -2843,13 +2897,13 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:895 +#: sssd-ldap.5.xml:929 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (рядок)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:898 +#: sssd-ldap.5.xml:932 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -2859,41 +2913,42 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:913 +#: sssd-ldap.5.xml:947 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:950 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:920 sssd-ldap.5.xml:932 sssd-krb5.5.xml:356 +#: sssd-ldap.5.xml:954 sssd-ldap.5.xml:966 sssd-ldap.5.xml:1395 +#: sssd-ldap.5.xml:1418 sssd-krb5.5.xml:356 msgid "Default: not set" msgstr "Типове значення: not set" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:960 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:963 msgid "Specifies the file that contains the client's key." msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:972 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (рядок)" # type: Content of: <reference><refentry><refsect1><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:941 +#: sssd-ldap.5.xml:975 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -2902,13 +2957,13 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:954 +#: sssd-ldap.5.xml:988 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (булеве значення)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:957 +#: sssd-ldap.5.xml:991 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -2916,13 +2971,13 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:967 +#: sssd-ldap.5.xml:1001 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (рядок)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:1004 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." @@ -2930,19 +2985,19 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:974 sssd-ldap.5.xml:1102 +#: sssd-ldap.5.xml:1008 sssd-ldap.5.xml:1136 msgid "Default: none" msgstr "Типове значення: none" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:980 +#: sssd-ldap.5.xml:1014 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (рядок)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:983 +#: sssd-ldap.5.xml:1017 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory." @@ -2950,37 +3005,37 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:988 +#: sssd-ldap.5.xml:1022 msgid "Default: host/machine.fqdn@REALM" msgstr "Типове значення: вузол/комп’ютер.fqdn@ОБЛАСТЬ" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:994 +#: sssd-ldap.5.xml:1028 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (рядок)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:997 +#: sssd-ldap.5.xml:1031 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:1034 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1006 +#: sssd-ldap.5.xml:1040 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (булеве значення)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1009 +#: sssd-ldap.5.xml:1043 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -2989,31 +3044,31 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1055 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (ціле число)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1024 +#: sssd-ldap.5.xml:1058 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1028 +#: sssd-ldap.5.xml:1062 msgid "Default: 86400 (24 hours)" msgstr "Типове значення: 86400 (24 години)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1034 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1068 sssd-krb5.5.xml:74 msgid "krb5_server (string)" msgstr "krb5_server (рядок)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 sssd-krb5.5.xml:77 +#: sssd-ldap.5.xml:1071 sssd-krb5.5.xml:77 msgid "" "Specifies the list of IP addresses or hostnames of the Kerberos servers to " "which SSSD should connect in the order of preference. For more information " @@ -3024,7 +3079,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1049 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1083 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -3033,7 +3088,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1054 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1088 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -3042,19 +3097,19 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1063 sssd-ipa.5.xml:165 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1097 sssd-ipa.5.xml:165 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (рядок)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 +#: sssd-ldap.5.xml:1100 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1069 +#: sssd-ldap.5.xml:1103 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Типове значення: типове значення системи, див. <filename>/etc/krb5.conf</" @@ -3062,13 +3117,13 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1075 +#: sssd-ldap.5.xml:1109 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (рядок)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1078 +#: sssd-ldap.5.xml:1112 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -3076,7 +3131,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1117 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -3084,7 +3139,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1088 +#: sssd-ldap.5.xml:1122 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -3094,7 +3149,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1096 +#: sssd-ldap.5.xml:1130 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -3103,19 +3158,19 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1142 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (булеве значення)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1111 +#: sssd-ldap.5.xml:1145 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1115 +#: sssd-ldap.5.xml:1149 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -3123,49 +3178,49 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1126 +#: sssd-ldap.5.xml:1160 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (рядок)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1129 +#: sssd-ldap.5.xml:1163 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1133 +#: sssd-ldap.5.xml:1167 msgid "Default: ldap" msgstr "Типове значення: ldap" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1139 +#: sssd-ldap.5.xml:1173 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1142 +#: sssd-ldap.5.xml:1176 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1147 +#: sssd-ldap.5.xml:1181 msgid "Default: not set, i.e. service discovery is disabled" msgstr "Типове значення: не встановлено, тобто пошук служб вимкнено" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1187 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (рядок)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1156 +#: sssd-ldap.5.xml:1190 msgid "" "If using access_provider = ldap, this option is mandatory. It specifies an " "LDAP search filter criteria that must be met for the user to be granted " @@ -3176,13 +3231,13 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1166 +#: sssd-ldap.5.xml:1200 sssd-ldap.5.xml:1398 msgid "Example:" msgstr "Приклад:" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1203 #, no-wrap msgid "" "access_provider = ldap\n" @@ -3195,7 +3250,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1173 +#: sssd-ldap.5.xml:1207 msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." @@ -3203,7 +3258,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1212 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -3213,25 +3268,25 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1186 sssd-ldap.5.xml:1227 +#: sssd-ldap.5.xml:1220 sssd-ldap.5.xml:1261 msgid "Default: Empty" msgstr "Типове значення: порожній рядок" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1192 +#: sssd-ldap.5.xml:1226 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1195 +#: sssd-ldap.5.xml:1229 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1199 +#: sssd-ldap.5.xml:1233 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -3239,19 +3294,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1206 +#: sssd-ldap.5.xml:1240 msgid "The