From 1bf4b41f1198388c039292d71c41e131fae3fa88 Mon Sep 17 00:00:00 2001 From: Alexander Bokovoy Date: Dec 19 2020 12:50:23 +0000 Subject: Update po/tg translation before release Signed-off-by: Alexander Bokovoy Reviewed-By: Francois Cami --- diff --git a/po/tg.po b/po/tg.po index d3b8028..d0e1a85 100644 --- a/po/tg.po +++ b/po/tg.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: freeipa 4.9.0.dev201908140712+gitc9938e3d8\n" "Report-Msgid-Bugs-To: https://pagure.io/freeipa/new_issue\n" -"POT-Creation-Date: 2020-08-20 13:01+0300\n" +"POT-Creation-Date: 2020-11-17 19:02+0200\n" "PO-Revision-Date: 2019-11-11 10:26+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Tajik\n" @@ -18,23971 +18,308 @@ msgstr "" "Plural-Forms: nplurals=1; plural=0\n" "X-Generator: Zanata 4.6.2\n" -#, c-format -msgid "Out of memory!\n" -msgstr "Берун аз хотира!\n" - -#, c-format -msgid "No permission to join this host to the IPA domain.\n" -msgstr "" - -#, c-format -msgid "No write permissions on keytab file '%s'\n" -msgstr "" - -#, c-format -msgid "access() on %1$s failed: errno = %2$d\n" -msgstr "" - -#, c-format -msgid "Out of memory!" -msgstr "Берун аз хотира!" - -#, c-format -msgid "Unable to enable SSL in LDAP\n" -msgstr "" - -msgid "SASL Bind failed\n" -msgstr "" - -#, c-format -msgid "Search for %1$s on rootdse failed with error %2$d\n" -msgstr "" - -#, c-format -msgid "No values for %s" -msgstr "" - -#, c-format -msgid "Search for IPA namingContext failed with error %d\n" -msgstr "" - -#, c-format -msgid "IPA namingContext not found\n" -msgstr "" - -#, c-format -msgid "Unable to determine root DN of %s\n" -msgstr "" - -#, c-format -msgid "Enrollment failed. %s\n" -msgstr "" - -#, c-format -msgid "principal not found in XML-RPC response\n" -msgstr "" - -#, c-format -msgid "Host is already joined.\n" -msgstr "" - -#, c-format -msgid "curl_slist_append() failed for value: '%s'\n" -msgstr "" - -#, c-format -msgid "curl_easy_setopt() failed\n" -msgstr "" - -#, c-format -msgid "Expanding buffer in jsonrpc_handle_response failed" -msgstr "" - -#, c-format -msgid "curl_global_init() failed\n" -msgstr "" - -#, c-format -msgid "curl_easy_init() failed\n" -msgstr "" - -#, c-format -msgid "json_dumps() failed\n" -msgstr "" - -#, c-format -msgid "" -"JSON-RPC request:\n" -"%s\n" -msgstr "" - -#, c-format -msgid "JSON-RPC call failed: %s\n" -msgstr "" - -#, c-format -msgid "JSON-RPC call failed with status code: %li\n" -msgstr "" - -#, c-format -msgid "JSON-RPC call was unauthorized. Check your credentials.\n" -msgstr "" - -#, c-format -msgid "" -"JSON-RPC response:\n" -"%s\n" -msgstr "" - -#, c-format -msgid "Extracting the error from the JSON-RPC response failed: %s\n" -msgstr "" - -#, c-format -msgid "Parsing JSON-RPC response failed: %s\n" -msgstr "" - -#, c-format -msgid "Parsing JSON-RPC response failed: no 'result' value found.\n" -msgstr "" - -#, c-format -msgid "Extracting the data from the JSON-RPC response failed: %s\n" -msgstr "" - -#, c-format -msgid "json_pack_ex() failed: %s\n" -msgstr "" - -#, c-format -msgid "Unenrollment successful.\n" -msgstr "" - -#, c-format -msgid "Unenrollment failed.\n" -msgstr "" - -#, c-format -msgid "result not found in XML-RPC response\n" -msgstr "" - -#, c-format -msgid "Unable to determine IPA server from %s\n" -msgstr "" - -#, c-format -msgid "The hostname must be fully-qualified: %s\n" -msgstr "" - -#, c-format -msgid "The hostname must not be: %s\n" -msgstr "" - -#, c-format -msgid "Unable to join host: Kerberos context initialization failed\n" -msgstr "" - -#, c-format -msgid "Unable to join host: Kerberos Credential Cache not found\n" -msgstr "" - -#, c-format -msgid "" -"Unable to join host: Kerberos User Principal not found and host password not " -"provided.\n" -msgstr "" - -#, c-format -msgid "fork() failed\n" -msgstr "" - -#, c-format -msgid "ipa-getkeytab not found\n" -msgstr "" - -#, c-format -msgid "ipa-getkeytab has bad permissions?\n" -msgstr "" - -#, c-format -msgid "executing ipa-getkeytab failed, errno %d\n" -msgstr "" - -#, c-format -msgid "child exited with %d\n" -msgstr "" - -#, c-format -msgid "Error resolving keytab: %s.\n" -msgstr "" - -#, c-format -msgid "Error getting default Kerberos realm: %s.\n" -msgstr "" - -#, c-format -msgid "Error parsing \"%1$s\": %2$s.\n" -msgstr "" - -#, c-format -msgid "Error obtaining initial credentials: %s.\n" -msgstr "" - -#, c-format -msgid "Unable to generate Kerberos Credential Cache\n" -msgstr "" - -#, c-format -msgid "Error storing creds in credential cache: %s.\n" -msgstr "" - -msgid "Print the raw XML-RPC output in GSSAPI mode" -msgstr "" - -msgid "Quiet mode. Only errors are displayed." -msgstr "" - -msgid "Unenroll this host from IPA server" -msgstr "" - -msgid "Hostname of this server" -msgstr "" - -msgid "hostname" -msgstr "номи мизбон" - -#, fuzzy -#| msgid "IPA Server" -msgid "IPA Server to use" -msgstr "Сервери IPA" - -msgid "Specifies where to store keytab information." -msgstr "" - -msgid "filename" -msgstr "номи файл" - -msgid "Force the host join. Rejoin even if already joined." -msgstr "" - -msgid "LDAP password (if not using Kerberos)" -msgstr "" - -msgid "password" -msgstr "парол" - -#, fuzzy -#| msgid "LDAP password" -msgid "LDAP basedn" -msgstr "Пароли LDAP" - -msgid "basedn" -msgstr "" - -#, c-format -msgid "cannot open configuration file %s\n" -msgstr "" - -#, c-format -msgid "cannot stat() configuration file %s\n" -msgstr "" - -#, c-format -msgid "out of memory\n" -msgstr "берун аз хотира\n" - -#, c-format -msgid "read error\n" -msgstr "хатогии хониш\n" - -#, c-format -msgid "Unable to parse principal name\n" -msgstr "" - -#, c-format -msgid "krb5_parse_name %1$d: %2$s\n" -msgstr "" - -#, c-format -msgid "Removing principal %s\n" -msgstr "" - -#, c-format -msgid "Failed to open keytab\n" -msgstr "" - -#, fuzzy, c-format -#| msgid "File %(file)s not found" -msgid "principal not found\n" -msgstr "Файли %(file)s пайдо нашуд." - -#, c-format -msgid "krb5_kt_get_entry %1$d: %2$s\n" -msgstr "" - -#, c-format -msgid "Unable to remove entry\n" -msgstr "" - -#, c-format -msgid "kvno %d\n" -msgstr "" - -#, c-format -msgid "krb5_kt_remove_entry %1$d: %2$s\n" -msgstr "" - -#, c-format -msgid "Unable to parse principal\n" -msgstr "" - -#, c-format -msgid "krb5_unparse_name %1$d: %2$s\n" -msgstr "" - -#, fuzzy, c-format -#| msgid "File %(file)s not found" -msgid "realm not found\n" -msgstr "Файли %(file)s пайдо нашуд." - -msgid "Print debugging information" -msgstr "" - -msgid "Debugging output" -msgstr "" - -msgid "" -"The principal to remove from the keytab (ex: ftp/ftp.example.com@EXAMPLE.COM)" -msgstr "" - -msgid "Kerberos Service Principal Name" -msgstr "" - -msgid "The keytab file to remove the principcal(s) from" -msgstr "" - -msgid "Keytab File Name" -msgstr "" - -msgid "Remove all principals in this realm" -msgstr "" - -#, fuzzy -#| msgid "Rename" -msgid "Realm name" -msgstr "Азнавномгузорӣ" - -#, c-format -msgid "Kerberos context initialization failed\n" -msgstr "" - -#, c-format -msgid "Failed to open keytab '%1$s': %2$s\n" -msgstr "" - -#, c-format -msgid "Closing keytab failed\n" -msgstr "" - -#, c-format -msgid "krb5_kt_close %1$d: %2$s\n" -msgstr "" - -#, c-format -msgid "Kerberos context initialization failed: %1$s (%2$d)\n" -msgstr "" - -#, c-format -msgid "Unable to parse principal: %1$s (%2$d)\n" -msgstr "" - -#, c-format -msgid "No keys accepted by KDC\n" -msgstr "" - -#, c-format -msgid "Out of memory \n" -msgstr "Берун аз хотира \n" - -#, c-format -msgid "Unable to initialize ldap library!\n" -msgstr "" - -msgid "Simple bind failed\n" -msgstr "" - -#, c-format -msgid "Operation failed: %s\n" -msgstr "" - -#, c-format -msgid "Failed to get result: %s\n" -msgstr "" - -#, c-format -msgid "Timeout exceeded." -msgstr "" - -#, c-format -msgid "Failed to parse extended result: %s\n" -msgstr "" - -#, c-format -msgid "Failed to parse result: %s\n" -msgstr "" - -#, c-format -msgid "Missing reply control list!\n" -msgstr "" - -#, c-format -msgid "Missing reply control!\n" -msgstr "" - -#, c-format -msgid "Out of Memory!\n" -msgstr "Берун аз хотира!\n" - -#, c-format -msgid "Failed to create control!\n" -msgstr "" - -#, c-format -msgid "Failed to bind to server!\n" -msgstr "" - -#, c-format -msgid "Failed to get keytab!\n" -msgstr "" - -#, c-format -msgid "ber_init() failed, Invalid control ?!\n" -msgstr "" - -#, c-format -msgid "ber_scanf() failed, unable to find kvno ?!\n" -msgstr "" - -#, c-format -msgid "Failed to retrieve encryption type type #%d\n" -msgstr "" - -#, c-format -msgid "Failed to retrieve encryption type %1$s (#%2$d)\n" -msgstr "" - -#, c-format -msgid "Failed to retrieve any keys" -msgstr "" - -msgid "Failed to decode control reply!\n" -msgstr "" - -#, fuzzy, c-format -#| msgid "Passwords do not match!" -msgid "Passwords do not match!\n" -msgstr "Паролҳо номувофиқанд!" - -#, c-format -msgid "Failed to open config file %s\n" -msgstr "" - -#, c-format -msgid "Failed to parse config file %s\n" -msgstr "" - -msgid "Failed to resolve symlink to keytab.\n" -msgstr "" - -msgid "keytab is a dangling symlink and owned by another user.\n" -msgstr "" - -msgid "Print as little as possible" -msgstr "" - -msgid "Output only on errors" -msgstr "" - -msgid "Contact this specific KDC Server" -msgstr "" - -msgid "Server Name" -msgstr "Номи сервер" - -msgid "The principal to get a keytab for (ex: ftp/ftp.example.com@EXAMPLE.COM)" -msgstr "" - -msgid "" -"The keytab file to append the new key to (will be created if it does not " -"exist)." -msgstr "" - -msgid "Encryption types to request" -msgstr "" - -msgid "Comma separated encryption types list" -msgstr "" - -msgid "Show the list of permitted encryption types and exit" -msgstr "" - -msgid "Permitted Encryption Types" -msgstr "" - -msgid "Asks for a non-random password to use for the principal" -msgstr "" - -msgid "LDAP DN" -msgstr "LDAP DN" - -msgid "DN to bind as if not using kerberos" -msgstr "" - -msgid "LDAP password" -msgstr "Пароли LDAP" - -msgid "password to use if not using kerberos" -msgstr "" - -#, fuzzy -#| msgid "LDAP password" -msgid "Prompt for LDAP password" -msgstr "Пароли LDAP" - -msgid "Path to the IPA CA certificate" -msgstr "" - -msgid "IPA CA certificate" -msgstr "" - -msgid "LDAP uri to connect to. Mutually exclusive with --server" -msgstr "" - -msgid "url" -msgstr "" - -msgid "LDAP SASL bind mechanism if no bindd/bindpw" -msgstr "" - -msgid "GSSAPI|EXTERNAL" -msgstr "" - -msgid "Retrieve current keys without changing them" -msgstr "" - -#, c-format -msgid "No system preferred enctypes ?!\n" -msgstr "" - -#, c-format -msgid "Supported encryption types:\n" -msgstr "" - -#, c-format -msgid "Warning: failed to convert type (#%d)\n" -msgstr "" - -#, c-format -msgid "Bind password already provided (-w).\n" -msgstr "" - -#, fuzzy -#| msgid "LDAP password" -msgid "Enter LDAP password" -msgstr "Пароли LDAP" - -#, c-format -msgid "Bind password required when using a bind DN (-w or -W).\n" -msgstr "" - -#, c-format -msgid "Cannot specify both SASL mechanism and bind DN simultaneously.\n" -msgstr "" - -#, c-format -msgid "Invalid SASL bind mechanism\n" -msgstr "" - -#, c-format -msgid "Cannot specify server and LDAP uri simultaneously.\n" -msgstr "" - -#, c-format -msgid "Server name not provided and unavailable\n" -msgstr "" - -#, c-format -msgid "Incompatible options provided (-r and -P)\n" -msgstr "" - -#, fuzzy -#| msgid "New Password" -msgid "New Principal Password" -msgstr "Пароли нав" - -msgid "Verify Principal Password" -msgstr "" - -#, c-format -msgid "" -"Warning: salt types are not honored with randomized passwords (see opt. -P)\n" -msgstr "" - -#, c-format -msgid "Invalid Service Principal Name\n" -msgstr "" - -#, c-format -msgid "Kerberos Credential Cache not found. Do you have a Kerberos Ticket?\n" -msgstr "" - -#, c-format -msgid "" -"Kerberos User Principal not found. Do you have a valid Credential Cache?\n" -msgstr "" - -#, c-format -msgid "Failed to open Keytab\n" -msgstr "" - -#, c-format -msgid "Retrying with pre-4.0 keytab retrieval method...