lv.po revision a9228ebcce14888b3123bdf46e610e0900bcd2cc
8c294c1cd4d721818a59684cf7f2b36123f79163Stephen Gallagher# SOME DESCRIPTIVE TITLE
8c294c1cd4d721818a59684cf7f2b36123f79163Stephen Gallagher# Copyright (C) YEAR Red Hat
8c294c1cd4d721818a59684cf7f2b36123f79163Stephen Gallagher# This file is distributed under the same license as the sssd-docs package.
c636315472e4f87313af7be30b7fbcad4b8ca8a4Stephen Gallagher# Kristaps, 2012
fd5a4eacd56700ffb08a73121aeacdc806cb0132Sumit Bose"Project-Id-Version: SSSD\n"
8b1f525acd20f36c836e827de3c251088961c5d9Stephen Gallagher"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
8b1f525acd20f36c836e827de3c251088961c5d9Stephen Gallagher"POT-Creation-Date: 2013-08-28 22:36+0300\n"
8b1f525acd20f36c836e827de3c251088961c5d9Stephen Gallagher"PO-Revision-Date: 2013-07-24 12:28+0000\n"
8b1f525acd20f36c836e827de3c251088961c5d9Stephen Gallagher"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
8b1f525acd20f36c836e827de3c251088961c5d9Stephen Gallagher"Language-Team: Latvian (http://www.transifex.com/projects/p/fedora/language/"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"Language: lv\n"
df4cc3a83c5d6700b6a09ff96cb4a6b1949b1aa9Stephen Gallagher"MIME-Version: 1.0\n"
df4cc3a83c5d6700b6a09ff96cb4a6b1949b1aa9Stephen Gallagher"Content-Type: text/plain; charset=UTF-8\n"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"Content-Transfer-Encoding: 8bit\n"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n != 0 ? 1 : "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><title>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sssd-ad.5.xml:5 sssd-sudo.5.xml:5 sssd.8.xml:5 sss_obfuscate.8.xml:5
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sss_useradd.8.xml:5 sssd-krb5.5.xml:5 sss_groupadd.8.xml:5
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sss_userdel.8.xml:5 sss_groupdel.8.xml:5 sss_groupshow.8.xml:5
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sss_usermod.8.xml:5 sss_cache.8.xml:5 sss_debuglevel.8.xml:5
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sss_seed.8.xml:5 sss_ssh_authorizedkeys.1.xml:5
90fd1bbd6035cdab46faa3a695a2fb2be6508b17Sumit Bosemsgid "SSSD Manual pages"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refname>
2a552e43581c74f51205c7141ec9f6e9542509f8Stephen Gallagher#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15
2a552e43581c74f51205c7141ec9f6e9542509f8Stephen Gallaghermsgid "sss_groupmod"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refmeta><manvolnum>
d921c1eba437662437847279f251a0a5d8f70127Maxim#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11
2cbdd12983eb85eddb90f64cfafb24eae5b448f4Jakub Hrozek#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 sss_cache.8.xml:11
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sss_debuglevel.8.xml:11 sss_seed.8.xml:11
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refpurpose>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "modify a group"
4b6a0d0b3d42e5fdb457f47d9adfa5e66b160256Stephen Gallagher#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
b32159300fea63222d8dd9200ed634087704ea74Stephen Gallagher"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</"
b32159300fea63222d8dd9200ed634087704ea74Stephen Gallagher"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><title>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sssd-ad.5.xml:21 sssd-sudo.5.xml:21 sssd.8.xml:29 sss_obfuscate.8.xml:30
be1ef1c62ad13612be5e1f879476c24452a5d6d0Stephen Gallagher#: sss_useradd.8.xml:30 sssd-krb5.5.xml:21 sss_groupadd.8.xml:30
a3d176d116ceccd6a7547c128fab5df5cdd2c2b6Michal Zidek#: sss_userdel.8.xml:30 sss_groupdel.8.xml:30 sss_groupshow.8.xml:30
a3d176d116ceccd6a7547c128fab5df5cdd2c2b6Michal Zidek#: sss_usermod.8.xml:30 sss_cache.8.xml:29 sss_debuglevel.8.xml:30
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sss_seed.8.xml:31 sss_ssh_authorizedkeys.1.xml:30
4dd615c01357b8715711aad6820ba9595d3ad377Stephen Gallaghermsgid "DESCRIPTION"
4dd615c01357b8715711aad6820ba9595d3ad377Stephen Gallaghermsgstr "APRAKSTS"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
9a3e40dc49c1e38bf58e45be5adff37615f3910bJan Cholasta"<command>sss_groupmod</command> modifies the group to reflect the changes "
9a3e40dc49c1e38bf58e45be5adff37615f3910bJan Cholasta"that are specified on the command line."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><title>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sss_cache.8.xml:38 sss_debuglevel.8.xml:38 sss_seed.8.xml:42
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sss_ssh_authorizedkeys.1.xml:75 sss_ssh_knownhostsproxy.1.xml:62
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "OPTIONS"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgstr "IESPĒJAS"
f1828234a850dd28465425248a83a993f262918fPavel Březina#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"Append this group to groups specified by the <replaceable>GROUPS</"
2827b0d03f7b6bafa504d22a5d7ca39cbda048b3Pavel Březina"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is "
2827b0d03f7b6bafa504d22a5d7ca39cbda048b3Pavel Březina"a comma separated list of group names."
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
e7311aec8d691e5427317442387af1bc8fff3742Jan Cholasta"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</"
e7311aec8d691e5427317442387af1bc8fff3742Jan Cholasta"replaceable>"
b9e5bd09a5ff7009537a18914dbebcf10498f592Sumit Bose#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"Remove this group from groups specified by the <replaceable>GROUPS</"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"replaceable> parameter."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refnamediv><refname>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refmeta><manvolnum>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sssd-ipa.5.xml:11 sssd-ad.5.xml:11 sssd-sudo.5.xml:11 sssd-krb5.5.xml:11
69aaef8719c5cf33ed1c4090fa313ba281bf8a02Jakub Hrozek#. type: Content of: <reference><refentry><refmeta><refmiscinfo>
4dd615c01357b8715711aad6820ba9595d3ad377Stephen Gallagher#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12
fe60346714a73ac3987f786731389320633dd245Pavel Březina#: sssd-ipa.5.xml:12 sssd-ad.5.xml:12 sssd-sudo.5.xml:12 sssd-krb5.5.xml:12
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bosemsgid "File Formats and Conventions"
e5e8252ec48bfdd4e7529debc705c8e090264b9aSumit Bose#. type: Content of: <reference><refentry><refnamediv><refpurpose>
71e7918be3ca5d38794a16a17f6b4f19a24d51fcPavel Březina#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16
8359bf07a2e6c0181251ce8d5d9160dc57546c55Stephen Gallagher#: sssd-ipa.5.xml:17 sssd-ad.5.xml:17 sssd-krb5.5.xml:17
71e7918be3ca5d38794a16a17f6b4f19a24d51fcPavel Březinamsgid "the configuration file for SSSD"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><title>
150b76e13b7c4f3ccf1d709bf517ca2af6b2c9a2Jakub Hrozekmsgid "FILE FORMAT"
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose#. type: Content of: <reference><refentry><refsect1><para><programlisting>
d064fef06dcbcb5f6c1be03e286b1a3433d6dfd7Sumit Bose" <replaceable>[section]</replaceable>\n"
150b76e13b7c4f3ccf1d709bf517ca2af6b2c9a2Jakub Hrozek" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n"
150b76e13b7c4f3ccf1d709bf517ca2af6b2c9a2Jakub Hrozek" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n"
150b76e13b7c4f3ccf1d709bf517ca2af6b2c9a2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para>
bf5a808fa92007c325c3996e79694badfab201d4Stephen Gallagher"The file has an ini-style syntax and consists of sections and parameters. A "
bf5a808fa92007c325c3996e79694badfab201d4Stephen Gallagher"section begins with the name of the section in square brackets and continues "
bf5a808fa92007c325c3996e79694badfab201d4Stephen Gallagher"until the next section begins. An example of section with single and multi-"
fa551077410019fb34460dc730950e93b62b2963Jakub Hrozek"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>"
bf5a808fa92007c325c3996e79694badfab201d4Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
bf5a808fa92007c325c3996e79694badfab201d4Stephen Gallagher"The data types used are string (no quotes needed), integer and bool (with "
150b76e13b7c4f3ccf1d709bf517ca2af6b2c9a2Jakub Hrozek"values of <quote>TRUE/FALSE</quote>)."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"(<quote>;</quote>). Inline comments are not supported."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"All sections can have an optional <replaceable>description</replaceable> "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"parameter. Its function is only as a label for the section."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
90fd1bbd6035cdab46faa3a695a2fb2be6508b17Sumit Bose"<filename>sssd.conf</filename> must be a regular file, owned by root and "
90fd1bbd6035cdab46faa3a695a2fb2be6508b17Sumit Bose"only root may read from or write to the file."
96453f402831275a39d5fb89c33c9776e148d03fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><title>
96453f402831275a39d5fb89c33c9776e148d03fStephen Gallaghermsgid "SPECIAL SECTIONS"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><title>
b35f20cd8ecdc8308a3201e55752fb0443ec6ae4Jan Cholastamsgid "The [sssd] section"
3b08dec5ee634f83ee18e1753d5ffe0ac5e3c458Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "Section parameters"
b35f20cd8ecdc8308a3201e55752fb0443ec6ae4Jan Cholasta#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
69aaef8719c5cf33ed1c4090fa313ba281bf8a02Jakub Hrozekmsgid "config_file_version (integer)"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
96453f402831275a39d5fb89c33c9776e148d03fStephen Gallaghermsgid "services"
96453f402831275a39d5fb89c33c9776e148d03fStephen Gallaghermsgstr "pakalpojumi"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
60e51fd2764291df2332f36ff478777627d92b57Sumit Bose"Comma separated list of services that are started when sssd itself starts."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase> "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"<phrase condition=\"with_autofs\">, autofs</phrase> <phrase condition="
1467daed400d6c186bd0c99c057c42e764309ff3Stephen Gallagher"\"with_ssh\">, ssh</phrase> <phrase condition=\"with_pac_responder\">, pac</"
b97595ae059c69b1960a6e7e56d74660388a683bJan Zeleny#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
48d7840cae22c5ff4d786149b0d8ecee7efb8306Lukas Slebodnikmsgid "reconnection_retries (integer)"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"Number of times services should attempt to reconnect in the event of a Data "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"Provider crash or restart before they give up"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "Default: 3"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "domains"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgstr "domēni"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"A domain is a database containing user information. SSSD can use more "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"domains at the same time, but at least one must be configured or SSSD won't "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"start. This parameter described the list of domains in the order you want "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"them to be queried. A domain name should only consist of alphanumeric ASCII "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"characters, dashes and underscores."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sssd.conf.5.xml:126 sssd.conf.5.xml:1563
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "re_expression (string)"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"Default regular expression that describes how to parse the string containing "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"user name and domain into these components."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"Each domain can have an individual regular expression configured. For some "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"ID providers there are also default regular expressions. See DOMAIN "
b9e5bd09a5ff7009537a18914dbebcf10498f592Sumit Bose"SECTIONS for more info on these regular expressions."
