ja.po revision 0172959f117b545c8a6b1893f5f56818d82dd624
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher# SOME DESCRIPTIVE TITLE
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher# Copyright (C) YEAR Red Hat
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher# This file is distributed under the same license as the sssd-docs package.
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek# Tadashi "ELF" Jokagi <elf@poyo.jp>, 2012
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek# Tomoyuki KATO <tomo@dream.daynight.jp>, 2012-2013
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek# 高一人参 @欠陥遺伝子 <www.carrotsoft@gmail.com>, 2012
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Project-Id-Version: SSSD\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
0172959f117b545c8a6b1893f5f56818d82dd624Jakub Hrozek"POT-Creation-Date: 2013-06-27 21:10+0300\n"
0172959f117b545c8a6b1893f5f56818d82dd624Jakub Hrozek"PO-Revision-Date: 2013-06-11 15:21+0000\n"
0172959f117b545c8a6b1893f5f56818d82dd624Jakub Hrozek"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Language-Team: Japanese <trans-ja@lists.fedoraproject.org>\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Language: ja\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"MIME-Version: 1.0\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Content-Type: text/plain; charset=UTF-8\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Content-Transfer-Encoding: 8bit\n"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"Plural-Forms: nplurals=1; plural=0;\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><title>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#: sssd-ad.5.xml:5 sssd-sudo.5.xml:5 sssd.8.xml:5 sss_obfuscate.8.xml:5
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#: sss_useradd.8.xml:5 sssd-krb5.5.xml:5 sss_groupadd.8.xml:5
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#: sss_userdel.8.xml:5 sss_groupdel.8.xml:5 sss_groupshow.8.xml:5
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#: sss_usermod.8.xml:5 sss_cache.8.xml:5 sss_debuglevel.8.xml:5
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#: sss_seed.8.xml:5 sss_ssh_authorizedkeys.1.xml:5
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "SSSD Manual pages"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "SSSD マニュアル ページ"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refname>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "sss_groupmod"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "sss_groupmod"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refmeta><manvolnum>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 sss_cache.8.xml:11
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refpurpose>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "modify a group"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "グループを変更します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><title>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#: sssd-ad.5.xml:21 sssd-sudo.5.xml:21 sssd.8.xml:29 sss_obfuscate.8.xml:30
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#: sss_useradd.8.xml:30 sssd-krb5.5.xml:21 sss_groupadd.8.xml:30
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#: sss_userdel.8.xml:30 sss_groupdel.8.xml:30 sss_groupshow.8.xml:30
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#: sss_usermod.8.xml:30 sss_cache.8.xml:29 sss_debuglevel.8.xml:30
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#: sss_seed.8.xml:31 sss_ssh_authorizedkeys.1.xml:30
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "DESCRIPTION"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<command>sss_groupmod</command> modifies the group to reflect the changes "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"that are specified on the command line."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>sss_groupmod</command> はコマンドラインにおいて指定された変更を反映"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"するようグループを変更します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><title>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#: sss_cache.8.xml:38 sss_debuglevel.8.xml:38 sss_seed.8.xml:42
ea929f1b022fc2cb77dec89b0e12accef983ec85Jakub Hrozek#: sss_ssh_authorizedkeys.1.xml:75 sss_ssh_knownhostsproxy.1.xml:62
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "OPTIONS"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Append this group to groups specified by the <replaceable>GROUPS</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"a comma separated list of group names."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"このグループを <replaceable>GROUPS</replaceable> パラメーターにより指定された"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"グループに追加します。 <replaceable>GROUPS</replaceable> パラメーターはグルー"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"プ名のカンマ区切り一覧です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Remove this group from groups specified by the <replaceable>GROUPS</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"replaceable> parameter."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"このグループを <replaceable>GROUPS</replaceable> パラメーターにより指定された"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refname>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refmeta><manvolnum>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#: sssd-ipa.5.xml:11 sssd-ad.5.xml:11 sssd-sudo.5.xml:11 sssd-krb5.5.xml:11
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refmeta><refmiscinfo>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#: sssd-ipa.5.xml:12 sssd-ad.5.xml:12 sssd-sudo.5.xml:12 sssd-krb5.5.xml:12
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "File Formats and Conventions"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ファイル形式および変換"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refpurpose>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek#: sssd-ipa.5.xml:17 sssd-ad.5.xml:17 sssd-krb5.5.xml:17
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "the configuration file for SSSD"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "SSSD の設定ファイル"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><title>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "FILE FORMAT"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ファイルフォーマット"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><programlisting>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher" <replaceable>[section]</replaceable>\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher" <replaceable>[section]</replaceable>\n"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The file has an ini-style syntax and consists of sections and parameters. A "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"section begins with the name of the section in square brackets and continues "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"until the next section begins. An example of section with single and multi-"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ファイルは ini 形式の構文を持ち、セクションとパラメーターから構成されます。セ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"クションは角括弧にあるセクション名から始まり、次のセクションが始まるまで続き"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ます。 1 つセクションと複数の値を持つパラメーターの例: <placeholder type="
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"\"programlisting\" id=\"0\"/>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The data types used are string (no quotes needed), integer and bool (with "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"values of <quote>TRUE/FALSE</quote>)."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"使用されるデータ形式は、文字列(引用符は不要)、整数および論理値"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"(<quote>TRUE/FALSE</quote> の値)です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon "
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"(<quote>;</quote>). Inline comments are not supported."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"All sections can have an optional <replaceable>description</replaceable> "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"parameter. Its function is only as a label for the section."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"すべてのセクションはオプションの <replaceable>description</replaceable> パラ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"メーターを持てます。その機能はセクションのラベルとしてのみです。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<filename>sssd.conf</filename> must be a regular file, owned by root and "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"only root may read from or write to the file."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<filename>sssd.conf</filename> は、root により所有され、root のみが読み書きで"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"きる、通常のファイルである必要があります。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><title>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "SPECIAL SECTIONS"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "特別セクション"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><title>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "The [sssd] section"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "[sssd] セクション"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Section parameters"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "セクションのパラメーター"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "config_file_version (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "config_file_version (整数)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"設定ファイルの構文が何であるカを指示します。SSSD 0.6.0 およびそれ以降はバー"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ジョン 2 を使用します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "services"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "services"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Comma separated list of services that are started when sssd itself starts."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "sssd 自身が開始するときに開始されるサービスのカンマ区切り一覧です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase> "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"<phrase condition=\"with_autofs\">, autofs</phrase> <phrase condition="
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"\"with_ssh\">, ssh</phrase> <phrase condition=\"with_pac_responder\">, pac</"
bf9abef629707167d39fcc92ec9c18a6244b27b8Jakub Hrozek"サポートされるサービス: nss, pam <phrase condition=\"with_sudo\">, sudo</"
bf9abef629707167d39fcc92ec9c18a6244b27b8Jakub Hrozek"phrase> <phrase condition=\"with_autofs\">, autofs</phrase> <phrase "
bf9abef629707167d39fcc92ec9c18a6244b27b8Jakub Hrozek"condition=\"with_ssh\">, ssh</phrase> <phrase condition=\"with_pac_responder"
bf9abef629707167d39fcc92ec9c18a6244b27b8Jakub Hrozek"\">, pac</phrase>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "reconnection_retries (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "reconnection_retries (整数)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Number of times services should attempt to reconnect in the event of a Data "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Provider crash or restart before they give up"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"データプロバイダーがクラッシュまたは再起動した場合、サービスが再接続をあきら"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"める前に試行する回数です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: 3"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: 3"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "domains"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "domains"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"A domain is a database containing user information. SSSD can use more "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"domains at the same time, but at least one must be configured or SSSD won't "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"start. This parameter described the list of domains in the order you want "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"them to be queried. A domain name should only consist of alphanumeric ASCII "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"characters, dashes and underscores."
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "re_expression (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "re_expression (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"Default regular expression that describes how to parse the string containing "
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"user name and domain into these components."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek"Each domain can have an individual regular expression configured. For some "
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek"ID providers there are also default regular expressions. See DOMAIN "
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek"SECTIONS for more info on these regular expressions."
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "full_name_format (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "full_name_format (文字列)"
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"manvolnum> </citerefentry>-compatible format that describes how to compose a "
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"fully qualified name from user name and domain name components."
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozekmsgid "user name"
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozekmsgid "domain name as specified in the SSSD config file."
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"domain flat name. Mostly usable for Active Directory domains, both directly "
0172959f117b545c8a6b1893f5f56818d82dd624Jakub Hrozek"configured or discovered via IPA trusts."
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"The following expansions are supported: <placeholder type=\"variablelist\" "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"Each domain can have an individual format string configured. see DOMAIN "
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"SECTIONS for more info on this option."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "try_inotify (boolean)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "try_inotify (論理値)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"SSSD monitors the state of resolv.conf to identify when it needs to update "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"its internal DNS resolver. By default, we will attempt to use inotify for "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"this, and will fall back to polling resolv.conf every five seconds if "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"inotify cannot be used."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"SSSD は、内部 DNS リゾルバーを更新する必要となるときを認識するために、resolv."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"conf の状態を監視します。初期状態では、このために inotify を使用しようとしま"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"す。inotify が使用できない場合 5 秒ごとに resolv.conf をポーリングするよう"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"There are some limited situations where it is preferred that we should skip "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"even trying to use inotify. In these rare cases, this option should be set "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"inotify を使用することをスキップすることが望ましい、いくつかの制限された状況"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"があります。これらの珍しい場合では、このオプションが 'false' に設定されるべき"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Default: true on platforms where inotify is supported. False on other "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"初期値: inotify がサポートされるプラットフォームにおいては真です。他のプラッ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"トフォームにおいては偽です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Note: this option will have no effect on platforms where inotify is "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"unavailable. On these platforms, polling will always be used."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"注: このオプションは inotify が利用不可能なプラットフォームにおいて効果があり"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ません。これらのプラットフォームにおいては、ポーリングが常に使用されます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "krb5_rcache_dir (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "krb5_rcache_dir (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Directory on the filesystem where SSSD should store Kerberos replay cache "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"SSSD が Kerberos リプレイキャッシュファイルを保存するファイルシステムのディレ"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"SSSD to let libkrb5 decide the appropriate location for the replay cache."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"このオプションは、libkrb5 がリプレイキャッシュに対する適切な場所を決められる"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"よう SSSD に指示する、特別な値 __LIBKRB5_DEFAULTS__ を受け付けます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Default: Distribution-specific and specified at build-time. "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"(__LIBKRB5_DEFAULTS__ if not configured)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"初期値: ディストリビューション固有かつ構築時に指定されます。 (設定されていな"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ければ __LIBKRB5_DEFAULTS__ です)"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozekmsgid "default_domain_suffix (string)"
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek"This string will be used as a default domain name for all names without a "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"domain name component. The main use case is environments where the primary "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"domain is intended for managing host policies and all users are located in a "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"trusted domain. The option allows those users to log in just with their "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"user name without giving a domain name as well."
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"Please note that if this option is set all users from the primary domain "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"have to use their fully qualified name, e.g. user@domain.name, to log in."
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1371 sssd-ldap.5.xml:1383
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd-ldap.5.xml:1444 sssd-ldap.5.xml:2325 sssd-ldap.5.xml:2352
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#: sssd-krb5.5.xml:388 include/ldap_id_mapping.xml:145
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozekmsgid "Default: not set"
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozekmsgstr "初期値: 設定されません"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Individual pieces of SSSD functionality are provided by special SSSD "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"services that are started and stopped together with SSSD. The services are "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"managed by a special service frequently called <quote>monitor</quote>. The "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<quote>[sssd]</quote> section is used to configure the monitor as well as "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"some other important options like the identity domains. <placeholder type="
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"\"variablelist\" id=\"0\"/>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"SSSD の機能の各部分は SSSD と一緒に開始および停止される特別な SSSD サービスに"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"より提供されます。特別なサービスにより管理されるサービスはよく<quote>モニター"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"</quote>と呼ばれます。<quote>[sssd]</quote> セクションは、モニターだけでな"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"く、識別ドメインのような他の重要なオプションを設定するために使用されます。 "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<placeholder type=\"variablelist\" id=\"0\"/>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><title>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "SERVICES SECTIONS"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "サービスセクション"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Settings that can be used to configure different services are described in "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"section, for example, for NSS service, the section would be <quote>[nss]</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"異なるサービスを設定するために使用される設定がこのセクションに記述されます。"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"それらは [<replaceable>$NAME</replaceable>] セクションに置かれます。たとえ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ば、NSS サービスは <quote>[nss]</quote> セクションです"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><title>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "General service configuration options"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "サービス設定の全体オプション"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "These options can be used to configure any service."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "これらのオプションはすべてのサービスを設定するために使用できます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "debug_level (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "debug_level (整数)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "debug_timestamps (bool)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "debug_timestamps (論理値)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Add a timestamp to the debug messages"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "デバッグメッセージに日時を追加します"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd.conf.5.xml:292 sssd.conf.5.xml:472 sssd.conf.5.xml:819
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd-ldap.5.xml:1517 sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1671
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd-ldap.5.xml:2113 sssd-ldap.5.xml:2178 sssd-ldap.5.xml:2196
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:156 sssd-ad.5.xml:181
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: true"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: true"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "debug_microseconds (bool)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "debug_microseconds (論理値)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Add microseconds to the timestamp in debug messages"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "デバッグメッセージの日時にマイクロ秒を追加します"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd.conf.5.xml:303 sssd.conf.5.xml:773 sssd.conf.5.xml:1712
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1412 sssd-ldap.5.xml:1431
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd-ldap.5.xml:1586 sssd-ldap.5.xml:1909 sssd-ipa.5.xml:139
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd-ipa.5.xml:205 sssd-ipa.5.xml:473 sssd-krb5.5.xml:244
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: false"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: false"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "timeout (integer)"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgstr "timeout (整数)"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"Timeout in seconds between heartbeats for this service. This is used to "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"ensure that the process is alive and capable of answering requests."
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "Default: 10"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgstr "初期値: 10"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgid "fd_limit"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"This option specifies the maximum number of file descriptors that may be "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"opened at one time by this SSSD process. On systems where SSSD is granted "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"the CAP_SYS_RESOURCE capability, this will be an absolute setting. On "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"systems without this capability, the resulting value will be the lower value "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"of this or the limits.conf \"hard\" limit."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgid "Default: 8192 (or limits.conf \"hard\" limit)"
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallaghermsgid "client_idle_timeout"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozekmsgstr "client_idle_timeout"
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"This option specifies the number of seconds that a client of an SSSD process "
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"can hold onto a file descriptor without communicating on it. This value is "
7797e361155f7ce937085fd98e360469d7baf1b6Jakub Hrozek"limited in order to avoid resource exhaustion on the system."
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"このオプションは、SSSD プロセスのクライアントがそれとコミュニケーションなしで"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"ファイル記述子に保持できる秒数を指定します。この値はシステムのリソース枯渇を"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"避けるために制限されます。"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd.conf.5.xml:361 sssd.conf.5.xml:377 sssd.conf.5.xml:591
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd.conf.5.xml:751 sssd.conf.5.xml:983 sssd-ldap.5.xml:1113
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozekmsgid "Default: 60"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozekmsgstr "初期値: 60"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozekmsgid "force_timeout (integer)"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"If a service is not responding to ping checks (see the <quote>timeout</"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"quote> option), it is first sent the SIGTERM signal that instructs it to "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"quit gracefully. If the service does not terminate after "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"by sending a SIGKILL signal."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><title>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "NSS configuration options"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "NSS 設定オプション"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"These options can be used to configure the Name Service Switch (NSS) service."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"これらのオプションは Name Service Switch (NSS) サービスを設定するために使用で"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "enum_cache_timeout (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "enum_cache_timeout (整数)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"How many seconds should nss_sss cache enumerations (requests for info about "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"nss_sss が列挙をキャッシュする秒数です(すべてのユーザーに関する情報に対する"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: 120"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: 120"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "entry_cache_nowait_percentage (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "entry_cache_nowait_percentage (整数)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The entry cache can be set to automatically update entries in the background "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"if they are requested beyond a percentage of the entry_cache_timeout value "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"for the domain."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"エントリーキャッシュは、ドメインに対して entry_cache_timeout の値を超えて要求"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"された場合に、バックグラウンドでエントリーを自動的に更新するよう設定できま"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"For example, if the domain's entry_cache_timeout is set to 30s and "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"after 15 seconds past the last cache update will be returned immediately, "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"but the SSSD will go and update the cache on its own, so that future "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"requests will not need to block waiting for a cache update."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"たとえば、ドメインの entry_cache_timeout が 30s に設定され、"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"entry_cache_nowait_percentage が 50 (%) に設定されていると、エントリーが 15 "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"秒経過後にきて、最新の更新キャッシュが直ちに返されます。しかし、SSSD が自身に"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"キャッシュされ、更新されます。そのため、その先の要求はキャッシュ更新を待つこ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"とをブロックする必要がありません。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Valid values for this option are 0-99 and represent a percentage of the "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"entry_cache_timeout for each domain. For performance reasons, this "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"percentage will never reduce the nowait timeout to less than 10 seconds. (0 "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"disables this feature)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"このオプションに対して有効な値は 0-99 です。各ドメインに対する "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"entry_cache_timeout のパーセンテージを表します。性能上の理由から、このパーセ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ンテージは 10 秒よりも小さく nowait タイムアウトを減らすべきではありません。"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"(0 はこの機能を無効にします)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: 50"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: 50"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "entry_negative_timeout (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "entry_negative_timeout (整数)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Specifies for how many seconds nss_sss should cache negative cache hits "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"(that is, queries for invalid database entries, like nonexistent ones) "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"before asking the back end again."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"nss_sss が再びバックエンドに問い合わせる前にネガティブキャッシュヒット(つま"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"り、存在しないドメインのように、無効なデータベースエントリーに対する問い合わ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"せ)をキャッシュする秒数を指定します。"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: 15"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: 15"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "filter_users, filter_groups (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "filter_users, filter_groups (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Exclude certain users from being fetched from the sss NSS database. This is "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"particularly useful for system accounts. This option can also be set per-"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"domain or include fully-qualified names to filter only users from the "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"particular domain."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"sss NSS データベースから取り出されたものから特定のユーザーを除外します。これ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"はとくにシステムアカウントに対して有効です。このオプションはドメインごとに設"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"定できます。または特定のドメインからユーザーのみをフィルターするために完全修"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"飾名を含めることができます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: root"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: root"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "filter_users_in_groups (bool)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "filter_users_in_groups (論理値)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"If you want filtered user still be group members set this option to false."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"フィルターされたユーザーがまだグループメンバーのままにしたいならば、このオプ"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgid "fallback_homedir (string)"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgstr "fallback_homedir (文字列)"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"Set a default template for a user's home directory if one is not specified "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"explicitly by the domain's data provider."
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"ドメインのデータプロバイダーにより明示的に指定されていない場合に、ユーザーの"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"ホームディレクトリーの標準テンプレートを設定します。"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"The available values for this option are the same as for override_homedir."
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"このオプションに対して利用可能なオプションは override_homedir に対するものと"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"override_homedir = /home/%u\n"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"override_homedir = /home/%u\n"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd.conf.5.xml:490 include/override_homedir.xml:44
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozekmsgstr "例: <placeholder type=\"programlisting\" id=\"0\"/>"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "Default: not set (no substitution for unset home directories)"
486237ee009f1d84fc4c85665dce80ade76f7079Stephen Gallaghermsgstr "初期値: 設定なし (ホームディレクトリーの設定がない場合は代替なし)"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgid "override_shell (string)"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozekmsgstr "override_shell (文字列)"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"Override the login shell for all users. This option can be specified "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"globally in the [nss] section or per-domain."
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"すべてのユーザーに対するログインシェルを上書きします。このオプションは [nss] "
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"において全体的またはドメインごとに指定できます。"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgid "Default: not set (SSSD will use the value retrieved from LDAP)"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozekmsgstr "初期値: 設定なし (SSSD は LDAP から取得された値を使用します)"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "allowed_shells (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "allowed_shells (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Restrict user shell to one of the listed values. The order of evaluation is:"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ユーザーのシェルを一覧にある値のどれかに制限します。評価の順番は次のとおりで"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"1. シェルが <quote>/etc/shells</quote> に存在すると、それが使用されます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"quote>, use the value of the shell_fallback parameter."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"2. シェルが allowed_shells 一覧にあるが、<quote>/etc/shells</quote> になけれ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ば、shell_fallback パラメーターの値を使用します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"shells</quote>, a nologin shell is used."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"3. シェルが allowed_shells 一覧になく、<quote>/etc/shells</quote> にもなけれ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ば、nologin シェルが使用されます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "An empty string for shell is passed as-is to libc."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "シェルの空文字列は libc にそのまま渡されます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"that a restart of the SSSD is required in case a new shell is installed."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<quote>/etc/shells</quote> は SSSD が開始されるときにのみ読み込まれます。これ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"は新しいシェルがインストールされた場合 SSSD の再起動が必要になることを意味し"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: Not set. The user shell is automatically used."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: 設定されません。ユーザーシェルが自動的に使用されます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "vetoed_shells (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "vetoed_shells (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Replace any instance of these shells with the shell_fallback"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "これらのシェルのインスタンスをすべて shell_fallback に置き換えます"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "shell_fallback (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "shell_fallback (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The default shell to use if an allowed shell is not installed on the machine."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"許可されたシェルがマシンにインストールされていない場合に使用する標準シェルで"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: /bin/sh"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "default_shell"
486237ee009f1d84fc4c85665dce80ade76f7079Stephen Gallaghermsgstr "default_shell"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"The default shell to use if the provider does not return one during lookup. "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"This option supersedes any other shell options if it takes effect and can be "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"set either in the [nss] section or per-domain."
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"Default: not set (Return NULL if no shell is specified and rely on libc to "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"substitute something sensible when necessary, usually /bin/sh)"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "get_domains_timeout (int)"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"Specifies time in seconds for which the list of subdomains will be "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"considered valid."
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallaghermsgid "memcache_timeout (int)"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozekmsgstr "memcache_timeout (整数)"
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"Specifies time in seconds for which records in the in-memory cache will be "
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallaghermsgid "Default: 300"
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallaghermsgstr "初期値: 300"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><title>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "PAM configuration options"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "PAM 設定オプション"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"These options can be used to configure the Pluggable Authentication Module "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"(PAM) service."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"これらのオプションは Pluggable Authentication Module (PAM) サービスを設定する"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "offline_credentials_expiration (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "offline_credentials_expiration (整数)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"If the authentication provider is offline, how long should we allow cached "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"logins (in days since the last successful online login)."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"認証プロバイダーがオフラインの場合に、キャッシュログインを許可する時間(オン"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ラインログインの最終成功からの日数)です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: 0 (No limit)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: 0 (無制限)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "offline_failed_login_attempts (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "offline_failed_login_attempts (整数)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"If the authentication provider is offline, how many failed login attempts "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"認証プロバイダーがオフラインの場合、ログイン試行の失敗が許容される回数です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "offline_failed_login_delay (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "offline_failed_login_delay (整数)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The time in minutes which has to pass after offline_failed_login_attempts "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"has been reached before a new login attempt is possible."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"新しいログイン試行が可能になる前に offline_failed_login_attempts に達した後に"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"渡される分単位の時間です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"If set to 0 the user cannot authenticate offline if "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"offline_failed_login_attempts has been reached. Only a successful online "
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher"authentication can enable offline authentication again."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"0 に設定されていると、offline_failed_login_attempts に達した場合、ユーザーが"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"オフライン認証できません。オンライン認証に成功すると、再びオフライン認証を有"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd.conf.5.xml:658 sssd.conf.5.xml:711 sssd.conf.5.xml:1659
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: 5"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: 5"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "pam_verbosity (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "pam_verbosity (整数)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Controls what kind of messages are shown to the user during authentication. "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The higher the number to more messages are displayed."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"認証中にユーザーに表示されるメッセージの種類を制御します。数字が大きければ大"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"きいほどメッセージが表示されます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Currently sssd supports the following values:"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "現在 sssd は以下の値をサポートします:"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<emphasis>0</emphasis>: do not show any message"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<emphasis>0</emphasis>: 何もメッセージを表示しない"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<emphasis>1</emphasis>: show only important messages"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<emphasis>1</emphasis>: 重要なメッセージのみを表示する"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<emphasis>2</emphasis>: show informational messages"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<emphasis>2</emphasis>: 情報レベルのメッセージを表示する"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<emphasis>3</emphasis>: show all messages and debug information"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<emphasis>3</emphasis>: すべてのメッセージとデバッグ情報を表示する"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: 1"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: 1"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "pam_id_timeout (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "pam_id_timeout (整数)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"For any PAM request while SSSD is online, the SSSD will attempt to "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"immediately update the cached identity information for the user in order to "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"ensure that authentication takes place with the latest information."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"SSSD がオンラインの間はすべての PAM 要求に対して、ユーザーが最新の情報で認証"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"されるよう、SSSD は直ちにキャッシュされた識別情報を更新しようとします。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"A complete PAM conversation may perform multiple PAM requests, such as "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"account management and session opening. This option controls (on a per-"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"client-application basis) how long (in seconds) we can cache the identity "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"information to avoid excessive round-trips to the identity provider."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"完全な PAM のやりとりは、アカウント管理やセッション開始のように、複数の PAM "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"要求を実行できます。このオプションは、識別プロバイダーに対する過剰なラウンド"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"トリップを避けるために識別情報をキャッシュできる時間(秒数)を(クライアント"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"アプリケーションごとに)制御します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "pam_pwd_expiration_warning (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "pam_pwd_expiration_warning (整数)"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Display a warning N days before the password expires."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "パスワードの期限が切れる前に N 日間警告を表示します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Please note that the backend server has to provide information about the "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"expiration time of the password. If this information is missing, sssd "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"cannot display a warning."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"バックエンドのサーバーがパスワードの有効期間に関する情報を提供する必要がある"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ことに注意してください。この情報がなければ、sssd は警告を表示します。"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"If zero is set, then this filter is not applied, i.e. if the expiration "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"warning was received from backend server, it will automatically be displayed."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"emphasis> for a particular domain."