\n" -msgstr "" - -#, c-format -msgid "Failed to create key material\n" -msgstr "" - -#, c-format -msgid "Failed to get keytab\n" -msgstr "" - -#, c-format -msgid "Failed to add key to the keytab\n" -msgstr "" - -#, c-format -msgid "Failed to close the keytab\n" -msgstr "" - -#, c-format -msgid "Keytab successfully retrieved and stored in: %s\n" -msgstr "" - -msgid "Failed to add" -msgstr "" - -msgid "maps not connected to /etc/auto.master:" -msgstr "" - -msgid "Import automount files for a specific location." -msgstr "" - -msgid "Master file" -msgstr "" - -msgid "Automount master file." -msgstr "" - -msgid "" -"Continuous operation mode. Errors are reported but the process continues." -msgstr "" - -#, python-format -msgid "File %(file)s not found" -msgstr "Файли %(file)s пайдо нашуд." - -#, python-format -msgid "key %(key)s already exists" -msgstr "" - -#, python-format -msgid "map %(map)s already exists" -msgstr "" - -msgid "Imported maps:" -msgstr "" - -#, python-format -msgid "Added %(map)s" -msgstr "" - -msgid "Imported keys:" -msgstr "" - -#, python-format -msgid "Added %(src)s to %(dst)s" -msgstr "" - -msgid "Ignored keys:" -msgstr "" - -#, python-format -msgid "Ignored %(src)s to %(dst)s" -msgstr "" - -msgid "Duplicate maps skipped:" -msgstr "" - -#, python-format -msgid "Skipped %(map)s" -msgstr "" - -msgid "Duplicate keys skipped:" -msgstr "" - -#, python-format -msgid "Skipped %(key)s" -msgstr "" - -msgid "Write certificate (chain if --chain used) to file" -msgstr "" - -msgid "Path to NSS database" -msgstr "" - -msgid "Path to NSS database to use for private key" -msgstr "" - -msgid "Path to private key file" -msgstr "" - -msgid "Path to PEM file containing a private key" -msgstr "" - -msgid "File containing a password for the private key or database" -msgstr "" - -msgid "Name of CSR generation profile (if not the same as profile_id)" -msgstr "" - -msgid "Generated CSR was empty" -msgstr "" - -msgid "Options 'database' and 'private_key' are not compatible with 'csr'" -msgstr "" - -msgid "Unrevoked" -msgstr "" - -msgid "Error" -msgstr "Хатогӣ" - -#, fuzzy -#| msgid "filename" -msgid "Input filename" -msgstr "номи файл" - -msgid "File to load the certificate from." -msgstr "" - -msgid "cannot specify both raw certificate and file" -msgstr "" - -msgid "Input file" -msgstr "" - -msgid "File to load the certificate from" -msgstr "" - -#, python-format -msgid "Profile configuration stored in file '%(file)s'" -msgstr "" - -msgid "" -"\n" -"Commands to build certificate requests automatically\n" -msgstr "" - -msgid "Gather data for a certificate signing request." -msgstr "" - -msgid "Principal" -msgstr "Асосӣ" - -msgid "Principal for this certificate (e.g. HTTP/test.example.com)" -msgstr "" - -msgid "Profile ID" -msgstr "" - -msgid "CSR Generation Profile to use" -msgstr "" - -msgid "Subject Public Key Info" -msgstr "" - -msgid "DER-encoded SubjectPublicKeyInfo structure" -msgstr "" - -msgid "Write CertificationRequestInfo to file" -msgstr "" - -msgid "Dictionary mapping variable name to value" -msgstr "" - -msgid "CertificationRequestInfo structure" -msgstr "" - -msgid "The principal for this request doesn't exist." -msgstr "" - -#, python-format -msgid "Certificate(s) stored in file '%(file)s'" -msgstr "" - -msgid "Servers details:" -msgstr "" - -msgid "" -"Migration mode is disabled.\n" -"Use 'ipa config-mod --enable-migration=TRUE' to enable it." -msgstr "" - -msgid "" -"Passwords have been migrated in pre-hashed format.\n" -"IPA is unable to generate Kerberos keys unless provided\n" -"with clear text passwords. All migrated users need to\n" -"login at https://your.domain/ipa/migration/ before they\n" -"can use their Kerberos accounts." -msgstr "" - -msgid "python-yubico is not installed." -msgstr "" - -msgid "" -"\n" -"YubiKey Tokens\n" -msgstr "" - -msgid "" -"\n" -"Manage YubiKey tokens.\n" -msgstr "" - -msgid "" -"\n" -"This code is an extension to the otptoken plugin and provides support for\n" -"reading/writing YubiKey tokens directly.\n" -msgstr "" - -msgid "" -"\n" -"EXAMPLES:\n" -msgstr "" - -msgid "" -"\n" -" Add a new token:\n" -" ipa otptoken-add-yubikey --owner=jdoe --desc=\"My YubiKey\"\n" -msgstr "" - -msgid "Add a new YubiKey OTP token." -msgstr "" - -msgid "YubiKey slot" -msgstr "" - -msgid "No free YubiKey slot!" -msgstr "" - -#, python-format -msgid "Removing %(servers)s from replication topology, please wait..." -msgstr "" - -#, python-format -msgid "Enabled Sudo Rule \"%s\"" -msgstr "" - -#, python-format -msgid "Disabled Sudo Rule \"%s\"" -msgstr "" - -#, python-format -msgid "Added option \"%(option)s\" to Sudo Rule \"%(rule)s\"" -msgstr "" - -#, python-format -msgid "Removed option \"%(option)s\" from Sudo Rule \"%(rule)s\"" -msgstr "" - -#, python-format -msgid "Replication topology of suffix \"%(suffix)s\" is in order." -msgstr "" - -#, python-format -msgid "Replication topology of suffix \"%(suffix)s\" contains errors." -msgstr "" - -msgid "Topology is disconnected" -msgstr "" - -#, python-format -msgid "Server %(srv)s can't contact servers: %(replicas)s" -msgstr "" - -msgid "Recommended maximum number of agreements per replica exceeded" -msgstr "" - -msgid "Maximum number of agreements per replica" -msgstr "" - -#, python-format -msgid "Server \"%(srv)s\" has %(n)d agreements with servers:" -msgstr "" - -msgid "Delete a user, keeping the entry available for future use" -msgstr "" - -#, fuzzy -#| msgid "Delete all?" -msgid "Delete a user" -msgstr "Ҳамаро нест мекунед?" - -msgid "preserve and no-preserve cannot be both set" -msgstr "" - -msgid "Split DNS record to parts" -msgstr "" - -msgid "Please choose a type of DNS resource record to be added" -msgstr "" - -#, python-format -msgid "The most common types for this type of zone are: %s\n" -msgstr "" - -msgid "DNS resource record type" -msgstr "" - -#, python-format -msgid "Invalid or unsupported type. Allowed values are: %s" -msgstr "" - -msgid "No option to modify specific record provided." -msgstr "" - -msgid "Current DNS record contents:\n" -msgstr "" - -#, python-format -msgid "Modify %(name)s '%(value)s'?" -msgstr "" - -#, python-format -msgid "" -"%(count)d %(type)s record skipped. Only one value per DNS record type can be " -"modified at one time." -msgid_plural "" -"%(count)d %(type)s records skipped. Only one value per DNS record type can " -"be modified at one time." -msgstr[0] "" - -msgid "" -"Neither --del-all nor options to delete a specific record provided.