following values are allowed:" msgstr "Можна використовувати такі значення:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1209 +#: sssd-ldap.5.xml:1243 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1214 +#: sssd-ldap.5.xml:1248 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -3260,7 +3315,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1255 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -3269,12 +3324,12 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1267 msgid "ldap_access_order (string)" msgstr "ldap_access_order (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1236 +#: sssd-ldap.5.xml:1270 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Список відокремлених комами параметрів керування доступом. Можливі значення " @@ -3282,18 +3337,18 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1240 +#: sssd-ldap.5.xml:1274 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis>: використовувати ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1243 +#: sssd-ldap.5.xml:1277 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" "<emphasis>expire</emphasis>: використовувати ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:1281 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -3301,14 +3356,25 @@ msgstr "" "<emphasis>authorized_service</emphasis>: використовувати для визначення " "можливості доступу атрибут authorizedService" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1286 +#, fuzzy +#| msgid "" +#| "<emphasis>authorized_service</emphasis>: use the authorizedService " +#| "attribute to determine access" +msgid "<emphasis>host</emphasis>: use the host attribute to determine access" +msgstr "" +"<emphasis>authorized_service</emphasis>: використовувати для визначення " +"можливості доступу атрибут authorizedService" + # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1290 msgid "Default: filter" msgstr "Типове значення: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1293 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -3316,13 +3382,13 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1262 +#: sssd-ldap.5.xml:1300 msgid "ldap_deref (string)" msgstr "ldap_deref (рядок)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1265 +#: sssd-ldap.5.xml:1303 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -3330,13 +3396,13 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 +#: sssd-ldap.5.xml:1308 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1274 +#: sssd-ldap.5.xml:1312 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -3344,7 +3410,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1317 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -3352,7 +3418,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1322 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -3360,7 +3426,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1289 +#: sssd-ldap.5.xml:1327 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -3378,55 +3444,100 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><title> #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1301 +#: sssd-ldap.5.xml:1339 msgid "ADVANCED OPTIONS" msgstr "ДОДАТКОВІ ПАРАМЕТРИ" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1308 +#: sssd-ldap.5.xml:1346 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (рядок)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1311 +#: sssd-ldap.5.xml:1349 msgid "" "An optional base DN to restrict netgroup searches to a specific subtree." msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 sssd-ldap.5.xml:1329 sssd-ldap.5.xml:1343 +#: sssd-ldap.5.xml:1353 sssd-ldap.5.xml:1367 sssd-ldap.5.xml:1381 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "Типове значення: значення <emphasis>ldap_search_base</emphasis>" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1322 +#: sssd-ldap.5.xml:1360 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (рядок)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "An optional base DN to restrict user searches to a specific subtree." msgstr "" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1336 +#: sssd-ldap.5.xml:1374 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (рядок)" # type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1339 +#: sssd-ldap.5.xml:1377 msgid "An optional base DN to restrict group searches to a specific subtree." msgstr "" +# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1388 +#, fuzzy +#| msgid "ldap_user_search_base (string)" +msgid "ldap_user_search_filter (string)" +msgstr "ldap_user_search_base (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1391 +msgid "" +"This option specifies an additional LDAP search filter criteria that " +"restrict user searches." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> +#: sssd-ldap.5.xml:1401 +#, no-wrap +msgid "" +" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1404 +msgid "" +"This filter would restrict user searches to users that have their shell set " +"to /bin/tcsh." +msgstr "" + +# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1411 +#, fuzzy +#| msgid "ldap_group_search_base (string)" +msgid "ldap_group_search_filter (string)" +msgstr "ldap_group_search_base (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1414 +msgid "" +"This option specifies an additional LDAP search filter criteria that " +"restrict group searches." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1303 +#: sssd-ldap.5.xml:1341 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -3435,7 +3546,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para> #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1434 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -3444,7 +3555,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><programlisting> #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1365 +#: sssd-ldap.5.xml:1440 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -3466,20 +3577,20 @@ msgstr "" " enumerate = true\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1364 sssd-simple.5.xml:134 sssd-ipa.5.xml:196 -#: sssd-krb5.5.xml:414 +#: sssd-ldap.5.xml:1439 sssd-simple.5.xml:134 sssd-ipa.5.xml:196 +#: sssd-krb5.5.xml:423 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" # type: Content of: <reference><refentry><refsect1><title> #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1378 sssd_krb5_locator_plugin.8.xml:61 +#: sssd-ldap.5.xml:1453 sssd_krb5_locator_plugin.8.xml:61 msgid "NOTES" msgstr "ЗАУВАЖЕННЯ" # type: Content of: <reference><refentry><refsect1><para> #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1455 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -3489,7 +3600,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para> #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1391 +#: sssd-ldap.5.xml:1466 msgid "" "<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" "manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" @@ -5099,6 +5210,19 @@ msgid "" "configuration error." msgstr "" +# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:397 +#, fuzzy +#| msgid "ldap_user_principal (string)" +msgid "krb5_fast_principal (string)" +msgstr "ldap_user_principal (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:400 +msgid "Specifies the server principal to use for FAST." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:65 msgid "" @@ -5111,7 +5235,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para> #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:407 +#: sssd-krb5.5.xml:416 msgid "" "The following example assumes that SSSD is correctly configured and FOO is " "one of the domains in the <replaceable>[sssd]</replaceable> section. This " @@ -5121,7 +5245,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para><programlisting> #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:415 +#: sssd-krb5.5.xml:424 #, no-wrap msgid "" " [domain/FOO]\n" @@ -5136,7 +5260,7 @@ msgstr "" # type: Content of: <reference><refentry><refsect1><para> #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:426 +#: sssd-krb5.5.xml:435 msgid "" "<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" "manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" |