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "Default: 0"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgstr "初期値: 0"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><title>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "SUDO configuration options"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "SUDO 設定オプション"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "These options can be used to configure the sudo service."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "これらのオプションは sudo サービスを設定するために使用されます。"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "sudo_timed (bool)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "sudo_timed (論理値)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"that implement time-dependent sudoers entries."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"時間依存の sudoers エントリーを実装する sudoNotBefore と sudoNotAfter の属性"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"を評価するかしないかです。"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><title>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "AUTOFS configuration options"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "Autofs 設定オプション"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "These options can be used to configure the autofs service."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "これらのオプションが autofs サービスを設定するために使用されます。"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "autofs_negative_timeout (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "autofs_negative_timeout (整数)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"Specifies for how many seconds should the autofs responder negative cache "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"hits (that is, queries for invalid map entries, like nonexistent ones) "
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"before asking the back end again."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"autofs レスポンダーのネガティブキャッシュ(つまり、存在しないもののように、無"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"効なマップエントリーに対する問い合わせ)が再びバックエンドに問い合わせる前に"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ヒットする秒数を指定します。"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><title>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "SSH configuration options"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozekmsgstr "SSH 設定オプション"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "These options can be used to configure the SSH service."
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozekmsgstr "これらのオプションは SSH サービスを設定するために使用されます。"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "ssh_hash_known_hosts (bool)"
7797e361155f7ce937085fd98e360469d7baf1b6Jakub Hrozekmsgstr "ssh_hash_known_hosts (論理値)"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
45db68ae27147955a4be4c2c772041824c0dc00fStephen Gallagher"Whether or not to hash host names and addresses in the managed known_hosts "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozekmsgid "ssh_known_hosts_timeout (integer)"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"How many seconds to keep a host in the managed known_hosts file after its "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"host keys were requested."
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozekmsgid "Default: 180"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozekmsgstr "初期値: 180"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><title>
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallaghermsgid "PAC responder configuration options"
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para>
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"The PAC responder works together with the authorization data plugin for MIT "
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"PAC data during a GSSAPI authentication to the PAC responder. The sub-domain "
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"provider collects domain SID and ID ranges of the domain the client is "
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"joined to and of remote trusted domains from the local domain controller. "
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"If the PAC is decoded and evaluated some of the following operations are "
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"If the remote user does not exist in the cache, it is created. The uid is "
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"determined with the help of the SID, trusted domains will have UPGs and the "
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"gid will have the same value as the uid. The home directory is set based on "
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"the subdomain_homedir parameter. The shell will be empty by default, i.e. "
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"the system defaults are used, but can be overwritten with the default_shell "
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"If there are SIDs of groups from domains sssd knows about, the user will be "
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"added to those groups."
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><para>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozekmsgid "These options can be used to configure the PAC responder."
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozekmsgid "allowed_uids (string)"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"Specifies the comma-separated list of UID values or user names that are "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"allowed to access the PAC responder. User names are resolved to UIDs at "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozekmsgid "Default: 0 (only the root user is allowed to access the PAC responder)"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"Please note that although the UID 0 is used as the default it will be "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"overwritten with this option. If you still want to allow the root user to "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"access the PAC responder, which would be the typical case, you have to add 0 "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"to the list of allowed UIDs as well."
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><title>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "DOMAIN SECTIONS"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ドメインセクション"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "min_id,max_id (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "min_id,max_id (整数)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"UID and GID limits for the domain. If a domain contains an entry that is "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"outside these limits, it is ignored."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ドメインに対する UID と GID の制限です。ドメインがこれらの制限の外にあるエン"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"トリーを含む場合、それは無視されます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"For users, this affects the primary GID limit. The user will not be returned "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"to NSS if either the UID or the primary GID is outside the range. For non-"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"primary group memberships, those that are in range will be reported as "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ユーザーに対して、これはプライマリー GID 制限に影響します。 UID またはプライ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"マリー GID が範囲外ならば、ユーザーは NSS に返されません。非プライマリーメン"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"バーに対して、範囲内にあるものは予期されたものとして報告されます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: 1 for min_id, 0 (no limit) for max_id"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: min_id は 1, max_id は 0 (無制限)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "enumerate (bool)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "enumerate (論理値)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Determines if a domain can be enumerated. This parameter can have one of the "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"following values:"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ドメインが列挙できるかを決定します。このパラメーターは以下の値のどれかである"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "TRUE = Users and groups are enumerated"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "TRUE = ユーザーとグループが列挙されます"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "FALSE = No enumerations for this domain"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "FALSE = このドメインに対して列挙しません"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd.conf.5.xml:936 sssd.conf.5.xml:1110 sssd.conf.5.xml:1212
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: FALSE"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: FALSE"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Note: Enabling enumeration has a moderate performance impact on SSSD while "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"enumeration is running. It may take up to several minutes after SSSD startup "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"to fully complete enumerations. During this time, individual requests for "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"information will go directly to LDAP, though it may be slow, due to the "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"heavy enumeration processing. Saving a large number of entries to cache "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"after the enumeration completes might also be CPU intensive as the "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"memberships have to be recomputed."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"While the first enumeration is running, requests for the complete user or "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"group lists may return no results until it completes."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"最初の列挙が実行中の間、完全なユーザーまたはグループの一覧に対する要求は、そ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"れが完了するまで結果を返しません。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Further, enabling enumeration may increase the time necessary to detect "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"network disconnection, as longer timeouts are required to ensure that "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"enumeration lookups are completed successfully. For more information, refer "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"to the man pages for the specific id_provider in use."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"さらに、列挙を有効にすることにより、挙の検索が確実に正しく完了するよりも長く"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"する必要があるので、ネットワーク切断を検知するために必要な時間が増える可能性"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"があります。詳細は使用している具体的な id_provider のマニュアルページを参照し"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"For the reasons cited above, enabling enumeration is not recommended, "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"especially in large environments."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "entry_cache_timeout (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "entry_cache_timeout (整数)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"How many seconds should nss_sss consider entries valid before asking the "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"backend again"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"nss_sss が再びバックエンドに問い合わせる前にエントリーを有効であると考える秒"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: 5400"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: 5400"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "entry_cache_user_timeout (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "entry_cache_user_timeout (整数)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"How many seconds should nss_sss consider user entries valid before asking "
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"the backend again"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"nss_sss が再びバックエンドに問い合わせる前にユーザーエントリーを有効であると"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd.conf.5.xml:1009 sssd.conf.5.xml:1022 sssd.conf.5.xml:1035
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd.conf.5.xml:1048 sssd.conf.5.xml:1061 sssd.conf.5.xml:1075
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "Default: entry_cache_timeout"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: entry_cache_timeout"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "entry_cache_group_timeout (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "entry_cache_group_timeout (整数)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"How many seconds should nss_sss consider group entries valid before asking "
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"the backend again"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"nss_sss が再びバックエンドに問い合わせる前にグループエントリーを有効であると"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "entry_cache_netgroup_timeout (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "entry_cache_netgroup_timeout (整数)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"How many seconds should nss_sss consider netgroup entries valid before "
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"asking the backend again"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"nss_sss が再びバックエンドに問い合わせる前にネットワークグループエントリーを"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"有効であると考える秒数です。"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "entry_cache_service_timeout (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "entry_cache_service_timeout (整数)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"How many seconds should nss_sss consider service entries valid before asking "
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"the backend again"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"nss_sss が再びバックエンドに問い合わせる前にサービスエントリーを有効であると"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozekmsgid "entry_cache_sudo_timeout (integer)"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgstr "entry_cache_sudo_timeout (integer)"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"How many seconds should sudo consider rules valid before asking the backend "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozekmsgid "entry_cache_autofs_timeout (integer)"
bf9abef629707167d39fcc92ec9c18a6244b27b8Jakub Hrozekmsgstr "entry_cache_autofs_timeout (整数)"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"How many seconds should the autofs service consider automounter maps valid "
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"before asking the backend again"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozekmsgid "refresh_expired_interval (integer)"
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"Specifies how many seconds SSSD has to wait before refreshing expired "
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"records. Currently only refreshing expired netgroups is supported."
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozekmsgid "You can consider setting this value to 3/4 * entry_cache_timeout."
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozekmsgid "Default: 0 (disabled)"
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "cache_credentials (bool)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "cache_credentials (論理値)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Determines if user credentials are also cached in the local LDB cache"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ユーザーのクレディンシャルがローカル LDB キャッシュにキャッシュされるかどうか"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "User credentials are stored in a SHA512 hash, not in plaintext"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ユーザーのクレディンシャルが、平文ではなく SHA512 ハッシュで保存されます"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "account_cache_expiration (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "account_cache_expiration (整数)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Number of days entries are left in cache after last successful login before "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"being removed during a cleanup of the cache. 0 means keep forever. The "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"value of this parameter must be greater than or equal to "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"offline_credentials_expiration."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"正常にログイン後、キャッシュのクリーンアップ中にエントリーが削除される前の日"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"数です。 0 は永久に保持することを意味します。このパラメーターの値は "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"offline_credentials_expiration と同等以上でなければいけません。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: 0 (unlimited)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: 0 (無制限)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "pwd_expiration_warning (integer)"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozekmsgstr "pwd_expiration_warning (整数)"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"Please note that the backend server has to provide information about the "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"expiration time of the password. If this information is missing, sssd "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"cannot display a warning. Also an auth provider has to be configured for the "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "Default: 7 (Kerberos), 0 (LDAP)"
486237ee009f1d84fc4c85665dce80ade76f7079Stephen Gallaghermsgstr "初期値: 7 (Kerberos), 0 (LDAP)"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "id_provider (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "id_provider (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"The identification provider used for the domain. Supported ID providers are:"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"ドメインに対して使用される識別子プロバイダーです。サポートされる ID プロバイ"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"ダーは次のとおりです:"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozekmsgid "<quote>proxy</quote>: Support a legacy NSS provider"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgid "<quote>local</quote>: SSSD internal provider for local users"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozekmsgstr "<quote>local</quote>: ローカルユーザー向け SSSD 内部プロバイダー"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"information on configuring LDAP."
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"<quote>ldap</quote>: LDAP プロバイダー。LDAP の設定に関する詳細は "
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"manvolnum> </citerefentry> を参照してください。"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd.conf.5.xml:1176 sssd.conf.5.xml:1255 sssd.conf.5.xml:1306
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"<manvolnum>5</manvolnum> </citerefentry> for more information on configuring "
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"<quote>ipa</quote>: FreeIPA および Red Hat Enterprise Identity Management プ"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"ロバイダー。FreeIPA の設定に関する詳細は <citerefentry> <refentrytitle>sssd-"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"ipa</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> を参照してくださ"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd.conf.5.xml:1185 sssd.conf.5.xml:1264 sssd.conf.5.xml:1315
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"citerefentry> for more information on configuring Active Directory."
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"<quote>ad</quote>: Active Directory プロバイダー。Active Directory の設定に関"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"する詳細は <citerefentry> <refentrytitle>sssd-ad</refentrytitle> "
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"<manvolnum>5</manvolnum> </citerefentry> を参照してください。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "use_fully_qualified_names (bool)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "use_fully_qualified_names (論理値)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"Use the full name and domain (as formatted by the domain's full_name_format) "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"as the user's login name reported to NSS."
486237ee009f1d84fc4c85665dce80ade76f7079Stephen Gallagher"NSS に報告するユーザーのログイン名としてフルネームとドメイン (ドメインの完全"
486237ee009f1d84fc4c85665dce80ade76f7079Stephen Gallagher"名形式により整形されたように) を使用します。"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"If set to TRUE, all requests to this domain must use fully qualified names. "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"For example, if used in LOCAL domain that contains a \"test\" user, "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<command>getent passwd test</command> wouldn't find the user while "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<command>getent passwd test@LOCAL</command> would."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"TRUE に設定されていると、このドメインへのすべての要求は完全修飾名を使用する必"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"要があります。たとえば、 \"test\" ユーザーを含む LOCAL ドメインにおいて使用さ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"れていると、<command>getent passwd test</command> はユーザーを見つけられませ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"んが、<command>getent passwd test@LOCAL</command> は見つけられます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozekmsgid "ignore_group_members (bool)"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozekmsgid "Do not return group members for group lookups."
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"If set to TRUE, the group membership attribute is not requested from the "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"ldap server, and group members are not returned when processing group lookup "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "auth_provider (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "auth_provider (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The authentication provider used for the domain. Supported auth providers "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ドメインに対して使用される認証プロバイダーです。サポートされる認証プロバイ"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"citerefentry> for more information on configuring LDAP."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<quote>ldap</quote> は本来の LDAP 認証向けです。LDAP の設定に関する詳細は "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"manvolnum> </citerefentry> を参照してください。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"citerefentry> for more information on configuring Kerberos."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<quote>krb5</quote> は Kerberos 認証向けです。Kerberos の設定に関する詳細は "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"manvolnum> </citerefentry> を参照してください。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<quote>proxy</quote> for relaying authentication to some other PAM target."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<quote>proxy</quote> はいくつかの他の PAM ターゲットに認証を中継します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<quote>none</quote> disables authentication explicitly."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<quote>none</quote> は明示的に認証を無効化します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Default: <quote>id_provider</quote> is used if it is set and can handle "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"authentication requests."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"初期値: <quote>id_provider</quote> が設定され、認証要求を取り扱うことができる"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ならば、それが使用されます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "access_provider (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "access_provider (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The access control provider used for the domain. There are two built-in "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"access providers (in addition to any included in installed backends) "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Internal special providers are:"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ドメインに対して使用されるアクセス制御プロバイダーです。 2 つの組み込みアクセ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"スプロバイダーがあります(インストールされたバックエンドに含まれるすべてを加"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"えます)。内部の特別プロバイダーは次のとおりです:"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"<quote>permit</quote> always allow access. It's the only permitted access "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"provider for a local domain."
486237ee009f1d84fc4c85665dce80ade76f7079Stephen Gallagher"<quote>permit</quote> は常にアクセスを許可します。ローカルドメインに対するプ"
486237ee009f1d84fc4c85665dce80ade76f7079Stephen Gallagher"ロバイダーのみアクセスが許可されます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<quote>deny</quote> always deny access."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<quote>deny</quote> は常にアクセスを拒否します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<quote>simple</quote> access control based on access or deny lists. See "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"manvolnum></citerefentry> for more information on configuring the simple "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"access module."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<quote>simple</quote> アクセス制御はアクセスまたは拒否の一覧に基づきます。"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"simple アクセスモジュールの設定に関する詳細は <citerefentry> "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</manvolnum></"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"citerefentry> を参照してください。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: <quote>permit</quote>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: <quote>permit</quote>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "chpass_provider (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "chpass_provider (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The provider which should handle change password operations for the domain. "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Supported change password providers are:"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ドメインに対するパスワード変更操作を取り扱うプロバイダーです。サポートされる"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"パスワード変更プロバイダーは次のとおりです:"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<quote>ldap</quote> to change a password stored in a LDAP server. See "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"manvolnum> </citerefentry> for more information on configuring LDAP."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<quote>ldap</quote> は LDAP サーバーに保存されているパスワードを変更します。 "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"LDAP の設定に関する詳細は <citerefentry> <refentrytitle>sssd-ldap</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> を参照してください。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"citerefentry> for more information on configuring Kerberos."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<quote>krb5</quote> は Kerberos のパスワードを変更します。 Kerberos の設定に"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"関する詳細は <citerefentry> <refentrytitle>sssd-krb5</refentrytitle> "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<manvolnum>5</manvolnum> </citerefentry> を参照してください。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<quote>proxy</quote> for relaying password changes to some other PAM target."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<quote>proxy</quote> はいくつかの他の PAM ターゲットにパスワードの変更を中継"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<quote>none</quote> disallows password changes explicitly."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<quote>none</quote> は明示的にパスワードの変更を無効化します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Default: <quote>auth_provider</quote> is used if it is set and can handle "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"change password requests."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"初期値: <quote>auth_provider</quote> が設定され、パスワードの変更要求を取り扱"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"うことができるならば、それが使用されます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "sudo_provider (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "sudo_provider (文字列)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "The SUDO provider used for the domain. Supported SUDO providers are:"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ドメインに使用される SUDO プロバイダーです。サポートされる SUDO プロバイダー"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"citerefentry> for more information on configuring LDAP."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<quote>ldap</quote> は LDAP に保存されているルールのためです。LDAP の設定に関"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"する詳細は <citerefentry> <refentrytitle>sssd-ldap</refentrytitle> "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<manvolnum>5</manvolnum> </citerefentry> を参照します。"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "<quote>none</quote> disables SUDO explicitly."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<quote>none</quote> は SUDO を明示的に無効化します。"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd.conf.5.xml:1407 sssd.conf.5.xml:1461 sssd.conf.5.xml:1493
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "Default: The value of <quote>id_provider</quote> is used if it is set."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"初期値: <quote>id_provider</quote> の値が設定されていると使用されます。"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgid "selinux_provider (string)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"The provider which should handle loading of selinux settings. Note that this "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"provider will be called right after access provider ends. Supported selinux "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"providers are:"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"<quote>ipa</quote> to load selinux settings from an IPA server. See "
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"manvolnum> </citerefentry> for more information on configuring IPA."
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgid "<quote>none</quote> disallows fetching selinux settings explicitly."
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"Default: <quote>id_provider</quote> is used if it is set and can handle "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"selinux loading requests."
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "subdomains_provider (string)"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"The provider which should handle fetching of subdomains. This value should "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"be always the same as id_provider. Supported subdomain providers are:"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"manvolnum> </citerefentry> for more information on configuring IPA."
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "<quote>none</quote> disallows fetching subdomains explicitly."
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "autofs_provider (string)"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgstr "autofs_provider (文字列)"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"The autofs provider used for the domain. Supported autofs providers are:"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"ドメインに対して使用される autofs プロバイダーです。 サポートされる autofs "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"プロバイダーは次のとおりです:"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"citerefentry> for more information on configuring LDAP."
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"citerefentry> for more information on configuring IPA."
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "<quote>none</quote> disables autofs explicitly."
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgstr "<quote>none</quote> は明示的に autofs を無効にします。"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "hostid_provider (string)"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgstr "hostid_provider (文字列)"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"The provider used for retrieving host identity information. Supported "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"hostid providers are:"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"ホスト識別情報を取得するために使用されるプロバイダーです。 サポートされる "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"hostid プロバイダーは次のとおりです:"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"<quote>ipa</quote> to load host identity stored in an IPA server. See "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"manvolnum> </citerefentry> for more information on configuring IPA."
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "<quote>none</quote> disables hostid explicitly."
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgstr "<quote>none</quote> は明示的に hostid を無効にします。"
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"Regular expression for this domain that describes how to parse the string "
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"containing user name and domain into these components. The \"domain\" can "
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"match either the SSSD configuration domain name, or, in the case of IPA "
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"trust subdomains and Active Directory domains, the flat (NetBIOS) name of "
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"the domain."
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek"Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\"
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek"\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?"
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek"P<name>[^@\\\\]+)$))</quote> which allows three different styles for "
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek"user names:"
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozekmsgid "username"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozekmsgstr "username"
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozekmsgid "username@domain.name"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozekmsgstr "username@domain.name"
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozekmsgid "domain\\username"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozekmsgstr "domain\\username"
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek"While the first two correspond to the general default the third one is "
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek"introduced to allow easy integration of users from Windows domains."
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> "
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"which translates to \"the name is everything up to the <quote>@</quote> "
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"sign, the domain everything after that\""
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"初期値: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> で"
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"す。\"the name is everything up to the <quote>@</quote> sign, the domain "
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"everything after that\" に解釈されます。"
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"PLEASE NOTE: the support for non-unique named subpatterns is not available "
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"version 7 or higher can support non-unique named subpatterns."
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"P<name>) to label subpatterns."
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"関連注記: 古いバージョンの libpcre はサブパターンをラベル付けするために "
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"Python 構文 (?P<name>) のみをサポートします。"
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallaghermsgid "Default: <quote>%1$s@%2$s</quote>."
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallaghermsgstr "初期値: <quote>%1$s@%2$s</quote>."
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "lookup_family_order (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "lookup_family_order (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Provides the ability to select preferred address family to use when "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"performing DNS lookups."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"DNS 検索を実行するときに使用する、優先アドレスファミリーを選択する機能を提供"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Supported values:"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "サポートする値:"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ipv4_first: IPv4 アドレスの検索を試行します。失敗すると IPv6 を試行します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ipv4_only: ホスト名を IPv4 アドレスに名前解決することのみを試行します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ipv6_first: IPv6 アドレスの検索を試行します。失敗すると IPv4 を試行します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ipv6_only: ホスト名を IPv6 アドレスに名前解決することのみを試行します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: ipv4_first"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: ipv4_first"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "dns_resolver_timeout (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "dns_resolver_timeout (整数)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Defines the amount of time (in seconds) to wait for a reply from the DNS "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"resolver before assuming that it is unreachable. If this timeout is reached, "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"the domain will continue to operate in offline mode."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"DNS リゾルバーが到達不可能であると仮定するまでに、そこからの応答を待つ時間"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"(秒単位)を定義します。このタイムアウトに達すると、ドメインはオフラインモー"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "dns_discovery_domain (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "dns_discovery_domain (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"If service discovery is used in the back end, specifies the domain part of "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"the service discovery DNS query."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"サービス検索がバックエンドで使用されていると、サービス検索 DNS クエリーのドメ"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: Use the domain part of machine's hostname"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: マシンのホスト名のドメイン部分を使用します"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "override_gid (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "override_gid (整数)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Override the primary GID value with the one specified."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "プライマリー GID の値を指定されたもので上書きします。"
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallaghermsgid "case_sensitive (boolean)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "case_sensitive (論理値)"
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher"Treat user and group names as case sensitive. At the moment, this option is "
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher"not supported in the local provider."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ユーザー名とグループ名が大文字小文字を区別するよう取り扱います。今のところ、"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"このオプションはローカルプロバイダーにおいてサポートされません。"
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallaghermsgid "Default: True"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: True"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "proxy_fast_alias (boolean)"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgstr "proxy_fast_alias (論理値)"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"When a user or group is looked up by name in the proxy provider, a second "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"lookup by ID is performed to \"canonicalize\" the name in case the requested "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"name was an alias. Setting this option to true would cause the SSSD to "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"perform the ID lookup from cache for performance reasons."
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "subdomain_homedir (string)"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgid "flat (NetBIOS) name of a subdomain."
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"Use this homedir as default value for all subdomains within this domain. See "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"<emphasis>override_homedir</emphasis> for info about possible values. In "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"addition to those, the expansion below can only be used with "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"<emphasis>subdomain_homedir</emphasis>. <placeholder type=\"variablelist\" "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"The value can be overridden by <emphasis>override_homedir</emphasis> option."