\n" -"Command help may be consulted for all supported record types." -msgstr "" - -msgid "No option to delete specific record provided." -msgstr "" - -msgid "Delete all?" -msgstr "Ҳамаро нест мекунед?" - -#, python-format -msgid "Delete %(name)s '%(value)s'?" -msgstr "" - -msgid "Server will check DNS forwarder(s)." -msgstr "" - -msgid "This may take some time, please wait ..." -msgstr "" - -msgid "DNS forwarder" -msgstr "" - -msgid "file to store DNS records in nsupdate format" -msgstr "" - -msgid "" -"Unable to display QR code using the configured output encoding. Please use " -"the token URI to configure your OTP device" -msgstr "" - -msgid "" -"QR code width is greater than that of the output tty. Please resize your " -"terminal." -msgstr "" - -msgid "Synchronize an OTP token." -msgstr "" - -#, fuzzy -#| msgid "User" -msgid "User ID" -msgstr "Корбар" - -msgid "Password" -msgstr "Парол" - -#, fuzzy -#| msgid "First name" -msgid "First Code" -msgstr "Ном" - -msgid "Second Code" -msgstr "" - -msgid "Token ID" -msgstr "" - -#, python-format -msgid "Cannot read file '%(filename)s': %(exc)s" -msgstr "" - -#, python-format -msgid "Cannot decode file '%(filename)s': %(exc)s" -msgstr "" - -msgid "Invalid credentials" -msgstr "" - -msgid "Create a new vault." -msgstr "" - -#, fuzzy -#| msgid "password" -msgid "Vault password" -msgstr "парол" - -msgid "File containing the vault password" -msgstr "" - -msgid "File containing the vault public key" -msgstr "" - -msgid "Password can be specified only for symmetric vault" -msgstr "" - -msgid "Public key can be specified only for asymmetric vault" -msgstr "" - -msgid "Password specified multiple times" -msgstr "" - -msgid "Public key specified multiple times" -msgstr "" - -msgid "Missing vault public key" -msgstr "" - -#, python-format -msgid "Invalid or unsupported vault public key: %s" -msgstr "" - -msgid "Modify a vault." -msgstr "" - -#, fuzzy -#| msgid "password" -msgid "Change password" -msgstr "парол" - -#, fuzzy -#| msgid "password" -msgid "Old vault password" -msgstr "парол" - -msgid "File containing the old vault password" -msgstr "" - -#, fuzzy -#| msgid "New Password" -msgid "New vault password" -msgstr "Пароли нав" - -msgid "File containing the new vault password" -msgstr "" - -msgid "Old vault private key" -msgstr "" - -msgid "File containing the old vault private key" -msgstr "" - -msgid "File containing the new vault public key" -msgstr "" - -msgid "New public key specified multiple times" -msgstr "" - -msgid "Missing new vault public key" -msgstr "" - -msgid "Archive data into a vault." -msgstr "" - -msgid "Binary data to archive" -msgstr "" - -msgid "File containing data to archive" -msgstr "" - -msgid "Override existing password" -msgstr "" - -msgid "Input data specified multiple times" -msgstr "" - -#, python-format -msgid "" -"Size of data exceeds the limit. Current vault data size limit is %(limit)d B" -msgstr "" - -msgid "Invalid vault type" -msgstr "" - -msgid "Retrieve a data from a vault." -msgstr "" - -msgid "File to store retrieved data" -msgstr "" - -msgid "Vault private key" -msgstr "" - -msgid "File containing the vault private key" -msgstr "" - -msgid "Data" -msgstr "Маълумот" - -msgid "Private key specified multiple times" -msgstr "" - -msgid "Missing vault private key" -msgstr "" - -msgid "" -"\n" -"Directory Server Access Control Instructions (ACIs)\n" -"\n" -"ACIs are used to allow or deny access to information. This module is\n" -"currently designed to allow, not deny, access.\n" -"\n" -"The aci commands are designed to grant permissions that allow updating\n" -"existing entries or adding or deleting new ones. The goal of the ACIs\n" -"that ship with IPA is to provide a set of low-level permissions that\n" -"grant access to special groups called taskgroups. These low-level\n" -"permissions can be combined into roles that grant broader access. These\n" -"roles are another type of group, roles.\n" -"\n" -"For example, if you have taskgroups that allow adding and modifying users " -"you\n" -"could create a role, useradmin. You would assign users to the useradmin\n" -"role to allow them to do the operations defined by the taskgroups.\n" -"\n" -"You can create ACIs that delegate permission so users in group A can write\n" -"attributes on group B.\n" -"\n" -"The type option is a map that applies to all entries in the users, groups " -"or\n" -"host location. It is primarily designed to be used when granting add\n" -"permissions (to write new entries).\n" -"\n" -"An ACI consists of three parts:\n" -"1. target\n" -"2. permissions\n" -"3. bind rules\n" -"\n" -"The target is a set of rules that define which LDAP objects are being\n" -"targeted. This can include a list of attributes, an area of that LDAP\n" -"tree or an LDAP filter.\n" -"\n" -"The targets include:\n" -"- attrs: list of attributes affected\n" -"- type: an object type (user, group, host, service, etc)\n" -"- memberof: members of a group\n" -"- targetgroup: grant access to modify a specific group. This is primarily\n" -" designed to enable users to add or remove members of a specific group.\n" -"- filter: A legal LDAP filter used to narrow the scope of the target.\n" -"- subtree: Used to apply a rule across an entire set of objects. For " -"example,\n" -" to allow adding users you need to grant \"add\" permission to the subtree\n" -" ldap://uid=*,cn=users,cn=accounts,dc=example,dc=com. The subtree option\n" -" is a fail-safe for objects that may not be covered by the type option.\n" -"\n" -"The permissions define what the ACI is allowed to do, and are one or\n" -"more of:\n" -"1. write - write one or more attributes\n" -"2. read - read one or more attributes\n" -"3. add - add a new entry to the tree\n" -"4. delete - delete an existing entry\n" -"5. all - all permissions are granted\n" -"\n" -"Note the distinction between attributes and entries. The permissions are\n" -"independent, so being able to add a user does not mean that the user will\n" -"be editable.