revision 5e1490d5ccd3b1748ade57d77279c0b51bec9d0e
# Copyright (c) 2007 Sun Microsystems Inc. All Rights Reserved
# The contents of this file are subject to the terms
# of the Common Development and Distribution License
# (the License). You may not use this file except in
# compliance with the License.
# You can obtain a copy of the License at
# See the License for the specific language governing
# permission and limitations under the License.
# When distributing Covered Code, include this CDDL
# Header Notice in each file and include the License file
# If applicable, add the following below the CDDL Header,
# with the fields enclosed by brackets [] replaced by
# your own identifying information:
# "Portions Copyrighted [year] [name of copyright owner]"
# $Id:,v 1.5 2009/12/11 01:43:23 goodearth Exp $
# Portions Copyrighted 2011 ForgeRock AS
authentication=Authentication Modules
LDAPex=Unknown LDAP exception.
UPerror=Both user ID and password required.
classpathError=Class not found. Check class path.
InvalidUP=Invalid user ID and password. Try again.
NoUser=User ID not found.
NoServer=Server cannot be contacted.
Naming=Naming error has occurred.
sunAMAuthADServiceDescription=Active Directory
PasswordExp=Password Expires In: {0}
PasswordReset=Reset the password.
PasswdMismatch=The password and the confirm password do not match.
UPsame=Username and password must be different. Try again.
PInvalid=The password you have entered is invalid.
PasswdSame=The password must be different. Try again.
PasswdMinChars=Password contains fewer than minimum number of characters.
a101=Primary Active Directory Server this list to set the primary Active Directory server used for authentication. Active Directory authentication module will use this list as the primary server for authentication. A single entry must \
be in the format:<br/><br/><code>server:port</code><br/><br/>Multiple entries allow associations between OpenAM servers and an \
Active Directory server. \
The format is:<br/><br/><code>local server name | server:port</code><br/><br/>\
The local server name is the full name of the server from the list of servers and sites.
a102=Secondary Active Directory Server this list to set the secondary (failover) Active Directory server used for authentication. the primary Active Directory server fails, the Active Directory authentication module will failover to the secondary \
server. A single entry must be in the format:<br/><br/><code>server:port</code><br/><br/>\
Multiple entries allow associations between OpenAM servers and an Active Directory server.\
The format is:<br/><br/><code>local server name | server:port</code><br/><br/>\
<i>NB </i>The local server name is the full name of the server from the list of servers and sites.
a103=DN to Start User Search search for accounts to be authenticated start from this base DN a single server just enter the Base DN to be searched. Multiple OpenAM servers can have different base DNs for the search \
The format is as follows:<br/><br/><code>local server name | search DN</code><br/><br/>\
<i>NB </i>The local server name is the full name of the server from the list of servers and sites.
a104=Bind User DN DN of an admin user used by the module to authentication to the LDAP server LDAP module requires an administration account in order to perform functionality such as password reset.<br/><br/>\
<i>NB </i><code>cn=Directory Manager</code> should not be used in production systems.
a105=Bind User Password password of the administration account.
a106=Attribute Used to Retrieve User Profile LDAP module will use this attribute to search of the profile of an authenticated user. is the attribute used to find the profile of the authenticated user. Normally this will be the same attribute used to \
find the user account. The value will be the name of the user used for authentication.
a107=Attributes Used to Search for a User to be Authenticated attributes specified in this list form the LDAP search filter. default value of uid will form the following search filter of <code>uid=<i>user</i></code>, if there are multiple \
values such as uid and cn, the module will create a search filter as follows <code>(|(uid=<i>user</i>)(cn=<i>user</i>))</code>
a108=User Search Filter search filter will be appended to the standard user search filter. attribute can be used to append a custom search filter to the standard filter. For example: \
<code>(objectClass=person)</code>would result in the following user search filter:<br/><br/>\
a109=Search Scope level in the Directory Server that will be searched for a matching user profile. attribute controls how the directory is searched.<br/><br/>\
<ul><li><code>OBJECT</code>: Only the Base DN is searched.</li>\
<li><code>ONELEVEL</code>: Only the single level below (and not the Base DN) is searched</li>\
<li><code>SUBTREE</code>: The Base DN and all levels below are searched</li></ul>
a110=SSL/TLS Access to Active Directory Server this property is enabled; all connections to the Active Directory server will be over SSL/TLS. The SSL certificate on \
the Active Directory server must be valid or the certificate must be trusted and stored in the OpenAM local certificate file.
a111=Return User DN to DataStore whether the DN or the username is returned as the authentication principal.
a113=Active Directory Server Check Interval interval of the check used to detect failure in the Active Directory server; in minutes. is the frequency that the Active Directory module will check if the current Active Directory server is available. \
If the server is not available then the module will failover to the other server.
a114=User Creation Attributes the mapping of local attribute to external attribute for dynamic profile creation. dynamic profile creation is enabled; this feature allows for a mapping between the attribute/values retrieved from \
the users authenticated profile and the attribute/values that will be provisioned into their matching account in the data store.\
<br/><br/>The format of this property is: <br/><br/><code> local attr1|external attr1</code>
AcctInactive=Account in-activated or locked. Unlock or activate the account.
## Note level should have the highest
## number for i18N key since it should
## be the last attribute when viewed in
## the adminconsole
a500=Authentication Level authentication level associated with this module. authentication module has an authentication level that can be used to indicate the level of security \
associated with the module; 0 is the lowest (and the default).
InappAuth=Inappropriate Authentication
noUserMatchFound=User not found.
multipleUserMatchFound=Multiple matches found for the user. Contact your system administrator to fix the problem.
Nosecserver=No secondary server provided.
HostInvalid=Invalid host name.
HostUnknown=Unknown host {0}
SchBaseInvalid=Invalid search base.
PwdInvalid=Invalid user password.
FConnect=Connection failed.
CredInvalid=Invalid credentials.
UsrNotExist=User does not exist.
FAuth=Authentication failed.
UNAttr=User naming attribute is null.
USchAttr=User search attributes must have at least one value.