2cbdd12983eb85eddb90f64cfafb24eae5b448f4Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "full_name_format (string)"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sssd.conf.5.xml:146 sssd.conf.5.xml:1617
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"manvolnum> </citerefentry>-compatible format that describes how to compose a "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"fully qualified name from user name and domain name components."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sssd.conf.5.xml:157 sssd.conf.5.xml:1628
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "user name"
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
ca261795ce61c41d7e62217ccb2ee913923040ffPavel Březina#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sssd.conf.5.xml:164 sssd.conf.5.xml:1635
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "domain name as specified in the SSSD config file."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sssd.conf.5.xml:170 sssd.conf.5.xml:1641
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sssd.conf.5.xml:173 sssd.conf.5.xml:1644
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"domain flat name. Mostly usable for Active Directory domains, both directly "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"configured or discovered via IPA trusts."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sssd.conf.5.xml:154 sssd.conf.5.xml:1625
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"The following expansions are supported: <placeholder type=\"variablelist\" "
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"Each domain can have an individual format string configured. see DOMAIN "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"SECTIONS for more info on this option."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
2e6087c6cc903d5164b9a1d5e3d791fd046001d9Jakub Hrozekmsgid "try_inotify (boolean)"
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"SSSD monitors the state of resolv.conf to identify when it needs to update "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"its internal DNS resolver. By default, we will attempt to use inotify for "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"this, and will fall back to polling resolv.conf every five seconds if "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"inotify cannot be used."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
bfbf5cb0f00c60c0f000f56c282377b13b9a89abSumit Bose"There are some limited situations where it is preferred that we should skip "
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallagher"even trying to use inotify. In these rare cases, this option should be set "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
2e6087c6cc903d5164b9a1d5e3d791fd046001d9Jakub Hrozek"Default: true on platforms where inotify is supported. False on other "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"Note: this option will have no effect on platforms where inotify is "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"unavailable. On these platforms, polling will always be used."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "krb5_rcache_dir (string)"
823a5b3f4375f12b6edae4dd5169ee01771baebeJan Zeleny#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
7de6e3534fd61c7619ed34a6b1afe7230b5e6504Ondrej Kos"Directory on the filesystem where SSSD should store Kerberos replay cache "
5a70b84cb66fb8c7a3fce0e3f2e4b61e0b2ea9d4Simo Sorce#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
7452f1b637276ce582b120f8f5482ae7f3b6bd47Jakub Hrozek"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct "
918b2a5a91f1c551d48f4bffed2a28c36fdb4be1Simo Sorce"SSSD to let libkrb5 decide the appropriate location for the replay cache."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
e850be1ff2e13bba9812c94c3d102c0a0b570820Jakub Hrozek"Default: Distribution-specific and specified at build-time. "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"(__LIBKRB5_DEFAULTS__ if not configured)"
ef39c0adcb61b16f9edc7beb4cdc8f3b0d5a8f15Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
8c3a4809b3420657289b42f028a1c9019b112991Stephen Gallaghermsgid "default_domain_suffix (string)"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
e7311aec8d691e5427317442387af1bc8fff3742Jan Cholasta"This string will be used as a default domain name for all names without a "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"domain name component. The main use case is environments where the primary "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"domain is intended for managing host policies and all users are located in a "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"trusted domain. The option allows those users to log in just with their "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"user name without giving a domain name as well."
4c11f752e1f10cf5740d53a3206bb795e9e34fe8Jan Zeleny#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
1a7d1977037864e52858058777af8ff8401547ddJan Cholasta"Please note that if this option is set all users from the primary domain "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"have to use their fully qualified name, e.g. user@domain.name, to log in."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1371 sssd-ldap.5.xml:1383
9cb46bc62f22e0104f1b41a423b014c281ef5fc2Jakub Hrozek#: sssd-ldap.5.xml:1465 sssd-ldap.5.xml:2346 sssd-ldap.5.xml:2373
ac47e8854f3bc404f2a35c6682faf621673d6b32Pavel Březina#: sssd-krb5.5.xml:408 include/ldap_id_mapping.xml:145
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "Default: not set"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"Individual pieces of SSSD functionality are provided by special SSSD "
3441d0c2d11aea0c39b009751a1898333c009674Stephen Gallagher"services that are started and stopped together with SSSD. The services are "
65e8f538ad35ba7d86cd9e60a3d86aec34537027Stephen Gallagher"managed by a special service frequently called <quote>monitor</quote>. The "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"<quote>[sssd]</quote> section is used to configure the monitor as well as "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"some other important options like the identity domains. <placeholder type="
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"\"variablelist\" id=\"0\"/>"
4af1d1869d659fec84c518c26844132fa1df8f64Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><title>
cc84fd46f356c4a36a721ab135a33ec77c93e34dJakub Hrozekmsgid "SERVICES SECTIONS"
ae8d047122c7ba8123f72b2eac68944868ac37d4Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"Settings that can be used to configure different services are described in "
213ce2a78b1abe3921d8dc13c949a28130d00aecJan Zeleny"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"section, for example, for NSS service, the section would be <quote>[nss]</"
1a853121ca2ba8ede6df429ee76942131ffb0f65Jan Zeleny#. type: Content of: <reference><refentry><refsect1><refsect2><title>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "General service configuration options"
1a7d1977037864e52858058777af8ff8401547ddJan Cholasta#. type: Content of: <reference><refentry><refsect1><refsect2><para>
88275cccddf39892e01682b39b02292eb74729bdPavel Březinamsgid "These options can be used to configure any service."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "debug_level (integer)"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
4139a7a731f2831963a42b26aac111422be28792Jakub Hrozekmsgid "debug_timestamps (bool)"
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bosemsgid "Add a timestamp to the debug messages"
3b08dec5ee634f83ee18e1753d5ffe0ac5e3c458Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
3b08dec5ee634f83ee18e1753d5ffe0ac5e3c458Jakub Hrozek#: sssd.conf.5.xml:292 sssd.conf.5.xml:472 sssd.conf.5.xml:819
3b08dec5ee634f83ee18e1753d5ffe0ac5e3c458Jakub Hrozek#: sssd-ldap.5.xml:1538 sssd-ldap.5.xml:1635 sssd-ldap.5.xml:1692
3b08dec5ee634f83ee18e1753d5ffe0ac5e3c458Jakub Hrozek#: sssd-ldap.5.xml:2134 sssd-ldap.5.xml:2199 sssd-ldap.5.xml:2217
374bf54785365273b20690bd3792c25a44738041Pavel Březina#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:161 sssd-ad.5.xml:186
8359bf07a2e6c0181251ce8d5d9160dc57546c55Stephen Gallaghermsgid "Default: true"
8359bf07a2e6c0181251ce8d5d9160dc57546c55Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
8359bf07a2e6c0181251ce8d5d9160dc57546c55Stephen Gallaghermsgid "debug_microseconds (bool)"
86b61156743b7ebdc049450a6f88452890fd9a61Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
86b61156743b7ebdc049450a6f88452890fd9a61Jakub Hrozekmsgid "Add microseconds to the timestamp in debug messages"
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallagher#: sssd.conf.5.xml:303 sssd.conf.5.xml:773 sssd.conf.5.xml:1750
96453f402831275a39d5fb89c33c9776e148d03fStephen Gallagher#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1412 sssd-ldap.5.xml:1431
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallagher#: sssd-ldap.5.xml:1607 sssd-ldap.5.xml:1930 sssd-ipa.5.xml:139
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallagher#: sssd-ipa.5.xml:205 sssd-ipa.5.xml:474 sssd-ipa.5.xml:492
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallagher#: sssd-krb5.5.xml:264 sssd-krb5.5.xml:298 sssd-krb5.5.xml:469
96453f402831275a39d5fb89c33c9776e148d03fStephen Gallaghermsgid "Default: false"
96453f402831275a39d5fb89c33c9776e148d03fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
96453f402831275a39d5fb89c33c9776e148d03fStephen Gallaghermsgid "timeout (integer)"
87c07559af5cfcd2752295ef7c425bd3205f426fStephen Gallaghermsgstr "noildze (vesels skaitlis)"
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallagher"Timeout in seconds between heartbeats for this service. This is used to "
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallagher"ensure that the process is alive and capable of answering requests."
4c1bf6607060cea867fccf667063c028dfd51e96Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e76d78338026fa47dca32eaf7f5c15eabb1b951aJan Zelenymsgid "Default: 10"
386a66b1aa18a176e6a06fa126556c9590c373b6Sumit Bosemsgstr "Noklusējuma: 10"
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallaghermsgid "fd_limit"
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallagher"This option specifies the maximum number of file descriptors that may be "
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallagher"opened at one time by this SSSD process. On systems where SSSD is granted "
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallagher"the CAP_SYS_RESOURCE capability, this will be an absolute setting. On "
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallagher"systems without this capability, the resulting value will be the lower value "
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallagher"of this or the limits.conf \"hard\" limit."
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
29be7d76c949b82350c7603cfd362a1fcb47eb1bJan Zelenymsgid "Default: 8192 (or limits.conf \"hard\" limit)"
823a5b3f4375f12b6edae4dd5169ee01771baebeJan Zeleny#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
918b2a5a91f1c551d48f4bffed2a28c36fdb4be1Simo Sorcemsgid "client_idle_timeout"
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
22d381367c27910fe82f476a76b9f4ede555e35aLukas Slebodnik"This option specifies the number of seconds that a client of an SSSD process "
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallagher"can hold onto a file descriptor without communicating on it. This value is "
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallagher"limited in order to avoid resource exhaustion on the system."
3f98cdc011bb4e8cd22c088f288b0bcdb6452492Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
3f98cdc011bb4e8cd22c088f288b0bcdb6452492Jakub Hrozek#: sssd.conf.5.xml:361 sssd.conf.5.xml:377 sssd.conf.5.xml:591
1a7d1977037864e52858058777af8ff8401547ddJan Cholasta#: sssd.conf.5.xml:751 sssd.conf.5.xml:1014 sssd-ldap.5.xml:1113
748ba184db97b7534254f97018fa04e8aa458faeJan Cholastamsgid "Default: 60"
748ba184db97b7534254f97018fa04e8aa458faeJan Cholastamsgstr "Noklusējuma: 60"
1a7d1977037864e52858058777af8ff8401547ddJan Cholasta#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
96453f402831275a39d5fb89c33c9776e148d03fStephen Gallagher#: sssd.conf.5.xml:366 sssd.conf.5.xml:1003
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "force_timeout (integer)"
577ba99b3150404533bd3d859522a2c994b17e76Lukas Slebodnik#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
577ba99b3150404533bd3d859522a2c994b17e76Lukas Slebodnik"If a service is not responding to ping checks (see the <quote>timeout</"
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose"quote> option), it is first sent the SIGTERM signal that instructs it to "
4dd615c01357b8715711aad6820ba9595d3ad377Stephen Gallagher"quit gracefully. If the service does not terminate after "
4dd615c01357b8715711aad6820ba9595d3ad377Stephen Gallagher"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down "
b32159300fea63222d8dd9200ed634087704ea74Stephen Gallagher"by sending a SIGKILL signal."
f39b4b2fd57c0ea4cf2f90b511f2cbce37723ef0Sumit Bose#. type: Content of: <reference><refentry><refsect1><refsect2><title>
4dd615c01357b8715711aad6820ba9595d3ad377Stephen Gallaghermsgid "NSS configuration options"
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose#. type: Content of: <reference><refentry><refsect1><refsect2><para>
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose"These options can be used to configure the Name Service Switch (NSS) service."
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bosemsgid "enum_cache_timeout (integer)"
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose"How many seconds should nss_sss cache enumerations (requests for info about "
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "Default: 120"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "entry_cache_nowait_percentage (integer)"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
e369fc08906383e6d5c39832f31bb6600a33f887Simo Sorce"The entry cache can be set to automatically update entries in the background "
577ba99b3150404533bd3d859522a2c994b17e76Lukas Slebodnik"if they are requested beyond a percentage of the entry_cache_timeout value "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"for the domain."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
eb2e21b764d03544d8161e9956d7f70b07b75f77Simo Sorce"For example, if the domain's entry_cache_timeout is set to 30s and "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"after 15 seconds past the last cache update will be returned immediately, "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"but the SSSD will go and update the cache on its own, so that future "
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallagher"requests will not need to block waiting for a cache update."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"Valid values for this option are 0-99 and represent a percentage of the "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"entry_cache_timeout for each domain. For performance reasons, this "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"percentage will never reduce the nowait timeout to less than 10 seconds. (0 "
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher"disables this feature)"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
300c772767c1b12077cac1d148ac89738b058f97Jan Zelenymsgid "Default: 50"
2827b0d03f7b6bafa504d22a5d7ca39cbda048b3Pavel Březina#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
2827b0d03f7b6bafa504d22a5d7ca39cbda048b3Pavel Březinamsgid "entry_negative_timeout (integer)"
2827b0d03f7b6bafa504d22a5d7ca39cbda048b3Pavel Březina#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
2827b0d03f7b6bafa504d22a5d7ca39cbda048b3Pavel Březina"Specifies for how many seconds nss_sss should cache negative cache hits "
2827b0d03f7b6bafa504d22a5d7ca39cbda048b3Pavel Březina"(that is, queries for invalid database entries, like nonexistent ones) "
577ba99b3150404533bd3d859522a2c994b17e76Lukas Slebodnik"before asking the back end again."