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"値は <emphasis>override_homedir</emphasis> オプションにより上書きできます。"
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallaghermsgid "Default: <filename>/home/%d/%u</filename>"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgstr "初期値: <filename>/home/%d/%u</filename>"
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozekmsgid "realmd_tags (string)"
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"Various tags stored by the realmd configuration service for this domain."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"These configuration options can be present in a domain configuration "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"これらの設定オプションはドメイン設定のセクション、つまり <quote>[domain/"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<replaceable>NAME</replaceable>]</quote> に存在します <placeholder type="
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"\"variablelist\" id=\"0\"/>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "proxy_pam_target (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "proxy_pam_target (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "The proxy target PAM proxies to."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "中継するプロキシターゲット PAM です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Default: not set by default, you have to take an existing pam configuration "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"or create a new one and add the service name here."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"初期値: 設定されません。既存の PAM 設定を使用するか、新しく作成してサービス名"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"をここに追加する必要があります。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "proxy_lib_name (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "proxy_lib_name (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The name of the NSS library to use in proxy domains. The NSS functions "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"searched for in the library are in the form of _nss_$(libName)_$(function), "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"for example _nss_files_getpwent."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"プロキシードメインにおいて使用する NSS ライブラリーの名前です。ライブラリーに"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"おいて検索する NSS 関数は _nss_$(libName)_$(function) の形式です。たとえば "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"_nss_files_getpwent です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"プロキシドメインに対して有効なオプションです。 <placeholder type="
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"\"variablelist\" id=\"0\"/>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><title>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "The local domain section"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ローカルドメインのセクション"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"This section contains settings for domain that stores users and groups in "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"SSSD native database, that is, a domain that uses "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<replaceable>id_provider=local</replaceable>."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"このセクションは、ユーザーとグループを SSSD ネイティブデータベースに保存する"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ドメイン、つまり、 <replaceable>id_provider=local</replaceable> を使用するド"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"メインに対する設定を含みます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "default_shell (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "default_shell (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "The default shell for users created with SSSD userspace tools."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "SSSD ユーザー空間ツールを用いて作成されたユーザーの初期シェルです。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: <filename>/bin/bash</filename>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: <filename>/bin/bash</filename>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "base_directory (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "base_directory (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The tools append the login name to <replaceable>base_directory</replaceable> "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"and use that as the home directory."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ツールがログイン名を <replaceable>base_directory</replaceable> に追加して、"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ホームディレクトリーとして使用します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: <filename>/home</filename>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: <filename>/home</filename>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "create_homedir (bool)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "create_homedir (論理値)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Indicate if a home directory should be created by default for new users. "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Can be overridden on command line."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"初期状態で新規ユーザーに対するホームディレクトリーが作成されるかを指示しま"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"す。コマンドラインにおいて上書きできます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: TRUE"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: TRUE"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "remove_homedir (bool)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "remove_homedir (論理値)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Indicate if a home directory should be removed by default for deleted "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"users. Can be overridden on command line."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"初期状態で新規ユーザーに対するホームディレクトリーが削除されるかを指示しま"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"す。コマンドラインにおいて上書きできます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "homedir_umask (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "homedir_umask (整数)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"on a newly created home directory."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"新規に作成されるホームディレクトリーにパーミッションの初期値を指定するために "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"manvolnum> </citerefentry> により使用されます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: 077"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: 077"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "skel_dir (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "skel_dir (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The skeleton directory, which contains files and directories to be copied in "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"the user's home directory, when the home directory is created by "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"manvolnum> </citerefentry>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ホームディレクトリーが <citerefentry> <refentrytitle>sss_useradd</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> により作成されると"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"き、ユーザーのホームディレクトリーにコピーされるファイルおよびディレクトリー"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"を含む、スケルトンディレクトリーです。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: <filename>/etc/skel</filename>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: <filename>/etc/skel</filename>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "mail_dir (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "mail_dir (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The mail spool directory. This is needed to manipulate the mailbox when its "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"corresponding user account is modified or deleted. If not specified, a "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"default value is used."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"メールスプールディレクトリーです。これに対応するユーザーアカウントが変更また"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"は削除されたとき、これを操作する必要があります。指定されていなければ、初期値"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: <filename>/var/mail</filename>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: <filename>/var/mail</filename>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "userdel_cmd (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "userdel_cmd (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The command that is run after a user is removed. The command us passed the "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"username of the user being removed as the first and only parameter. The "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"return code of the command is not taken into account."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ユーザーの削除後に実行されるコマンドです。コマンドは最初の唯一のパラメーター"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"として削除されるユーザーのユーザー名を渡します。コマンドの返り値は考慮されま"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: None, no command is run"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: なし、コマンドを実行しません"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><title>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd.conf.5.xml:1914 sssd-ldap.5.xml:2378 sssd-simple.5.xml:131
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd-ipa.5.xml:740 sssd-ad.5.xml:288 sssd-krb5.5.xml:506
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "EXAMPLE"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><programlisting>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"domains = LDAP\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"services = nss, pam\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"config_file_version = 2\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"filter_groups = root\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"filter_users = root\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"id_provider = ldap\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"ldap_uri = ldap://ldap.example.com\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"ldap_search_base = dc=example,dc=com\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"auth_provider = krb5\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"krb5_realm = EXAMPLE.COM\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"cache_credentials = true\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"min_id = 10000\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"max_id = 20000\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"enumerate = False\n"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"domains = LDAP\n"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"services = nss, pam\n"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"config_file_version = 2\n"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"filter_groups = root\n"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"filter_users = root\n"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"id_provider = ldap\n"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ldap_uri = ldap://ldap.example.com\n"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ldap_search_base = dc=example,dc=com\n"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"auth_provider = krb5\n"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"krb5_realm = EXAMPLE.COM\n"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"cache_credentials = true\n"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"min_id = 10000\n"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"max_id = 20000\n"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"enumerate = False\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The following example shows a typical SSSD config. It does not describe "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"configuration of the domains themselves - refer to documentation on "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"configuring domains for more details. <placeholder type=\"programlisting\" "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"以下の例は SSSD の一般的な設定を示します。ドメイン自身の設定を説明していませ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ん - ドメインの設定に関する詳細はドキュメントを参照してください。 "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<placeholder type=\"programlisting\" id=\"0\"/>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refname>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "sssd-ldap"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "sssd-ldap"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"This manual page describes the configuration of LDAP domains for "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"manvolnum> </citerefentry> manual page for detailed syntax information."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"このマニュアルページは <citerefentry> <refentrytitle>sssd</refentrytitle> "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<manvolnum>8</manvolnum> </citerefentry> 向けの LDAP ドメインの設定を説明して"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"います。詳細な構文については <citerefentry> <refentrytitle>sssd.conf</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> マニュアルページの "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<quote>ファイル形式</quote> セクションを参照してください。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "You can configure SSSD to use more than one LDAP domain."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "SSSD が複数の LDAP ドメインを使用するよう設定できます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"LDAP back end supports id, auth, access and chpass providers. If you want to "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"authenticate against an LDAP server either TLS/SSL or LDAPS is required. "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<command>sssd</command> <emphasis>does not</emphasis> support authentication "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"over an unencrypted channel. If the LDAP server is used only as an identity "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"provider, an encrypted channel is not needed. Please refer to "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<quote>ldap_access_filter</quote> config option for more information about "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"using LDAP as an access provider."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"LDAP バックエンドは id, auth, access および chpass プロバイダーをサポートしま"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"す。 LDAP サーバーに対して認証したければ、 TLS/SSL または LDAPS のどちらかが"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"必要になります。 <command>sssd</command> は暗号化されないチャネルにおける認証"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"はサポート<emphasis>されません</emphasis>。 LDAP サーバーが識別プロバイダーと"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"してのみ使用されるならば、暗号化チャネルは必要ありません。アクセスプロバイ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ダーとして LDAP を使用することの詳細は <quote>ldap_access_filter</quote> 設定"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"オプションを参照してください。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><title>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:70 sssd-ad.5.xml:78
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "CONFIGURATION OPTIONS"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "設定オプション"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgid "ldap_uri, ldap_backup_uri (string)"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozekmsgstr "ldap_uri, ldap_backup_uri (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"should connect in the order of preference. Refer to the <quote>FAILOVER</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"quote> section for more information on failover and server redundancy. If "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"neither option is specified, service discovery is enabled. For more "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"information, refer to the <quote>SERVICE DISCOVERY</quote> section."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "The format of the URI must match the format defined in RFC 2732:"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "URI の形式は RFC 2732 に決められている形式と一致しなければいけません:"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap[s]://<host>[:port]"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap[s]://<host>[:port]"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"For explicit IPv6 addresses, <host> must be enclosed in brackets []"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"IPv6 アドレスを明示するために、<host> を角括弧 [] でくくる必要がありま"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "example: ldap://[fc00::126:25]:389"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "例: ldap://[fc00::126:25]:389"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgid "ldap_chpass_uri, ldap_chpass_backup_uri (string)"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozekmsgstr "ldap_chpass_uri, ldap_chpass_backup_uri (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"should connect in the order of preference to change the password of a user. "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Refer to the <quote>FAILOVER</quote> section for more information on "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"failover and server redundancy."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "To enable service discovery ldap_chpass_dns_service_name must be set."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"サービス discovery ldap_chpass_dns_service_name を有効にするには、設定する必"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: empty, i.e. ldap_uri is used."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: 空、つまり ldap_uri が使用されます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_search_base (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_search_base (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "The default base DN to use for performing LDAP user operations."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "LDAP ユーザー操作を実行するために使用される初期ベース DN です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallagher"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"SSSD 1.7.0 以降、SSSD は次の構文を使用して複数の検索ベースをサポートします:"
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallaghermsgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "search_base[?scope?[filter][?search_base?scope?[filter]]*]"
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallaghermsgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "範囲は \"base\", \"onelevel\" または \"subtree\" のどれかです。"
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallagher"The filter must be a valid LDAP search filter as specified by http://www."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"フィルターは http://www.ietf.org/rfc/rfc2254.txt により指定されたような有効"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"な LDAP 検索フィルターである必要があります。"
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallaghermsgid "Examples:"
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallagher"ldap_search_base = dc=example,dc=com (which is equivalent to) "
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallagher"ldap_search_base = dc=example,dc=com?subtree?"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ldap_search_base = dc=example,dc=com (which is equivalent to) "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ldap_search_base = dc=example,dc=com?subtree?"
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallagher"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?"
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallagher"(host=thishost)?dc=example.com?subtree?"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"(host=thishost)?dc=example.com?subtree?"
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallagher"Note: It is unsupported to have multiple search bases which reference "
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallagher"identically-named objects (for example, groups with the same name in two "
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallagher"different search bases). This will lead to unpredictable behavior on client "
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallagher"Default: If not set, the value of the defaultNamingContext or namingContexts "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"attribute from the RootDSE of the LDAP server is used. If "
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"defaultNamingContext does not exist or has an empty value namingContexts is "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"used. The namingContexts attribute must have a single value with the DN of "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"the search base of the LDAP server to make this work. Multiple values are "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"are not supported."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_schema (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_schema (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Specifies the Schema Type in use on the target LDAP server. Depending on "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"the selected schema, the default attribute names retrieved from the servers "
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek"may vary. The way that some attributes are handled may also differ."
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozekmsgid "Four schema types are currently supported:"
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozekmsgid "rfc2307"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozekmsgstr "rfc2307"
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozekmsgid "rfc2307bis"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozekmsgstr "rfc2307bis"
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek"The main difference between these schema types is how group memberships are "
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek"recorded in the server. With rfc2307, group members are listed by name in "
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek"the <emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, "
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek"group members are listed by DN and stored in the <emphasis>member</emphasis> "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"attribute. The AD schema type sets the attributes to correspond with Active "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"Directory 2008r2 values."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: rfc2307"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: rfc2307"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_default_bind_dn (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_default_bind_dn (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "The default bind DN to use for performing LDAP operations."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "LDAP ユーザー操作を実行するために使用される初期バインド DN です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_default_authtok_type (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_default_authtok_type (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "The type of the authentication token of the default bind DN."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期バインド DN の認証トークンの形式です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "The two mechanisms currently supported are:"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "現在 2 つのメカニズムがサポートされます:"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "password"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "password"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "obfuscated_password"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "obfuscated_password"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: password"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: password"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_default_authtok (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_default_authtok (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The authentication token of the default bind DN. Only clear text passwords "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"are currently supported."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"デフォルトのバインド DN の認証トークンです。平文テキストのパスワードのみが現"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_user_object_class (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_user_object_class (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "The object class of a user entry in LDAP."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "LDAP にあるユーザーエントリーのオブジェクトクラスです。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: posixAccount"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: posixAccount"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_user_name (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_user_name (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "The LDAP attribute that corresponds to the user's login name."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ユーザーのログイン名に対応する LDAP の属性です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: uid"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: uid"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_user_uid_number (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_user_uid_number (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "The LDAP attribute that corresponds to the user's id."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ユーザーの ID に対応する LDAP の属性です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: uidNumber"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: uidNumber"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_user_gid_number (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_user_gid_number (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "The LDAP attribute that corresponds to the user's primary group id."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ユーザーのプライマリーグループ ID に対応する LDAP の属性です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: gidNumber"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: gidNumber"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_user_gecos (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_user_gecos (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "The LDAP attribute that corresponds to the user's gecos field."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ユーザーの gecos 項目に対応する LDAP の属性です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: gecos"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: gecos"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_user_home_directory (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_user_home_directory (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "The LDAP attribute that contains the name of the user's home directory."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ユーザーのホームディレクトリーの名前を含む LDAP の属性です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: homeDirectory"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: homeDirectory"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_user_shell (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_user_shell (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "The LDAP attribute that contains the path to the user's default shell."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ユーザーの初期シェルのパスを含む LDAP の属性です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: loginShell"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: loginShell"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_user_uuid (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_user_uuid (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "LDAP ユーザーオブジェクトの UUID/GUID を含む LDAP 属性です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1004
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: nsUniqueId"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: nsUniqueId"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "ldap_user_objectsid (string)"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozekmsgstr "ldap_user_objectsid (文字列)"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"The LDAP attribute that contains the objectSID of an LDAP user object. This "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"is usually only necessary for ActiveDirectory servers."
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"LDAP ユーザーオブジェクトの objectSID を含む LDAP 属性です。これは通常 "
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"ActiveDirectory サーバーに対してのみ必要です。"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "Default: objectSid for ActiveDirectory, not set for other servers."
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"初期値: ActiveDirectory の objectSid です、他のサーバーに対して設定sれませ"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_user_modify_timestamp (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_user_modify_timestamp (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1013
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The LDAP attribute that contains timestamp of the last modification of the "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"parent object."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "親オブジェクトの最終変更のタイムスタンプを含む LDAP 属性です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1020
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: modifyTimestamp"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: modifyTimestamp"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_user_shadow_last_change (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_user_shadow_last_change (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"the last password change)."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ldap_pwd_policy=shadow を使用するとき、このパラメーターは <citerefentry> "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"citerefentry> の対応部分(最終パスワード変更日)に対応する LDAP 属性の名前を"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: shadowLastChange"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: shadowLastChange"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_user_shadow_min (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_user_shadow_min (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"password age)."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ldap_pwd_policy=shadow を使用するとき、このパラメーターは <citerefentry> "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"citerefentry> の対応部分(最小パスワード期限)に対応する LDAP 属性の名前を含"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: shadowMin"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: shadowMin"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_user_shadow_max (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_user_shadow_max (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"password age)."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ldap_pwd_policy=shadow を使用するとき、このパラメーターは <citerefentry> "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"citerefentry> の対応部分(最大パスワード期限)に対応する LDAP 属性の名前を含"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: shadowMax"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: shadowMax"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_user_shadow_warning (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_user_shadow_warning (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"(password warning period)."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ldap_pwd_policy=shadow を使用するとき、このパラメーターは <citerefentry> "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"citerefentry> の対応部分(パスワード警告期間)に対応する LDAP 属性の名前を含"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: shadowWarning"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: shadowWarning"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_user_shadow_inactive (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_user_shadow_inactive (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"(password inactivity period)."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ldap_pwd_policy=shadow を使用するとき、このパラメーターは <citerefentry> "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"citerefentry> の対応部分(パスワード無効期間)に対応する LDAP 属性の名前を含"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: shadowInactive"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: shadowInactive"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_user_shadow_expire (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_user_shadow_expire (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"parameter contains the name of an LDAP attribute corresponding to its "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"manvolnum> </citerefentry> counterpart (account expiration date)."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ldap_pwd_policy=shadow を使用するとき、このパラメーターは <citerefentry> "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"citerefentry> の対応部分(アカウント失効日)に対応する LDAP 属性の名前を含み"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: shadowExpire"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: shadowExpire"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_user_krb_last_pwd_change (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_user_krb_last_pwd_change (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"an LDAP attribute storing the date and time of last password change in "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ldap_pwd_policy=mit_kerberos を使用しているとき、このパラメーターは Kerberos "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"の最終パスワード変更日時を保存する LDAP 属性の名前を含みます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: krbLastPwdChange"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: krbLastPwdChange"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_user_krb_password_expiration (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_user_krb_password_expiration (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"an LDAP attribute storing the date and time when current password expires."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ldap_pwd_policy=mit_kerberos を使用しているとき、このパラメーターは現在のパス"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ワード失効日時を保存する LDAP 属性の名前を含みます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: krbPasswordExpiration"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: krbPasswordExpiration"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_user_ad_account_expires (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_user_ad_account_expires (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"When using ldap_account_expire_policy=ad, this parameter contains the name "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"of an LDAP attribute storing the expiration time of the account."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ldap_account_expire_policy=ad を使用するとき、このパラメーターはアカウントの"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"失効日時を保存する LDAP 属性の名前を含みます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: accountExpires"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: accountExpires"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_user_ad_user_account_control (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_user_ad_user_account_control (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"When using ldap_account_expire_policy=ad, this parameter contains the name "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"of an LDAP attribute storing the user account control bit field."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ldap_account_expire_policy=ad を使用するとき、このパラメーターはユーザーアカ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ウントの制御ビット項目を保存する LDAP 属性の名前を含みます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: userAccountControl"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: userAccountControl"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_ns_account_lock (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_ns_account_lock (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"When using ldap_account_expire_policy=rhds or equivalent, this parameter "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"determines if access is allowed or not."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ldap_account_expire_policy=rhds または同等のものを使用するとき、このパラメー"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ターがアクセスが許可されるかされないかを決定します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: nsAccountLock"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: nsAccountLock"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_user_nds_login_disabled (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_user_nds_login_disabled (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"When using ldap_account_expire_policy=nds, this attribute determines if "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"access is allowed or not."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ldap_account_expire_policy=nds を使用するとき、アクセスが許可されるかされない"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"かをこの属性が決定します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: loginDisabled"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: loginDisabled"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_user_nds_login_expiration_time (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_user_nds_login_expiration_time (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"When using ldap_account_expire_policy=nds, this attribute determines until "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"which date access is granted."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ldap_account_expire_policy=nds を使用しているとき、この属性はデータアクセスが"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"いつまで許可されるのかを決定します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_user_nds_login_allowed_time_map (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_user_nds_login_allowed_time_map (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"When using ldap_account_expire_policy=nds, this attribute determines the "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"hours of a day in a week when access is granted."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ldap_account_expire_policy=nds を使用しているとき、この属性はアクセスが許可さ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"れるときの一週間の日の時間を決定します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: loginAllowedTimeMap"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: loginAllowedTimeMap"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_user_principal (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_user_principal (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The LDAP attribute that contains the user's Kerberos User Principal Name "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ユーザーの Kerberos User Principal Name (UPN) を含む LDAP 属性です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: krbPrincipalName"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: krbPrincipalName"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ldap_user_ssh_public_key (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_user_ssh_public_key (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "The LDAP attribute that contains the user's SSH public keys."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ユーザーの SSH 公開鍵を含む LDAP 属性です。"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ldap_force_upper_case_realm (boolean)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_force_upper_case_realm (論理値)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Some directory servers, for example Active Directory, might deliver the "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"realm part of the UPN in lower case, which might cause the authentication to "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"fail. Set this option to a non-zero value if you want to use an upper-case "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"いくつかのディレクトリーサーバー、たとえば Active Directory、は小文字のレルム"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"を転送しません。それにより、認証が失敗します。もし大文字のレルムを使用したい"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"場合、このオプションを 0 以外に設定します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_enumeration_refresh_timeout (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_enumeration_refresh_timeout (整数)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
292cbb3fbe41bb7ee09b67c3ec59ab7c7ba5220eStephen Gallagher"Specifies how many seconds SSSD has to wait before refreshing its cache of "
292cbb3fbe41bb7ee09b67c3ec59ab7c7ba5220eStephen Gallagher"enumerated records."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"SSSD が列挙レコードのキャッシュを更新する前に待つ必要がある秒数を指定します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
292cbb3fbe41bb7ee09b67c3ec59ab7c7ba5220eStephen Gallaghermsgid "ldap_purge_cache_timeout (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_purge_cache_timeout (整数)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Determine how often to check the cache for inactive entries (such as groups "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"with no members and users who have never logged in) and remove them to save "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"使用していないエントリー(メンバーのいないグループやログインしたことがない"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ユーザーなど)に対してキャッシュを確認して、保存領域を節約するためにそれらを"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Setting this option to zero will disable the cache cleanup operation."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "キャッシュ削除操作を無効にする 0 をこのオプションを設定する方法です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: 10800 (12 hours)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: 10800 (12 時間)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_user_fullname (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_user_fullname (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "The LDAP attribute that corresponds to the user's full name."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ユーザーの完全名に対応する LDAP 属性です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:954
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1942 sssd-ldap.5.xml:2268
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: cn"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: cn"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_user_member_of (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_user_member_of (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "The LDAP attribute that lists the user's group memberships."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ユーザーのグループメンバーを一覧にする LDAP 属性です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: memberOf"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: memberOf"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_user_authorized_service (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_user_authorized_service (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"use the presence of the authorizedService attribute in the user's LDAP entry "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"to determine access privilege."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"もし access_provider=ldap かつ ldap_access_order=authorized_service ならば、"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"SSSD はアクセス権限を決定するために、ユーザーの LDAP エントリーにある "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"authorizedService 属性を使用します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"An explicit deny (!svc) is resolved first. Second, SSSD searches for "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"explicit allow (svc) and finally for allow_all (*)."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"明示的な拒否 (!svc) が始めに解決されます。次に SSSD は明示的な許可 (svc) を検"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"索します。最後にすべて許可 (*) を検索します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"Please note that the ldap_access_order configuration option <emphasis>must</"
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"emphasis> include <quote>authorized_service</quote> in order for the "
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"ldap_user_authorized_service option to work."
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: authorizedService"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: authorizedService"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_user_authorized_host (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_user_authorized_host (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"If access_provider=ldap and ldap_access_order=host, SSSD will use the "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"presence of the host attribute in the user's LDAP entry to determine access "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"access_provider=ldap かつ ldap_access_order=host ならば、 SSSD はアクセス権限"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"を決めるために、ユーザーの LDAP エントリーにあるホスト属性の存在を使用しま"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"An explicit deny (!host) is resolved first. Second, SSSD searches for "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"explicit allow (host) and finally for allow_all (*)."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"明示的な拒否 (!host) がまず解決されます。次に SSSD が明示的な許可 (host) を検"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"索します。最後にすべて許可 (*) が検索されます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"Please note that the ldap_access_order configuration option <emphasis>must</"
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"emphasis> include <quote>host</quote> in order for the "
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"ldap_user_authorized_host option to work."
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: host"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: host"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_group_object_class (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_group_object_class (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "The object class of a group entry in LDAP."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "LDAP にあるグループエントリーのオブジェクトクラスです。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: posixGroup"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: posixGroup"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_group_name (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_group_name (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "The LDAP attribute that corresponds to the group name."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "グループ名に対応する LDAP 属性です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_group_gid_number (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_group_gid_number (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "The LDAP attribute that corresponds to the group's id."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "グループの ID に対応する LDAP 属性です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_group_member (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_group_member (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "The LDAP attribute that contains the names of the group's members."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "グループのメンバーの名前を含む LDAP の属性です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: memberuid (rfc2307) / member (rfc2307bis)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: memberuid (rfc2307) / member (rfc2307bis)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_group_uuid (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_group_uuid (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "LDAP グループオブジェクトの UUID/GUID を含む LDAP の属性です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "ldap_group_objectsid (string)"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozekmsgstr "ldap_group_objectsid (文字列)"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"The LDAP attribute that contains the objectSID of an LDAP group object. This "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"is usually only necessary for ActiveDirectory servers."
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"LDAP グループオブジェクトの objectSID を含む LDAP 属性です。これは通常 "
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"ActiveDirectory サーバーに対してのみ必要です。"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_group_modify_timestamp (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_group_modify_timestamp (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_group_nesting_level (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_group_nesting_level (整数)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"If ldap_schema is set to a schema format that supports nested groups (e.g. "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"RFC2307bis), then this option controls how many levels of nesting SSSD will "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"follow. This option has no effect on the RFC2307 schema."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ldap_schema が入れ子グループ (例: RFC2307bis) をサポートするスキーマ形式に設"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"定されていると、このオプションが入れ子 SSSD がしたがうレベルを制御します。こ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"のオプションは RFC2307 スキーマにおいて効果がありません。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: 2"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: 2"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallaghermsgid "ldap_groups_use_matching_rule_in_chain"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgstr "ldap_groups_use_matching_rule_in_chain"
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"This option tells SSSD to take advantage of an Active Directory-specific "
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"feature which may speed up group lookup operations on deployments with "
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"complex or deep nested groups."
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"In most common cases, it is best to leave this option disabled. It generally "
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"only provides a performance increase on very complex nestings."
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"If this option is enabled, SSSD will use it if it detects that the server "
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"supports it during initial connection. So \"True\" here essentially means "
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"\"auto-detect\"."
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"Note: This feature is currently known to work only with Active Directory "
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/"
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"windows/desktop/aa746475%28v=vs.85%29.aspx\"> MSDN(TM) documentation</ulink> "
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"for more details."
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd-ldap.5.xml:894 sssd-ldap.5.xml:921 sssd-ldap.5.xml:1212
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd-ldap.5.xml:1233 sssd-ldap.5.xml:1713 include/ldap_id_mapping.xml:184
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallaghermsgid "Default: False"
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallaghermsgstr "初期値: 偽"
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallaghermsgid "ldap_initgroups_use_matching_rule_in_chain"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozekmsgstr "ldap_initgroups_use_matching_rule_in_chain"
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"This option tells SSSD to take advantage of an Active Directory-specific "
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek"feature which might speed up initgroups operations (most notably when "
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek"dealing with complex or deep nested groups)."
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_netgroup_object_class (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_netgroup_object_class (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "The object class of a netgroup entry in LDAP."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "LDAP にあるネットワークグループエントリーのオブジェクトクラスです。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallaghermsgid "In IPA provider, ipa_netgroup_object_class should be used instead."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"IPA プロバイダーにおいては ipa_netgroup_object_class が代わりに使用されます。"
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: nisNetgroup"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: nisNetgroup"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_netgroup_name (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_netgroup_name (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "The LDAP attribute that corresponds to the netgroup name."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ネットワークグループ名に対応する LDAP 属性です。"
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallaghermsgid "In IPA provider, ipa_netgroup_name should be used instead."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "IPA プロバイダーにおいては ipa_netgroup_name が代わりに使用されます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_netgroup_member (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_netgroup_member (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "The LDAP attribute that contains the names of the netgroup's members."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ネットワークグループのメンバーの名前を含む LDAP 属性です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallaghermsgid "In IPA provider, ipa_netgroup_member should be used instead."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"IPA プロバイダーにおいては ipa_netgroup_member が代わりに使用されます。"
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: memberNisNetgroup"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: memberNisNetgroup"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_netgroup_triple (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_netgroup_triple (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The LDAP attribute that contains the (host, user, domain) netgroup triples."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ネットワークグループの三つ組(ホスト、ユーザー、ドメイン)を含む LDAP 属性で"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallaghermsgid "This option is not available in IPA provider."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "このオプションは IPA プロバイダーにおいて利用可能ではありません。"
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: nisNetgroupTriple"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: nisNetgroupTriple"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_netgroup_uuid (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_netgroup_uuid (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"LDAP ネットワークグループオブジェクトの UUID/GUID を含む LDAP 属性です。"
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallaghermsgid "In IPA provider, ipa_netgroup_uuid should be used instead."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "IPA プロバイダーにおいては ipa_netgroup_uuid が代わりに使用されます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_netgroup_modify_timestamp (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_netgroup_modify_timestamp (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ldap_service_object_class (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_service_object_class (文字列)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "The object class of a service entry in LDAP."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "LDAP にあるサービスエントリーのオブジェクトクラスです。"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "Default: ipService"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: ipService"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ldap_service_name (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_service_name (文字列)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"The LDAP attribute that contains the name of service attributes and their "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "サービス属性の名前とそのエイリアスを含む LDAP 属性です。"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ldap_service_port (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_service_port (文字列)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "The LDAP attribute that contains the port managed by this service."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "このサービスにより管理されるポートを含む LDAP 属性です。"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "Default: ipServicePort"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: ipServicePort"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ldap_service_proto (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_service_proto (文字列)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"The LDAP attribute that contains the protocols understood by this service."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "このサービスにより認識されるプロトコルを含む LDAP 属性です。"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "Default: ipServiceProtocol"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: ipServiceProtocol"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ldap_service_search_base (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_service_search_base (文字列)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_search_timeout (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_search_timeout (整数)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Specifies the timeout (in seconds) that ldap searches are allowed to run "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"before they are cancelled and cached results are returned (and offline mode "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Note: this option is subject to change in future versions of the SSSD. It "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"will likely be replaced at some point by a series of timeouts for specific "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"lookup types."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"注: このオプションは SSSD の将来のバージョンにおいて変更される可能性がありま"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"す。特定の種類の検索のために一連のタイムアウトによりある時点に置き換えられる"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd-ldap.5.xml:1097 sssd-ldap.5.xml:1139 sssd-ldap.5.xml:1154
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: 6"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: 6"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_enumeration_search_timeout (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_enumeration_search_timeout (整数)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Specifies the timeout (in seconds) that ldap searches for user and group "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"enumerations are allowed to run before they are cancelled and cached results "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"are returned (and offline mode is entered)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_network_timeout (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_network_timeout (整数)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Specifies the timeout (in seconds) after which the <citerefentry> "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"manvolnum> </citerefentry> following a <citerefentry> "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"citerefentry> returns in case of no activity."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<citerefentry> <refentrytitle>connect</refentrytitle> <manvolnum>2</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"manvolnum> </citerefentry> に続けて <citerefentry> <refentrytitle>poll</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/<citerefentry> "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<refentrytitle>select</refentrytitle> <manvolnum>2</manvolnum> </"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"citerefentry> が未使用を返した後のタイムアウト(秒単位)を指定します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_opt_timeout (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_opt_timeout (整数)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"will abort if no response is received. Also controls the timeout when "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"communicating with the KDC in case of SASL bind."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"同期 LDAP API を呼び出しが未応答の場合に中止された後のタイムアウト(秒単位)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallaghermsgid "ldap_connection_expire_timeout (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_connection_expire_timeout (整数)"
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher"Specifies a timeout (in seconds) that a connection to an LDAP server will be "
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher"maintained. After this time, the connection will be re-established. If used "
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. "
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher"the TGT lifetime) will be used."