\n" -"\n" -"The bind rule defines who this ACI grants permissions to. The LDAP server\n" -"allows this to be any valid LDAP entry but we encourage the use of\n" -"taskgroups so that the rights can be easily shared through roles.\n" -"\n" -"For a more thorough description of access controls see\n" -"http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Managing_Access_Control." -"html\n" -"\n" -"EXAMPLES:\n" -"\n" -"NOTE: ACIs are now added via the permission plugin. These examples are to\n" -"demonstrate how the various options work but this is done via the " -"permission\n" -"command-line now (see last example).\n" -"\n" -" Add an ACI so that the group \"secretaries\" can update the address on any " -"user:\n" -" ipa group-add --desc=\"Office secretaries\" secretaries\n" -" ipa aci-add --attrs=streetAddress --memberof=ipausers --group=secretaries " -"--permissions=write --prefix=none \"Secretaries write addresses\"\n" -"\n" -" Show the new ACI:\n" -" ipa aci-show --prefix=none \"Secretaries write addresses\"\n" -"\n" -" Add an ACI that allows members of the \"addusers\" permission to add new " -"users:\n" -" ipa aci-add --type=user --permission=addusers --permissions=add --" -"prefix=none \"Add new users\"\n" -"\n" -" Add an ACI that allows members of the editors manage members of the admins " -"group:\n" -" ipa aci-add --permissions=write --attrs=member --targetgroup=admins --" -"group=editors --prefix=none \"Editors manage admins\"\n" -"\n" -" Add an ACI that allows members of the admins group to manage the street and " -"zip code of those in the editors group:\n" -" ipa aci-add --permissions=write --memberof=editors --group=admins --" -"attrs=street --attrs=postalcode --prefix=none \"admins edit the address of " -"editors\"\n" -"\n" -" Add an ACI that allows the admins group manage the street and zipcode of " -"those who work for the boss:\n" -" ipa aci-add --permissions=write --group=admins --attrs=street --" -"attrs=postalcode --filter=\"(manager=uid=boss,cn=users,cn=accounts," -"dc=example,dc=com)\" --prefix=none \"Edit the address of those who work for " -"the boss\"\n" -"\n" -" Add an entirely new kind of record to IPA that isn't covered by any of the " -"--type options, creating a permission:\n" -" ipa permission-add --permissions=add --subtree=\"cn=*,cn=orange," -"cn=accounts,dc=example,dc=com\" --desc=\"Add Orange Entries\" add_orange\n" -"\n" -"\n" -"The show command shows the raw 389-ds ACI.\n" -"\n" -"IMPORTANT: When modifying the target attributes of an existing ACI you\n" -"must include all existing attributes as well. When doing an aci-mod the\n" -"targetattr REPLACES the current attributes, it does not add to them.\n" -msgstr "" - -msgid "ACI name" -msgstr "Номи ACI" - -msgid "Permission" -msgstr "Иҷозат" - -msgid "Permission ACI grants access to" -msgstr "" - -msgid "User group" -msgstr "Гурӯҳи корбар" - -msgid "User group ACI grants access to" -msgstr "" - -msgid "Permissions" -msgstr "Иҷозатҳо" - -msgid "Permissions to grant(read, write, add, delete, all)" -msgstr "" - -msgid "Attributes to which the permission applies" -msgstr "" - -msgid "Attributes" -msgstr "Аттрибутҳо" - -msgid "Type" -msgstr "Намуд" - -msgid "type of IPA object (user, group, host, hostgroup, service, netgroup)" -msgstr "" - -msgid "Member of" -msgstr "" - -msgid "Member of a group" -msgstr "" - -msgid "Filter" -msgstr "Полоишгар" - -msgid "Legal LDAP filter (e.g. ou=Engineering)" -msgstr "" - -msgid "Subtree" -msgstr "" - -msgid "Subtree to apply ACI to" -msgstr "" - -#, fuzzy -#| msgid "Target" -msgid "Target group" -msgstr "Мақсад" - -msgid "Group to apply ACI to" -msgstr "" - -msgid "Target your own entry (self)" -msgstr "" - -msgid "Apply ACI to your own entry (self)" -msgstr "" - -msgid "Create new ACI." -msgstr "" - -msgid "ACI prefix" -msgstr "Префикси ACI" - -msgid "" -"Prefix used to distinguish ACI types (permission, delegation, selfservice, " -"none)" -msgstr "" - -msgid "Test the ACI syntax but don't write anything" -msgstr "" - -msgid "" -"Retrieve and print all attributes from the server. Affects command output." -msgstr "" - -msgid "Print entries as stored on the server. Only affects output format." -msgstr "" - -msgid "User-friendly description of action performed" -msgstr "" - -msgid "The primary_key value of the entry, e.g. 'jdoe' for a user" -msgstr "" - -#, fuzzy -#| msgid "Delete" -msgid "Delete ACI." -msgstr "Нест кардан" - -msgid "True means the operation was successful" -msgstr "" - -msgid "" -"\n" -"Search for ACIs.\n" -"\n" -" Returns a list of ACIs\n" -"\n" -" EXAMPLES:\n" -"\n" -" To find all ACIs that apply directly to members of the group ipausers:\n" -" ipa aci-find --memberof=ipausers\n" -"\n" -" To find all ACIs that grant add access:\n" -" ipa aci-find --permissions=add\n" -"\n" -" Note that the find command only looks for the given text in the set of\n" -" ACIs, it does not evaluate the ACIs to see if something would apply.\n" -" For example, searching on memberof=ipausers will find all ACIs that\n" -" have ipausers as a memberof. There may be other ACIs that apply to\n" -" members of that group indirectly.\n" -" " -msgstr "" - -msgid "A string searched in all relevant object attributes" -msgstr "" - -msgid "Primary key only" -msgstr "" - -msgid "Results should contain primary key attribute only (\"name\")" -msgstr "" - -msgid "Number of entries returned" -msgstr "" - -msgid "True if not all results were returned" -msgstr "" - -msgid "Modify ACI." -msgstr "" - -#, fuzzy -#| msgid "Rename" -msgid "Rename an ACI." -msgstr "Азнавномгузорӣ" - -#, fuzzy -#| msgid "ACI name" -msgid "New ACI name" -msgstr "Номи ACI" - -msgid "Display a single ACI given an ACI name." -msgstr "" - -msgid "Location of the ACI" -msgstr "" - -msgid "" -"\n" -"Automount\n" -"\n" -"Stores automount(8) configuration for autofs(8) in IPA.