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozekmsgid "Default: 15"
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozekmsgstr "Noklusējuma: 15"
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozekmsgid "filter_users, filter_groups (string)"
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
e7311aec8d691e5427317442387af1bc8fff3742Jan Cholasta"Exclude certain users from being fetched from the sss NSS database. This is "
b42b5d5aaf4da165582e73ad985fdff6e34e61e4Jakub Hrozek"particularly useful for system accounts. This option can also be set per-"
e7311aec8d691e5427317442387af1bc8fff3742Jan Cholasta"domain or include fully-qualified names to filter only users from the "
bd03e67c9d2fc4ad0275e7a573385ee5b7b9307aJan Cholasta"particular domain."
577ba99b3150404533bd3d859522a2c994b17e76Lukas Slebodnik#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
e7311aec8d691e5427317442387af1bc8fff3742Jan Cholastamsgid "Default: root"
b9e5bd09a5ff7009537a18914dbebcf10498f592Sumit Bose#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
b9e5bd09a5ff7009537a18914dbebcf10498f592Sumit Bosemsgid "filter_users_in_groups (bool)"
b9e5bd09a5ff7009537a18914dbebcf10498f592Sumit Bose#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
b9e5bd09a5ff7009537a18914dbebcf10498f592Sumit Bose"If you want filtered user still be group members set this option to false."
b9e5bd09a5ff7009537a18914dbebcf10498f592Sumit Bose#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
b9e5bd09a5ff7009537a18914dbebcf10498f592Sumit Bosemsgid "fallback_homedir (string)"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
9cb46bc62f22e0104f1b41a423b014c281ef5fc2Jakub Hrozek"Set a default template for a user's home directory if one is not specified "
ac47e8854f3bc404f2a35c6682faf621673d6b32Pavel Březina"explicitly by the domain's data provider."
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallagher"The available values for this option are the same as for override_homedir."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
530ba03ecabb472f17d5d1ab546aec9390492de1Jakub Hrozek"override_homedir = /home/%u\n"
530ba03ecabb472f17d5d1ab546aec9390492de1Jakub Hrozek#. type: Content of: <varlistentry><listitem><para>
530ba03ecabb472f17d5d1ab546aec9390492de1Jakub Hrozek#: sssd.conf.5.xml:490 include/override_homedir.xml:44
530ba03ecabb472f17d5d1ab546aec9390492de1Jakub Hrozekmsgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
8a07521b413a3b5879f824e1872c5770c92ee5c0Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "Default: not set (no substitution for unset home directories)"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "override_shell (string)"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"Override the login shell for all users. This option can be specified "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"globally in the [nss] section or per-domain."
577ba99b3150404533bd3d859522a2c994b17e76Lukas Slebodnik#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "Default: not set (SSSD will use the value retrieved from LDAP)"
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
577ba99b3150404533bd3d859522a2c994b17e76Lukas Slebodnikmsgid "allowed_shells (string)"
a9eff330a7fbd231e8cc28a6828a1e5014ddb0d2Michal Zidek#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"Restrict user shell to one of the listed values. The order of evaluation is:"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
577ba99b3150404533bd3d859522a2c994b17e76Lukas Slebodnikmsgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
577ba99b3150404533bd3d859522a2c994b17e76Lukas Slebodnik"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
577ba99b3150404533bd3d859522a2c994b17e76Lukas Slebodnik"quote>, use the value of the shell_fallback parameter."
a9eff330a7fbd231e8cc28a6828a1e5014ddb0d2Michal Zidek#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
2c0a971010596c122d7a0c0d76c8eb85f16f6d06Jakub Hrozek"shells</quote>, a nologin shell is used."
577ba99b3150404533bd3d859522a2c994b17e76Lukas Slebodnik#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
2c0a971010596c122d7a0c0d76c8eb85f16f6d06Jakub Hrozekmsgid "An empty string for shell is passed as-is to libc."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
577ba99b3150404533bd3d859522a2c994b17e76Lukas Slebodnik"that a restart of the SSSD is required in case a new shell is installed."
2c0a971010596c122d7a0c0d76c8eb85f16f6d06Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "Default: Not set. The user shell is automatically used."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
577ba99b3150404533bd3d859522a2c994b17e76Lukas Slebodnikmsgid "vetoed_shells (string)"
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zeleny#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozekmsgid "Replace any instance of these shells with the shell_fallback"
577ba99b3150404533bd3d859522a2c994b17e76Lukas Slebodnik#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozekmsgid "shell_fallback (string)"
f1828234a850dd28465425248a83a993f262918fPavel Březina#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
f1828234a850dd28465425248a83a993f262918fPavel Březina"The default shell to use if an allowed shell is not installed on the machine."
f1828234a850dd28465425248a83a993f262918fPavel Březina#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
6ea6ec5cb7d9985e2730fb9d4657624d10aed4d8Nick Guaymsgid "Default: /bin/sh"
577ba99b3150404533bd3d859522a2c994b17e76Lukas Slebodnik#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
6ea6ec5cb7d9985e2730fb9d4657624d10aed4d8Nick Guaymsgid "default_shell"
f8c829e72968b574e1c9bda96f4d5f206622358fPavel Březina#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
70e59ed31c5a9c9ed02d9065ddf92be87c887efbJakub Hrozek"The default shell to use if the provider does not return one during lookup. "
f8c829e72968b574e1c9bda96f4d5f206622358fPavel Březina"This option supersedes any other shell options if it takes effect and can be "
86b61156743b7ebdc049450a6f88452890fd9a61Jakub Hrozek"set either in the [nss] section or per-domain."
558998ce664055a75595371118f818084d8f2b23Jan Cholasta#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
748ba184db97b7534254f97018fa04e8aa458faeJan Cholasta"Default: not set (Return NULL if no shell is specified and rely on libc to "
558998ce664055a75595371118f818084d8f2b23Jan Cholasta"substitute something sensible when necessary, usually /bin/sh)"
577ba99b3150404533bd3d859522a2c994b17e76Lukas Slebodnik#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
9a3e40dc49c1e38bf58e45be5adff37615f3910bJan Cholastamsgid "get_domains_timeout (int)"
748ba184db97b7534254f97018fa04e8aa458faeJan Cholasta#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
9a3e40dc49c1e38bf58e45be5adff37615f3910bJan Cholasta"Specifies time in seconds for which the list of subdomains will be "
577ba99b3150404533bd3d859522a2c994b17e76Lukas Slebodnik"considered valid."
558998ce664055a75595371118f818084d8f2b23Jan Cholasta#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "memcache_timeout (int)"
21f28bdbab10881b9fb0b890dfa15af429326606Sumit Bose#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
21f28bdbab10881b9fb0b890dfa15af429326606Sumit Bose"Specifies time in seconds for which records in the in-memory cache will be "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
d65f692d7b7639ed8ba0f5cffa4f88b68056739aLukas Slebodnikmsgid "Default: 300"
d65f692d7b7639ed8ba0f5cffa4f88b68056739aLukas Slebodnikmsgstr "Noklusējuma: 300"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><title>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "PAM configuration options"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"These options can be used to configure the Pluggable Authentication Module "
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallagher"(PAM) service."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "offline_credentials_expiration (integer)"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
25f8fac2489fd209d603acb2b494f7c72968e9bbMichal Zidek"If the authentication provider is offline, how long should we allow cached "
25f8fac2489fd209d603acb2b494f7c72968e9bbMichal Zidek"logins (in days since the last successful online login)."
25f8fac2489fd209d603acb2b494f7c72968e9bbMichal Zidek#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
25f8fac2489fd209d603acb2b494f7c72968e9bbMichal Zidekmsgid "Default: 0 (No limit)"
25f8fac2489fd209d603acb2b494f7c72968e9bbMichal Zidekmsgstr "Noklusējuma: 0 (bez ierobežojuma)"
577ba99b3150404533bd3d859522a2c994b17e76Lukas Slebodnik#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
25f8fac2489fd209d603acb2b494f7c72968e9bbMichal Zidekmsgid "offline_failed_login_attempts (integer)"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"If the authentication provider is offline, how many failed login attempts "
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "offline_failed_login_delay (integer)"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
fd8595874aa06c8057740001ec465ba76b4af142Jakub Hrozek"The time in minutes which has to pass after offline_failed_login_attempts "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"has been reached before a new login attempt is possible."
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"If set to 0 the user cannot authenticate offline if "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"offline_failed_login_attempts has been reached. Only a successful online "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"authentication can enable offline authentication again."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "Default: 5"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "pam_verbosity (integer)"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"Controls what kind of messages are shown to the user during authentication. "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"The higher the number to more messages are displayed."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "Currently sssd supports the following values:"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "<emphasis>0</emphasis>: do not show any message"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "<emphasis>1</emphasis>: show only important messages"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "<emphasis>2</emphasis>: show informational messages"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
22d381367c27910fe82f476a76b9f4ede555e35aLukas Slebodnikmsgid "<emphasis>3</emphasis>: show all messages and debug information"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "Default: 1"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgstr "Noklusējuma: 1"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "pam_id_timeout (integer)"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"For any PAM request while SSSD is online, the SSSD will attempt to "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"immediately update the cached identity information for the user in order to "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"ensure that authentication takes place with the latest information."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"A complete PAM conversation may perform multiple PAM requests, such as "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"account management and session opening. This option controls (on a per-"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"client-application basis) how long (in seconds) we can cache the identity "
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallagher"information to avoid excessive round-trips to the identity provider."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "pam_pwd_expiration_warning (integer)"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sssd.conf.5.xml:720 sssd.conf.5.xml:1164
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "Display a warning N days before the password expires."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"Please note that the backend server has to provide information about the "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"expiration time of the password. If this information is missing, sssd "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"cannot display a warning."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sssd.conf.5.xml:729 sssd.conf.5.xml:1167
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"If zero is set, then this filter is not applied, i.e. if the expiration "
9d7d4458d94d0aac0a7edf999368eb18f89cb76aJakub Hrozek"warning was received from backend server, it will automatically be displayed."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"emphasis> for a particular domain."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "Default: 0"
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><title>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "SUDO configuration options"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para>
577ba99b3150404533bd3d859522a2c994b17e76Lukas Slebodnikmsgid "These options can be used to configure the sudo service."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "sudo_timed (bool)"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
c51f7a064b0d7ef86110bdeb6dc09fa6c08be7d3Jakub Hrozek"that implement time-dependent sudoers entries."
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><title>
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallaghermsgid "AUTOFS configuration options"
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para>
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallaghermsgid "These options can be used to configure the autofs service."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
d35ff4d0db1cd87c94091a85846b46e4732b1eeePavel Březinamsgid "autofs_negative_timeout (integer)"
c0bca1722d6f9dfb654ad78397be70f79ff39af1Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
0cf0e2d758d09e9b314ba72ce6638df10b258462Pavel Březina"Specifies for how many seconds should the autofs responder negative cache "
0cf0e2d758d09e9b314ba72ce6638df10b258462Pavel Březina"hits (that is, queries for invalid map entries, like nonexistent ones) "
c0bca1722d6f9dfb654ad78397be70f79ff39af1Jakub Hrozek"before asking the back end again."
c0bca1722d6f9dfb654ad78397be70f79ff39af1Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><title>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "SSH configuration options"
c0bca1722d6f9dfb654ad78397be70f79ff39af1Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><para>
c0bca1722d6f9dfb654ad78397be70f79ff39af1Jakub Hrozekmsgid "These options can be used to configure the SSH service."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallaghermsgid "ssh_hash_known_hosts (bool)"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"Whether or not to hash host names and addresses in the managed known_hosts "
fe60346714a73ac3987f786731389320633dd245Pavel Březina#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
2de495aed26bf75a750a76ca73b9f85d341fe1c5Pavel Březinamsgid "ssh_known_hosts_timeout (integer)"
fe60346714a73ac3987f786731389320633dd245Pavel Březina#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
fe60346714a73ac3987f786731389320633dd245Pavel Březina"How many seconds to keep a host in the managed known_hosts file after its "
577ba99b3150404533bd3d859522a2c994b17e76Lukas Slebodnik"host keys were requested."