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallaghermsgid "Default: 900 (15 minutes)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: 900 (15 分)"
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_page_size (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_page_size (整数)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Specify the number of records to retrieve from LDAP in a single request. "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Some LDAP servers enforce a maximum limit per-request."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"1 回の要求で LDAP から取得するレコード数を指定します。いくつかの LDAP サー"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"バーは 1 要求あたりの最大数の制限を強制します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: 1000"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: 1000"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "ldap_disable_paging (boolean)"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgstr "ldap_disable_paging (論理値)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"Disable the LDAP paging control. This option should be used if the LDAP "
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"server reports that it supports the LDAP paging control in its RootDSE but "
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"it is not enabled or does not behave properly."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"LDAP ページング制御を無効にします。LDAP サーバーがその RootDSE において LDAP "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ページング制御をサポートするが、有効化されていない、もしくは正しく動作しない"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ことを報告する場合に、このオプションが使用されます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"Example: OpenLDAP servers with the paging control module installed on the "
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"server but not enabled will report it in the RootDSE but be unable to use it."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"例: サーバーにページング制御モジュールがインストールされているが、RootDSE に"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"おいて有効化されていないと報告され、それを使用できない OpenLDAP サーバーで"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"Example: 389 DS has a bug where it can only support a one paging control at "
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"a time on a single connection. On busy clients, this can result in some "
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"requests being denied."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"例: 389 DS は単一の接続において同時に 1 つのページ制御のみをサポートします。"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"負荷の高いクライアントにおいては、いくつかの要求が拒否される結果になる可能性"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozekmsgid "ldap_disable_range_retrieval (boolean)"
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozekmsgid "Disable Active Directory range retrieval."
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"Active Directory limits the number of members to be retrieved in a single "
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"lookup using the MaxValRange policy (which defaults to 1500 members). If a "
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"group contains more members, the reply would include an AD-specific range "
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"extension. This option disables parsing of the range extension, therefore "
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"large groups will appear as having no members."
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "ldap_sasl_minssf (integer)"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgstr "ldap_sasl_minssf (整数)"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"When communicating with an LDAP server using SASL, specify the minimum "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"security level necessary to establish the connection. The values of this "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"option are defined by OpenLDAP."
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "Default: Use the system default (usually specified by ldap.conf)"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ldap_deref_threshold (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_deref_threshold (整数)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"Specify the number of group members that must be missing from the internal "
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"cache in order to trigger a dereference lookup. If less members are missing, "
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"they are looked up individually."
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"You can turn off dereference lookups completely by setting the value to 0."
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"A dereference lookup is a means of fetching all group members in a single "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"LDAP call. Different LDAP servers may implement different dereference "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active "
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher"<emphasis>Note:</emphasis> If any of the search bases specifies a search "
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher"filter, then the dereference lookup performance enhancement will be disabled "
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher"regardless of this setting."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_tls_reqcert (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_tls_reqcert (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Specifies what checks to perform on server certificates in a TLS session, if "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"any. It can be specified as one of the following values:"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"もしあれば、 TLS セッションにおいてサーバー証明書において実行するためにチェッ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"クするものを指定します。以下の値のうち 1 つを指定できます:"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<emphasis>never</emphasis> = The client will not request or check any server "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>never</emphasis> = クライアントがすべてのサーバー証明書を要求または"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<emphasis>allow</emphasis> = The server certificate is requested. If no "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"certificate is provided, the session proceeds normally. If a bad certificate "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"is provided, it will be ignored and the session proceeds normally."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>allow</emphasis> = サーバー証明書が要求されます。証明書が提供されな"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ければ、セッションが通常通り進められます。不正な証明書が提供されると、それは"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"無視され、セッションが通常通り進められます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<emphasis>try</emphasis> = The server certificate is requested. If no "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"certificate is provided, the session proceeds normally. If a bad certificate "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"is provided, the session is immediately terminated."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>try</emphasis> = サーバー証明書が要求されます。証明書が提供されなけ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"れば、セッションが通常通り進められます。不正な証明書が提供されると、セッショ"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<emphasis>demand</emphasis> = The server certificate is requested. If no "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"certificate is provided, or a bad certificate is provided, the session is "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"immediately terminated."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>demand</emphasis> = サーバー証明書が要求されます。証明書が提供され"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"なければ、もしくは不正な証明書が提供されれば、セッションが直ちに終了します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<emphasis>hard</emphasis> = <quote>demand</quote> と同じです"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: hard"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: hard"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_tls_cacert (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_tls_cacert (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Specifies the file that contains certificates for all of the Certificate "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Authorities that <command>sssd</command> will recognize."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"Specifies the file that contains certificates for all of the Certificate "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"Authorities that <command>sssd</command> が認識するすべての認証局に対する証明"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"書を含むファイルを指定します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd-ldap.5.xml:1339 sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1398
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"conf</filename>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"初期値: OpenLDAP の初期値の使用、一般的に <filename>/etc/openldap/ldap.conf</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"filename> にあります"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_tls_cacertdir (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_tls_cacertdir (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Specifies the path of a directory that contains Certificate Authority "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"certificates in separate individual files. Typically the file names need to "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"be the hash of the certificate followed by '.0'. If available, "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<command>cacertdir_rehash</command> can be used to create the correct names."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"個別のファイルに CA 証明書を含むディレクトリーのパスを指定します。一般的に"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ファイル名は '.0' で終わる証明書のハッシュである必要があります。利用可能なら"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ば、<command>cacertdir_rehash</command> は正しい名前を作成するために使用でき"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_tls_cert (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_tls_cert (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Specifies the file that contains the certificate for the client's key."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "クライアントのキーに対する証明書を含むファイルを指定します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_tls_key (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_tls_key (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Specifies the file that contains the client's key."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "クライアントのキーを含むファイルを指定します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_tls_cipher_suite (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_tls_cipher_suite (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Specifies acceptable cipher suites. Typically this is a colon sperated "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<manvolnum>5</manvolnum></citerefentry> for format."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"利用可能な暗号機能を指定します。これは一般的にコロン区切りの一覧です。形式に"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ついては <citerefentry><refentrytitle>ldap.conf</refentrytitle> "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<manvolnum>5</manvolnum></citerefentry> を参照してください。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_id_use_start_tls (boolean)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_id_use_start_tls (論理値)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Specifies that the id_provider connection must also use <systemitem class="
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"\"protocol\">tls</systemitem> to protect the channel."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"チャネルを保護するために <systemitem class=\"protocol\">tls</systemitem> も使"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"用する必要がある id_provider 接続を指定します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "ldap_id_mapping (boolean)"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozekmsgstr "ldap_id_mapping (論理値)"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"Specifies that SSSD should attempt to map user and group IDs from the "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"ldap_user_objectsid and ldap_group_objectsid attributes instead of relying "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"on ldap_user_uid_number and ldap_group_gid_number."
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "Currently this feature supports only ActiveDirectory objectSID mapping."
bf9abef629707167d39fcc92ec9c18a6244b27b8Jakub Hrozek"この機能は現在 ActiveDirectory objectSID マッピングのみサポートします。"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_sasl_mech (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_sasl_mech (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Specify the SASL mechanism to use. Currently only GSSAPI is tested and "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"使用する SASL メカニズムを指定します。現在 GSSAPI のみがテストされサポートさ"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_sasl_authid (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_sasl_authid (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Specify the SASL authorization id to use. When GSSAPI is used, this "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"represents the Kerberos principal used for authentication to the directory. "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"This option can either contain the full principal (for example host/"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost)."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozekmsgid "Default: host/hostname@REALM"
bf9abef629707167d39fcc92ec9c18a6244b27b8Jakub Hrozekmsgstr "初期値: host/hostname@REALM"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozekmsgid "ldap_sasl_realm (string)"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"Specify the SASL realm to use. When not specified, this option defaults to "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"the value of krb5_realm. If the ldap_sasl_authid contains the realm as "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"well, this option is ignored."
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozekmsgid "Default: the value of krb5_realm."
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_sasl_canonicalize (boolean)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_sasl_canonicalize (論理値)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"If set to true, the LDAP library would perform a reverse lookup to "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"canonicalize the host name during a SASL bind."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"真に設定されていると、 LDAP ライブラリーは SASL バインド中にホスト名を正規化"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"するために逆引きを実行します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: false;"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: false;"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_krb5_keytab (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_krb5_keytab (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Specify the keytab to use when using SASL/GSSAPI."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "SASL/GSSAPI を使用するときに使用するキーテーブルを指定します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"初期値: システムのキーテーブル、通常 <filename>/etc/krb5.keytab</filename>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_krb5_init_creds (boolean)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_krb5_init_creds (論理値)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Specifies that the id_provider should init Kerberos credentials (TGT). This "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"action is performed only if SASL is used and the mechanism selected is "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"Kerberos クレディンシャル (TGT) を初期化する id_provider を指定します。この操"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"作は、 SASL が使用され、選択されたメカニズムが GSSAPI である場合のみ実行され"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_krb5_ticket_lifetime (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_krb5_ticket_lifetime (整数)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "GSSAPI が使用されている場合、TGT の有効期間を秒単位で指定します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: 86400 (24 hours)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: 86400 (24 時間)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgid "krb5_server, krb5_backup_server (string)"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozekmsgstr "krb5_server, krb5_backup_server (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Specifies the comma-separated list of IP addresses or hostnames of the "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Kerberos servers to which SSSD should connect in the order of preference. "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"For more information on failover and server redundancy, see the "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<quote>FAILOVER</quote> section. An optional port number (preceded by a "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"colon) may be appended to the addresses or hostnames. If empty, service "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"discovery is enabled - for more information, refer to the <quote>SERVICE "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"DISCOVERY</quote> section."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"When using service discovery for KDC or kpasswd servers, SSSD first searches "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"none are found."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"KDC または kpasswd サーバーに対してサービス検索を使用するとき、SSSD はまずプ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ロトコルとして _udp を指定する DNS エントリーを検索して、何も見つからなけれ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ば _tcp にフォールバックします。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"While the legacy name is recognized for the time being, users are advised to "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"migrate their config files to use <quote>krb5_server</quote> instead."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"このオプションは以前の SSSD において <quote>krb5_kdcip</quote> という名前でし"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"た。古い名前がしばらく認められる間、ユーザーは代わりに <quote>krb5_server</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"quote> を使用するよう設定ファイルを移行することが推奨されます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd-ldap.5.xml:1565 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "krb5_realm (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "krb5_realm (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "(SASL/GSSAPI 認証向け) Kerberos レルムを指定します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: システムの初期値、<filename>/etc/krb5.conf</filename> 参照。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd-ldap.5.xml:1577 sssd-ipa.5.xml:386 sssd-krb5.5.xml:440
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallaghermsgid "krb5_canonicalize (boolean)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "krb5_canonicalize (論理値)"
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher"Specifies if the host principal should be canonicalized when connecting to "
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallagher"LDAP server. This feature is available with MIT Kerberos >= 1.7"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"LDAP サーバーに接続するとき、ホストのプリンシパルが正規化されるかどうかを指定"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"します。この機能は MIT Kerberos >= 1.7 で利用可能です。"
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozekmsgid "krb5_use_kdcinfo (boolean)"
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
0172959f117b545c8a6b1893f5f56818d82dd624Jakub Hrozek"Specifies if the SSSD should instruct the Kerberos libraries what realm and "
0172959f117b545c8a6b1893f5f56818d82dd624Jakub Hrozek"which KDCs to use. This option is on by default, if you disable it, you need "
0172959f117b545c8a6b1893f5f56818d82dd624Jakub Hrozek"to configure the Kerberos library using the <citerefentry> "
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </"
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"citerefentry> configuration file."
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</"
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more "
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"information on the locator plugin."
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_pwd_policy (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_pwd_policy (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Select the policy to evaluate the password expiration on the client side. "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The following values are allowed:"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"クライアント側においてパスワード期限切れを評価するためのポリシーを選択しま"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"す。以下の値が許容されます:"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<emphasis>none</emphasis> - No evaluation on the client side. This option "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"cannot disable server-side password policies."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>none</emphasis> - クライアント側において評価しません。このオプショ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ンはサーバー側のパスワードポリシーを無効にできません。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"evaluate if the password has expired."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>shadow</emphasis> - パスワードが失効したかを評価するために "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<citerefentry><refentrytitle>shadow</refentrytitle> <manvolnum>5</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"manvolnum></citerefentry> 形式の属性を使用します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"to determine if the password has expired. Use chpass_provider=krb5 to update "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"these attributes when the password is changed."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>mit_kerberos</emphasis> - パスワードが期限切れしているかを決定する"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ために MIT Kerberos により使用される属性を使用します。パスワードが変更される"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"とき、これらの属性を更新するために chpass_provider=krb5 を使用します。"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozekmsgid "Default: none"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozekmsgstr "初期値: none"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_referrals (boolean)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_referrals (論理値)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Specifies whether automatic referral chasing should be enabled."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "自動参照追跡が有効化されるかを指定します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Please note that sssd only supports referral chasing when it is compiled "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"with OpenLDAP version 2.4.13 or higher."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"OpenLDAP バージョン 2.4.13 およびそれ以降とともにコンパイルされているとき、 "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"sssd のみが参照追跡をサポートすることに注意してください。"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"Chasing referrals may incur a performance penalty in environments that use "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"them heavily, a notable example is Microsoft Active Directory. If your setup "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"does not in fact require the use of referrals, setting this option to false "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"might bring a noticeable performance improvement."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_dns_service_name (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_dns_service_name (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Specifies the service name to use when service discovery is enabled."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"サービス検索が有効にされているときに使用するサービスの名前を指定します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: ldap"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: ldap"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_chpass_dns_service_name (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_chpass_dns_service_name (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Specifies the service name to use to find an LDAP server which allows "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"password changes when service discovery is enabled."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"サービス検索が有効にされているときに、パスワード変更を許可する LDAP サーバー"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"を検索するために使用するサービスの名前を指定します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: not set, i.e. service discovery is disabled"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: 設定されていません、つまりサービス検索が無効にされています"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozekmsgid "ldap_chpass_update_last_change (bool)"
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek"Specifies whether to update the ldap_user_shadow_last_change attribute with "
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek"days since the Epoch after a password change operation."
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_access_filter (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_access_filter (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek"If using access_provider = ldap and ldap_access_order = filter (default), "
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek"this option is mandatory. It specifies an LDAP search filter criteria that "
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek"must be met for the user to be granted access on this host. If "
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek"access_provider = ldap, ldap_access_order = filter and this option is not "
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek"set, it will result in all users being denied access. Use access_provider = "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"permit to change this default behavior."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Example:"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"access_provider = ldap\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"access_provider = ldap\n"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"This example means that access to this host is restricted to members of the "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"\"allowedusers\" group in ldap."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"この例は、このホストへのアクセスが LDAP にある \"allowedusers\" グループのメ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ンバーに制限されることを意味します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Offline caching for this feature is limited to determining whether the "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"user's last online login was granted access permission. If they were granted "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"access during their last login, they will continue to be granted access "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"while offline and vice-versa."
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"この機能に対するオフラインキャッシュは、ユーザーの最終オンラインログインがア"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"クセス権を許可されたかどうかを決めることに制限されます。採集ログインの間にア"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"クセスが許可されていると、オフラインの間にアクセスが許可され続けます。逆もま"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: Empty"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: 空白"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_account_expire_policy (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_account_expire_policy (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"With this option a client side evaluation of access control attributes can "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"このオプションを使用すると、アクセス制御属性のクライアント側評価が有効になり"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Please note that it is always recommended to use server side access control, "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"i.e. the LDAP server should deny the bind request with a suitable error code "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"even if the password is correct."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"必ずサーバー側のアクセス制御を使用することが推奨されることに注意してくださ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"い。つまり、パスワードが正しいときさえ、適切なエラーコードでバインド要求を拒"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "The following values are allowed:"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "以下の値が許可されます:"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"determine if the account is expired."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>shadow</emphasis>: アカウントが失効しているかを決めるために "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ldap_user_shadow_expire の値を使用します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<emphasis>ad</emphasis>: use the value of the 32bit field "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"ldap_user_ad_user_account_control and allow access if the second bit is not "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"set. If the attribute is missing access is granted. Also the expiration time "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"of the account is checked."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"emphasis>: use the value of ldap_ns_account_lock to check if access is "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"allowed or not."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"emphasis>: アクセスが許可されるかされないかを確認するために "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ldap_ns_account_lock の値を使用します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<emphasis>nds</emphasis>: the values of "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"ldap_user_nds_login_expiration_time are used to check if access is allowed. "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"If both attributes are missing access is granted."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>nds</emphasis>: アクセスが許可されるかを確認するために the values "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"of ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled および "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ldap_user_nds_login_expiration_time の値が使用されます。どの値もなければ、ア"
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"Please note that the ldap_access_order configuration option <emphasis>must</"
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"emphasis> include <quote>expire</quote> in order for the "
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"ldap_account_expire_policy option to work."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_access_order (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_access_order (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Comma separated list of access control options. Allowed values are:"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"アクセス制御オプションのカンマ区切り一覧です。許可される値は次のとおりです:"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<emphasis>filter</emphasis>: use ldap_access_filter"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<emphasis>filter</emphasis>: ldap_access_filter を使用します"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<emphasis>expire</emphasis>: ldap_account_expire_policy を使用します"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"to determine access"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>authorized_service</emphasis>: アクセス権を決定するために "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"authorizedService 属性を使用します"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<emphasis>host</emphasis>: use the host attribute to determine access"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>host</emphasis>: アクセス権を決めるために host 属性を使用します"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: filter"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: filter"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Please note that it is a configuration error if a value is used more than "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "値が複数使用されていると設定エラーになることに注意してください。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_deref (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_deref (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Specifies how alias dereferencing is done when performing a search. The "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"following options are allowed:"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"検索を実行するときにどのように参照解決を実行するかを指定します。以下のオプ"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<emphasis>never</emphasis>: エイリアスが参照解決されません。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"the base object, but not in locating the base object of the search."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>searching</emphasis>: エイリアスはベースオブジェクトの下位に参照解"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"決されますが、検索のベースオブジェクトの位置を探すときはされません。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"the base object of the search."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>finding</emphasis>: エイリアスは検索のベースオブジェクトの位置を探"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"すときのみ参照解決されます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"in locating the base object of the search."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>always</emphasis>: エイリアスは検索のベースオブジェクトを検索すると"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"きも位置を検索するときも参照解決されます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"client libraries)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"初期値: 空白(LDAP クライアントライブラリにより <emphasis>never</emphasis> と"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozekmsgid "ldap_rfc2307_fallback_to_local_users (boolean)"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"Allows to retain local users as members of an LDAP group for servers that "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"use the RFC2307 schema."
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"In some environments where the RFC2307 schema is used, local users are made "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"members of LDAP groups by adding their names to the memberUid attribute. "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"The self-consistency of the domain is compromised when this is done, so SSSD "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"would normally remove the \"missing\" users from the cached group "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"memberships as soon as nsswitch tries to fetch information about the user "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"via getpw*() or initgroups() calls."
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"This option falls back to checking if local users are referenced, and caches "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"them so that later initgroups() calls will augment the local users with the "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"additional LDAP groups."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"All of the common configuration options that apply to SSSD domains also "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"manvolnum> </citerefentry> manual page for full details. <placeholder type="
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"\"variablelist\" id=\"0\"/>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"SSSD ドメインに適用するすべての全体設定オプションを LDAP ドメインに適用しま"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"す。完全な詳細は <citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<manvolnum>5</manvolnum> </citerefentry> マニュアルページの <quote>ドメインセ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"クション</quote> を参照してください。 <placeholder type=\"variablelist\" id="
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><title>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "SUDO OPTIONS"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "SUDO オプション"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ldap_sudorule_object_class (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_sudorule_object_class (文字列)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "The object class of a sudo rule entry in LDAP."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "LDAP にある sudo ルールエントリーのオブジェクトクラスです。"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "Default: sudoRole"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: sudoRole"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ldap_sudorule_name (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_sudorule_name (文字列)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "The LDAP attribute that corresponds to the sudo rule name."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "sudo ルール名に対応する LDAP 属性です。"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ldap_sudorule_command (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_sudorule_command (文字列)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "The LDAP attribute that corresponds to the command name."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "コマンド名に対応する LDAP 属性です。"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "Default: sudoCommand"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: sudoCommand"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ldap_sudorule_host (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_sudorule_host (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"The LDAP attribute that corresponds to the host name (or host IP address, "
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"host IP network, or host netgroup)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ホスト名(またはホスト IP アドレス、ホスト IP ネットワーク、ホストネットワー"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"クグループ)に対応する LDAP 属性です。"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "Default: sudoHost"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: sudoHost"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ldap_sudorule_user (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_sudorule_user (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"The LDAP attribute that corresponds to the user name (or UID, group name or "
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"user's netgroup)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ユーザー名(または UID、グループ名、ユーザーのネットワークグループ)に対応す"
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "Default: sudoUser"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: sudoUser"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ldap_sudorule_option (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_sudorule_option (文字列)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "The LDAP attribute that corresponds to the sudo options."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "sudo オプションに対応する LDAP 属性です。"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "Default: sudoOption"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: sudoOption"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ldap_sudorule_runasuser (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_sudorule_runasuser (文字列)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"The LDAP attribute that corresponds to the user name that commands may be "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "コマンドを実行するユーザー名に対応する LDAP 属性です。"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "Default: sudoRunAsUser"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: sudoRunAsUser"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ldap_sudorule_runasgroup (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_sudorule_runasgroup (文字列)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"The LDAP attribute that corresponds to the group name or group GID that "
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"commands may be run as."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"コマンドを実行するグループ名またはグループの GID に対応する LDAP 属性です。"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "Default: sudoRunAsGroup"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: sudoRunAsGroup"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ldap_sudorule_notbefore (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_sudorule_notbefore (文字列)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"The LDAP attribute that corresponds to the start date/time for when the sudo "
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"rule is valid."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "sudo ルールが有効になる開始日時に対応する LDAP 属性です。"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "Default: sudoNotBefore"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: sudoNotBefore"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ldap_sudorule_notafter (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_sudorule_notafter (文字列)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"The LDAP attribute that corresponds to the expiration date/time, after which "
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"the sudo rule will no longer be valid."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"sudo ルールが有効ではなくなった後に、期限切れとなる日時に対応する LDAP 属性で"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "Default: sudoNotAfter"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: sudoNotAfter"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ldap_sudorule_order (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_sudorule_order (文字列)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "The LDAP attribute that corresponds to the ordering index of the rule."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ルールの並び替えインデックスに対応する LDAP 属性です。"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "Default: sudoOrder"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: sudoOrder"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozekmsgid "ldap_sudo_full_refresh_interval (integer)"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozekmsgstr "ldap_sudo_full_refresh_interval (整数)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"How many seconds SSSD will wait between executing a full refresh of sudo "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"rules (which downloads all rules that are stored on the server)."
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"値は <emphasis>ldap_sudo_smart_refresh_interval</emphasis> より大きい必要があ"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozekmsgid "Default: 21600 (6 hours)"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgstr "初期値: 21600 (6 時間)"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozekmsgid "ldap_sudo_smart_refresh_interval (integer)"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgstr "ldap_sudo_smart_refresh_interval (整数)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"How many seconds SSSD has to wait before executing a smart refresh of sudo "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"rules (which downloads all rules that have USN higher than the highest USN "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"of cached rules)."
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"If USN attributes are not supported by the server, the modifyTimestamp "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"attribute is used instead."
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozekmsgid "ldap_sudo_use_host_filter (boolean)"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozekmsgstr "ldap_sudo_use_host_filter (論理値)"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"If true, SSSD will download only rules that are applicable to this machine "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"(using the IPv4 or IPv6 host/network addresses and hostnames)."
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozekmsgid "ldap_sudo_hostnames (string)"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgstr "ldap_sudo_hostnames (文字列)"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"Space separated list of hostnames or fully qualified domain names that "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"should be used to filter the rules."
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"ルールをフィルターするために使用されるホスト名または完全修飾ドメイン名の空白"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"If this option is empty, SSSD will try to discover the hostname and the "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"fully qualified domain name automatically."
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd-ldap.5.xml:2132 sssd-ldap.5.xml:2155 sssd-ldap.5.xml:2173
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"emphasis> then this option has no effect."
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"<emphasis>ldap_sudo_use_host_filter</emphasis> が <emphasis>false</emphasis> "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"ならば、このオプションは効果を持ちません。"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozekmsgid "Default: not specified"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgstr "初期値: 指定なし"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozekmsgid "ldap_sudo_ip (string)"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgstr "ldap_sudo_ip (文字列)"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"Space separated list of IPv4 or IPv6 host/network addresses that should be "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"used to filter the rules."
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"ルールをフィルターするために使用される、IPv4 または IPv6 ホスト/ネットワーク"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"アドレスの空白区切り一覧です。"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"If this option is empty, SSSD will try to discover the addresses "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"automatically."
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"このオプションが空白ならば、SSSD は自動的にアドレスを検索しようとします。"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozekmsgid "ldap_sudo_include_netgroups (boolean)"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgstr "ldap_sudo_include_netgroups (論理値)"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"If true then SSSD will download every rule that contains a netgroup in "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"sudoHost attribute."
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozekmsgid "ldap_sudo_include_regexp (boolean)"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgstr "ldap_sudo_include_regexp (論理値)"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"If true then SSSD will download every rule that contains a wildcard in "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"sudoHost attribute."