\n" -"\n" -"The base of an automount configuration is the configuration file auto." -"master.\n" -"This is also the base location in IPA. Multiple auto.master configurations\n" -"can be stored in separate locations. A location is implementation-specific\n" -"with the default being a location named 'default'. For example, you can " -"have\n" -"locations by geographic region, by floor, by type, etc.\n" -"\n" -"Automount has three basic object types: locations, maps and keys.\n" -"\n" -"A location defines a set of maps anchored in auto.master. This allows you\n" -"to store multiple automount configurations. A location in itself isn't\n" -"very interesting, it is just a point to start a new automount map.\n" -"\n" -"A map is roughly equivalent to a discrete automount file and provides\n" -"storage for keys.\n" -"\n" -"A key is a mount point associated with a map.\n" -"\n" -"When a new location is created, two maps are automatically created for\n" -"it: auto.master and auto.direct. auto.master is the root map for all\n" -"automount maps for the location. auto.direct is the default map for\n" -"direct mounts and is mounted on /-.\n" -"\n" -"An automount map may contain a submount key. This key defines a mount\n" -"location within the map that references another map. This can be done\n" -"either using automountmap-add-indirect --parentmap or manually\n" -"with automountkey-add and setting info to \"-type=autofs :\".\n" -"\n" -"EXAMPLES:\n" -"\n" -"Locations:\n" -"\n" -" Create a named location, \"Baltimore\":\n" -" ipa automountlocation-add baltimore\n" -"\n" -" Display the new location:\n" -" ipa automountlocation-show baltimore\n" -"\n" -" Find available locations:\n" -" ipa automountlocation-find\n" -"\n" -" Remove a named automount location:\n" -" ipa automountlocation-del baltimore\n" -"\n" -" Show what the automount maps would look like if they were in the " -"filesystem:\n" -" ipa automountlocation-tofiles baltimore\n" -"\n" -" Import an existing configuration into a location:\n" -" ipa automountlocation-import baltimore /etc/auto.master\n" -"\n" -" The import will fail if any duplicate entries are found. For\n" -" continuous operation where errors are ignored, use the --continue\n" -" option.\n" -"\n" -"Maps:\n" -"\n" -" Create a new map, \"auto.share\":\n" -" ipa automountmap-add baltimore auto.share\n" -"\n" -" Display the new map:\n" -" ipa automountmap-show baltimore auto.share\n" -"\n" -" Find maps in the location baltimore:\n" -" ipa automountmap-find baltimore\n" -"\n" -" Create an indirect map with auto.share as a submount:\n" -" ipa automountmap-add-indirect baltimore --parentmap=auto.share --" -"mount=sub auto.man\n" -"\n" -" This is equivalent to:\n" -"\n" -" ipa automountmap-add-indirect baltimore --mount=/man auto.man\n" -" ipa automountkey-add baltimore auto.man --key=sub --info=\"-" -"fstype=autofs ldap:auto.share\"\n" -"\n" -" Remove the auto.share map:\n" -" ipa automountmap-del baltimore auto.share\n" -"\n" -"Keys:\n" -"\n" -" Create a new key for the auto.share map in location baltimore. This ties\n" -" the map we previously created to auto.master:\n" -" ipa automountkey-add baltimore auto.master --key=/share --info=auto." -"share\n" -"\n" -" Create a new key for our auto.share map, an NFS mount for man pages:\n" -" ipa automountkey-add baltimore auto.share --key=man --info=\"-ro,soft," -"rsize=8192,wsize=8192 ipa.example.com:/shared/man\"\n" -"\n" -" Find all keys for the auto.share map:\n" -" ipa automountkey-find baltimore auto.share\n" -"\n" -" Find all direct automount keys:\n" -" ipa automountkey-find baltimore --key=/-\n" -"\n" -" Remove the man key from the auto.share map:\n" -" ipa automountkey-del baltimore auto.share --key=man\n" -msgstr "" - -msgid "Key" -msgstr "Тугма" - -msgid "Automount key name." -msgstr "" - -#, fuzzy -#| msgid "Configuration" -msgid "Mount information" -msgstr "Ҷӯрсозӣ" - -msgid "description" -msgstr "шарҳ" - -msgid "Location" -msgstr "Макон" - -msgid "Automount location name." -msgstr "" - -msgid "Map" -msgstr "" - -msgid "Automount map name." -msgstr "" - -msgid "Description" -msgstr "Шарҳ" - -msgid "Create a new automount key." -msgstr "" - -msgid "" -"Set an attribute to a name/value pair. Format is attr=value.\n" -"For multi-valued attributes, the command replaces the values already present." -msgstr "" - -msgid "" -"Add an attribute/value pair. Format is attr=value. The attribute\n" -"must be part of the schema." -msgstr "" - -msgid "Delete an automount key." -msgstr "" - -msgid "Continuous mode: Don't stop on errors." -msgstr "" - -msgid "List of deletions that failed" -msgstr "" - -msgid "Search for an automount key." -msgstr "" - -msgid "Time Limit" -msgstr "" - -msgid "Time limit of search in seconds" -msgstr "" - -msgid "Size Limit" -msgstr "" - -msgid "Maximum number of entries returned" -msgstr "" - -msgid "Modify an automount key." -msgstr "" - -msgid "" -"Delete an attribute/value pair. The option will be evaluated\n" -"last, after all sets and adds." -msgstr "" - -msgid "Rights" -msgstr "" - -msgid "" -"Display the access rights of this entry (requires --all). See ipa man page " -"for details." -msgstr "" - -msgid "New mount information" -msgstr "" - -msgid "Rename" -msgstr "Азнавномгузорӣ" - -msgid "Rename the automount key object" -msgstr "" - -#, fuzzy -#| msgid "Display name" -msgid "Display an automount key." -msgstr "Номи намоишӣ" - -msgid "Create a new automount location." -msgstr "" - -msgid "Delete an automount location." -msgstr "" - -msgid "Search for an automount location." -msgstr "" - -msgid "Results should contain primary key attribute only (\"location\")" -msgstr "" - -msgid "Display an automount location." -msgstr "" - -msgid "Generate automount files for a specific location." -msgstr "" - -msgid "Create a new automount map." -msgstr "" - -msgid "Create a new indirect mount point." -msgstr "" - -msgid "Mount point" -msgstr "" - -msgid "Parent map" -msgstr "" - -msgid "Name of parent automount map (default: auto.master)." -msgstr "" - -msgid "Delete an automount map." -msgstr "" - -msgid "Search for an automount