69aaef8719c5cf33ed1c4090fa313ba281bf8a02Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
69aaef8719c5cf33ed1c4090fa313ba281bf8a02Jakub Hrozekmsgid "Default: 180"
69aaef8719c5cf33ed1c4090fa313ba281bf8a02Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><title>
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallaghermsgid "PAC responder configuration options"
69aaef8719c5cf33ed1c4090fa313ba281bf8a02Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><para>
4dd615c01357b8715711aad6820ba9595d3ad377Stephen Gallagher"The PAC responder works together with the authorization data plugin for MIT "
4dd615c01357b8715711aad6820ba9595d3ad377Stephen Gallagher"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
4dd615c01357b8715711aad6820ba9595d3ad377Stephen Gallagher"PAC data during a GSSAPI authentication to the PAC responder. The sub-domain "
4dd615c01357b8715711aad6820ba9595d3ad377Stephen Gallagher"provider collects domain SID and ID ranges of the domain the client is "
4dd615c01357b8715711aad6820ba9595d3ad377Stephen Gallagher"joined to and of remote trusted domains from the local domain controller. "
4dd615c01357b8715711aad6820ba9595d3ad377Stephen Gallagher"If the PAC is decoded and evaluated some of the following operations are "
4dd615c01357b8715711aad6820ba9595d3ad377Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose"If the remote user does not exist in the cache, it is created. The uid is "
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose"determined with the help of the SID, trusted domains will have UPGs and the "
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose"gid will have the same value as the uid. The home directory is set based on "
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose"the subdomain_homedir parameter. The shell will be empty by default, i.e. "
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose"the system defaults are used, but can be overwritten with the default_shell "
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
2d257ccf620ce1b611f89cec8f0a94c88c2f2881Sumit Bose"If there are SIDs of groups from domains sssd knows about, the user will be "
2d257ccf620ce1b611f89cec8f0a94c88c2f2881Sumit Bose"added to those groups."
2d257ccf620ce1b611f89cec8f0a94c88c2f2881Sumit Bose#. type: Content of: <reference><refentry><refsect1><refsect2><para>
2d257ccf620ce1b611f89cec8f0a94c88c2f2881Sumit Bosemsgid "These options can be used to configure the PAC responder."
577ba99b3150404533bd3d859522a2c994b17e76Lukas Slebodnik#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
577ba99b3150404533bd3d859522a2c994b17e76Lukas Slebodnikmsgid "allowed_uids (string)"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"Specifies the comma-separated list of UID values or user names that are "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"allowed to access the PAC responder. User names are resolved to UIDs at "
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
f232789430a080384188d5da89b19d874cf17513Jakub Hrozekmsgid "Default: 0 (only the root user is allowed to access the PAC responder)"
fd8595874aa06c8057740001ec465ba76b4af142Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek"Please note that although the UID 0 is used as the default it will be "
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek"overwritten with this option. If you still want to allow the root user to "
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek"access the PAC responder, which would be the typical case, you have to add 0 "
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek"to the list of allowed UIDs as well."
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><title>
f232789430a080384188d5da89b19d874cf17513Jakub Hrozekmsgid "DOMAIN SECTIONS"
577ba99b3150404533bd3d859522a2c994b17e76Lukas Slebodnik#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
f232789430a080384188d5da89b19d874cf17513Jakub Hrozekmsgid "min_id,max_id (integer)"
150b76e13b7c4f3ccf1d709bf517ca2af6b2c9a2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
150b76e13b7c4f3ccf1d709bf517ca2af6b2c9a2Jakub Hrozek"UID and GID limits for the domain. If a domain contains an entry that is "
150b76e13b7c4f3ccf1d709bf517ca2af6b2c9a2Jakub Hrozek"outside these limits, it is ignored."
150b76e13b7c4f3ccf1d709bf517ca2af6b2c9a2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
150b76e13b7c4f3ccf1d709bf517ca2af6b2c9a2Jakub Hrozek"For users, this affects the primary GID limit. The user will not be returned "
150b76e13b7c4f3ccf1d709bf517ca2af6b2c9a2Jakub Hrozek"to NSS if either the UID or the primary GID is outside the range. For non-"
150b76e13b7c4f3ccf1d709bf517ca2af6b2c9a2Jakub Hrozek"primary group memberships, those that are in range will be reported as "
150b76e13b7c4f3ccf1d709bf517ca2af6b2c9a2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
150b76e13b7c4f3ccf1d709bf517ca2af6b2c9a2Jakub Hrozek"These ID limits affect even saving entries to cache, not only returning them "
150b76e13b7c4f3ccf1d709bf517ca2af6b2c9a2Jakub Hrozek"by name or ID."
150b76e13b7c4f3ccf1d709bf517ca2af6b2c9a2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
150b76e13b7c4f3ccf1d709bf517ca2af6b2c9a2Jakub Hrozekmsgid "Default: 1 for min_id, 0 (no limit) for max_id"
d65f692d7b7639ed8ba0f5cffa4f88b68056739aLukas Slebodnik#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
a65a64aee968bd2ac18156ced15a1e2509a8acbaAbhishek Singhmsgid "enumerate (bool)"
a65a64aee968bd2ac18156ced15a1e2509a8acbaAbhishek Singh#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
a65a64aee968bd2ac18156ced15a1e2509a8acbaAbhishek Singh"Determines if a domain can be enumerated. This parameter can have one of the "
a65a64aee968bd2ac18156ced15a1e2509a8acbaAbhishek Singh"following values:"
a65a64aee968bd2ac18156ced15a1e2509a8acbaAbhishek Singh#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
a65a64aee968bd2ac18156ced15a1e2509a8acbaAbhishek Singhmsgid "TRUE = Users and groups are enumerated"
a65a64aee968bd2ac18156ced15a1e2509a8acbaAbhishek Singh#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
ae6c1596225c65bec2a2dabff9eee4e3e0691181Abhishek Singhmsgid "FALSE = No enumerations for this domain"
25255e4d0e1517a5d443e8fee22e91862e255702Abhishek Singh#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
25255e4d0e1517a5d443e8fee22e91862e255702Abhishek Singh#: sssd.conf.5.xml:940 sssd.conf.5.xml:1141 sssd.conf.5.xml:1250
ae6c1596225c65bec2a2dabff9eee4e3e0691181Abhishek Singhmsgid "Default: FALSE"
9cb46bc62f22e0104f1b41a423b014c281ef5fc2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
d65f692d7b7639ed8ba0f5cffa4f88b68056739aLukas Slebodnik"Note: Enabling enumeration has a moderate performance impact on SSSD while "
d65f692d7b7639ed8ba0f5cffa4f88b68056739aLukas Slebodnik"enumeration is running. It may take up to several minutes after SSSD startup "
d65f692d7b7639ed8ba0f5cffa4f88b68056739aLukas Slebodnik"to fully complete enumerations. During this time, individual requests for "
d65f692d7b7639ed8ba0f5cffa4f88b68056739aLukas Slebodnik"information will go directly to LDAP, though it may be slow, due to the "
d65f692d7b7639ed8ba0f5cffa4f88b68056739aLukas Slebodnik"heavy enumeration processing. Saving a large number of entries to cache "
d65f692d7b7639ed8ba0f5cffa4f88b68056739aLukas Slebodnik"after the enumeration completes might also be CPU intensive as the "
5a4239490c7fb7d732180a9d40f27f0247c56631Jakub Hrozek"memberships have to be recomputed."
9cb46bc62f22e0104f1b41a423b014c281ef5fc2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
9cb46bc62f22e0104f1b41a423b014c281ef5fc2Jakub Hrozek"While the first enumeration is running, requests for the complete user or "
9cb46bc62f22e0104f1b41a423b014c281ef5fc2Jakub Hrozek"group lists may return no results until it completes."
9cb46bc62f22e0104f1b41a423b014c281ef5fc2Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
9cb46bc62f22e0104f1b41a423b014c281ef5fc2Jakub Hrozek"Further, enabling enumeration may increase the time necessary to detect "
9cb46bc62f22e0104f1b41a423b014c281ef5fc2Jakub Hrozek"network disconnection, as longer timeouts are required to ensure that "
9cb46bc62f22e0104f1b41a423b014c281ef5fc2Jakub Hrozek"enumeration lookups are completed successfully. For more information, refer "
577ba99b3150404533bd3d859522a2c994b17e76Lukas Slebodnik"to the man pages for the specific id_provider in use."
777374243e15c53e7b0a7345e190c1018920be18Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
777374243e15c53e7b0a7345e190c1018920be18Jakub Hrozek"For the reasons cited above, enabling enumeration is not recommended, "
777374243e15c53e7b0a7345e190c1018920be18Jakub Hrozek"especially in large environments."
777374243e15c53e7b0a7345e190c1018920be18Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
577ba99b3150404533bd3d859522a2c994b17e76Lukas Slebodnikmsgid "subdomain_enumerate (string)"
d064fef06dcbcb5f6c1be03e286b1a3433d6dfd7Sumit Bose#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
d064fef06dcbcb5f6c1be03e286b1a3433d6dfd7Sumit Bose#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
d064fef06dcbcb5f6c1be03e286b1a3433d6dfd7Sumit Bosemsgid "All discovered trusted domains will be enumerated"
d064fef06dcbcb5f6c1be03e286b1a3433d6dfd7Sumit Bose#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
f8c829e72968b574e1c9bda96f4d5f206622358fPavel Březina#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
6e8238868a4d17030bb4f01494961d0354a953bfJakub Hrozekmsgid "No discovered trusted domains will be enumerated"
2cbdd12983eb85eddb90f64cfafb24eae5b448f4Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"Whether any of autodetected trusted domains should be enumerated. The "
6e8238868a4d17030bb4f01494961d0354a953bfJakub Hrozek"supported values are: <placeholder type=\"variablelist\" id=\"0\"/> "
8359bf07a2e6c0181251ce8d5d9160dc57546c55Stephen Gallagher"Optionally, a list of one or more domain names can enable enumeration just "
8359bf07a2e6c0181251ce8d5d9160dc57546c55Stephen Gallagher"for these trusted domains."
6e8238868a4d17030bb4f01494961d0354a953bfJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
6e8238868a4d17030bb4f01494961d0354a953bfJakub Hrozekmsgid "Default: none"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "entry_cache_timeout (integer)"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
f128b7b865062da662127712935dcc58bd022384Stephen Gallagher"How many seconds should nss_sss consider entries valid before asking the "
cc7ee57f3adada83ac657e69636ca995d5b6948eStephen Gallagher"backend again"
5f216c753dbd2f2b25a011c5f705ee4f8ad924e6Simo Sorce#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
5f216c753dbd2f2b25a011c5f705ee4f8ad924e6Simo Sorcemsgid "Default: 5400"
5f216c753dbd2f2b25a011c5f705ee4f8ad924e6Simo Sorce#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
86b61156743b7ebdc049450a6f88452890fd9a61Jakub Hrozekmsgid "entry_cache_user_timeout (integer)"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"How many seconds should nss_sss consider user entries valid before asking "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"the backend again"
2b7349575770521243a34611e97d73790946a961Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sssd.conf.5.xml:1040 sssd.conf.5.xml:1053 sssd.conf.5.xml:1066
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sssd.conf.5.xml:1079 sssd.conf.5.xml:1092 sssd.conf.5.xml:1106
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "Default: entry_cache_timeout"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "entry_cache_group_timeout (integer)"
70e59ed31c5a9c9ed02d9065ddf92be87c887efbJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
70e59ed31c5a9c9ed02d9065ddf92be87c887efbJakub Hrozek"How many seconds should nss_sss consider group entries valid before asking "
70e59ed31c5a9c9ed02d9065ddf92be87c887efbJakub Hrozek"the backend again"
70e59ed31c5a9c9ed02d9065ddf92be87c887efbJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
86b61156743b7ebdc049450a6f88452890fd9a61Jakub Hrozekmsgid "entry_cache_netgroup_timeout (integer)"
42870c7ac3608ffc58f2c9524ad3dfc1401bc1aaPavel Březina#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
70e59ed31c5a9c9ed02d9065ddf92be87c887efbJakub Hrozek"How many seconds should nss_sss consider netgroup entries valid before "
70e59ed31c5a9c9ed02d9065ddf92be87c887efbJakub Hrozek"asking the backend again"
2cbdd12983eb85eddb90f64cfafb24eae5b448f4Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
2cbdd12983eb85eddb90f64cfafb24eae5b448f4Jakub Hrozekmsgid "entry_cache_service_timeout (integer)"
2cbdd12983eb85eddb90f64cfafb24eae5b448f4Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
86b61156743b7ebdc049450a6f88452890fd9a61Jakub Hrozek"How many seconds should nss_sss consider service entries valid before asking "
2cbdd12983eb85eddb90f64cfafb24eae5b448f4Jakub Hrozek"the backend again"
2cbdd12983eb85eddb90f64cfafb24eae5b448f4Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "entry_cache_sudo_timeout (integer)"
70e59ed31c5a9c9ed02d9065ddf92be87c887efbJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"How many seconds should sudo consider rules valid before asking the backend "
2cbdd12983eb85eddb90f64cfafb24eae5b448f4Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "entry_cache_autofs_timeout (integer)"
96453f402831275a39d5fb89c33c9776e148d03fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"How many seconds should the autofs service consider automounter maps valid "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"before asking the backend again"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
92ae9d2b909d0fd4a522a270157926878b5d0862Stephen Gallaghermsgid "refresh_expired_interval (integer)"
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny"Specifies how many seconds SSSD has to wait before refreshing expired "
d42d371c00c83ae44b9d1c3e88ecbe0e01b112e6Stephen Gallagher"records. Currently only refreshing expired netgroups is supported."