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "<placeholder type=\"variablelist\" id=\"0\"/>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<placeholder type=\"variablelist\" id=\"0\"/>"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"This manual page only describes attribute name mapping. For detailed "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"explanation of sudo related attribute semantics, see <citerefentry> "
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"citerefentry>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"このマニュアルページは属性名マッピングのみを説明します。 sudo に関連する属性"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"セマンティックの詳細な説明は <citerefentry> <refentrytitle>sudoers.ldap</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"refentrytitle><manvolnum>5</manvolnum> </citerefentry> を参照してください"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><title>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "AUTOFS OPTIONS"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "AUTOFS オプション"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"Please note that the default values correspond to the default schema which "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値は RFC2307 の標準スキーマに対応することに注意してください。"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ldap_autofs_map_object_class (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_autofs_map_object_class (文字列)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "The object class of an automount map entry in LDAP."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "LDAP にある automount マップエントリーのオブジェクトクラスです。"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "Default: automountMap"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: automountMap"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ldap_autofs_map_name (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_autofs_map_name (文字列)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "The name of an automount map entry in LDAP."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "LDAP における automount のマップエントリーの名前です。"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "Default: ou"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: ou"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ldap_autofs_entry_object_class (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_autofs_entry_object_class (文字列)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ldap_autofs_entry_key (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_autofs_entry_key (文字列)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"The key of an automount entry in LDAP. The entry usually corresponds to a "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"LDAP にある automount エントリーのキーです。エントリーは一般的にマウントポイ"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ldap_autofs_entry_value (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_autofs_entry_value (文字列)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "Default: automountInformation"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: automountInformation"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type="
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"\"variablelist\" id=\"4\"/>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type="
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"\"variablelist\" id=\"4\"/>"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><title>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ADVANCED OPTIONS"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "高度なオプション"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ldap_netgroup_search_base (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_netgroup_search_base (文字列)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_user_search_base (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_user_search_base (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_group_search_base (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_group_search_base (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_user_search_filter (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_user_search_filter (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"This option specifies an additional LDAP search filter criteria that "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"restrict user searches."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"このオプションは、ユーザー検索を制限する、追加の LDAP 検索フィルター基準を指"
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallagher"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallagher"by ldap_user_search_base."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"このオプションは ldap_user_search_base により使用される構文のほうを選んで"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>廃止されます</emphasis>。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"This filter would restrict user searches to users that have their shell set "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"このフィルターは、ユーザー検索をシェルが /bin/tcsh に設定されているユーザーに"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ldap_group_search_filter (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_group_search_filter (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"This option specifies an additional LDAP search filter criteria that "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"restrict group searches."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"このオプションは、グループ検索を制限する、追加の LDAP 検索フィルター基準を指"
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallagher"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallagher"by ldap_group_search_base."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"このオプションは ldap_group_search_base により使用される構文のほうを選んで"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>廃止されます</emphasis>。"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ldap_sudo_search_base (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_sudo_search_base (文字列)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ldap_autofs_search_base (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ldap_autofs_search_base (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"These options are supported by LDAP domains, but they should be used with "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"caution. Please include them in your configuration only if you know what you "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"are doing. <placeholder type=\"variablelist\" id=\"0\"/>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"これらのオプションは LDAP ドメインによりサポートされますが、注意して使用する"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"必要があります。自分が何をしているかを理解している場合のみ、設定に含めてくだ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"さい。 <placeholder type=\"variablelist\" id=\"0\"/>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The following example assumes that SSSD is correctly configured and LDAP is "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"set to one of the domains in the <replaceable>[domains]</replaceable> "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"以下の例は、SSSD が正しく設定され、LDAP が <replaceable>[domains]</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"replaceable> セクションにあるドメインのどれかに設定されていると仮定していま"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><programlisting>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher" id_provider = ldap\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher" auth_provider = ldap\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher" ldap_uri = ldap://ldap.mydomain.org\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher" ldap_search_base = dc=mydomain,dc=org\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher" ldap_tls_reqcert = demand\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher" cache_credentials = true\n"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <refsect1><refsect2><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd-ldap.5.xml:2385 sssd-simple.5.xml:139 sssd-ipa.5.xml:748
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd-ad.5.xml:296 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-krb5.5.xml:515
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<placeholder type=\"programlisting\" id=\"0\"/>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<placeholder type=\"programlisting\" id=\"0\"/>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><title>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd-ldap.5.xml:2398 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:311
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The descriptions of some of the configuration options in this manual page "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"distribution."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"このマニュアルページにある設定オプションのいくつかの説明は、OpenLDAP 2.4 ディ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ストリビューションから <citerefentry> <refentrytitle>ldap.conf</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> マニュアルページに基"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <refentryinfo>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<productname>SSSD</productname> <orgname>The SSSD upstream - http://"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<productname>SSSD</productname> <orgname>The SSSD upstream - http://"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refname>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "pam_sss"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "pam_sss"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refpurpose>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "PAM module for SSSD"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "SSSD の PAM モジュール"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<command>pam_sss.so</command> is the PAM interface to the System Security "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"Services daemon (SSSD). Errors and results are logged through "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"<command>syslog(3)</command> with the LOG_AUTHPRIV facility."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>pam_sss.so</command> は System Security Services daemon (SSSD) への "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"PAM インターフェースです。エラーと結果は <command>syslog(3)</command> を通し"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"て LOG_AUTHPRIV ファシリティでログ記録されます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<option>quiet</option>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<option>quiet</option>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Suppress log messages for unknown users."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "不明なユーザーのログメッセージを抑制します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<option>forward_pass</option>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<option>forward_pass</option>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"If <option>forward_pass</option> is set the entered password is put on the "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"stack for other PAM modules to use."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<option>forward_pass</option> が設定されていると、他の PAM モジュールが使用す"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"るために、入力されたパスワードがスタックに置かれます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<option>use_first_pass</option>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<option>use_first_pass</option>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The argument use_first_pass forces the module to use a previous stacked "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"modules password and will never prompt the user - if no password is "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"available or the password is not appropriate, the user will be denied access."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"引数 use_first_pass は強制的にモジュールが前にスタックされたモジュールのパス"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ワードを使用して、ユーザーに入力させません。パスワードが何も利用可能ではな"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"い、またはパスワードが適切でなければ、ユーザーがアクセスを拒否されます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<option>use_authtok</option>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<option>use_authtok</option>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"When password changing enforce the module to set the new password to the one "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"provided by a previously stacked password module."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"パスワードを変更するとき、モジュールが強制的に新しいパスワードを、前にスタッ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"クされたパスワードモジュールに設定します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<option>retry=N</option>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<option>retry=N</option>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"If specified the user is asked another N times for a password if "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"authentication fails. Default is 0."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"指定されていると、認証に失敗した場合にパスワードをあと N 回ユーザーに問い合わ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"せます。初期値は 0 です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Please note that this option might not work as expected if the application "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"calling PAM handles the user dialog on its own. A typical example is "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<command>sshd</command> with <option>PasswordAuthentication</option>."
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"このオプションは、アプリケーションが呼び出す PAM が自身においてユーザーダイア"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"ログを処理すると仮定して動作しません。典型的な例は "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"<option>PasswordAuthentication</option> を用いた <command>sshd</command> で"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><title>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "MODULE TYPES PROVIDED"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "提供されるモジュール形式"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"All module types (<option>account</option>, <option>auth</option>, "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<option>password</option> and <option>session</option>) are provided."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"すべてのモジュール形式 (<option>account</option>, <option>auth</option>, "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<option>password</option> および <option>session</option>) が提供されます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><title>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"If a password reset by root fails, because the corresponding SSSD provider "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"does not support password resets, an individual message can be displayed. "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"This message can e.g. contain instructions about how to reset a password."
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"対応する SSSD プロバイダーがパスワードリセットをサポートしないため、root によ"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"るパスワードリセットが失敗すると、それぞれのメッセージが表示されます。たとえ"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"ば、このメッセージはパスワードをリセットする方法に関する説明があります。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"filename> where LOC stands for a locale string returned by <citerefentry> "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"citerefentry>. If there is no matching file the content of "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"the owner of the files and only root may have read and write permissions "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"while all other users must have only read permissions."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"These files are searched in the directory <filename>/etc/sssd/customize/"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"DOMAIN_NAME/</filename>. If no matching file is present a generic message is "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"これらのファイルがディレクトリー <filename>/etc/sssd/customize/DOMAIN_NAME/</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"filename> において検索されます。一致するファイルがなければ、一般的なメッセー"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refname>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "sssd_krb5_locator_plugin"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "sssd_krb5_locator_plugin"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"libraries what Realm and which KDC to use. Typically this is done in "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"manvolnum> </citerefentry> which is always read by the Kerberos libraries. "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"To simplify the configuration the Realm and the KDC can be defined in "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"manvolnum> </citerefentry> as described in <citerefentry> "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"citerefentry>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"</citerefentry> puts the Realm and the name or IP address of the KDC into "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos "
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher"libraries it reads and evaluates these variables and returns them to the "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"</citerefentry> は、レルム、および KDC の名前または IP アドレスを、それぞれ "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"SSSD_KRB5_REALM および SSSD_KRB5_KDC の中に置きます。"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"<command>sssd_krb5_locator_plugin</command> が Kerberos ライブラリーにより呼"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"び出されるとき、それがこれらの変数を読み込み、評価し、ライブラリーに返しま"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Not all Kerberos implementations support the use of plugins. If "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<command>sssd_krb5_locator_plugin</command> is not available on your system "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"you have to edit /etc/krb5.conf to reflect your Kerberos setup."
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"すべての Kerberos 実装がプラグインの使用をサポートしているとは限りません。 "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"<command>sssd_krb5_locator_plugin</command> がシステムにおいて利用可能でなけ"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"れば、Kerberos の構築を反映するように /etc/krb5.conf を編集する必要がありま"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"debug messages will be sent to stderr."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"環境変数 SSSD_KRB5_LOCATOR_DEBUG に何らかの値が設定されていると、デバッグメッ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"セージが標準エラーに送られます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refname>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#: sssd-simple.5.xml:10 sssd-simple.5.xml:16
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "sssd-simple"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "sssd-simple"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refpurpose>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "the configuration file for SSSD's 'simple' access-control provider"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "SSSD の 'simple' アクセス制御プロバイダーの設定ファイルです。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"This manual page describes the configuration of the simple access-control "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"citerefentry> manual page."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"このマニュアルは <citerefentry> <refentrytitle>sssd</refentrytitle> "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<manvolnum>8</manvolnum> </citerefentry> に対して簡単なアクセス制御の設定を説"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"明しています。詳細は <citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<manvolnum>5</manvolnum> </citerefentry> マニュアルページの <quote>ファイル形"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"式</quote> セクションを参照してください。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The simple access provider grants or denies access based on an access or "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"deny list of user or group names. The following rules apply:"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"シンプルアクセスプロバイダーは、ユーザー名またはグループ名のアクセスまたは拒"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"否の一覧に基づいてアクセスを許可または拒否します。以下の例を適用します:"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "If all lists are empty, access is granted"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "すべての一覧が空白ならば、アクセスが認められます"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"If any list is provided, the order of evaluation is allow,deny. This means "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"that any matching deny rule will supersede any matched allow rule."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"何らかの一覧が提供されていると、許可(allow)、拒否(deny)の順に評価されま"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"す。拒否ルールに一致するすべてのものは、許可ルールに一致するすべてのものを更"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"If either or both \"allow\" lists are provided, all users are denied unless "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"they appear in the list."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"\"allow\" 一覧が提供されていると、すべてのユーザーはこの一覧に表れなければ拒"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"If only \"deny\" lists are provided, all users are granted access unless "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"they appear in the list."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"\"deny\" 一覧のみが提供されていると、ユーザーがこの一覧に表れない限り、すべて"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"のユーザーがアクセスを許可されます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "simple_allow_users (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "simple_allow_users (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Comma separated list of users who are allowed to log in."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ログインが許可されたユーザーのカンマ区切り一覧です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "simple_deny_users (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "simple_deny_users (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Comma separated list of users who are explicitly denied access."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "アクセスが明示的に拒否されたユーザーのカンマ区切り一覧です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "simple_allow_groups (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "simple_allow_groups (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Comma separated list of groups that are allowed to log in. This applies only "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"to groups within this SSSD domain. Local groups are not evaluated."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ログインが許可されたグループのカンマ区切り一覧です。この SSSD ドメインの中の"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"グループのみに適用されます。ローカルグループは評価されません。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "simple_deny_groups (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "simple_deny_groups (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Comma separated list of groups that are explicitly denied access. This "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"applies only to groups within this SSSD domain. Local groups are not "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"アクセスが明示的に拒否されたグループのカンマ区切り一覧です。この SSSD ドメイ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ンの中のグループのみに適用されます。ローカルグループは評価されません。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#: sssd-simple.5.xml:70 sssd-ipa.5.xml:71 sssd-ad.5.xml:79
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"citerefentry> manual page for details on the configuration of an SSSD "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"domain. <placeholder type=\"variablelist\" id=\"0\"/>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"SSSD ドメインの設定に関する詳細は <citerefentry> <refentrytitle>sssd.conf</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> マニュアルページの "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<quote>ドメインセクション</quote> のセクションを参照してください。 "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<placeholder type=\"variablelist\" id=\"0\"/>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"Specifying no values for any of the lists is equivalent to skipping it "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"entirely. Beware of this while generating parameters for the simple provider "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"using automated scripts."
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Please note that it is an configuration error if both, simple_allow_users "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"and simple_deny_users, are defined."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"simple_allow_users と simple_deny_users がどちらも定義されると、設定エラーに"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"なることに注意してください。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The following example assumes that SSSD is correctly configured and example."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"This examples shows only the simple access provider-specific options."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"以下の例は、SSSD が正しく設定され、example.com が <replaceable>[sssd]</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"replaceable> セクションにあるドメインの 1 つであると仮定します。この例はアク"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"セスプロバイダー固有の簡単なオプションのみを示します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><programlisting>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher" access_provider = simple\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher" simple_allow_users = user1, user2\n"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher" access_provider = simple\n"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher" simple_allow_users = user1, user2\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refname>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "sssd-ipa"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "sssd-ipa"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"This manual page describes the configuration of the IPA provider for "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"このマニュアルページは <citerefentry> <refentrytitle>sssd</refentrytitle> "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<manvolnum>8</manvolnum> </citerefentry> に対する IPA プロバイダーの設定を説"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"明しています。詳細な構文の参考資料は <citerefentry> <refentrytitle>sssd."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"conf</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> マニュアルペー"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ジの <quote>ファイル形式</quote> を参照してください。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The IPA provider is a back end used to connect to an IPA server. (Refer to "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"the freeipa.org web site for information about IPA servers.) This provider "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"requires that the machine be joined to the IPA domain; configuration is "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"almost entirely self-discovered and obtained directly from the server."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"IPA プロバイダーは IPA サーバーに接続するために使用されるバックエンドです。"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"(IPA サーバーに関する詳細は freeipa.org のウェブサイトを参照してください。)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"このプロバイダーは、マシンが IPA ドメインに参加していて、設定がすでに全体的に"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"自己検索され、サーバーから直接取得されている必要があります。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The IPA provider accepts the same options used by the <citerefentry> "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication "
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher"provider with some exceptions described below."
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"IPA プロバイダーは <citerefentry> <refentrytitle>sssd-ldap</refentrytitle> "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"<manvolnum>5</manvolnum> </citerefentry> 識別プロバイダーおよび "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"manvolnum> </citerefentry> 認証プロバイダーにより使用されるものと同じオプショ"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"ンを受け付けます。いくつかの例外は以下に説明されています。"
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher"However, it is neither necessary nor recommended to set these options. IPA "
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher"provider can also be used as an access and chpass provider. As an access "
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher"provider it uses HBAC (host-based access control) rules. Please refer to "
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher"freeipa.org for more information about HBAC. No configuration of access "
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher"provider is required on the client side."
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"しかし、これらのオプションを設定することは必要ありません、また推奨もされませ"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"ん。IPA プロバイダーはアクセスプロバイダーおよびパスワード変更プロバイダーと"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"しても使用できます。アクセスプロバイダーとしては、HBAC (ホストベースアクセス"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"制御) ルールを使用します。HBAC の詳細は freeipa.org を参照してください。アク"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"セスプロバイダーが設定されていなければ、クライアント側において必要になりま"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para>
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"The IPA provider will use the PAC responder if the Kerberos tickets of users "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"from trusted realms contain a PAC. To make configuration easier the PAC "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"responder is started automatically if the IPA ID provider is configured."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ipa_domain (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ipa_domain (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Specifies the name of the IPA domain. This is optional. If not provided, "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"the configuration domain name is used."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"IPA ドメインの名前を指定します。これはオプションです。提供されなければ、設定"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ドメイン名が使用されます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgid "ipa_server, ipa_backup_server (string)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The comma-separated list of IP addresses or hostnames of the IPA servers to "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"which SSSD should connect in the order of preference. For more information "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"on failover and server redundancy, see the <quote>FAILOVER</quote> section. "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"This is optional if autodiscovery is enabled. For more information on "
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ipa_hostname (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ipa_hostname (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Optional. May be set on machines where the hostname(5) does not reflect the "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"fully qualified name used in the IPA domain to identify this host."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"オプションです。hostname(5) がこのホストを識別するために IPA ドメインにおいて"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"使用される完全修飾名を反映しないマシンにおいて設定されます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgid "dyndns_update (boolean)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Optional. This option tells SSSD to automatically update the DNS server "
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"built into FreeIPA v2 with the IP address of this client. The update is "
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"secured using GSS-TSIG. The IP address of the IPA LDAP connection is used "
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"for the updates, if it is not otherwise specified by using the "
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"<quote>dyndns_iface</quote> option."
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, "
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"the default Kerberos realm must be set properly in /etc/krb5.conf"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"注: (RHEL5 のような) 古いシステムにおいて、この動作が正しく機能するためには、"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"デフォルトの Kerberos レルムが /etc/krb5.conf において正しく設定されている必"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"emphasis> option, users should migrate to using <emphasis>dyndns_update</"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"emphasis> in their config file."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgid "dyndns_ttl (integer)"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"The TTL to apply to the client DNS record when updating it. If "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"dyndns_update is false this has no effect. This will override the TTL "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"serverside if set by an administrator."
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"emphasis> option, users should migrate to using <emphasis>dyndns_ttl</"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"emphasis> in their config file."
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozekmsgid "Default: 1200 (seconds)"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgid "dyndns_iface (string)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"Optional. Applicable only when dyndns_update is true. Choose the interface "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"whose IP address should be used for dynamic DNS updates."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"emphasis> option, users should migrate to using <emphasis>dyndns_iface</"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"emphasis> in their config file."
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: Use the IP address of the IPA LDAP connection"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: IPA LDAP 接続の IP アドレスを使用します"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgid "ipa_enable_dns_sites (boolean)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgid "Enables DNS sites - location based service discovery."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"If true and service discovery (see Service Discovery paragraph at the bottom "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"of the man page) is enabled, then the SSSD will first attempt location "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"based discovery using a query that contains \"_location.hostname.example.com"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"\" and then fall back to traditional SRV discovery. If the location based "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"discovery succeeds, the IPA servers located with the location based "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"discovery are treated as primary servers and the IPA servers located using "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"the traditional SRV discovery are used as back up servers"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgid "dyndns_refresh_interval (integer)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"How often should the back end perform periodic DNS update in addition to the "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"automatic update performed when the back end goes online. This option is "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"optional and applicable only when dyndns_update is true."
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgid "dyndns_update_ptr (bool)"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"Whether the PTR record should also be explicitly updated when updating the "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"client's DNS records. Applicable only when dyndns_update is true."
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"This option should be False in most IPA deployments as the IPA server "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"generates the PTR records automatically when forward records are changed."
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgid "Default: False (disabled)"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgid "dyndns_force_tcp (bool)"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"Whether the nsupdate utility should default to using TCP for communicating "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"with the DNS server."
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgid "Default: False (let nsupdate choose the protocol)"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgid "ipa_hbac_search_base (string)"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgstr "ipa_hbac_search_base (文字列)"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgid "Optional. Use the given string as search base for HBAC related objects."
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"オプションです。与えられた文字列を HBAC 関連オブジェクトに対する検索ベースと"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgid "Default: Use base DN"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgstr "初期値: ベース DN を使用します"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgid "ipa_host_search_base (string)"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgstr "ipa_host_search_base (文字列)"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgid "Optional. Use the given string as search base for host objects."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"オプションです。ホストオブジェクトの検索ベースとして与えられた文字列を使用し"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd-ipa.5.xml:280 sssd-ipa.5.xml:304 sssd-ipa.5.xml:323 sssd-ipa.5.xml:342
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"See <quote>ldap_search_base</quote> for information about configuring "
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"multiple search bases."
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"複数の検索ベースを設定することの詳細は <quote>ldap_search_base</quote> を参照"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"If filter is given in any of search bases and "
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter "
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"will be ignored."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"フィルターがすべての検索ベースに与えられ、かつ "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>ipa_hbac_support_srchost</emphasis> が偽(False)に設定されている"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"と、フィルターは無視されます。"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek#. type: Content of: <listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#: sssd-ipa.5.xml:290 sssd-ipa.5.xml:309 include/ldap_search_bases.xml:23
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek#: include/ldap_search_bases_experimental.xml:23
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozekmsgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozekmsgstr "初期値: <emphasis>ldap_search_base</emphasis> の値"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ipa_selinux_search_base (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ipa_selinux_search_base (文字列)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "Optional. Use the given string as search base for SELinux user maps."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"オプションです。与えられた文字列を SELinux ユーザーマップに対する検索ベースと"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "ipa_subdomains_search_base (string)"
bf9abef629707167d39fcc92ec9c18a6244b27b8Jakub Hrozekmsgstr "ipa_subdomains_search_base (文字列)"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "Optional. Use the given string as search base for trusted domains."
bf9abef629707167d39fcc92ec9c18a6244b27b8Jakub Hrozek"オプションです。信頼されたドメインに対する検索ベースとして、与えられた文字列"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgstr "初期値: <emphasis>cn=trusts,%basedn</emphasis> の値"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallaghermsgid "ipa_master_domain_search_base (string)"
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallaghermsgid "Optional. Use the given string as search base for master domain object."
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallaghermsgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
7797e361155f7ce937085fd98e360469d7baf1b6Jakub Hrozekmsgstr "初期値: <emphasis>cn=ad,cn=etc,%basedn</emphasis> の値"
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "krb5_validate (boolean)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "krb5_validate (論理値)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Verify with the help of krb5_keytab that the TGT obtained has not been "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"取得された TGT が改ざんされていないかを krb5_keytab の支援で確認します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Note that this default differs from the traditional Kerberos provider back "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"この初期値は伝統的な Kerberos プロバイダーのバックエンドとは異なることに注意"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The name of the Kerberos realm. This is optional and defaults to the value "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"of <quote>ipa_domain</quote>."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"Kerberos レルムの名前です。これはオプションで、初期値は <quote>ipa_domain</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The name of the Kerberos realm has a special meaning in IPA - it is "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"converted into the base DN to use for performing LDAP operations."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"IPA において特別な意味を持つ Kerberos レルムの名前です。LDAP 操作を実行するた"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"めに使用するベース DN に変換されます。"
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher"Specifies if the host and user principal should be canonicalized when "
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallagher"connecting to IPA LDAP and also for AS requests. This feature is available "
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallagher"with MIT Kerberos >= 1.7"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"IPA LDAP と AS 要求に対して接続するとき、ホストとユーザープリンシパルを正規化"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"するかを指定します。この機能は MIT Kerberos >= 1.7 で利用可能です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ipa_hbac_refresh (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ipa_hbac_refresh (整数)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The amount of time between lookups of the HBAC rules against the IPA server. "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"This will reduce the latency and load on the IPA server if there are many "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"access-control requests made in a short period."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: 5 (seconds)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: 5 (秒)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozekmsgid "ipa_hbac_selinux (integer)"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"The amount of time between lookups of the SELinux maps against the IPA "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"server. This will reduce the latency and load on the IPA server if there are "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"many user login requests made in a short period."