map." -msgstr "" - -msgid "Results should contain primary key attribute only (\"map\")" -msgstr "" - -msgid "Modify an automount map." -msgstr "" - -msgid "Display an automount map." -msgstr "" - -msgid "" -"\n" -"Plugin to make multiple ipa calls via one remote procedure call\n" -"\n" -"To run this code in the lite-server\n" -"\n" -"curl -H \"Content-Type:application/json\" -H \"Accept:application/" -"json\" -H \"Accept-Language:en\" --negotiate -u : --cacert /" -"etc/ipa/ca.crt -d @batch_request.json -X POST http://" -"localhost:8888/ipa/json\n" -"\n" -"where the contents of the file batch_request.json follow the below example\n" -"\n" -"{\"method\":\"batch\",\"params\":[[\n" -" {\"method\":\"group_find\",\"params\":[[],{}]},\n" -" {\"method\":\"user_find\",\"params\":[[],{\"whoami\":\"true\",\"all" -"\":\"true\"}]},\n" -" {\"method\":\"user_show\",\"params\":[[\"admin\"],{\"all\":true}]}\n" -" ],{}],\"id\":1}\n" -"\n" -"The format of the response is nested the same way. At the top you will see\n" -" \"error\": null,\n" -" \"id\": 1,\n" -" \"result\": {\n" -" \"count\": 3,\n" -" \"results\": [\n" -"\n" -"\n" -"And then a nested response for each IPA command method sent in the request\n" -msgstr "" - -msgid "Nested Methods to execute" -msgstr "" - -msgid "" -"\n" -"Server configuration\n" -"\n" -"Manage the default values that IPA uses and some of its tuning parameters.\n" -"\n" -"NOTES:\n" -"\n" -"The password notification value (--pwdexpnotify) is stored here so it will\n" -"be replicated. It is not currently used to notify users in advance of an\n" -"expiring password.\n" -"\n" -"Some attributes are read-only, provided only for information purposes. " -"These\n" -"include:\n" -"\n" -"Certificate Subject base: the configured certificate subject base,\n" -" e.g. O=EXAMPLE.COM. This is configurable only at install time.\n" -"Password plug-in features: currently defines additional hashes that the\n" -" password will generate (there may be other conditions).\n" -"\n" -"When setting the order list for mapping SELinux users you may need to\n" -"quote the value so it isn't interpreted by the shell.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Show basic server configuration:\n" -" ipa config-show\n" -"\n" -" Show all configuration options:\n" -" ipa config-show --all\n" -"\n" -" Change maximum username length to 99 characters:\n" -" ipa config-mod --maxusername=99\n" -"\n" -" Increase default time and size limits for maximum IPA server search:\n" -" ipa config-mod --searchtimelimit=10 --searchrecordslimit=2000\n" -"\n" -" Set default user e-mail domain:\n" -" ipa config-mod --emaildomain=example.com\n" -"\n" -" Enable migration mode to make \"ipa migrate-ds\" command operational:\n" -" ipa config-mod --enable-migration=TRUE\n" -"\n" -" Define SELinux user map order:\n" -" ipa config-mod --ipaselinuxusermaporder='guest_u:s0$xguest_u:s0$user_u:s0-" -"s0:c0.c1023$staff_u:s0-s0:c0.c1023$unconfined_u:s0-s0:c0.c1023'\n" -msgstr "" - -msgid "Maximum username length" -msgstr "" - -msgid "Home directory base" -msgstr "" - -msgid "Default location of home directories" -msgstr "" - -msgid "Default shell" -msgstr "" - -msgid "Default shell for new users" -msgstr "" - -#, fuzzy -#| msgid "User group" -msgid "Default users group" -msgstr "Гурӯҳи корбар" - -msgid "Default group for new users" -msgstr "" - -msgid "Default e-mail domain" -msgstr "" - -msgid "Search time limit" -msgstr "" - -msgid "" -"Maximum amount of time (seconds) for a search (> 0, or -1 for unlimited)" -msgstr "" - -msgid "Search size limit" -msgstr "" - -msgid "Maximum number of records to search (-1 is unlimited)" -msgstr "" - -msgid "User search fields" -msgstr "" - -msgid "A comma-separated list of fields to search in when searching for users" -msgstr "" - -msgid "Group search fields" -msgstr "" - -msgid "A comma-separated list of fields to search in when searching for groups" -msgstr "" - -msgid "Enable migration mode" -msgstr "" - -msgid "Certificate Subject base" -msgstr "" - -msgid "Base for certificate subjects (OU=Test,O=Example)" -msgstr "" - -msgid "Default group objectclasses" -msgstr "" - -msgid "Default group objectclasses (comma-separated list)" -msgstr "" - -msgid "Default user objectclasses" -msgstr "" - -msgid "Default user objectclasses (comma-separated list)" -msgstr "" - -msgid "Password Expiration Notification (days)" -msgstr "" - -msgid "Number of days's notice of impending password expiration" -msgstr "" - -msgid "Password plugin features" -msgstr "" - -msgid "Extra hashes to generate in password plug-in" -msgstr "" - -msgid "SELinux user map order" -msgstr "" - -msgid "Order in increasing priority of SELinux users, delimited by $" -msgstr "" - -msgid "Default SELinux user" -msgstr "" - -msgid "Default SELinux user when no match is found in SELinux map rule" -msgstr "" - -msgid "Default PAC types" -msgstr "" - -msgid "Default types of PAC supported for services" -msgstr "" - -msgid "Default user authentication types" -msgstr "" - -msgid "Default types of supported user authentication" -msgstr "" - -msgid "Modify configuration options." -msgstr "" - -msgid "Show the current configuration." -msgstr "" - -msgid "" -"\n" -"Group to Group Delegation\n" -"\n" -"A permission enables fine-grained delegation of permissions. Access Control\n" -"Rules, or instructions (ACIs), grant permission to permissions to perform\n" -"given tasks such as adding a user, modifying a group, etc.\n" -"\n" -"Group to Group Delegations grants the members of one group to update a set\n" -"of attributes of members of another group.