796463906a54e259bd5b582ce84af4297a58eafcStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "You can consider setting this value to 3/4 * entry_cache_timeout."
505e75ba28b42bb3de7a6d55de825091b70cc2b2Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březinamsgid "Default: 0 (disabled)"
92ae9d2b909d0fd4a522a270157926878b5d0862Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
96453f402831275a39d5fb89c33c9776e148d03fStephen Gallaghermsgid "cache_credentials (bool)"
92ae9d2b909d0fd4a522a270157926878b5d0862Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
0ca19d792b717456f334abdf35279acddf6d71c2Pavel Březinamsgid "Determines if user credentials are also cached in the local LDB cache"
92ae9d2b909d0fd4a522a270157926878b5d0862Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
92ae9d2b909d0fd4a522a270157926878b5d0862Stephen Gallaghermsgid "User credentials are stored in a SHA512 hash, not in plaintext"
92ae9d2b909d0fd4a522a270157926878b5d0862Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
92ae9d2b909d0fd4a522a270157926878b5d0862Stephen Gallaghermsgid "account_cache_expiration (integer)"
96453f402831275a39d5fb89c33c9776e148d03fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
92ae9d2b909d0fd4a522a270157926878b5d0862Stephen Gallagher"Number of days entries are left in cache after last successful login before "
92ae9d2b909d0fd4a522a270157926878b5d0862Stephen Gallagher"being removed during a cleanup of the cache. 0 means keep forever. The "
92ae9d2b909d0fd4a522a270157926878b5d0862Stephen Gallagher"value of this parameter must be greater than or equal to "
92ae9d2b909d0fd4a522a270157926878b5d0862Stephen Gallagher"offline_credentials_expiration."
92ae9d2b909d0fd4a522a270157926878b5d0862Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
3441d0c2d11aea0c39b009751a1898333c009674Stephen Gallaghermsgid "Default: 0 (unlimited)"
96453f402831275a39d5fb89c33c9776e148d03fStephen Gallaghermsgstr "Noklusējuma: 0 (neierobežots)"
92ae9d2b909d0fd4a522a270157926878b5d0862Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
92ae9d2b909d0fd4a522a270157926878b5d0862Stephen Gallaghermsgid "pwd_expiration_warning (integer)"
93109c5f1d85c028ce5cf6e31e2249ca90a7f746Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"Please note that the backend server has to provide information about the "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"expiration time of the password. If this information is missing, sssd "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"cannot display a warning. Also an auth provider has to be configured for the "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "Default: 7 (Kerberos), 0 (LDAP)"
505e75ba28b42bb3de7a6d55de825091b70cc2b2Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
e92ecf948387d1687a5e772ac86e606b1b6af957Stephen Gallaghermsgid "id_provider (string)"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"The identification provider used for the domain. Supported ID providers are:"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "<quote>proxy</quote>: Support a legacy NSS provider"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "<quote>local</quote>: SSSD internal provider for local users"
225d845476b6136be9b77f528ed986bba7a7f732Simo Sorce#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
577ba99b3150404533bd3d859522a2c994b17e76Lukas Slebodnik"information on configuring LDAP."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sssd.conf.5.xml:1207 sssd.conf.5.xml:1293 sssd.conf.5.xml:1344
92ae9d2b909d0fd4a522a270157926878b5d0862Stephen Gallagher"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"<manvolnum>5</manvolnum> </citerefentry> for more information on configuring "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sssd.conf.5.xml:1216 sssd.conf.5.xml:1302 sssd.conf.5.xml:1353
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
e92ecf948387d1687a5e772ac86e606b1b6af957Stephen Gallagher"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"citerefentry> for more information on configuring Active Directory."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
213ce2a78b1abe3921d8dc13c949a28130d00aecJan Zelenymsgid "use_fully_qualified_names (bool)"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
ad07ed37b6b51ef134d4524edaf2259e19ac984fJan Zeleny"Use the full name and domain (as formatted by the domain's full_name_format) "
81165faf5d951aca69f410713730c26ff048ec44Sumit Bose"as the user's login name reported to NSS."
e134a6af42102c8d865e82bf89e0b8c5a40fb5faStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
71ad247500b417836a1a2edec257a4433a7c415fJan Zeleny"If set to TRUE, all requests to this domain must use fully qualified names. "
e134a6af42102c8d865e82bf89e0b8c5a40fb5faStephen Gallagher"For example, if used in LOCAL domain that contains a \"test\" user, "
e134a6af42102c8d865e82bf89e0b8c5a40fb5faStephen Gallagher"<command>getent passwd test</command> wouldn't find the user while "
e134a6af42102c8d865e82bf89e0b8c5a40fb5faStephen Gallagher"<command>getent passwd test@LOCAL</command> would."
1a853121ca2ba8ede6df429ee76942131ffb0f65Jan Zeleny#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
f8a4a5f6240156809e1b5ef03816f673281e3fa0Jakub Hrozek"NOTE: This option has no effect on netgroup lookups due to their tendency to "
f8a4a5f6240156809e1b5ef03816f673281e3fa0Jakub Hrozek"include nested netgroups without qualified names. For netgroups, all domains "
f8a4a5f6240156809e1b5ef03816f673281e3fa0Jakub Hrozek"will be searched when an unqualified name is requested."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
92ae9d2b909d0fd4a522a270157926878b5d0862Stephen Gallaghermsgid "ignore_group_members (bool)"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "Do not return group members for group lookups."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
f8a4a5f6240156809e1b5ef03816f673281e3fa0Jakub Hrozek"If set to TRUE, the group membership attribute is not requested from the "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"ldap server, and group members are not returned when processing group lookup "
505e75ba28b42bb3de7a6d55de825091b70cc2b2Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "auth_provider (string)"
cc84fd46f356c4a36a721ab135a33ec77c93e34dJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
cc84fd46f356c4a36a721ab135a33ec77c93e34dJakub Hrozek"The authentication provider used for the domain. Supported auth providers "
b24e4bec819b29f1ec8e77083d4e7610c5dd9c77Lukas Slebodnik#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
1a7d1977037864e52858058777af8ff8401547ddJan Cholasta"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
1a7d1977037864e52858058777af8ff8401547ddJan Cholasta"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
1a7d1977037864e52858058777af8ff8401547ddJan Cholasta"citerefentry> for more information on configuring LDAP."
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
74e95cfd9d3939dfe9417d79d2f6fc79b361405fJakub Hrozek"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher"citerefentry> for more information on configuring Kerberos."
a4cce2c98eedecb5d3b47da62104634cae268434Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
4cdaf239d4504966bed8ecd5e3fa07def74c7302Sumit Bose"<quote>proxy</quote> for relaying authentication to some other PAM target."
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallaghermsgid "<quote>none</quote> disables authentication explicitly."
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
a679f0167b646cffdae86546ed77e105576991b0Pavel Březina"Default: <quote>id_provider</quote> is used if it is set and can handle "
a679f0167b646cffdae86546ed77e105576991b0Pavel Březina"authentication requests."
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallaghermsgid "access_provider (string)"
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher"The access control provider used for the domain. There are two built-in "
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher"access providers (in addition to any included in installed backends) "
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher"Internal special providers are:"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
6a9bdb6289bb374d203861cef16f312185725cbcPavel Zuna"<quote>permit</quote> always allow access. It's the only permitted access "
9d7d4458d94d0aac0a7edf999368eb18f89cb76aJakub Hrozek"provider for a local domain."
dca03a97f4e1532ee2f2cbd26b1538ab6ccf18f7Sumit Bose#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "<quote>deny</quote> always deny access."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
87c07559af5cfcd2752295ef7c425bd3205f426fStephen Gallagher"<quote>simple</quote> access control based on access or deny lists. See "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"manvolnum></citerefentry> for more information on configuring the simple "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"access module."
dca03a97f4e1532ee2f2cbd26b1538ab6ccf18f7Sumit Bose#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "Default: <quote>permit</quote>"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgstr "Noklusējuma: <quote>atļaut</quote>"
9d7d4458d94d0aac0a7edf999368eb18f89cb76aJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
6a9bdb6289bb374d203861cef16f312185725cbcPavel Zunamsgid "chpass_provider (string)"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"The provider which should handle change password operations for the domain. "
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallagher"Supported change password providers are:"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
6a9bdb6289bb374d203861cef16f312185725cbcPavel Zuna"<quote>ldap</quote> to change a password stored in a LDAP server. See "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"manvolnum> </citerefentry> for more information on configuring LDAP."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallagher"citerefentry> for more information on configuring Kerberos."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"<quote>proxy</quote> for relaying password changes to some other PAM target."
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallaghermsgid "<quote>none</quote> disallows password changes explicitly."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"Default: <quote>auth_provider</quote> is used if it is set and can handle "
9d7d4458d94d0aac0a7edf999368eb18f89cb76aJakub Hrozek"change password requests."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "sudo_provider (string)"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
90fd1bbd6035cdab46faa3a695a2fb2be6508b17Sumit Bosemsgid "The SUDO provider used for the domain. Supported SUDO providers are:"
90fd1bbd6035cdab46faa3a695a2fb2be6508b17Sumit Bose#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
90fd1bbd6035cdab46faa3a695a2fb2be6508b17Sumit Bose"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
90fd1bbd6035cdab46faa3a695a2fb2be6508b17Sumit Bose"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
90fd1bbd6035cdab46faa3a695a2fb2be6508b17Sumit Bose"citerefentry> for more information on configuring LDAP."
90fd1bbd6035cdab46faa3a695a2fb2be6508b17Sumit Bose#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
90fd1bbd6035cdab46faa3a695a2fb2be6508b17Sumit Bosemsgid "<quote>none</quote> disables SUDO explicitly."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#: sssd.conf.5.xml:1445 sssd.conf.5.xml:1499 sssd.conf.5.xml:1531
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "Default: The value of <quote>id_provider</quote> is used if it is set."
4b60fd691cc04455810d15da4f7f4044b92b07b3Alexander Bokovoy#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
577ba99b3150404533bd3d859522a2c994b17e76Lukas Slebodnikmsgid "selinux_provider (string)"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
72e60fd4eabcfbcdbfe01e8c38b94052bc6c2067Jakub Hrozek"The provider which should handle loading of selinux settings. Note that this "
72e60fd4eabcfbcdbfe01e8c38b94052bc6c2067Jakub Hrozek"provider will be called right after access provider ends. Supported selinux "
667db40da4db362d7ca0a1f7f1c4ba40fb71795aJakub Hrozek"providers are:"
667db40da4db362d7ca0a1f7f1c4ba40fb71795aJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
667db40da4db362d7ca0a1f7f1c4ba40fb71795aJakub Hrozek"<quote>ipa</quote> to load selinux settings from an IPA server. See "
667db40da4db362d7ca0a1f7f1c4ba40fb71795aJakub Hrozek"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
60e51fd2764291df2332f36ff478777627d92b57Sumit Bose"manvolnum> </citerefentry> for more information on configuring IPA."
60e51fd2764291df2332f36ff478777627d92b57Sumit Bose#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
60e51fd2764291df2332f36ff478777627d92b57Sumit Bosemsgid "<quote>none</quote> disallows fetching selinux settings explicitly."