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "ipa_hbac_treat_deny_as (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ipa_hbac_treat_deny_as (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"client will support two modes of operation during this transition period:"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"このオプションは推奨されない DENY 形式の HBAC ルールをどのように取り扱うかを"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"指定します。FreeIPA v2.1 現在、DENY ルールはもはやサーバーにおいてサポートさ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"れません。すべての FreeIPA のユーザーはそれらのルールを ALLOW ルールのみを使"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"用するよう移行する必要があります。クライアントはこの移行期間中 2 つのモードの"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"users will be denied access."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>DENY_ALL</emphasis>: すべての HBAC DENY ルールが検知されると、すべ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"てのユーザーがアクセスを拒否されます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"careful with this option, as it may result in opening unintended access."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>IGNORE</emphasis>: SSSD がすべての DENY ルールを無視されます。意図"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"しないアクセスが開かれる可能性があるので、このオプションを用いるときは非常に"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: DENY_ALL"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: DENY_ALL"
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallaghermsgid "ipa_hbac_support_srchost (boolean)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ipa_hbac_support_srchost (論理値)"
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher"If this is set to false, then srchost as given to SSSD by PAM will be "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"これが偽に設定されていると、PAM により SSSD に与えられる srchost が無視されま"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"Note that if set to <emphasis>False</emphasis>, this option casuses filters "
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>False</emphasis> に設定されていると、このオプションは "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>ipa_host_search_base</emphasis> に与えられたフィルターが無視される"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ようになることに注意してください。"
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
292cbb3fbe41bb7ee09b67c3ec59ab7c7ba5220eStephen Gallaghermsgid "ipa_automount_location (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ipa_automount_location (文字列)"
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
292cbb3fbe41bb7ee09b67c3ec59ab7c7ba5220eStephen Gallaghermsgid "The automounter location this IPA client will be using"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "この IPA クライアントが使用する automounter の場所です"
292cbb3fbe41bb7ee09b67c3ec59ab7c7ba5220eStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
292cbb3fbe41bb7ee09b67c3ec59ab7c7ba5220eStephen Gallaghermsgid "Default: The location named \"default\""
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: \"default\" という名前の場所"
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
292cbb3fbe41bb7ee09b67c3ec59ab7c7ba5220eStephen Gallaghermsgid "ipa_netgroup_member_of (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ipa_netgroup_member_of (文字列)"
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
292cbb3fbe41bb7ee09b67c3ec59ab7c7ba5220eStephen Gallaghermsgid "The LDAP attribute that lists netgroup's memberships."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ネットワークグループのメンバーを一覧にする LDAP 属性です。"
292cbb3fbe41bb7ee09b67c3ec59ab7c7ba5220eStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
292cbb3fbe41bb7ee09b67c3ec59ab7c7ba5220eStephen Gallaghermsgid "ipa_netgroup_member_user (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ipa_netgroup_member_user (文字列)"
292cbb3fbe41bb7ee09b67c3ec59ab7c7ba5220eStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher"The LDAP attribute that lists system users and groups that are direct "
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher"members of the netgroup."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ネットワークグループの直接メンバーであるシステムユーザーとグループを一覧化す"
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallaghermsgid "Default: memberUser"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: memberUser"
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallaghermsgid "ipa_netgroup_member_host (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ipa_netgroup_member_host (文字列)"
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher"The LDAP attribute that lists hosts and host groups that are direct members "
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher"of the netgroup."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ネットワークグループの直接メンバーであるホストとホストグループを一覧化する "
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallaghermsgid "Default: memberHost"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: memberHost"
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallaghermsgid "ipa_netgroup_member_ext_host (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ipa_netgroup_member_ext_host (文字列)"
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher"The LDAP attribute that lists FQDNs of hosts and host groups that are "
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher"members of the netgroup."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ネットワークグループのメンバーであるホストとホストグループの FQDN を一覧化す"
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallaghermsgid "Default: externalHost"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: externalHost"
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallaghermsgid "ipa_netgroup_domain (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ipa_netgroup_domain (文字列)"
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallaghermsgid "The LDAP attribute that contains NIS domain name of the netgroup."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ネットワークグループの NIS ドメイン名を含む LDAP 属性です。"
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallaghermsgid "Default: nisDomainName"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: nisDomainName"
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallaghermsgid "ipa_host_object_class (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ipa_host_object_class (文字列)"
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallaghermsgid "The object class of a host entry in LDAP."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "LDAP にあるホストエントリーのオブジェクトクラスです。"
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallaghermsgid "Default: ipaHost"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: ipaHost"
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallaghermsgid "ipa_host_fqdn (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ipa_host_fqdn (文字列)"
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallaghermsgid "The LDAP attribute that contains FQDN of the host."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ホストの FQDN を含む LDAP 属性です。"
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallaghermsgid "Default: fqdn"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: fqdn"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ipa_selinux_usermap_object_class (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ipa_selinux_usermap_object_class (文字列)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ipa_selinux_usermap_name (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ipa_selinux_usermap_name (文字列)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "The LDAP attribute that contains the name of SELinux usermap."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "SELinux ユーザーマップの名前を含む LDAP 属性です。"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ipa_selinux_usermap_member_user (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ipa_selinux_usermap_member_user (文字列)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"The LDAP attribute that contains all users / groups this rule match against."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "このルールが一致するすべてのユーザー・グループを含む LDAP 属性です。"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ipa_selinux_usermap_member_host (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ipa_selinux_usermap_member_host (文字列)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"The LDAP attribute that contains all hosts / hostgroups this rule match "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "このルールが一致するホスト・ホストグループを含む LDAP 属性です。"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ipa_selinux_usermap_see_also (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ipa_selinux_usermap_see_also (文字列)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"The LDAP attribute that contains DN of HBAC rule which can be used for "
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"matching instead of memberUser and memberHost"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"memberUser と memberHost の代わりにマッチに使用される HBAC ルールの DN を含"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "Default: seeAlso"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: seeAlso"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ipa_selinux_usermap_selinux_user (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ipa_selinux_usermap_selinux_user (文字列)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "The LDAP attribute that contains SELinux user string itself."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "SELinux ユーザー文字列自身を含む LDAP 属性です。"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "Default: ipaSELinuxUser"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: ipaSELinuxUser"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ipa_selinux_usermap_enabled (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ipa_selinux_usermap_enabled (文字列)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallagher"The LDAP attribute that contains whether or not is user map enabled for "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ユーザーマップが使用するために有効化されているかどうかを含む LDAP 属性です。"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "Default: ipaEnabledFlag"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: ipaEnabledFlag"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ipa_selinux_usermap_user_category (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ipa_selinux_usermap_user_category (文字列)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "The LDAP attribute that contains user category such as 'all'."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "'all' のようなユーザーカテゴリーを含む LDAP 属性です。"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "Default: userCategory"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: userCategory"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ipa_selinux_usermap_host_category (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ipa_selinux_usermap_host_category (文字列)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "The LDAP attribute that contains host category such as 'all'."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "'all' のようなホストカテゴリーを含む LDAP 属性です。"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "Default: hostCategory"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: hostCategory"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ipa_selinux_usermap_uuid (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ipa_selinux_usermap_uuid (文字列)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "The LDAP attribute that contains unique ID of the user map."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ユーザーマップの一意な ID を含む LDAP 属性です。"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "Default: ipaUniqueID"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: ipaUniqueID"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "ipa_host_ssh_public_key (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ipa_host_ssh_public_key (文字列)"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "The LDAP attribute that contains the host's SSH public keys."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ホストの SSH 公開鍵を含む LDAP 属性です。"
056302a92862fda16351d7192600746746f38e5dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
056302a92862fda16351d7192600746746f38e5dStephen Gallaghermsgid "Default: ipaSshPubKey"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: ipaSshPubKey"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><title>
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozekmsgid "SUBDOMAINS PROVIDER"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"The IPA subdomains provider behaves slightly differently if it is configured "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"explicitly or implicitly."
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para>
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"If the option 'subdomains_provider = ipa' is found in the domain section of "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"sssd.conf, the IPA subdomains provider is configured explicitly, and all "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"subdomain requests are sent to the IPA server if necessary."
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para>
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"If the option 'subdomains_provider' is not set in the domain section of sssd."
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"conf but there is the option 'id_provider = ipa', the IPA subdomains "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"provider is configured implicitly. In this case, if a subdomain request "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"fails and indicates that the server does not support subdomains, i.e. is not "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"configured for trusts, the IPA subdomains provider is disabled. After an "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"hour or after the IPA provider goes online, the subdomains provider is "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"enabled again."
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The following example assumes that SSSD is correctly configured and example."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"This examples shows only the ipa provider-specific options."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"以下の例は、SSSD が正しく設定され、example.com が <replaceable>[sssd]</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"replaceable> セクションにあるドメインの 1 つであることを仮定しています。この"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"例は IPA プロバイダー固有のオプションのみを示しています。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><programlisting>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher" id_provider = ipa\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher" ipa_hostname = myhost.example.com\n"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher" id_provider = ipa\n"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher" ipa_hostname = myhost.example.com\n"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refnamediv><refname>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozekmsgid "sssd-ad"
7797e361155f7ce937085fd98e360469d7baf1b6Jakub Hrozekmsgstr "sssd-ad"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"This manual page describes the configuration of the AD provider for "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page."
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"The AD provider is a back end used to connect to an Active Directory server. "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"This provider requires that the machine be joined to the AD domain and a "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"keytab is available."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"The AD provider supports connecting to Active Directory 2008 R2 or later. "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"Earlier versions may work, but are unsupported."
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"The AD provider accepts the same options used by the <citerefentry> "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"provider with some exceptions described below."
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"However, it is neither necessary nor recommended to set these options. The "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"AD provider can also be used as an access and chpass provider. No "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"configuration of the access provider is required on the client side."
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><programlisting>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"ldap_id_mapping = False\n"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"By default, the AD provider will map UID and GID values from the objectSID "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"parameter in Active Directory. For details on this, see the <quote>ID "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"MAPPING</quote> section below. If you want to disable ID mapping and instead "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"rely on POSIX attributes defined in Active Directory, you should set "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"<placeholder type=\"programlisting\" id=\"0\"/> Users, groups and other "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"entities served by SSSD are always treated as case-insensitive in the AD "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"provider for compatibility with Active Directory's LDAP implementation."
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozekmsgid "ad_domain (string)"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozekmsgstr "ad_domain (文字列)"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"Specifies the name of the Active Directory domain. This is optional. If not "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"provided, the configuration domain name is used."
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"Active Directory ドメインの名前を指定します。これはオプションです。指定されな"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"ければ、設定のドメイン名が使用されます。"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"For proper operation, this option should be specified as the lower-case "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"version of the long version of the Active Directory domain."
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"正しい動作のために、このオプションは Active Directory ドメインの長いバージョ"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"ンの小文字バージョンとして指定されます。"
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"The short domain name (also known as the NetBIOS or the flat name) is "
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"autodetected by the SSSD."
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgid "ad_server, ad_backup_server (string)"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozekmsgstr "ad_server, ad_backup_server (文字列)"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"The comma-separated list of IP addresses or hostnames of the AD servers to "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"which SSSD should connect in order of preference. For more information on "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"failover and server redundancy, see the <quote>FAILOVER</quote> section. "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"This is optional if autodiscovery is enabled. For more information on "
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section."
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozekmsgid "ad_hostname (string)"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgstr "ad_hostname (string)"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"Optional. May be set on machines where the hostname(5) does not reflect the "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"fully qualified name used in the Active Directory domain to identify this "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"オプションです。hostname(5) が Active Directory ドメインにおいて使用される完"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"全修飾名を反映しないマシンにおいてマシンに設定されるかもしれません。"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"This field is used to determine the host principal in use in the keytab. It "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"must match the hostname for which the keytab was issued."
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"この項目はキーテーブルにおいて使用中のホストプリンシパルを決定するために使用"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"されます。キーテーブルが発行されたホスト名と一致する必要があります。"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgid "ad_enable_dns_sites (boolean)"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"If true and service discovery (see Service Discovery paragraph at the bottom "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"of the man page) is enabled, the SSSD will first attempt to discover the "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"Active Directory server to connect to using the Active Directory Site "
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"Discovery and fall back to the DNS SRV records if no AD site is found. The "
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"DNS SRV configuration, including the discovery domain, is used during site "
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"discovery as well."
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"Optional. This option tells SSSD to automatically update the Active "
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"Directory DNS server with the IP address of this client. The update is "
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"secured using GSS-TSIG. As a consequence, the Active Directory administrator "
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"only needs to allow secure updates for the DNS zone. The IP address of the "
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"AD LDAP connection is used for the updates, if it is not otherwise specified "
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"by using the <quote>dyndns_iface</quote> option."
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgid "Default: 3600 (seconds)"
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozekmsgid "Default: Use the IP address of the AD LDAP connection"
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgid "krb5_use_enterprise_principal (boolean)"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"Specifies if the user principal should be treated as enterprise principal. "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"See section 5 of RFC 6806 for more details about enterprise principals."
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"The following example assumes that SSSD is correctly configured and example."
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"This example shows only the AD provider-specific options."
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"以下の例は SSSD が正しく設定され、example.com が <replaceable>[sssd]</"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"replaceable> セクションにあるドメインの一つであると仮定しています。この例は "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"AD プロバイダー固有のオプションのみ示してします。"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><programlisting>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"id_provider = ad\n"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"auth_provider = ad\n"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"access_provider = ad\n"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"chpass_provider = ad\n"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"ad_hostname = client.example.com\n"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"ad_domain = example.com\n"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"id_provider = ad\n"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"auth_provider = ad\n"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"access_provider = ad\n"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"chpass_provider = ad\n"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"ad_hostname = client.example.com\n"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"ad_domain = example.com\n"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><programlisting>
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"access_provider = ldap\n"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"ldap_access_order = expire\n"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"ldap_account_expire_policy = ad\n"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para>
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"The AD access control provider checks if the account is expired. It has the "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"same effect as the following configuration of the LDAP provider: "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"<placeholder type=\"programlisting\" id=\"0\"/>"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refnamediv><refname>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgid "sssd-sudo"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozekmsgstr "sssd-sudo"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek#. type: Content of: <reference><refentry><refnamediv><refpurpose>
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozekmsgid "Configuring sudo with the SSSD back end"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"This manual page describes how to configure <citerefentry> "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"<refentrytitle>sudo</refentrytitle> <manvolnum>8</manvolnum> </citerefentry> "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"to work with <citerefentry> <refentrytitle>sssd</refentrytitle> "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"<manvolnum>8</manvolnum> </citerefentry> and how SSSD caches sudo rules."
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><title>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgid "Configuring sudo to cooperate with SSSD"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"To enable SSSD as a source for sudo rules, add <emphasis>sss</emphasis> to "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"the <emphasis>sudoers</emphasis> entry in <citerefentry> "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"<refentrytitle>nsswitch.conf</refentrytitle> <manvolnum>5</manvolnum> </"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"citerefentry>."
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"For example, to configure sudo to first lookup rules in the standard "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"<citerefentry> <refentrytitle>sudoers</refentrytitle> <manvolnum>5</"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"manvolnum> </citerefentry> file (which should contain rules that apply to "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"local users) and then in SSSD, the nsswitch.conf file should contain the "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"following line:"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><programlisting>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgid "sudoers: files sss\n"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozekmsgstr "sudoers: files sss\n"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"More information about configuring the sudoers search order from the "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"nsswitch.conf file as well as information about the LDAP schema that is used "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"to store sudo rules in the directory can be found in <citerefentry> "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"<refentrytitle>sudoers.ldap</refentrytitle> <manvolnum>5</manvolnum> </"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"citerefentry>."
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><title>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgid "Configuring SSSD to fetch sudo rules"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozekmsgstr "sudo ルールを取得するよう SSSD を設定する方法"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"The following example shows how to configure SSSD to download sudo rules "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"from an LDAP server."
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><programlisting>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"config_file_version = 2\n"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"services = nss, pam, sudo\n"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"domains = EXAMPLE\n"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"id_provider = ldap\n"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"sudo_provider = ldap\n"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"ldap_uri = ldap://example.com\n"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"ldap_sudo_search_base = ou=sudoers,dc=example,dc=com\n"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"config_file_version = 2\n"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"services = nss, pam, sudo\n"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"domains = EXAMPLE\n"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"id_provider = ldap\n"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"sudo_provider = ldap\n"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"ldap_uri = ldap://example.com\n"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"ldap_sudo_search_base = ou=sudoers,dc=example,dc=com\n"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"When the SSSD is configured to use the IPA provider, the sudo provider is "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"automatically enabled. The sudo search base is configured to use the compat "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"tree (ou=sudoers,$DC)."
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><title>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgid "The SUDO rule caching mechanism"
bf9abef629707167d39fcc92ec9c18a6244b27b8Jakub Hrozekmsgstr "SUDO ルールキャッシュメカニズム"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"The biggest challenge, when developing sudo support in SSSD, was to ensure "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"that running sudo with SSSD as the data source provides the same user "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"experience and is as fast as sudo but keeps providing the most current set "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"of rules as possible. To satisfy these requirements, SSSD uses three kinds "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"of updates. They are referred to as full refresh, smart refresh and rules "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"The <emphasis>smart refresh</emphasis> periodically downloads rules that are "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"new or were modified after the last update. Its primary goal is to keep the "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"database growing by fetching only small increments that do not generate "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"large amounts of network traffic."
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"The <emphasis>full refresh</emphasis> simply deletes all sudo rules stored "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"in the cache and replaces them with all rules that are stored on the server. "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"This is used to keep the cache consistent by removing every rule which was "
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"deleted from the server. However, full refresh may produce a lot of traffic "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"and thus it should be run only occasionally depending on the size and "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"stability of the sudo rules."
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"The <emphasis>rules refresh</emphasis> ensures that we do not grant the user "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"more permission than defined. It is triggered each time the user runs sudo. "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"Rules refresh will find all rules that apply to this user, check their "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"expiration time and redownload them if expired. In the case that any of "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"these rules are missing on the server, the SSSD will do an out of band full "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"refresh because more rules (that apply to other users) may have been deleted."
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"If enabled, SSSD will store only rules that can be applied to this machine. "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"This means rules that contain one of the following values in "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"<emphasis>sudoHost</emphasis> attribute:"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgid "keyword ALL"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozekmsgstr "keyword ALL"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozekmsgid "wildcard"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgid "netgroup (in the form \"+netgroup\")"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozekmsgstr "netgroup (\"+netgroup\" の形式)"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgid "hostname or fully qualified domain name of this machine"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozekmsgstr "このマシンのホスト名または完全修飾ドメイン名"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgid "one of the IP addresses of this machine"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozekmsgstr "このマシンの IP アドレスのどれか"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgid "one of the IP addresses of the network (in the form \"address/mask\")"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozekmsgstr "ネットワークの IP アドレスのどれか (\"address/mask\" 形式)"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"There are many configuration options that can be used to adjust the "
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"behavior. Please refer to \"ldap_sudo_*\" in <citerefentry> "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"citerefentry> and \"sudo_*\" in <citerefentry> <refentrytitle>sssd.conf</"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refname>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refpurpose>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "System Security Services Daemon"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "System Security Services Daemon"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<command>sssd</command> <arg choice='opt'> <replaceable>options</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"replaceable> </arg>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>sssd</command> <arg choice='opt'> <replaceable>options</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"replaceable> </arg>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<command>SSSD</command> provides a set of daemons to manage access to remote "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"directories and authentication mechanisms. It provides an NSS and PAM "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"interface toward the system and a pluggable backend system to connect to "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"multiple different account sources as well as D-Bus interface. It is also "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"the basis to provide client auditing and policy services for projects like "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"FreeIPA. It provides a more robust database to store local users as well as "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"extended user data."
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"<command>SSSD</command> はリモートディレクトリーへのアクセスと認証メカニズム"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"を管理するための一組のデーモンを提供します。システムへの NSS と PAM インター"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"フェースを提供します。また、D-Bus インターフェースのように複数の異なるアカウ"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"ントソースに接続するための取り外し可能なバックエンドシステムを提供します。ク"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"ライアント監査、およびFreeIPA のようなプロジェクトに対するポリシーサービスを"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"提供する基礎となります。ローカルユーザーだけでなく拡張ユーザーデータを保存す"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"るためのより強靭なデータベースを提供します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<option>--debug-timestamps=</option><replaceable>mode</replaceable>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<emphasis>1</emphasis>: デバッグメッセージに日時を追加します"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<emphasis>0</emphasis>: デバッグメッセージで日時を無効にします"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<option>--debug-microseconds=</option><replaceable>mode</replaceable>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>1</emphasis>: デバッグメッセージにミリ秒をタイムスタンプに追加しま"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<emphasis>0</emphasis>: Disable microseconds in timestamp"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<emphasis>0</emphasis>: 日時でマイクロ秒を無効にします"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<option>-f</option>,<option>--debug-to-files</option>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<option>-f</option>,<option>--debug-to-files</option>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Send the debug output to files instead of stderr. By default, the log files "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"are stored in <filename>/var/log/sssd</filename> and there are separate log "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"files for every SSSD service and domain."
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"デバッグ出力を標準エラーの代わりにファイルに送信します。初期状態で、ログファ"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"イルは <filename>/var/log/sssd</filename> に保存され、すべての SSSD サービス"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"とドメインに対して別々のログファイルがあります。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<option>-D</option>,<option>--daemon</option>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<option>-D</option>,<option>--daemon</option>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Become a daemon after starting up."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "起動後にデーモンになります。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<option>-i</option>,<option>--interactive</option>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<option>-i</option>,<option>--interactive</option>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Run in the foreground, don't become a daemon."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "フォアグラウンドで実行して、デーモンになりません。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<option>-c</option>,<option>--config</option>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<option>-c</option>,<option>--config</option>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Specify a non-default config file. The default is <filename>/etc/sssd/sssd."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"conf</filename>. For reference on the config file syntax and options, "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<manvolnum>5</manvolnum> </citerefentry> manual page."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"非標準の設定ファイルを指定します。初期値は <filename>/etc/sssd/sssd.conf</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"filename> です。設定ファイルの構文とオプションは <citerefentry> "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"citerefentry> マニュアルページを参照してください。"
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallaghermsgid "<option>--version</option>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<option>--version</option>"
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallaghermsgid "Print version number and exit."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "バージョン番号を表示して終了します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><title>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Signals"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Informs the SSSD to gracefully terminate all of its child processes and then "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"shut down the monitor."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"SSSD にすべての子プロセスを穏やかに停止するよう通知して、モニターをシャットダ"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "SIGHUP"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Tells the SSSD to stop writing to its current debug file descriptors and to "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"close and reopen them. This is meant to facilitate log rolling with programs "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"like logrotate."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"SSSD が現在のデバッグファイルディスクリプターに書き込むことを止めて、それらを"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"閉じてから開きなおすよう指示します。これは logrotate のようなプログラムを用い"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"てログローテーションを促進することを意味します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "SIGUSR1"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "SIGUSR1"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Tells the SSSD to simulate offline operation for one minute. This is mostly "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"useful for testing purposes."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"SSSD に 1 分間オフライン操作をシミュレーションするよう指示します。テスト目的"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "SIGUSR2"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "SIGUSR2"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Tells the SSSD to go online immediately. This is mostly useful for testing "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"SSSD に直ちにオンラインになるよう指示します。テスト目的のためにほぼ有用です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refname>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "sss_obfuscate"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "sss_obfuscate"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refpurpose>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "obfuscate a clear text password"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "平文パスワードをわかりにくくする"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"replaceable></arg>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"replaceable></arg>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<command>sss_obfuscate</command> converts a given password into human-"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"unreadable format and places it into appropriate domain section of the SSSD "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>sss_obfuscate</command> は、与えられたパスワードを人間が読みにくい形"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"式に変換して、SSSD 設定ファイルの適切なドメインセクションに置きます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The cleartext password is read from standard input or entered "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"interactively. The obfuscated password is put into "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<quote>ldap_default_authtok_type</quote> parameter is set to "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<quote>obfuscated_password</quote>. Refer to <citerefentry> "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"citerefentry> for more details on these parameters."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"平文のパスワードは、標準入力から読み込まれます、または対話的に入力されます。"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"解読しにくくされたパスワードが指定された SSSD ドメインの "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<quote>ldap_default_authtok</quote> パラメータに置かれます。また "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<quote>ldap_default_authtok_type</quote> パラメーターが "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<quote>obfuscated_password</quote> に設定されます。これらのパラメーターの詳細"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"は <citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"manvolnum> </citerefentry> を参照してください。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Please note that obfuscating the password provides <emphasis>no real "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"security benefit</emphasis> as it is still possible for an attacker to "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"reverse-engineer the password back. Using better authentication mechanisms "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"パスワードをわかりにくくすることは、攻撃者がパスワードをリバースエンジニアリ"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"ングできるので <emphasis>実際にセキュリティの便益</emphasis> は提供されませ"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"ん。クライアントサイド証明書や GSSAPI のようなより良い認証機構を使用すること"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"を <emphasis>強く</emphasis> 推奨します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<option>-s</option>,<option>--stdin</option>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<option>-s</option>,<option>--stdin</option>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "The password to obfuscate will be read from standard input."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "解読しにくくするパスワードが標準入力から読み込まれます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
ea929f1b022fc2cb77dec89b0e12accef983ec85Jakub Hrozek#: sss_obfuscate.8.xml:74 sss_ssh_authorizedkeys.1.xml:79
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The SSSD domain to use the password in. The default name is <quote>default</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"パスワードに使用する SSSD ドメインです。名前の初期値は <quote>default</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Read the config file specified by the positional parameter."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "位置パラメーターにより指定された設定ファイルを読み込みます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: <filename>/etc/sssd/sssd.conf</filename>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: <filename>/etc/sssd/sssd.conf</filename>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refname>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#: sss_useradd.8.xml:10 sss_useradd.8.xml:15
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "sss_useradd"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "sss_useradd"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refpurpose>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "create a new user"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "新しいユーザーを作成する"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<command>sss_useradd</command> creates a new user account using the values "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"specified on the command line plus the default values from the system."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>sss_useradd</command> は、コマンドラインにおいて指定された値とシステ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ムの初期値を使用して、新しいユーザーを作成します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Set the UID of the user to the value of <replaceable>UID</replaceable>. If "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"not given, it is chosen automatically."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ユーザーの UID を <replaceable>UID</replaceable> の値を設定します。与えられな"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"いと、自動的に選択されます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 sss_seed.8.xml:100
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 sss_seed.8.xml:105
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Any text string describing the user. Often used as the field for the user's "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ユーザーを説明している任意のテキスト文字列です。しばしばユーザーの完全名の項"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 sss_seed.8.xml:112
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The home directory of the user account. The default is to append the "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"that as the home directory. The base that is prepended before "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"baseDirectory</quote> setting in sssd.conf."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ユーザーアカウントのホームディレクトリーです。初期値は <filename>/home</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"filename> に <replaceable>LOGIN</replaceable> の名前を追加して、ホームディレ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"クトリーとして使用します。 <replaceable>LOGIN</replaceable> の前につけるベー"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"スは sssd.conf において <quote>user_defaults/baseDirectory</quote> 設定で変更"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 sss_seed.8.xml:124
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The user's login shell. The default is currently <filename>/bin/bash</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"filename>. The default can be changed with <quote>user_defaults/"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"defaultShell</quote> setting in sssd.conf."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ユーザーのログインシェルです。初期値は現在 <filename>/bin/bash</filename> で"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"す。初期値は sssd.conf において <quote>user_defaults/defaultShell</quote> で"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "A list of existing groups this user is also a member of."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "このユーザーがメンバーである既存のユーザーの一覧です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<option>-m</option>,<option>--create-home</option>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<option>-m</option>,<option>--create-home</option>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Create the user's home directory if it does not exist. The files and "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"directories contained in the skeleton directory (which can be defined with "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"the -k option or in the config file) will be copied to the home directory."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ユーザーのホームディレクトリーが存在しなければ、それを作成します。(-k オプ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ションまたは設定ファイルで定義できる)スケルトンディレクトリーにあるファイル"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"とディレクトリーがホームディレクトリーにコピーされます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<option>-M</option>,<option>--no-create-home</option>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<option>-M</option>,<option>--no-create-home</option>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Do not create the user's home directory. Overrides configuration settings."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ユーザーのホームディレクトリーを作成しません。設定を上書きします。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The skeleton directory, which contains files and directories to be copied in "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"the user's home directory, when the home directory is created by "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<command>sss_useradd</command>."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"スケルトンディレクトリーです。ホームディレクトリーが <command>sss_useradd</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"command> により作成されるとき、ユーザーのホームディレクトリーにコピーされる"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ファイルとディレクトリーを含みます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"This option is only valid if the <option>-m</option> (or <option>--create-"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"home</option>) option is specified, or creation of home directories is set "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"to TRUE in the configuration."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<option>-m</option> (または <option>--create-home</option>) オプションが指定"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"されたとき、またはホームディレクトリーの作成が設定において TRUE に設定されて"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"いる場合のみ、このオプションが有効です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#: sss_useradd.8.xml:152 sss_usermod.8.xml:124
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<option>-Z</option>,<option>--selinux-user</option> "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<replaceable>SELINUX_USER</replaceable>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<option>-Z</option>,<option>--selinux-user</option> "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<replaceable>SELINUX_USER</replaceable>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The SELinux user for the user's login. If not specified, the system default "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"will be used."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ユーザーがログインする際の SELinux ユーザーです。未指定の場合、システムの初期"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refname>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "sssd-krb5"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "sssd-krb5"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"This manual page describes the configuration of the Kerberos 5 "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"authentication backend for <citerefentry> <refentrytitle>sssd</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"manvolnum> </citerefentry> manual page."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The Kerberos 5 authentication backend contains auth and chpass providers. It "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"must be paired with an identity provider in order to function properly (for "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"example, id_provider = ldap). Some information required by the Kerberos 5 "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"authentication backend must be provided by the identity provider, such as "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"the user's Kerberos Principal Name (UPN). The configuration of the identity "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"provider should have an entry to specify the UPN. Please refer to the man "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"page for the applicable identity provider for details on how to configure "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"This backend also provides access control based on the .k5login file in the "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"home directory of the user. See <citerefentry> <refentrytitle>.k5login</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Please note that an empty .k5login file will deny all access to this user. "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"To activate this feature, use 'access_provider = krb5' in your SSSD "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"configuration."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"In the case where the UPN is not available in the identity backend, "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<command>sssd</command> will construct a UPN using the format "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>."