60e51fd2764291df2332f36ff478777627d92b57Sumit Bose#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
60e51fd2764291df2332f36ff478777627d92b57Sumit Bose"Default: <quote>id_provider</quote> is used if it is set and can handle "
667db40da4db362d7ca0a1f7f1c4ba40fb71795aJakub Hrozek"selinux loading requests."
c080a11e9e88f35e40aff4e476cabbd971833019Sumit Bose#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
c080a11e9e88f35e40aff4e476cabbd971833019Sumit Bosemsgid "subdomains_provider (string)"
c080a11e9e88f35e40aff4e476cabbd971833019Sumit Bose#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
c080a11e9e88f35e40aff4e476cabbd971833019Sumit Bose"The provider which should handle fetching of subdomains. This value should "
c080a11e9e88f35e40aff4e476cabbd971833019Sumit Bose"be always the same as id_provider. Supported subdomain providers are:"
6f51c802311fd81a409a26763ed45b28a3234d0dJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
6f51c802311fd81a409a26763ed45b28a3234d0dJakub Hrozek"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
8b1f525acd20f36c836e827de3c251088961c5d9Stephen Gallagher"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
6f51c802311fd81a409a26763ed45b28a3234d0dJakub Hrozek"manvolnum> </citerefentry> for more information on configuring IPA."
6f51c802311fd81a409a26763ed45b28a3234d0dJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "<quote>none</quote> disallows fetching subdomains explicitly."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
2a5790216f57e9bdfb2930d52860bb5300366536Jakub Hrozekmsgid "autofs_provider (string)"
2a5790216f57e9bdfb2930d52860bb5300366536Jakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"The autofs provider used for the domain. Supported autofs providers are:"
0d7e647da737b71a7dbbe0bb5f94af18017e5aa9Maxim#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"citerefentry> for more information on configuring LDAP."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"citerefentry> for more information on configuring IPA."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "<quote>none</quote> disables autofs explicitly."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "hostid_provider (string)"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"The provider used for retrieving host identity information. Supported "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"hostid providers are:"
96453f402831275a39d5fb89c33c9776e148d03fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"<quote>ipa</quote> to load host identity stored in an IPA server. See "
eb2e21b764d03544d8161e9956d7f70b07b75f77Simo Sorce"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"manvolnum> </citerefentry> for more information on configuring IPA."
7197ce636c2b92152f5f6180bef6bda3752d148dJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
2cbdd12983eb85eddb90f64cfafb24eae5b448f4Jakub Hrozekmsgid "<quote>none</quote> disables hostid explicitly."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose"Regular expression for this domain that describes how to parse the string "
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose"containing user name and domain into these components. The \"domain\" can "
f660877b38e563c4aa0cb1431624069808873fecJakub Hrozek"match either the SSSD configuration domain name, or, in the case of IPA "
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"trust subdomains and Active Directory domains, the flat (NetBIOS) name of "
bf5a808fa92007c325c3996e79694badfab201d4Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
f1ce53a3b5656361557f80f61dfd42a371230c65Stephen Gallagher"Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\"
f1ce53a3b5656361557f80f61dfd42a371230c65Stephen Gallagher"\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?"
f1ce53a3b5656361557f80f61dfd42a371230c65Stephen Gallagher"P<name>[^@\\\\]+)$))</quote> which allows three different styles for "
f1ce53a3b5656361557f80f61dfd42a371230c65Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
f1ce53a3b5656361557f80f61dfd42a371230c65Stephen Gallaghermsgid "username"
f1ce53a3b5656361557f80f61dfd42a371230c65Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
f1ce53a3b5656361557f80f61dfd42a371230c65Stephen Gallaghermsgid "username@domain.name"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
bf5a808fa92007c325c3996e79694badfab201d4Stephen Gallaghermsgid "domain\\username"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
bf5a808fa92007c325c3996e79694badfab201d4Stephen Gallagher"While the first two correspond to the general default the third one is "
374bf54785365273b20690bd3792c25a44738041Pavel Březina"introduced to allow easy integration of users from Windows domains."
374bf54785365273b20690bd3792c25a44738041Pavel Březina#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
2a5790216f57e9bdfb2930d52860bb5300366536Jakub Hrozek"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> "
2a5790216f57e9bdfb2930d52860bb5300366536Jakub Hrozek"which translates to \"the name is everything up to the <quote>@</quote> "
2a5790216f57e9bdfb2930d52860bb5300366536Jakub Hrozek"sign, the domain everything after that\""
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"PLEASE NOTE: the support for non-unique named subpatterns is not available "
4b6a0d0b3d42e5fdb457f47d9adfa5e66b160256Stephen Gallagher"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
4b6a0d0b3d42e5fdb457f47d9adfa5e66b160256Stephen Gallagher"version 7 or higher can support non-unique named subpatterns."
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher"P<name>) to label subpatterns."
374bf54785365273b20690bd3792c25a44738041Pavel Březina#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "Default: <quote>%1$s@%2$s</quote>."
bf5a808fa92007c325c3996e79694badfab201d4Stephen Gallaghermsgstr "Noklusējuma: <quote>%1$s@%2$s</quote>."
f1ce53a3b5656361557f80f61dfd42a371230c65Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
f1ce53a3b5656361557f80f61dfd42a371230c65Stephen Gallaghermsgid "lookup_family_order (string)"
f1ce53a3b5656361557f80f61dfd42a371230c65Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
bf5a808fa92007c325c3996e79694badfab201d4Stephen Gallagher"Provides the ability to select preferred address family to use when "
374bf54785365273b20690bd3792c25a44738041Pavel Březina"performing DNS lookups."
21f28bdbab10881b9fb0b890dfa15af429326606Sumit Bose#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "Supported values:"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgstr "Atbalstītās vērtības:"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallaghermsgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
f1fab7b8210af4ae94453265b607e2dab06789caStephen Gallaghermsgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
84ae5edab16ad6be5e3be956cb6fa031c1428eb5Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
84ae5edab16ad6be5e3be956cb6fa031c1428eb5Stephen Gallaghermsgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
84ae5edab16ad6be5e3be956cb6fa031c1428eb5Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
84ae5edab16ad6be5e3be956cb6fa031c1428eb5Stephen Gallaghermsgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
78e5b91e6b22efbcd0621144b104ac9dfd487e5bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
78395373edc3fcf62847de2c630b656967222901Stephen Gallaghermsgid "Default: ipv4_first"
78395373edc3fcf62847de2c630b656967222901Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
e9ea1b4e59384cdfe3accdf31e5c579c3dad5591Stephen Gallaghermsgid "dns_resolver_timeout (integer)"
78e5b91e6b22efbcd0621144b104ac9dfd487e5bJakub Hrozek#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
e9ea1b4e59384cdfe3accdf31e5c579c3dad5591Stephen Gallagher"Defines the amount of time (in seconds) to wait for a reply from the DNS "
263e4574dacb4b7d2a18d5d42122bf3dce4c45b0Stephen Gallagher"resolver before assuming that it is unreachable. If this timeout is reached, "
78fe240e7c47f45c87cdfba0107fca6390401137Stephen Gallagher"the domain will continue to operate in offline mode."
13147b598a8409c338abb9472e74bbd606f224bdStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
78fe240e7c47f45c87cdfba0107fca6390401137Stephen Gallagher#: sssd.conf.5.xml:1697 sssd-ldap.5.xml:1097 sssd-ldap.5.xml:1139
78fe240e7c47f45c87cdfba0107fca6390401137Stephen Gallagher#: sssd-ldap.5.xml:1154 sssd-krb5.5.xml:246
cc751fbea9f05c7ce151f4c82afb6585d4b846bbStephen Gallaghermsgid "Default: 6"
78e5b91e6b22efbcd0621144b104ac9dfd487e5bJakub Hrozekmsgstr "Noklusējuma: 6"
e9ea1b4e59384cdfe3accdf31e5c579c3dad5591Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
e9ea1b4e59384cdfe3accdf31e5c579c3dad5591Stephen Gallaghermsgid "dns_discovery_domain (string)"
1df8e4158e752f1f010394d09e8a5e4f8201fd7eStephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
1183d29d87c5c7439cf2364b7d7324d4a13b6e35Stephen Gallagher"If service discovery is used in the back end, specifies the domain part of "
13147b598a8409c338abb9472e74bbd606f224bdStephen Gallagher"the service discovery DNS query."
1183d29d87c5c7439cf2364b7d7324d4a13b6e35Stephen Gallagher#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1716
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1719
#: sssd.conf.5.xml:1725
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1728
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1739
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1742
#: sssd.conf.5.xml:1756
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1766
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1767
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1759
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1772
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1776
#: sssd.conf.5.xml:1781
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1784
#: sssd.conf.5.xml:897
#: sssd.conf.5.xml:1797
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1800
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1803
#: sssd.conf.5.xml:1811
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1814
#: sssd.conf.5.xml:1793
#: sssd.conf.5.xml:1826
#: sssd.conf.5.xml:1828
#: sssd.conf.5.xml:1835
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1838
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1842
msgid "Default: <filename>/bin/bash</filename>"
msgstr "Noklusējuma: <filename>/bin/bash</filename>"
#: sssd.conf.5.xml:1847
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1850
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1855
#: sssd.conf.5.xml:1860
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1863
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1872
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1875
#: sssd.conf.5.xml:1884
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1887
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1895
#: sssd.conf.5.xml:1900
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1903
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1913
msgid "Default: <filename>/etc/skel</filename>"
msgstr "Noklusējuma: <filename>/etc/skel</filename>"
#: sssd.conf.5.xml:1918
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1921
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1928
msgid "Default: <filename>/var/mail</filename>"
msgstr "Noklusējuma: <filename>/var/mail</filename>"
#: sssd.conf.5.xml:1933
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1936
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1942
#: sssd.conf.5.xml:1958
"[domain/LDAP]\n"
"ldap_uri = ldap://ldap.example.com\n"
"krb5_server = kerberos.example.com\n"
"krb5_realm = EXAMPLE.COM\n"
#: sssd.conf.5.xml:1954
#: sssd-ldap.5.xml:23
"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
#: sssd-ldap.5.xml:35
#: sssd-ldap.5.xml:38
"authenticate against an LDAP server either TLS/SSL or LDAPS is required. "
#: sssd-krb5.5.xml:63
#: sssd-ldap.5.xml:60
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:63
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:70
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:73
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:76
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:79
#: sssd-ldap.5.xml:85
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:88
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:95
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:99
msgid "Default: empty, i.e. ldap_uri is used."
#: sssd-ldap.5.xml:105
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:108
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:112
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:116
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:119
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:122
"The filter must be a valid LDAP search filter as specified by http://www."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:126
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:129
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:134
"(host=thishost)?dc=example.com?subtree?"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:137
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:144
#: sssd-ldap.5.xml:158
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:161
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:168
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ldap.5.xml:172
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ldap.5.xml:177
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ldap.5.xml:182
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ldap.5.xml:187
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:193
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:203
#: sssd-ldap.5.xml:209
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:212
#: sssd-ldap.5.xml:219
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:222
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:226
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:229
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:232
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:235
#: sssd-ldap.5.xml:241
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:244
#: sssd-ldap.5.xml:251
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:254
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:257
#: sssd-ldap.5.xml:263
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:266
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:270
#: sssd-ldap.5.xml:276
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:279
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:283
#: sssd-ldap.5.xml:289
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:292
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:302
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:305
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:309
#: sssd-ldap.5.xml:315
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:318
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:322
#: sssd-ldap.5.xml:328
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:331
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:335
#: sssd-ldap.5.xml:341
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:344
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:354
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:357
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:369
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:382
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:385
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:395
#: sssd-ldap.5.xml:401
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:404
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:413
#: sssd-ldap.5.xml:419
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:422
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:431
#: sssd-ldap.5.xml:437
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:440
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:450
#: sssd-ldap.5.xml:456
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:459
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:469
#: sssd-ldap.5.xml:475
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:478
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:488
#: sssd-ldap.5.xml:494
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:497
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:503
#: sssd-ldap.5.xml:509
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:512
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:518
#: sssd-ldap.5.xml:524
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:527
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:532
#: sssd-ldap.5.xml:538
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:541
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:546
#: sssd-ldap.5.xml:552
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:555
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:560
#: sssd-ldap.5.xml:566
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:569
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:579
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:582
#: sssd-ldap.5.xml:593
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:596
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:601
#: sssd-ldap.5.xml:607
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:610
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:614
#: sssd-ldap.5.xml:620
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:623
#: sssd-ldap.5.xml:630
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:633
#: sssd-ldap.5.xml:646
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:649
#: sssd-ldap.5.xml:660
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:663
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:669
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:673
#: sssd-ldap.5.xml:679
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:682
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:614
#: sssd-ldap.5.xml:692
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:695
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:705
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:708
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:715
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:720
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:727
#: sssd-ldap.5.xml:733
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:736
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:742
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:747
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:754
#: sssd-ldap.5.xml:760
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:763
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:766
#: sssd-ldap.5.xml:772
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:775
#: sssd-ldap.5.xml:785
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:788
#: sssd-ldap.5.xml:798
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:801
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:805
#: sssd-ldap.5.xml:811
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:814
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object."
#: sssd-ldap.5.xml:824
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:827
#: sssd-ldap.5.xml:839
#: sssd-ldap.5.xml:852
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:855
"If ldap_schema is set to a schema format that supports nested groups (e.g. "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:862
#: sssd-ldap.5.xml:868
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:871
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:877
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
"2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/"
#: sssd-ldap.5.xml:900
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:903
#: sssd-ldap.5.xml:927
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:930
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:933
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:937
#: sssd-ldap.5.xml:943
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:946
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:950
#: sssd-ldap.5.xml:960
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:963
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:967
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:971
#: sssd-ldap.5.xml:977
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:980
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:987
#: sssd-ldap.5.xml:993
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:996
"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1000
#: sssd-ldap.5.xml:1010
#: sssd-ldap.5.xml:1026
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1029
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1032
#: sssd-ldap.5.xml:1038
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1041
#: sssd-ldap.5.xml:1051
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1054
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1058
#: sssd-ldap.5.xml:1064
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1067
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1071
#: sssd-ldap.5.xml:1077
#: sssd-ldap.5.xml:1082
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1085
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1091
#: sssd-ldap.5.xml:1103
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1106
#: sssd-ldap.5.xml:1119
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1122
#: sssd-ldap.5.xml:1145
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1148
#: sssd-ldap.5.xml:1160
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1163
"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1177
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1180
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1185
#: sssd-ldap.5.xml:1191
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1194
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1200
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1206
#: sssd-ldap.5.xml:1218
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1221
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1224
#: sssd-ldap.5.xml:1239
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1242
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1248
msgid "Default: Use the system default (usually specified by ldap.conf)"
#: sssd-ldap.5.xml:1255
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1258
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1264
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1268
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1276
#: sssd-ldap.5.xml:1289
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1292
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1298
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1302
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1309
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1315
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1321
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1325
#: sssd-ldap.5.xml:1331
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1334
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap."
#: sssd-ldap.5.xml:1346
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1349
#: sssd-ldap.5.xml:1364
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1367
#: sssd-ldap.5.xml:1377
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1380
#: sssd-ldap.5.xml:1389
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1392
"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> "
#: sssd-ldap.5.xml:1405
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1408
#: sssd-ldap.5.xml:1418
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1421
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1427
#: sssd-ldap.5.xml:1437
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1440
"ldap_group_gid_number is unbound. In a setup with sub/trusted-domains this "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1452
#: sssd-ldap.5.xml:1458
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1461
#: sssd-ldap.5.xml:1471
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1474
"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1482
msgid "Default: host/hostname@REALM"
#: sssd-ldap.5.xml:1488
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1491
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1497
#: sssd-ldap.5.xml:1503
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1506
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1511
#: sssd-ldap.5.xml:1517
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1520
msgid "Specify the keytab to use when using SASL/GSSAPI."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1523
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
#: sssd-ldap.5.xml:1529
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1532
#: sssd-ldap.5.xml:1544
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1547
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1560
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1589
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1592
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1601
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1641
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1644
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1649
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1654
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1660
#: sssd-ldap.5.xml:1672
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1675
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1679
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1684
#: sssd-ldap.5.xml:1698
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1701
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1705
#: sssd-ldap.5.xml:1711
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1714
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1719
msgid "Default: not set, i.e. service discovery is disabled"
#: sssd-ldap.5.xml:1725
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1728
#: sssd-ldap.5.xml:1740
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1743
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
#: sssd-ldap.5.xml:1758
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1762
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1767
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1781
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1784
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1788
"i.e. the LDAP server should deny the bind request with a suitable error code "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1795
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1798
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1803
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1810
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1816
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1825
#: sssd-ldap.5.xml:1838
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1841
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1845
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1848
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1852
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1857
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1861
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1864
#: sssd-ldap.5.xml:1871
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1874
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1879
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1883
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1888
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1893
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1898
#: sssd-ldap.5.xml:1906
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1909
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1913
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1924
#: sssd-ldap.5.xml:51
"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
#: sssd-ldap.5.xml:1940
#: sssd-ldap.5.xml:1944
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1947
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1950
#: sssd-ldap.5.xml:1956
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1959
#: sssd-ldap.5.xml:1969
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1972
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1976
#: sssd-ldap.5.xml:1982
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1985
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1990
#: sssd-ldap.5.xml:1996
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1999
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2003
#: sssd-ldap.5.xml:2009
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2012
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2016
#: sssd-ldap.5.xml:2022
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2025
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2029
#: sssd-ldap.5.xml:2035
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2038
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2042
#: sssd-ldap.5.xml:2048
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2051
"The LDAP attribute that corresponds to the start date/time for when the sudo "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2055
#: sssd-ldap.5.xml:2061
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2064
"The LDAP attribute that corresponds to the expiration date/time, after which "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2069
#: sssd-ldap.5.xml:2075
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2078
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2082
#: sssd-ldap.5.xml:2088
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2091
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2096
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2101
#: sssd-ldap.5.xml:2107
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2110
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2116
#: sssd-ldap.5.xml:2126
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2129
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
#: sssd-ldap.5.xml:2140
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2143
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2148
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2212
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2164
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2167
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2172
#: sssd-ldap.5.xml:2187
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2190
#: sssd-ldap.5.xml:2205
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2208
#: sssd-ldap.5.xml:1942
#: sssd-ldap.5.xml:2224
"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </"
#: sssd-ldap.5.xml:2234
#: sssd-ldap.5.xml:2236
#: sssd-ldap.5.xml:2242
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2255
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2258
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2261
#: sssd-ldap.5.xml:2268
#: sssd-ldap.5.xml:2282
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2296
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2303
#: sssd-ldap.5.xml:2240
#: sssd-ldap.5.xml:2313
#: sssd-ldap.5.xml:2320
#: sssd-ldap.5.xml:2325
#: sssd-ldap.5.xml:2330
#: sssd-ldap.5.xml:2335
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2338
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2342
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
#: sssd-ldap.5.xml:2352
" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2355
"to /bin/tcsh."
#: sssd-ldap.5.xml:2362
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2365
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:2369
#: sssd-ldap.5.xml:2379
#: sssd-ldap.5.xml:2384
#: sssd-ldap.5.xml:2315
#: sssd-ldap.5.xml:2401
#: sssd-ldap.5.xml:2407
" [domain/LDAP]\n"
" ldap_uri = ldap://ldap.mydomain.org\n"
#: sss_seed.8.xml:163
#: sssd-ldap.5.xml:2421
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
"fedorahosted.org/sssd</orgname>"
#: pam_sss.8.xml:19
#: pam_sss.8.xml:24
"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</"
#: pam_sss.8.xml:45
"<command>pam_sss.so</command> is the PAM interface to the System Security "
#: pam_sss.8.xml:55
#: pam_sss.8.xml:58
#: pam_sss.8.xml:63
#: pam_sss.8.xml:66
#: pam_sss.8.xml:73
#: pam_sss.8.xml:76
#: pam_sss.8.xml:84
#: pam_sss.8.xml:87
#: pam_sss.8.xml:94
#: pam_sss.8.xml:97
#: pam_sss.8.xml:99
#: pam_sss.8.xml:110
#: pam_sss.8.xml:111
#: pam_sss.8.xml:117
#: pam_sss.8.xml:118
"This message can e.g. contain instructions about how to reset a password."
#: pam_sss.8.xml:123
"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</"
"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be "
#: pam_sss.8.xml:133
"These files are searched in the directory <filename>/etc/sssd/customize/"
"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</"
"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </"
"you have to edit /etc/krb5.conf to reflect your Kerberos setup."
#: sssd-simple.5.xml:17
#: sssd-simple.5.xml:24
"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
#: sssd-simple.5.xml:38
#: sssd-simple.5.xml:43
#: sssd-simple.5.xml:47
#: sssd-simple.5.xml:54
#: sssd-simple.5.xml:60
#: sssd-simple.5.xml:78
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-simple.5.xml:81
#: sssd-simple.5.xml:88
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-simple.5.xml:91
#: sssd-simple.5.xml:97
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-simple.5.xml:100
#: sssd-simple.5.xml:108
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-simple.5.xml:111
"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
#: sssd-simple.5.xml:120
#: sssd-simple.5.xml:125
#: sssd-simple.5.xml:133
#: sssd-simple.5.xml:140
" [domain/example.com]\n"
#: sssd-ipa.5.xml:23
"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</"
#: sssd-ipa.5.xml:36
"the freeipa.org web site for information about IPA servers.) This provider "
#: sssd-ipa.5.xml:43
#: sssd-ipa.5.xml:55
"freeipa.org for more information about HBAC. No configuration of access "
#: sssd-ipa.5.xml:62
#: sssd-ipa.5.xml:78
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:81
#: sssd-ipa.5.xml:89
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:92
#: sssd-ipa.5.xml:105
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:108
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:119
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
"the default Kerberos realm must be set properly in /etc/krb5.conf"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:133
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:153
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:159
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:173
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:179
#: sssd-ipa.5.xml:185
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:192
"based discovery using a query that contains \"_location.hostname.example.com"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:235
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:241
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:260
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:263
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:267
#: sssd-ipa.5.xml:273
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:276
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:285
#: sssd-ipa.5.xml:297
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:300
#: sssd-ipa.5.xml:316
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:319
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:328
#: sssd-ipa.5.xml:335
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:338
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:347
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:357
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:374
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:378
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:389
#: sssd-ipa.5.xml:402
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:405
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:418
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:421
#: sssd-ipa.5.xml:434
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:437
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:446
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:451
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:456
#: sssd-ipa.5.xml:462
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:465
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:469
#: sssd-ipa.5.xml:480
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:483
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:487
#: sssd-ipa.5.xml:498
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:501
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:504
#: sssd-ipa.5.xml:511
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:514
#: sssd-ipa.5.xml:523
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:526
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:536
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:539
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:548
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:551
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:555
#: sssd-ipa.5.xml:560
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:563
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:567
#: sssd-ipa.5.xml:573
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:584
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:587
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:590
#: sssd-ipa.5.xml:596
#: sssd-ipa.5.xml:607
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:610
#: sssd-ipa.5.xml:619
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:622
#: sssd-ipa.5.xml:631
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:634
#: sssd-ipa.5.xml:643
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:646
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:651
#: sssd-ipa.5.xml:656
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:659
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:663
#: sssd-ipa.5.xml:668
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:671
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:675
#: sssd-ipa.5.xml:680
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:683
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:687
#: sssd-ipa.5.xml:692
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:695
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:699
#: sssd-ipa.5.xml:704
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:707
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:711
#: sssd-ipa.5.xml:716
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:719
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:723
#: sssd-ipa.5.xml:732
#: sssd-ipa.5.xml:734
#: sssd-ipa.5.xml:738
"sssd.conf, the IPA subdomains provider is configured explicitly, and all "
#: sssd-ipa.5.xml:744
"fails and indicates that the server does not support subdomains, i.e. is not "
#: sssd-ipa.5.xml:761
#: sssd-ipa.5.xml:768
" [domain/example.com]\n"
" ipa_server = ipaserver.example.com\n"
" ipa_hostname = myhost.example.com\n"
#: sssd-ad.5.xml:23
"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</"
#: sssd-ad.5.xml:36
#: sssd-ad.5.xml:41
#: sssd-ad.5.xml:45
#: sssd-ad.5.xml:50
#: sssd-ad.5.xml:62
#: sssd-ad.5.xml:74
#: sssd-ad.5.xml:68
#: sssd-ad.5.xml:91
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:94
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:99
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:104
#: sssd-ad.5.xml:111
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:114
#: sssd-ad.5.xml:127
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:130
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:136
#: sssd-ad.5.xml:144
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:151
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:170
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:200
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:214
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:295
#: sssd-ad.5.xml:302
"[domain/EXAMPLE]\n"
"ad_server = dc1.example.com\n"
"ad_hostname = client.example.com\n"
"ad_domain = example.com\n"
#: sssd-ad.5.xml:322
#: sssd-ad.5.xml:318
#: sssd-ad.5.xml:328
#: sssd-sudo.5.xml:17
#: sssd-sudo.5.xml:23
#: sssd-sudo.5.xml:36
#: sssd-sudo.5.xml:38
"<refentrytitle>nsswitch.conf</refentrytitle> <manvolnum>5</manvolnum> </"
#: sssd-sudo.5.xml:47
"local users) and then in SSSD, the nsswitch.conf file should contain the "
#: sssd-sudo.5.xml:57
#: sssd-sudo.5.xml:61
"nsswitch.conf file as well as information about the LDAP schema that is used "
"<refentrytitle>sudoers.ldap</refentrytitle> <manvolnum>5</manvolnum> </"
#: sssd-sudo.5.xml:72
#: sssd-sudo.5.xml:74
#: sssd-sudo.5.xml:79
"[domain/EXAMPLE]\n"
"ldap_uri = ldap://example.com\n"
#: sssd-sudo.5.xml:92
#: sssd-sudo.5.xml:99
#: sssd-sudo.5.xml:101
#: sssd-sudo.5.xml:109
#: sssd-sudo.5.xml:115
#: sssd-sudo.5.xml:123
#: sssd-sudo.5.xml:132
#: sssd-sudo.5.xml:139
#: sssd-sudo.5.xml:144
#: sssd-sudo.5.xml:149
#: sssd-sudo.5.xml:154
#: sssd-sudo.5.xml:159
#: sssd-sudo.5.xml:164
msgid "one of the IP addresses of the network (in the form \"address/mask\")"
#: sssd-sudo.5.xml:170
"citerefentry> and \"sudo_*\" in <citerefentry> <refentrytitle>sssd.conf</"
#: sssd.8.xml:16
#: sssd.8.xml:21
#: sssd.8.xml:31
#: sssd.8.xml:46
#: sssd.8.xml:53
#: sssd.8.xml:57
#: sssd.8.xml:60
#: sssd.8.xml:69
#: sssd.8.xml:73
#: sssd.8.xml:76
#: sssd.8.xml:85
#: sssd.8.xml:89
"are stored in <filename>/var/log/sssd</filename> and there are separate log "
#: sssd.8.xml:97
#: sssd.8.xml:101
#: sssd.8.xml:111
"Specify a non-default config file. The default is <filename>/etc/sssd/sssd."