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"Specifies the comma-separated list of IP addresses or hostnames of the "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"Kerberos servers to which SSSD should connect, in the order of preference. "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"For more information on failover and server redundancy, see the "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"<quote>FAILOVER</quote> section. An optional port number (preceded by a "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"colon) may be appended to the addresses or hostnames. If empty, service "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"discovery is enabled; for more information, refer to the <quote>SERVICE "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"DISCOVERY</quote> section."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The name of the Kerberos realm. This option is required and must be "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "Kerberos レルムの名前です。このオプションは指定する必要があります。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgid "krb5_kpasswd, krb5_backup_kpasswd (string)"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozekmsgstr "krb5_kpasswd, krb5_backup_kpasswd (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"If the change password service is not running on the KDC, alternative "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"servers can be defined here. An optional port number (preceded by a colon) "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"may be appended to the addresses or hostnames."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"For more information on failover and server redundancy, see the "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"<quote>FAILOVER</quote> section. NOTE: Even if there are no more kpasswd "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"servers to try, the backend is not switched to operate offline if "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"authentication against the KDC is still possible."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: Use the KDC"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: KDC を使用します"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "krb5_ccachedir (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "krb5_ccachedir (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Directory to store credential caches. All the substitution sequences of "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"krb5_ccname_template can be used here, too, except %d and %P. If the "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"directory does not exist, it will be created. If %u, %U, %p or %h are used, "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"a private directory belonging to the user is created. Otherwise, a public "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"directory with restricted deletion flag (aka sticky bit, as described in "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"<citerefentry> <refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"</citerefentry> for details) is created."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: /tmp"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: /tmp"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "krb5_ccname_template (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "krb5_ccname_template (文字列)"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#: sssd-krb5.5.xml:169 include/override_homedir.xml:11
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#: sssd-krb5.5.xml:170 include/override_homedir.xml:12
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgid "login name"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgstr "ログイン名"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#: sssd-krb5.5.xml:173 include/override_homedir.xml:15
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "login UID"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ログイン UID"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "principal name"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "プリンシパル名"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "realm name"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "home directory"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ホームディレクトリー"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#: sssd-krb5.5.xml:191 include/override_homedir.xml:19
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "value of krb5ccache_dir"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "krb5ccache_dir の値"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozekmsgid "the process ID of the SSSD client"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#: sssd-krb5.5.xml:203 include/override_homedir.xml:34
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#: sssd-krb5.5.xml:204 include/override_homedir.xml:35
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgid "a literal '%'"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgstr "文字 '%'"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"Location of the user's credential cache. Two credential cache types are "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"currently supported: <quote>FILE</quote> and <quote>DIR</quote>. The cache "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"can be specified either as <replaceable>TYPE:RESIDUAL</replaceable>, or as "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"an absolute path, which implies the <quote>FILE</quote> type. In the "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"template, the following sequences are substituted: <placeholder type="
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"\"variablelist\" id=\"0\"/> If the template ends with 'XXXXXX' mkstemp(3) is "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"used to create a unique filename in a safe way."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: FILE:%d/krb5cc_%U_XXXXXX"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: FILE:%d/krb5cc_%U_XXXXXX"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "krb5_auth_timeout (integer)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "krb5_auth_timeout (整数)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"Timeout in seconds after an online authentication request or change password "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"request is aborted. If possible, the authentication request is continued "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"Verify with the help of krb5_keytab that the TGT obtained has not been "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"spoofed. The keytab is checked for entries sequentially, and the first entry "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"with a matching realm is used for validation. If no entry matches the realm, "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"the last entry in the keytab is used. This process can be used to validate "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"environments using cross-realm trust by placing the appropriate keytab entry "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"as the last entry or the only entry in the keytab file."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "krb5_keytab (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "krb5_keytab (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The location of the keytab to use when validating credentials obtained from "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"KDC から取得したクレディンシャルを検証するときに使用されるキーテーブルの場所"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "krb5_store_password_if_offline (boolean)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "krb5_store_password_if_offline (論理値)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Store the password of the user if the provider is offline and use it to "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"request a TGT when the provider comes online again."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"NOTE: this feature is only available on Linux. Passwords stored in this way "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"are kept in plaintext in the kernel keyring and are potentially accessible "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"by the root user (with difficulty)."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "krb5_renewable_lifetime (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "krb5_renewable_lifetime (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"Request a renewable ticket with a total lifetime, given as an integer "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"immediately followed by a time unit:"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:326 sssd-krb5.5.xml:363
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozekmsgid "<emphasis>s</emphasis> for seconds"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:329 sssd-krb5.5.xml:366
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozekmsgid "<emphasis>m</emphasis> for minutes"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#: sssd-krb5.5.xml:298 sssd-krb5.5.xml:332 sssd-krb5.5.xml:369
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozekmsgid "<emphasis>h</emphasis> for hours"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#: sssd-krb5.5.xml:301 sssd-krb5.5.xml:335 sssd-krb5.5.xml:372
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozekmsgid "<emphasis>d</emphasis> for days."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozekmsgid "If there is no unit given, <emphasis>s</emphasis> is assumed."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"NOTE: It is not possible to mix units. To set the renewable lifetime to one "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"and a half hours, use '90m' instead of '1h30m'."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: not set, i.e. the TGT is not renewable"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: 設定されません、つまり TGT は更新可能ではありません"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "krb5_lifetime (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "krb5_lifetime (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"Request ticket with a lifetime, given as an integer immediately followed by "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"a time unit:"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozekmsgid "If there is no unit given <emphasis>s</emphasis> is assumed."
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"NOTE: It is not possible to mix units. To set the lifetime to one and a "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"half hours please use '90m' instead of '1h30m'."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Default: not set, i.e. the default ticket lifetime configured on the KDC."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"初期値: 設定されません、つまり KDC において設定されているチケット有効期間の初"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgid "krb5_renew_interval (string)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The time in seconds between two checks if the TGT should be renewed. TGTs "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"are renewed if about half of their lifetime is exceeded, given as an integer "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"immediately followed by a time unit:"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozekmsgid "If this option is not set or is 0 the automatic renewal is disabled."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "krb5_use_fast (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "krb5_use_fast (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"authentication. The following options are supported:"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"Kerberos の事前認証のために flexible authentication secure tunneling (FAST) "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"を有効化します。以下のオプションがサポートされます:"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"<emphasis>never</emphasis> use FAST. This is equivalent to not setting this "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"option at all."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"<emphasis>try</emphasis> to use FAST. If the server does not support FAST, "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"continue the authentication without it."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"<emphasis>demand</emphasis> to use FAST. The authentication fails if the "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"server does not require fast."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Default: not set, i.e. FAST is not used."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "初期値: 設定されません、つまり FAST が使用されません。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozekmsgid "NOTE: a keytab is required to use FAST."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"NOTE: SSSD supports FAST only with MIT Kerberos version 1.8 and later. If "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"SSSD is used with an older version of MIT Kerberos, using this option is a "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"configuration error."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "krb5_fast_principal (string)"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "krb5_fast_principal (文字列)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Specifies the server principal to use for FAST."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "FAST に対して使用するサーバープリンシパルを指定します。"
3a8abe04137d028b8ebd1cb33152aefa55893efbStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
bdd205037059e56484de3174951b22ff8f0f79f8Stephen Gallagher"Specifies if the host and user principal should be canonicalized. This "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"feature is available with MIT Kerberos 1.7 and later versions."
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgid "Default: false (AD provide: true)"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"If the auth-module krb5 is used in an SSSD domain, the following options "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"must be used. See the <citerefentry> <refentrytitle>sssd.conf</"
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page, section "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"<quote>DOMAIN SECTIONS</quote>, for details on the configuration of an SSSD "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"domain. <placeholder type=\"variablelist\" id=\"0\"/>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The following example assumes that SSSD is correctly configured and FOO is "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
e5c33e0bd03a2deb8e5011deeb3ae93f960910eeJakub Hrozek"example shows only configuration of Kerberos authentication; it does not "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"include any identity provider."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><programlisting>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher" auth_provider = krb5\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher" krb5_server = 192.168.1.1\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher" krb5_realm = EXAMPLE.COM\n"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher" auth_provider = krb5\n"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher" krb5_server = 192.168.1.1\n"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher" krb5_realm = EXAMPLE.COM\n"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refname>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "sss_groupadd"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "sss_groupadd"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refpurpose>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "create a new group"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "新しいグループを作成する"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<command>sss_groupadd</command> creates a new group. These groups are "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"compatible with POSIX groups, with the additional feature that they can "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"contain other groups as members."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>sss_groupadd</command> が新しいグループを作成します。これらのグルー"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"プは POSIX グループと互換性があり、他のグループをメンバーとして含められる追加"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Set the GID of the group to the value of <replaceable>GID</replaceable>. If "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"not given, it is chosen automatically."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"グループの GID を <replaceable>GID</replaceable> の値に設定します。与えられな"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"いと、自動的に選択されます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refname>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#: sss_userdel.8.xml:10 sss_userdel.8.xml:15
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "sss_userdel"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "sss_userdel"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refpurpose>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "delete a user account"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ユーザーアカウントを削除する"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<command>sss_userdel</command> deletes a user identified by login name "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<replaceable>LOGIN</replaceable> from the system."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>sss_userdel</command> はログイン名 <replaceable>LOGIN</replaceable> "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"により識別されるユーザーをシステムから削除します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<option>-r</option>,<option>--remove</option>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<option>-r</option>,<option>--remove</option>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Files in the user's home directory will be removed along with the home "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"directory itself and the user's mail spool. Overrides the configuration."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ユーザーのホームディレクトリーにあるファイルは、それ自身のホームディレクト"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"リーとユーザーのメールスプールとともに削除されます。設定が上書きされます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<option>-R</option>,<option>--no-remove</option>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<option>-R</option>,<option>--no-remove</option>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Files in the user's home directory will NOT be removed along with the home "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"directory itself and the user's mail spool. Overrides the configuration."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ユーザーのホームディレクトリーにあるファイルは、それ自身のホームディレクト"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"リーとユーザーのメールスプールとともに削除されません。設定が上書きされます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<option>-f</option>,<option>--force</option>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<option>-f</option>,<option>--force</option>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"This option forces <command>sss_userdel</command> to remove the user's home "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"directory and mail spool, even if they are not owned by the specified user."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"このオプションは、指定されたユーザーにより所有されていないものさえ、"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>sss_userdel</command> がユーザーのホームディレクトリーとメールスプー"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ルを削除するよう強制します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<option>-k</option>,<option>--kick</option>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<option>-k</option>,<option>--kick</option>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Before actually deleting the user, terminate all his processes."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "実際にユーザーを削除する前に、そのプロセスをすべて停止します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refname>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "sss_groupdel"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "sss_groupdel"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refpurpose>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "delete a group"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "グループを削除する"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<command>sss_groupdel</command> deletes a group identified by its name "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<replaceable>GROUP</replaceable> from the system."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>sss_groupdel</command> は名前 <replaceable>GROUP</replaceable> によ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"り識別されるグループをシステムから削除します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refname>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "sss_groupshow"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "sss_groupshow"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refpurpose>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "print properties of a group"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "グループのプロパティーを表示します"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<command>sss_groupshow</command> displays information about a group "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"identified by its name <replaceable>GROUP</replaceable>. The information "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"includes the group ID number, members of the group and the parent group."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>sss_groupshow</command> はその名前 <replaceable>GROUP</replaceable> "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"により識別されるグループに関する情報を表示します。情報はグループ ID 番号、グ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ループのメンバーおよび親グループを含みます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<option>-R</option>,<option>--recursive</option>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<option>-R</option>,<option>--recursive</option>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Also print indirect group members in a tree-like hierarchy. Note that this "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"also affects printing parent groups - without <option>R</option>, only the "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"direct parent will be printed."
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"ツリー階層形式で間接的なグループメンバーも表示します。これは親グループの表示"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"にも影響を与えることに注意してください - <option>R</option> を指定しないと、"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"直接の親のみが表示されます。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refname>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#: sss_usermod.8.xml:10 sss_usermod.8.xml:15
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "sss_usermod"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "sss_usermod"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refpurpose>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "modify a user account"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ユーザーアカウントを修正します"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<command>sss_usermod</command> modifies the account specified by "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<replaceable>LOGIN</replaceable> to reflect the changes that are specified "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"on the command line."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>sss_usermod</command> は、コマンドラインにおいて指定された変更を反映"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"するために、 <replaceable>LOGIN</replaceable> により指定されたアカウントを変"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "The home directory of the user account."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ユーザーアカウントのホームディレクトリーです。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "The user's login shell."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ユーザーのログインシェルです。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Append this user to groups specified by the <replaceable>GROUPS</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"a comma separated list of group names."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"このユーザーを <replaceable>GROUPS</replaceable> パラメーターにより指定された"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"グループに追加します。 <replaceable>GROUPS</replaceable> パラメーターはグルー"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"プ名のカンマ区切り一覧です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Remove this user from groups specified by the <replaceable>GROUPS</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"replaceable> parameter."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<replaceable>GROUPS</replaceable> "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<option>-l</option>,<option>--lock</option>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<option>-l</option>,<option>--lock</option>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Lock the user account. The user won't be able to log in."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ユーザーアカウントをロックします。ユーザーはログインできなくなります。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<option>-u</option>,<option>--unlock</option>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<option>-u</option>,<option>--unlock</option>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Unlock the user account."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ユーザーアカウントのロックを解除します。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "The SELinux user for the user's login."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ユーザーのログインのための SELinux ユーザーです。"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refname>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgid "sss_cache"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "sss_cache"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refpurpose>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgid "perform cache cleanup"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "キャッシュクリーンアップを実行する"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>sss_cache</command> <arg choice='opt'> <replaceable>options</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"replaceable> </arg>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>sss_cache</command> <arg choice='opt'> <replaceable>options</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"replaceable> </arg>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>sss_cache</command> invalidates records in SSSD cache. Invalidated "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"records are forced to be reloaded from server as soon as related SSSD "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"backend is online."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>sss_cache</command> は SSSD キャッシュにあるレコードを無効にします。"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"無効化されたレコードは、関連する SSSD バックエンドがオンラインになるとすぐ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"に、サーバーから強制的に再読み込みされます。"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<option>-u</option>,<option>--user</option> <replaceable>login</replaceable>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<option>-u</option>,<option>--user</option> <replaceable>login</replaceable>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgid "Invalidate specific user."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "特定のユーザーを無効にします。"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgid "<option>-U</option>,<option>--users</option>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<option>-U</option>,<option>--users</option>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"Invalidate all user records. This option overrides invalidation of specific "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"user if it was also set."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"すべてのユーザーレコードを無効にします。このオプションも設定されていると、こ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"れが特定のユーザーの無効化を上書きします。"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<option>-g</option>,<option>--group</option> <replaceable>group</replaceable>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<option>-g</option>,<option>--group</option> <replaceable>group</replaceable>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgid "Invalidate specific group."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "特定のグループを無効にします。"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgid "<option>-G</option>,<option>--groups</option>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<option>-G</option>,<option>--groups</option>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"Invalidate all group records. This option overrides invalidation of specific "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"group if it was also set."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"すべてのグループレコードを無効にします。このオプションも設定されていると、こ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"れが特定のグループの無効化を上書きします。"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<option>-n</option>,<option>--netgroup</option> <replaceable>netgroup</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<option>-n</option>,<option>--netgroup</option> <replaceable>netgroup</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgid "Invalidate specific netgroup."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "特定のネットワークグループを無効にします。"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgid "<option>-N</option>,<option>--netgroups</option>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<option>-N</option>,<option>--netgroups</option>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"Invalidate all netgroup records. This option overrides invalidation of "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"specific netgroup if it was also set."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"すべてのネットワークグループレコードを無効にします。このオプションが設定され"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ていると、これが特定のネットワークグループの無効化を上書きします。"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"<option>-s</option>,<option>--service</option> <replaceable>service</"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"<option>-s</option>,<option>--service</option> <replaceable>service</"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"replaceable>"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "Invalidate specific service."
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgstr "特定のサービスを無効化します。"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "<option>-S</option>,<option>--services</option>"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgstr "<option>-S</option>,<option>--services</option>"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"Invalidate all service records. This option overrides invalidation of "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"specific service if it was also set."
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"<option>-a</option>,<option>--autofs-map</option> <replaceable>autofs-map</"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"<option>-a</option>,<option>--autofs-map</option> <replaceable>autofs-map</"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"replaceable>"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "Invalidate specific autofs maps."
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgstr "特定の autofs マップを無効化します。"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "<option>-A</option>,<option>--autofs-maps</option>"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgstr "<option>-A</option>,<option>--autofs-maps</option>"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"Invalidate all autofs maps. This option overrides invalidation of specific "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"map if it was also set."
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"すべての autofs マップを無効化します。このオプションは特定のマップが設定され"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"ていても、その無効化を上書きします。"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<option>-d</option>,<option>--domain</option> <replaceable>domain</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<option>-d</option>,<option>--domain</option> <replaceable>domain</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgid "Restrict invalidation process only to a particular domain."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "無効化プロセスを特定のドメインのみに制限します。"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refname>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#: sss_debuglevel.8.xml:10 sss_debuglevel.8.xml:15
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgid "sss_debuglevel"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "sss_debuglevel"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refpurpose>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgid "change debug level while SSSD is running"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "SSSD が実行中にデバッグレベルを変更する"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>sss_debuglevel</command> <arg choice='opt'> <replaceable>options</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"replaceable> </arg> <arg choice='plain'><replaceable>NEW_DEBUG_LEVEL</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"replaceable></arg>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>sss_debuglevel</command> <arg choice='opt'> <replaceable>options</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"replaceable> </arg> <arg choice='plain'><replaceable>NEW_DEBUG_LEVEL</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"replaceable></arg>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>sss_debuglevel</command> changes debug level of SSSD monitor and "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"providers to <replaceable>NEW_DEBUG_LEVEL</replaceable> while SSSD is "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>sss_debuglevel</command> は SSSD が実行中に SSSD モニターとプロバイ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ダーのデバッグレベルを <replaceable>NEW_DEBUG_LEVEL</replaceable> に変更しま"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgid "<replaceable>NEW_DEBUG_LEVEL</replaceable>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<replaceable>NEW_DEBUG_LEVEL</replaceable>"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refnamediv><refname>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgid "sss_seed"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozekmsgstr "sss_seed"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refnamediv><refpurpose>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgid "seed the SSSD cache with a user"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"<command>sss_seed</command> <arg choice='opt'> <replaceable>options</"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"replaceable> </arg> <arg choice='plain'>-D <replaceable>DOMAIN</"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"replaceable></arg> <arg choice='plain'>-n <replaceable>USER</replaceable></"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"<command>sss_seed</command> <arg choice='opt'> <replaceable>options</"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"replaceable> </arg> <arg choice='plain'>-D <replaceable>DOMAIN</"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"replaceable></arg> <arg choice='plain'>-n <replaceable>USER</replaceable></"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"<command>sss_seed</command> seeds the SSSD cache with a user entry and "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"temporary password. If a user entry is already present in the SSSD cache "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"then the entry is updated with the temporary password."
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"<option>-D</option>,<option>--domain</option> <replaceable>DOMAIN</"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"replaceable>"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"<option>-D</option>,<option>--domain</option> <replaceable>DOMAIN</"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"replaceable>"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"Provide the name of the domain in which the user is a member of. The domain "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"is also used to retrieve user information. The domain must be configured in "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"sssd.conf. The <replaceable>DOMAIN</replaceable> option must be provided. "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"Information retrieved from the domain overrides what is provided in the "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"<option>-n</option>,<option>--username</option> <replaceable>USER</"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"replaceable>"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"<option>-n</option>,<option>--username</option> <replaceable>USER</"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"replaceable>"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"The username of the entry to be created or modified in the cache. The "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"<replaceable>USER</replaceable> option must be provided."
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgid "Set the UID of the user to <replaceable>UID</replaceable>."
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozekmsgstr "ユーザーの UID を <replaceable>UID</replaceable> に設定します。"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgid "Set the GID of the user to <replaceable>GID</replaceable>."
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozekmsgstr "ユーザーの GID を <replaceable>GID</replaceable> に設定します。"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"Set the home directory of the user to <replaceable>HOME_DIR</replaceable>."
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"ユーザーのホームディレクトリーを <replaceable>HOME_DIR</replaceable> に設定し"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgid "Set the login shell of the user to <replaceable>SHELL</replaceable>."
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"Interactive mode for entering user information. This option will only prompt "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"for information not provided in the options or retrieved from the domain."
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"<option>-p</option>,<option>--password-file</option> <replaceable>PASS_FILE</"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"replaceable>"
bf9abef629707167d39fcc92ec9c18a6244b27b8Jakub Hrozek"<option>-p</option>,<option>--password-file</option> <replaceable>PASS_FILE</"
bf9abef629707167d39fcc92ec9c18a6244b27b8Jakub Hrozek"replaceable>"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"Specify file to read user's password from. (if not specified password is "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"prompted for)"
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para>
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek"The length of the password (or the size of file specified with -p or --"
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek"password-file option) must be less than or equal to PASS_MAX bytes (64 bytes "
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek"on systems with no globally-defined PASS_MAX value)."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refname>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgid "sss_ssh_authorizedkeys"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "sss_ssh_authorizedkeys"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refmeta><manvolnum>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#: sss_ssh_authorizedkeys.1.xml:11 sss_ssh_knownhostsproxy.1.xml:11
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refpurpose>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgid "get OpenSSH authorized keys"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "OpenSSH 認可キーを取得する"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>sss_ssh_authorizedkeys</command> <arg choice='opt'> "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<replaceable>options</replaceable> </arg> <arg "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"choice='plain'><replaceable>USER</replaceable></arg>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>sss_ssh_authorizedkeys</command> <arg choice='opt'> "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<replaceable>options</replaceable> </arg> <arg "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"choice='plain'><replaceable>USER</replaceable></arg>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>sss_ssh_authorizedkeys</command> acquires SSH public keys for user "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<replaceable>USER</replaceable> and outputs them in OpenSSH authorized_keys "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"format (see the <quote>AUTHORIZED_KEYS FILE FORMAT</quote> section of "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"citerefentry> for more information)."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>sss_ssh_authorizedkeys</command> はユーザー <replaceable>USER</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"replaceable> の SSH 公開鍵を取得して、 OpenSSH authorized_keys 形式に出力しま"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"す (詳細は <citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"manvolnum></citerefentry> の <quote>AUTHORIZED_KEYS FILE FORMAT</quote> セク"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ションを参照してください)。"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"citerefentry> can be configured to use <command>sss_ssh_authorizedkeys</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"command> for public key user authentication if it is compiled with support "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"for either <quote>AuthorizedKeysCommand</quote> or <quote>PubkeyAgent</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"quote> <citerefentry> <refentrytitle>sshd_config</refentrytitle> "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<manvolnum>5</manvolnum></citerefentry> options."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"citerefentry> は、 <quote>AuthorizedKeysCommand</quote> または "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<quote>PubkeyAgent</quote> <citerefentry> <refentrytitle>sshd_config</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"refentrytitle> <manvolnum>5</manvolnum></citerefentry> オプションのサポート付"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"きでコンパイルされていると、公開鍵ユーザー認証のために "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>sss_ssh_authorizedkeys</command> を使用するために設定できます。"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><programlisting>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgid "AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys\n"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys\n"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"If <quote>AuthorizedKeysCommand</quote> is supported, "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"citerefentry> can be configured to use it by putting the following directive "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"in <citerefentry> <refentrytitle>sshd_config</refentrytitle> <manvolnum>5</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"manvolnum></citerefentry>: <placeholder type=\"programlisting\" id=\"0\"/>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<quote>AuthorizedKeysCommand</quote> がサポートされていると、 "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"citerefentry> は <citerefentry> <refentrytitle>sshd_config</refentrytitle> "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<manvolnum>5</manvolnum></citerefentry> に以下のディレクティブを置くことによ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"り、これを使用するために設定できます: <placeholder type=\"programlisting\" "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><programlisting>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgid "PubKeyAgent /usr/bin/sss_ssh_authorizedkeys %u\n"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "PubKeyAgent /usr/bin/sss_ssh_authorizedkeys %u\n"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"If <quote>PubkeyAgent</quote> is supported, "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"citerefentry> can be configured to use it by using the following directive "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"for <citerefentry> <refentrytitle>sshd</refentrytitle> <manvolnum>8</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"manvolnum></citerefentry> configuration: <placeholder type=\"programlisting"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"\" id=\"0\"/>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<quote>PubkeyAgent</quote> がサポートされていると、 "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"citerefentry> は <citerefentry> <refentrytitle>sshd</refentrytitle> "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<manvolnum>8</manvolnum></citerefentry> 設定に以下のディレクティブを置くこと"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"により、これを使用するために設定できます: <placeholder type=\"programlisting"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"\" id=\"0\"/>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"Search for user public keys in SSSD domain <replaceable>DOMAIN</replaceable>."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"SSSD ドメイン <replaceable>DOMAIN</replaceable> にあるユーザーの公開鍵を検索"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><title>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#: sss_ssh_authorizedkeys.1.xml:93 sss_ssh_knownhostsproxy.1.xml:92
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgid "EXIT STATUS"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#: sss_ssh_authorizedkeys.1.xml:95 sss_ssh_knownhostsproxy.1.xml:94
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"In case of success, an exit value of 0 is returned. Otherwise, 1 is returned."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refname>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#: sss_ssh_knownhostsproxy.1.xml:10 sss_ssh_knownhostsproxy.1.xml:15
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgid "sss_ssh_knownhostsproxy"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "sss_ssh_knownhostsproxy"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refpurpose>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgid "get OpenSSH host keys"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "OpenSSH ホストキーを取得します"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>sss_ssh_knownhostsproxy</command> <arg choice='opt'> "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<replaceable>options</replaceable> </arg> <arg "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"choice='plain'><replaceable>HOST</replaceable></arg> <arg "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"choice='opt'><replaceable>PROXY_COMMAND</replaceable></arg>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>sss_ssh_knownhostsproxy</command> <arg choice='opt'> "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<replaceable>options</replaceable> </arg> <arg "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"choice='plain'><replaceable>HOST</replaceable></arg> <arg "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"choice='opt'><replaceable>PROXY_COMMAND</replaceable></arg>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>sss_ssh_knownhostsproxy</command> acquires SSH host public keys for "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"host <replaceable>HOST</replaceable>, stores them in a custom OpenSSH "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"known_hosts file (see the <quote>SSH_KNOWN_HOSTS FILE FORMAT</quote> section "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"of <citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"manvolnum></citerefentry> for more information) <filename>/var/lib/sss/"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"pubconf/known_hosts</filename> and estabilishes connection to the host."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<command>sss_ssh_knownhostsproxy</command> はホスト <replaceable>HOST</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"replaceable> の SSH ホスト鍵を取得して、個別の OpenSSH known_hosts ファイル "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"(詳細は <citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"manvolnum></citerefentry> の <quote>SSH_KNOWN_HOSTS FILE FORMAT</quote> セク"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ションを参照してください) <filename>/var/lib/sss/pubconf/known_hosts</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"filename> に保存して、ホストへの接続を確立します。"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"If <replaceable>PROXY_COMMAND</replaceable> is specified, it is used to "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"create the connection to the host instead of opening a socket."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<replaceable>PROXY_COMMAND</replaceable> が指定されていると、ソケットを開く代"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"わりにホストへの接続を作成するために使用されます。"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><programlisting>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ProxyCommand /usr/bin/sss_ssh_knownhostsproxy -p %p %h\n"
dd3ba5c5b7d2a9d109963ae9e6c94fff34872221Stephen Gallagher"GlobalKnownHostsFile /var/lib/sss/pubconf/known_hosts\n"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ProxyCommand /usr/bin/sss_ssh_knownhostsproxy -p %p %h\n"
7797e361155f7ce937085fd98e360469d7baf1b6Jakub Hrozek"GlobalKnownHostsFile /var/lib/sss/pubconf/known_hosts\n"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"citerefentry> can be configured to use <command>sss_ssh_knownhostsproxy</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"command> for host key authentication by using the following directives for "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"citerefentry> configuration: <placeholder type=\"programlisting\" id=\"0\"/>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"citerefentry> は <citerefentry><refentrytitle>ssh</refentrytitle> "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<manvolnum>1</manvolnum></citerefentry> 設定に対して以下のディレクティブを使"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"用することにより、ホストキー認証に <command>sss_ssh_knownhostsproxy</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"command> を使用するために設定できます: <placeholder type=\"programlisting\" "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<option>-p</option>,<option>--port</option> <replaceable>PORT</replaceable>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<option>-p</option>,<option>--port</option> <replaceable>PORT</replaceable>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"Use port <replaceable>PORT</replaceable> to connect to the host. By "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"default, port 22 is used."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ホストに接続するためにポート <replaceable>PORT</replaceable> を使用します。初"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"期値ではポート 22 が使用されます。"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"Search for host public keys in SSSD domain <replaceable>DOMAIN</replaceable>."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"SSSD ドメイン <replaceable>DOMAIN</replaceable> においてホスト公開鍵を検索し"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <refsect1><title>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "SERVICE DISCOVERY"
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozekmsgstr "サービス探索"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The service discovery feature allows back ends to automatically find the "
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"appropriate servers to connect to using a special DNS query. This feature is "
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"not supported for backup servers."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <refsect1><refsect2><title>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#: include/service_discovery.xml:9 include/ldap_id_mapping.xml:57
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Configuration"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <refsect1><refsect2><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"If no servers are specified, the back end automatically uses service "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"discovery to try to find a server. Optionally, the user may choose to use "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"both fixed server addresses and service discovery by inserting a special "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"keyword, <quote>_srv_</quote>, in the list of servers. The order of "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"preference is maintained. This feature is useful if, for example, the user "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"prefers to use service discovery whenever possible, and fall back to a "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"specific server when no servers can be discovered using DNS."