"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
#: sssd.8.xml:135
#: sssd.8.xml:139
#: sssd.8.xml:147
#: sssd.8.xml:150
msgid "SIGTERM/SIGINT"
#: sssd.8.xml:153
#: sssd.8.xml:159
#: sssd.8.xml:162
#: sssd.8.xml:170
#: sssd.8.xml:173
#: sssd.8.xml:179
#: sssd.8.xml:182
#: sss_obfuscate.8.xml:16
#: sss_obfuscate.8.xml:21
#: sss_obfuscate.8.xml:32
#: sss_obfuscate.8.xml:37
#: sss_obfuscate.8.xml:49
#: sss_obfuscate.8.xml:63
#: sss_obfuscate.8.xml:67
#: sss_obfuscate.8.xml:79
#: sss_obfuscate.8.xml:86
#: sss_obfuscate.8.xml:91
#: sss_obfuscate.8.xml:95
msgid "Default: <filename>/etc/sssd/sssd.conf</filename>"
#: sss_useradd.8.xml:16
#: sss_useradd.8.xml:21
#: sss_useradd.8.xml:32
#: sss_useradd.8.xml:48
#: sss_useradd.8.xml:72
"baseDirectory</quote> setting in sssd.conf."
#: sss_useradd.8.xml:87
"The user's login shell. The default is currently <filename>/bin/bash</"
"defaultShell</quote> setting in sssd.conf."
#: sss_useradd.8.xml:96
#: sss_useradd.8.xml:101
#: sss_useradd.8.xml:107
#: sss_useradd.8.xml:111
#: sss_useradd.8.xml:121
#: sss_useradd.8.xml:125
#: sss_useradd.8.xml:132
#: sss_useradd.8.xml:137
#: sss_useradd.8.xml:143
#: sss_useradd.8.xml:147
#: sss_useradd.8.xml:161
#: sssd-krb5.5.xml:23
"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
#: sssd-krb5.5.xml:36
#: sssd-krb5.5.xml:47
#: sssd-krb5.5.xml:55
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:77
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:106
#: sssd-krb5.5.xml:113
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:116
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:122
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:129
#: sssd-krb5.5.xml:135
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:138
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:152
#: sssd-krb5.5.xml:158
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:177
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:180
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:181
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:185
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:186
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:189
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:190
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:195
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:200
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:201
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:161
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:215
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:223
"stored in the system wide krb5.conf configuration file in the [libdefaults] "
"section. The option name is default_ccache_name. See krb5.conf(5)'s "
"format defined by krb5.conf."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:232
#: sssd-krb5.5.xml:238
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:241
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:255
#: sssd-krb5.5.xml:270
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:273
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:277
msgid "Default: /etc/krb5.keytab"
msgstr "Noklusējuma: /etc/krb5.keytab"
#: sssd-krb5.5.xml:283
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:286
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:291
#: sssd-krb5.5.xml:304
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:307
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:333
msgid "Default: not set, i.e. the TGT is not renewable"
#: sssd-krb5.5.xml:339
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:342
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:358
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:362
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:367
"Default: not set, i.e. the default ticket lifetime configured on the KDC."
#: sssd-krb5.5.xml:374
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:377
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:404
#: sssd-krb5.5.xml:414
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:417
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:422
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:426
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:431
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:436
msgid "Default: not set, i.e. FAST is not used."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:439
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:442
#: sssd-krb5.5.xml:451
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:454
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:463
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:512
#: sssd-krb5.5.xml:65
"must be used. See the <citerefentry> <refentrytitle>sssd.conf</"
#: sssd-krb5.5.xml:528
#: sssd-krb5.5.xml:536
" [domain/FOO]\n"
" krb5_realm = EXAMPLE.COM\n"
#: sss_groupadd.8.xml:16
#: sss_groupadd.8.xml:21
#: sss_groupadd.8.xml:32
#: sss_groupadd.8.xml:48
#: sss_userdel.8.xml:16
#: sss_userdel.8.xml:21
#: sss_userdel.8.xml:32
#: sss_userdel.8.xml:44
#: sss_userdel.8.xml:48
#: sss_userdel.8.xml:56
#: sss_userdel.8.xml:60
#: sss_userdel.8.xml:68
#: sss_userdel.8.xml:72
#: sss_userdel.8.xml:80
#: sss_userdel.8.xml:84
#: sss_groupdel.8.xml:16
#: sss_groupdel.8.xml:21
#: sss_groupdel.8.xml:32
#: sss_groupshow.8.xml:16
#: sss_groupshow.8.xml:21
#: sss_groupshow.8.xml:32
#: sss_groupshow.8.xml:43
#: sss_groupshow.8.xml:47
#: sss_usermod.8.xml:16
#: sss_usermod.8.xml:21
#: sss_usermod.8.xml:32
#: sss_usermod.8.xml:60
#: sss_usermod.8.xml:71
#: sss_usermod.8.xml:82
#: sss_usermod.8.xml:96
#: sss_usermod.8.xml:103
#: sss_usermod.8.xml:107
#: sss_usermod.8.xml:114
#: sss_usermod.8.xml:118
#: sss_usermod.8.xml:129
#: sss_cache.8.xml:16
#: sss_cache.8.xml:21
#: sss_cache.8.xml:31
#: sss_cache.8.xml:42
#: sss_cache.8.xml:46
#: sss_cache.8.xml:52
#: sss_cache.8.xml:57
#: sss_cache.8.xml:63
#: sss_cache.8.xml:67
#: sss_cache.8.xml:74
#: sss_cache.8.xml:79
#: sss_cache.8.xml:85
#: sss_cache.8.xml:89
#: sss_cache.8.xml:96
#: sss_cache.8.xml:101
#: sss_cache.8.xml:107
#: sss_cache.8.xml:111
#: sss_cache.8.xml:118
#: sss_cache.8.xml:123
#: sss_cache.8.xml:129
#: sss_cache.8.xml:133
#: sss_cache.8.xml:140
#: sss_cache.8.xml:145
#: sss_cache.8.xml:151
#: sss_cache.8.xml:155
#: sss_cache.8.xml:162
#: sss_cache.8.xml:167
#: sss_debuglevel.8.xml:16
#: sss_debuglevel.8.xml:21
#: sss_debuglevel.8.xml:32
#: sss_debuglevel.8.xml:59
#: sss_seed.8.xml:16
#: sss_seed.8.xml:21
#: sss_seed.8.xml:33
#: sss_seed.8.xml:46
#: sss_seed.8.xml:51
"sssd.conf. The <replaceable>DOMAIN</replaceable> option must be provided. "
#: sss_seed.8.xml:63
#: sss_seed.8.xml:68
#: sss_seed.8.xml:81
#: sss_seed.8.xml:93
#: sss_seed.8.xml:117
#: sss_seed.8.xml:129
#: sss_seed.8.xml:140
#: sss_seed.8.xml:148
#: sss_seed.8.xml:153
#: sss_seed.8.xml:165
msgid "AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys\n"
msgid "PubKeyAgent /usr/bin/sss_ssh_authorizedkeys %u\n"
"manvolnum></citerefentry> for more information) <filename>/var/lib/sss/"
"pubconf/known_hosts</filename> and estabilishes connection to the host."
"ProxyCommand /usr/bin/sss_ssh_knownhostsproxy -p %p %h\n"
"GlobalKnownHostsFile /var/lib/sss/pubconf/known_hosts\n"
"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
#: include/upstream.xml:1
#: include/failover.xml:2
#: include/failover.xml:4
#: include/failover.xml:8
#: include/failover.xml:10
#: include/failover.xml:16
#: include/failover.xml:27
#: include/failover.xml:29
#: include/failover.xml:42
#: include/failover.xml:47
"Minimum configuration (in the <quote>[domain/DOMAINNAME]</quote> section):"
#: include/ldap_id_mapping.xml:100
#: include/ldap_id_mapping.xml:103
#: include/ldap_id_mapping.xml:107
#: include/ldap_id_mapping.xml:117
#: include/ldap_id_mapping.xml:122
#: include/ldap_id_mapping.xml:125
#: include/ldap_id_mapping.xml:136
#: include/ldap_id_mapping.xml:139
#: include/ldap_id_mapping.xml:150
#: include/ldap_id_mapping.xml:153
#: include/ldap_id_mapping.xml:161
#: include/ldap_id_mapping.xml:164
#: include/ldap_id_mapping.xml:169
#: include/ldap_id_mapping.xml:174
#: include/debug_levels.xml:11
#: include/debug_levels.xml:15
#: include/debug_levels.xml:20
#: include/debug_levels.xml:24
#: include/debug_levels.xml:28
#: include/debug_levels.xml:31
#: include/debug_levels.xml:34
#: include/debug_levels.xml:37
#: include/debug_levels.xml:40
#: include/debug_levels.xml:43
#: include/debug_levels.xml:46
#: include/debug_levels.xml:49
#: include/debug_levels.xml:53
#: include/debug_levels.xml:57
"<emphasis> This is an experimental feature, please use http://fedorahosted."
"org/sssd to report any issues. </emphasis>"
#: include/local.xml:2
#: include/local.xml:4
#: include/local.xml:9
#: include/seealso.xml:2
#: include/seealso.xml:4
"citerefentry>, <citerefentry> <refentrytitle>sssd.conf</"
"must be a valid LDAP search filter as specified by http://www.ietf.org/rfc/"
"any autofs-related changes are made to the sssd.conf, you typically also "