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"何もサーバーが指定されていなければ、バックエンドがサーバーを見つけようとする"
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"ために、サービス探索を自動的に使用します。オプションとして、サーバーの一覧に"
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"特別なキーワード <quote>_srv_</quote> を挿入することにより、ユーザーが固定"
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"サーバーアドレスおよびサービス探索のどちらも使用することを選択できます。これ"
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"は設定の順番が維持されます。たとえば、ユーザーができる限りサービス探索を使用"
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"し、DNS を使用してサーバーを探索できないときに特定のサーバーにフォールバック"
b20208b80e99abb79c00d5ec526caa9465859c52Jakub Hrozek"したい場合、この機能は有用です。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <refsect1><refsect2><title>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "The domain name"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <refsect1><refsect2><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Please refer to the <quote>dns_discovery_domain</quote> parameter in the "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"manvolnum> </citerefentry> manual page for more details."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"詳細は <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"manvolnum> </citerefentry> マニュアルページにある "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<quote>dns_discovery_domain</quote> パラメーターを参照してください。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <refsect1><refsect2><title>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "The protocol"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <refsect1><refsect2><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The queries usually specify _tcp as the protocol. Exceptions are documented "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"in respective option description."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"問い合わせは通常プロトコルとして _tcp を指定します。その他はそれぞれのオプ"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ションの説明にドキュメント化されています。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <refsect1><refsect2><title>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "See Also"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <refsect1><refsect2><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"For more information on the service discovery mechanism, refer to RFC 2782."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "サービス検索メカニズムに関する詳細は RFC 2782 を参照してください。"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: outside any tag (error?)
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "<placeholder type=\"refentryinfo\" id=\"0\"/>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<placeholder type=\"refentryinfo\" id=\"0\"/>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <refsect1><title>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "FAILOVER"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "フェイルオーバー"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <refsect1><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The failover feature allows back ends to automatically switch to a different "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"server if the current server fails."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <refsect1><refsect2><title>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Failover Syntax"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "フェイルオーバーの構文"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <refsect1><refsect2><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The list of servers is given as a comma-separated list; any number of spaces "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"is allowed around the comma. The servers are listed in order of preference. "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The list can contain any number of servers."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"サーバーの一覧がカンマ区切り一覧として与えられます。カンマの前後で空白はいく"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"つでも許されます。サーバーは性能の順番で一覧化されます。一覧はサーバーをいく"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek#. type: Content of: <refsect1><refsect2><para>
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"For each failover-enabled config option, two variants exist: "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"<emphasis>primary</emphasis> and <emphasis>backup</emphasis>. The idea is "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"that servers in the primary list are preferred and backup servers are only "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"searched if no primary servers can be reached. If a backup server is "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"selected, a timeout of 31 seconds is set. After this timeout SSSD will "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"periodically try to reconnect to one of the primary servers. If it succeeds, "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"it will replace the current active (backup) server."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <refsect1><refsect2><title>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "The Failover Mechanism"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "フェイルオーバーのメカニズム"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <refsect1><refsect2><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"The failover mechanism distinguishes between a machine and a service. The "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"back end first tries to resolve the hostname of a given machine; if this "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"resolution attempt fails, the machine is considered offline. No further "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"attempts are made to connect to this machine for any other service. If the "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"resolution attempt succeeds, the back end tries to connect to a service on "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"this machine. If the service connection attempt fails, then only this "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"particular service is considered offline and the back end automatically "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"switches over to the next service. The machine is still considered online "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"and might still be tried for another service."
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <refsect1><refsect2><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"Further connection attempts are made to machines or services marked as "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"offline after a specified period of time; this is currently hard coded to 30 "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <refsect1><refsect2><para>
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"If there are no more machines to try, the back end as a whole switches to "
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher"offline mode, and then attempts to reconnect every 30 seconds."
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <refsect1><title>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "ID MAPPING"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozekmsgstr "ID マッピング"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <refsect1><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"The ID-mapping feature allows SSSD to act as a client of Active Directory "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"without requiring administrators to extend user attributes to support POSIX "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"attributes for user and group identifiers."
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <refsect1><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"NOTE: When ID-mapping is enabled, the uidNumber and gidNumber attributes are "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"ignored. This is to avoid the possibility of conflicts between automatically-"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"assigned and manually-assigned values. If you need to use manually-assigned "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"values, ALL values must be manually-assigned."
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <refsect1><refsect2><title>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "Mapping Algorithm"
bf9abef629707167d39fcc92ec9c18a6244b27b8Jakub Hrozekmsgstr "マッピング・アルゴリズム"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <refsect1><refsect2><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"Active Directory provides an objectSID for every user and group object in "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"the directory. This objectSID can be broken up into components that "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"represent the Active Directory domain identity and the relative identifier "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"(RID) of the user or group object."
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <refsect1><refsect2><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"The SSSD ID-mapping algorithm takes a range of available UIDs and divides it "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"into equally-sized component sections - called \"slices\"-. Each slice "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"represents the space available to an Active Directory domain."
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <refsect1><refsect2><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"When a user or group entry for a particular domain is encountered for the "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"first time, the SSSD allocates one of the available slices for that domain. "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"In order to make this slice-assignment repeatable on different client "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"machines, we select the slice based on the following algorithm:"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <refsect1><refsect2><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"The SID string is passed through the murmurhash3 algorithm to convert it to "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"a 32-bit hashed value. We then take the modulus of this value with the total "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"number of available slices to pick the slice."
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <refsect1><refsect2><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"NOTE: It is possible to encounter collisions in the hash and subsequent "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"modulus. In these situations, we will select the next available slice, but "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"it may not be possible to reproduce the same exact set of slices on other "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"machines (since the order that they are encountered will determine their "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"slice). In this situation, it is recommended to either switch to using "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"explicit POSIX attributes in Active Directory (disabling ID-mapping) or "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"configure a default domain to guarantee that at least one is always "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"consistent. See <quote>Configuration</quote> for details."
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <refsect1><refsect2><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"Minimum configuration (in the <quote>[domain/DOMAINNAME]</quote> section):"
bf9abef629707167d39fcc92ec9c18a6244b27b8Jakub Hrozekmsgstr "最小の設定 (<quote>[domain/DOMAINNAME]</quote> セクションにおいて):"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <refsect1><refsect2><para><programlisting>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"ldap_id_mapping = True\n"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"ldap_schema = ad\n"
bf9abef629707167d39fcc92ec9c18a6244b27b8Jakub Hrozek"ldap_id_mapping = True\n"
bf9abef629707167d39fcc92ec9c18a6244b27b8Jakub Hrozek"ldap_schema = ad\n"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <refsect1><refsect2><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"The default configuration results in configuring 10,000 slices, each capable "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"of holding up to 200,000 IDs, starting from 10,001 and going up to "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"2,000,100,000. This should be sufficient for most deployments."
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <refsect1><refsect2><refsect3><title>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "Advanced Configuration"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "ldap_idmap_range_min (integer)"
486237ee009f1d84fc4c85665dce80ade76f7079Stephen Gallaghermsgstr "ldap_idmap_range_min (整数)"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"Specifies the lower bound of the range of POSIX IDs to use for mapping "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"Active Directory user and group SIDs."
486237ee009f1d84fc4c85665dce80ade76f7079Stephen Gallagher"Active Directory ユーザーとグループの SID をマッピングするために使用する "
486237ee009f1d84fc4c85665dce80ade76f7079Stephen Gallagher"POSIX ID の範囲の下限を指定します。"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"NOTE: This option is different from <quote>min_id</quote> in that "
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"<quote>min_id</quote> acts to filter the output of requests to this domain, "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"whereas this option controls the range of ID assignment. This is a subtle "
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"distinction, but the good general advice would be to have <quote>min_id</"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"quote> be less-than or equal to <quote>ldap_idmap_range_min</quote>"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek#: include/ldap_id_mapping.xml:95 include/ldap_id_mapping.xml:131
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozekmsgid "Default: 200000"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozekmsgstr "初期値: 200000"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "ldap_idmap_range_max (integer)"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozekmsgstr "ldap_idmap_range_max (整数)"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"Specifies the upper bound of the range of POSIX IDs to use for mapping "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"Active Directory user and group SIDs."
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"Active Directory ユーザーとグループ SID をマッピングするために使用する POSIX "
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"ID の範囲の上限を指定します。"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"NOTE: This option is different from <quote>max_id</quote> in that "
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"<quote>max_id</quote> acts to filter the output of requests to this domain, "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"whereas this option controls the range of ID assignment. This is a subtle "
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"distinction, but the good general advice would be to have <quote>max_id</"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"quote> be greater-than or equal to <quote>ldap_idmap_range_max</quote>"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozekmsgid "Default: 2000200000"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozekmsgstr "初期値: 2000200000"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "ldap_idmap_range_size (integer)"
486237ee009f1d84fc4c85665dce80ade76f7079Stephen Gallaghermsgstr "ldap_idmap_range_size (整数)"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"Specifies the number of IDs available for each slice. If the range size "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"does not divide evenly into the min and max values, it will create as many "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"complete slices as it can."
486237ee009f1d84fc4c85665dce80ade76f7079Stephen Gallagher"各スライスに利用可能な ID 番号を指定します。範囲の大きさが最小値、最大値の中"
486237ee009f1d84fc4c85665dce80ade76f7079Stephen Gallagher"にうまく分けられなければ、できる限り多くの完全なスライスとして作成されます。"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "ldap_idmap_default_domain_sid (string)"
486237ee009f1d84fc4c85665dce80ade76f7079Stephen Gallaghermsgstr "ldap_idmap_default_domain_sid (文字列)"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"Specify the domain SID of the default domain. This will guarantee that this "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"domain will always be assigned to slice zero in the ID map, bypassing the "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"murmurhash algorithm described above."
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "ldap_idmap_default_domain (string)"
486237ee009f1d84fc4c85665dce80ade76f7079Stephen Gallaghermsgstr "ldap_idmap_default_domain (文字列)"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "Specify the name of the default domain."
486237ee009f1d84fc4c85665dce80ade76f7079Stephen Gallaghermsgstr "初期ドメインの名前を指定します。"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "ldap_idmap_autorid_compat (boolean)"
486237ee009f1d84fc4c85665dce80ade76f7079Stephen Gallaghermsgstr "ldap_idmap_autorid_compat (論理値)"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"Changes the behavior of the ID-mapping algorithm to behave more similarly to "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"winbind's <quote>idmap_autorid</quote> algorithm."
486237ee009f1d84fc4c85665dce80ade76f7079Stephen Gallagher"winbind の <quote>idmap_autorid</quote> アルゴリズムとより同じように振る舞う"
486237ee009f1d84fc4c85665dce80ade76f7079Stephen Gallagher"ために ID マッピングのアルゴリズムの振る舞いを変更します。"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"When this option is configured, domains will be allocated starting with "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"slice zero and increasing monatomically with each additional domain."
486237ee009f1d84fc4c85665dce80ade76f7079Stephen Gallagher"このオプションが設定されるとき、ドメインはスライス 0 から始まり、各追加ドメイ"
486237ee009f1d84fc4c85665dce80ade76f7079Stephen Gallagher"ンに単原子的に増加するよう割り当てられます。"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"NOTE: This algorithm is non-deterministic (it depends on the order that "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"users and groups are requested). If this mode is required for compatibility "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"with machines running winbind, it is recommended to also use the "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"<quote>ldap_idmap_default_domain_sid</quote> option to guarantee that at "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"least one domain is consistently allocated to slice zero."
486237ee009f1d84fc4c85665dce80ade76f7079Stephen Gallagher"注記: このアルゴリズムは非決定的です (ユーザーとグループが要求された順番に依"
486237ee009f1d84fc4c85665dce80ade76f7079Stephen Gallagher"存します)。このモードはマシンが実行中の winbind と互換性が必要ならば、少なく"
486237ee009f1d84fc4c85665dce80ade76f7079Stephen Gallagher"とも一つのドメインが一貫してスライス 0 に割り当てられることを保証するために、"
486237ee009f1d84fc4c85665dce80ade76f7079Stephen Gallagher"<quote>ldap_idmap_default_domain_sid</quote> オプションも使用することが推奨さ"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <varlistentry><term>
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozekmsgid "<option>-?</option>,<option>--help</option>"
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozekmsgstr "<option>-?</option>,<option>--help</option>"
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallagher#. type: Content of: <varlistentry><listitem><para>
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek#: include/param_help.xml:7 include/param_help_py.xml:7
52261fe16203dec6e6f69177c6d0a810b47d073fStephen Gallaghermsgid "Display help message and exit."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "ヘルプメッセージを表示して終了します。"
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek#. type: Content of: <varlistentry><term>
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozekmsgid "<option>-h</option>,<option>--help</option>"
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozekmsgstr "<option>-h</option>,<option>--help</option>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <listitem><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"Bit mask that indicates which debug levels will be visible. 0x0010 is the "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"default value as well as the lowest allowed value, 0xFFF0 is the most "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"verbose mode. This setting overrides the settings from config file."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"デバッグレベルを指示するビットマスクは見ることができます。 0x0010 は初期値で"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"あり、利用できる最小値です。 0xFFF0 は最も冗長なモードです。この設定は設定"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"ファイルの設定により上書きされます。"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <listitem><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgid "Currently supported debug levels:"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "現在サポートされるデバッグレベル:"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <listitem><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>0x0010</emphasis>: Fatal failures. Anything that would prevent "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"SSSD from starting up or causes it to cease running."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>0x0010</emphasis>: 致命的なエラー。 SSSD が開始するのを妨げる、また"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"は実行を中断させることすべてです。"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <listitem><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>0x0020</emphasis>: Critical failures. An error that doesn't kill "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"the SSSD, but one that indicates that at least one major feature is not "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"going to work properly."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>0x0020</emphasis>: 重大なエラー。 SSSD が強制停止しないが、複数の機"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"能が正しく動作しないエラーです。"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <listitem><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>0x0040</emphasis>: Serious failures. An error announcing that a "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"particular request or operation has failed."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>0x0040</emphasis>: 深刻なエラー。特定の要求や操作が失敗したことを通"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <listitem><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>0x0080</emphasis>: Minor failures. These are the errors that would "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"percolate down to cause the operation failure of 2."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>0x0080</emphasis>: 軽微なエラー。これらは 2 の操作失敗を引き起こす"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"よう下にしみだすエラーです。"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <listitem><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgid "<emphasis>0x0100</emphasis>: Configuration settings."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<emphasis>0x0100</emphasis>: 設定値の設定です。"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <listitem><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgid "<emphasis>0x0200</emphasis>: Function data."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<emphasis>0x0200</emphasis>: 関数のデータです。"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <listitem><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgid "<emphasis>0x0400</emphasis>: Trace messages for operation functions."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<emphasis>0x0400</emphasis>: 操作関数のトレースメッセージです。"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <listitem><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>0x1000</emphasis>: Trace messages for internal control functions."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<emphasis>0x1000</emphasis>: 内部制御関数のトレースメッセージです。"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <listitem><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>0x2000</emphasis>: Contents of function-internal variables that "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"may be interesting."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>0x2000</emphasis>: 興味があるかもしれない関数の内部変数の内容です。"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <listitem><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgid "<emphasis>0x4000</emphasis>: Extremely low-level tracing information."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallaghermsgstr "<emphasis>0x4000</emphasis>: 極めて低レベルのトレース情報です。"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <listitem><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"To log required debug levels, simply add their numbers together as shown in "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"following examples:"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"必要となるデバッグレベルをログに取得するには、以下の例に示されるようにこれら"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <listitem><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>Example</emphasis>: To log fatal failures, critical failures, "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"serious failures and function data use 0x0270."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>例</emphasis>: 致命的なエラー、重大なエラー、深刻なエラーおよび関数"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"データをログに取得するには 0x0270 を使用します。"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <listitem><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>Example</emphasis>: To log fatal failures, configuration settings, "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"function data, trace messages for internal control functions use 0x1310."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>例</emphasis>: 致命的なエラー、設定値の設定、関数データ、内部制御関"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"数のトレースメッセージをログに取得するには 0x1310 を使用します。"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: <listitem><para>
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>Note</emphasis>: This is new format of debug levels introduced in "
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"1.7.0. Older format (numbers from 0-10) is compatible but deprecated."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis>注</emphasis>: これは 1.7.0 において導入されたデバッグレベルの新し"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"い形式です。古い形式(0-10 の数字)は互換性がありますが、推奨されません。"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher#. type: Content of: outside any tag (error?)
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis> This is an experimental feature, please use http://fedorahosted."
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"org/sssd to report any issues. </emphasis>"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"<emphasis> これは実験的な機能です、何らかの問題を報告するには http://"
2ea6196484055397cc4bc011c5960f790431fa9dStephen Gallagher"fedorahosted.org/sssd を使用してください。 </emphasis>"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <refsect1><title>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgid "THE LOCAL DOMAIN"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallaghermsgstr "ローカルドメイン"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <refsect1><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"In order to function correctly, a domain with <quote>id_provider=local</"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"quote> must be created and the SSSD must be running."
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher#. type: Content of: <refsect1><para>
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"The administrator might want to use the SSSD local users instead of "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"traditional UNIX users in cases where the group nesting (see <citerefentry> "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"<refentrytitle>sss_groupadd</refentrytitle> <manvolnum>8</manvolnum> </"
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"citerefentry>) is needed. The local users are also useful for testing and "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"development of the SSSD without having to deploy a full remote server. The "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"<command>sss_user*</command> and <command>sss_group*</command> tools use a "
e59e09b5010f262228bbdeb92a79b733bf5854b3Stephen Gallagher"local LDB storage to store users and groups."
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <refsect1><title>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozekmsgid "SEE ALSO"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozekmsgstr "関連項目"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek#. type: Content of: <refsect1><para>
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"citerefentry>, <citerefentry> <refentrytitle>sssd.conf</"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"<refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</manvolnum> </"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"<refentrytitle>sssd-simple</refentrytitle><manvolnum>5</manvolnum> </"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"citerefentry>, <citerefentry> <refentrytitle>sssd-ipa</"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"<refentrytitle>sssd-ad</refentrytitle><manvolnum>5</manvolnum> </"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"citerefentry>, <phrase condition=\"with_sudo\"> <citerefentry> "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"<refentrytitle>sssd-sudo</refentrytitle> <manvolnum>5</manvolnum> </"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"citerefentry>, </phrase> <citerefentry> <refentrytitle>sss_cache</"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"<refentrytitle>sss_debuglevel</refentrytitle><manvolnum>8</manvolnum> </"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"<refentrytitle>sss_obfuscate</refentrytitle><manvolnum>8</manvolnum> </"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"citerefentry>, <citerefentry> <refentrytitle>sss_seed</"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"<refentrytitle>sssd_krb5_locator_plugin</refentrytitle><manvolnum>8</"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"manvolnum> </citerefentry>, <phrase condition=\"with_ssh\"> <citerefentry> "
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle> <manvolnum>8</"
64a424ec1b268427822c646f7781e26e56c197f6Jakub Hrozek"manvolnum> </citerefentry>, <citerefentry> "
6463ed1dcdd45416468b3fa178bd856b5a9ed2c3Jakub Hrozek"<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle> <manvolnum>8</"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</"
65a9065538fd85e6ead925d344e6b421900eb8c2Jakub Hrozek"refentrytitle><manvolnum>8</manvolnum> </citerefentry>."
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek#. type: Content of: <listitem><para>
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"An optional base DN, search scope and LDAP filter to restrict LDAP searches "
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"for this attribute type."
bf9abef629707167d39fcc92ec9c18a6244b27b8Jakub Hrozek"オプションのベース DN。この属性の種別に対する LDAP 検索を制限する、検索範囲お"
bf9abef629707167d39fcc92ec9c18a6244b27b8Jakub Hrozek"よび LDAP フィルター。"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek#. type: Content of: <listitem><para><programlisting>
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozekmsgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]\n"
bf9abef629707167d39fcc92ec9c18a6244b27b8Jakub Hrozekmsgstr "search_base[?scope?[filter][?search_base?scope?[filter]]*]\n"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek#. type: Content of: <listitem><para>
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozekmsgid "syntax: <placeholder type=\"programlisting\" id=\"0\"/>"
bf9abef629707167d39fcc92ec9c18a6244b27b8Jakub Hrozekmsgstr "構文: <placeholder type=\"programlisting\" id=\"0\"/>"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek#. type: Content of: <listitem><para>
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek#: include/ldap_search_bases_experimental.xml:13
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"The scope can be one of \"base\", \"onelevel\" or \"subtree\". The filter "
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"must be a valid LDAP search filter as specified by http://www.ietf.org/rfc/"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek#. type: Content of: <listitem><para>
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek#: include/ldap_search_bases_experimental.xml:19
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"For examples of this syntax, please refer to the <quote>ldap_search_base</"
7a14e8f66c0e932fe2954d792614a3b61d444bd1Jakub Hrozek"quote> examples section."
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek#. type: Content of: <listitem><para>
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek#: include/ldap_search_bases_experimental.xml:27
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek"Please note that specifying scope or filter is not supported for searches "
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek"against an Active Directory Server that might yield a large number of "
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek"results and trigger the Range Retrieval extension in the response."
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek#. type: Content of: <para>
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek"Please note that the automounter only reads the master map on startup, so if "
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek"any autofs-related changes are made to the sssd.conf, you typically also "
524ceecc11f3d458eb3c1cf1489c3ff6ccb22226Jakub Hrozek"need to restart the automounter daemon after restarting the SSSD."
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <varlistentry><term>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgid "override_homedir (string)"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgstr "override_homedir (文字列)"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgid "UID number"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgstr "UID 番号"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgid "domain name"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgstr "ドメイン名"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgid "fully qualified user name (user@domain)"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgstr "完全修飾ユーザー名 (user@domain)"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgid "The original home directory retrieved from the identity provider."
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"Override the user's home directory. You can either provide an absolute value "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"or a template. In the template, the following sequences are substituted: "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"<placeholder type=\"variablelist\" id=\"0\"/>"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"ユーザーのホームディレクトリーを上書きします。絶対パスまたはテンプレートを提"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"供できます。テンプレートでは、以下のシーケンスが置換されます: <placeholder "
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"type=\"variablelist\" id=\"0\"/>"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgid "This option can also be set per-domain."
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgstr "このオプションはドメインごとに設定できます。"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <varlistentry><listitem><para><programlisting>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek"override_homedir = /home/%u\n"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozek#. type: Content of: <varlistentry><listitem><para>
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgid "Default: Not set (SSSD will use the value retrieved from LDAP)"
2cb6f28b3a12bb714bf14494d31eb6b6fff64b8bJakub Hrozekmsgstr "初期値: 設定なし (SSSD は LDAP から取得された値を使用します)"