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a delegation rule to allow managers to edit employee's addresses:\n" -" ipa delegation-add --attrs=street --group=managers --" -"membergroup=employees \"managers edit employees' street\"\n" -"\n" -" When managing the list of attributes you need to include all attributes\n" -" in the list, including existing ones. Add postalCode to the list:\n" -" ipa delegation-mod --attrs=street --attrs=postalCode --group=managers --" -"membergroup=employees \"managers edit employees' street\"\n" -"\n" -" Display our updated rule:\n" -" ipa delegation-show \"managers edit employees' street\"\n" -"\n" -" Delete a rule:\n" -" ipa delegation-del \"managers edit employees' street\"\n" -msgstr "" - -msgid "Delegation name" -msgstr "" - -msgid "Permissions to grant (read, write). Default is write." -msgstr "" - -msgid "Attributes to which the delegation applies" -msgstr "" - -#, fuzzy -#| msgid "User group" -msgid "Member user group" -msgstr "Гурӯҳи корбар" - -msgid "User group to apply delegation to" -msgstr "" - -msgid "Add a new delegation." -msgstr "" - -msgid "Delete a delegation." -msgstr "" - -msgid "Search for delegations." -msgstr "" - -msgid "Modify a delegation." -msgstr "" - -msgid "Display information about a delegation." -msgstr "" - -msgid "" -"\n" -"Domain Name System (DNS)\n" -"\n" -"Manage DNS zone and resource records.\n" -"\n" -"SUPPORTED ZONE TYPES\n" -"\n" -" * Master zone (dnszone-*), contains authoritative data.\n" -" * Forward zone (dnsforwardzone-*), forwards queries to configured " -"forwarders\n" -" (a set of DNS servers).\n" -"\n" -"USING STRUCTURED PER-TYPE OPTIONS\n" -"\n" -"There are many structured DNS RR types where DNS data stored in LDAP server\n" -"is not just a scalar value, for example an IP address or a domain name, but\n" -"a data structure which may be often complex. A good example is a LOC record\n" -"[RFC1876] which consists of many mandatory and optional parts (degrees,\n" -"minutes, seconds of latitude and longitude, altitude or precision).\n" -"\n" -"It may be difficult to manipulate such DNS records without making a mistake\n" -"and entering an invalid value. DNS module provides an abstraction over " -"these\n" -"raw records and allows to manipulate each RR type with specific options. " -"For\n" -"each supported RR type, DNS module provides a standard option to manipulate\n" -"a raw records with format ---rec, e.g. --mx-rec, and special " -"options\n" -"for every part of the RR structure with format ---, e.g.\n" -"--mx-preference and --mx-exchanger.\n" -"\n" -"When adding a record, either RR specific options or standard option for a " -"raw\n" -"value can be used, they just should not be combined in one add operation. " -"When\n" -"modifying an existing entry, new RR specific options can be used to change\n" -"one part of a DNS record, where the standard option for raw value is used\n" -"to specify the modified value. The following example demonstrates\n" -"a modification of MX record preference from 0 to 1 in a record without\n" -"modifying the exchanger:\n" -"ipa dnsrecord-mod --mx-rec=\"0 mx.example.com.\" --mx-preference=1\n" -"\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add new zone:\n" -" ipa dnszone-add example.com --admin-email=admin@example.com\n" -"\n" -" Add system permission that can be used for per-zone privilege delegation:\n" -" ipa dnszone-add-permission example.com\n" -"\n" -" Modify the zone to allow dynamic updates for hosts own records in realm " -"EXAMPLE.COM:\n" -" ipa dnszone-mod example.com --dynamic-update=TRUE\n" -"\n" -" This is the equivalent of:\n" -" ipa dnszone-mod example.com --dynamic-update=TRUE --update-policy=" -"\"grant EXAMPLE.COM krb5-self * A; grant EXAMPLE.COM krb5-self * AAAA; grant " -"EXAMPLE.COM krb5-self * SSHFP;\"\n" -"\n" -" Modify the zone to allow zone transfers for local network only:\n" -" ipa dnszone-mod example.com --allow-transfer=192.0.2.0/24\n" -"\n" -" Add new reverse zone specified by network IP address:\n" -" ipa dnszone-add --name-from-ip=192.0.2.0/24\n" -"\n" -" Add second nameserver for example.com:\n" -" ipa dnsrecord-add example.com @ --ns-rec=nameserver2.example.com\n" -"\n" -" Add a mail server for example.com:\n" -" ipa dnsrecord-add example.com @ --mx-rec=\"10 mail1\"\n" -"\n" -" Add another record using MX record specific options:\n" -" ipa dnsrecord-add example.com @ --mx-preference=20 --mx-exchanger=mail2\n" -"\n" -" Add another record using interactive mode (started when dnsrecord-add, " -"dnsrecord-mod,\n" -" or dnsrecord-del are executed with no options):\n" -" ipa dnsrecord-add example.com @\n" -" Please choose a type of DNS resource record to be added\n" -" The most common types for this type of zone are: NS, MX, LOC\n" -"\n" -" DNS resource record type: MX\n" -" MX Preference: 30\n" -" MX Exchanger: mail3\n" -" Record name: example.com\n" -" MX record: 10 mail1, 20 mail2, 30 mail3\n" -" NS record: nameserver.example.com., nameserver2.example.com.\n" -"\n" -" Delete previously added nameserver from example.com:\n" -" ipa dnsrecord-del example.com @ --ns-rec=nameserver2.example.com.\n" -"\n" -" Add LOC record for example.com:\n" -" ipa dnsrecord-add example.com @ --loc-rec=\"49 11 42.4 N 16 36 29.6 E " -"227.64m\"\n" -"\n" -" Add new A record for www.example.com. Create a reverse record in " -"appropriate\n" -" reverse zone as well. In this case a PTR record \"2\" pointing to www." -"example.com\n" -" will be created in zone 2.0.192.in-addr.arpa.\n" -" ipa dnsrecord-add example.com www --a-rec=192.0.2.2 --a-create-reverse\n" -"\n" -" Add new PTR record for www.example.com\n" -" ipa dnsrecord-add 2.0.192.in-addr.arpa. 2 --ptr-rec=www.example.com.\n" -"\n" -" Add new SRV records for LDAP servers. Three quarters of the requests\n" -" should go to fast.example.com, one quarter to slow.example.com. If neither\n" -" is available, switch to backup.example.com.\n" -" ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"0 3 389 fast.example." -"com\"\n" -" ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"0 1 389 slow.example." -"com\"\n" -" ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"1 1 389 backup." -"example.com\"\n" -"\n" -" The interactive mode can be used for easy modification:\n" -" ipa dnsrecord-mod example.com _ldap._tcp\n" -" No option to modify specific record provided.\n" -" Current DNS record contents:\n" -"\n" -" SRV record: 0 3 389 fast.example.com, 0 1 389 slow.example.com, 1 1 389 " -"backup.example.com\n" -"\n" -" Modify SRV record '0 3 389 fast.example.com'? Yes/No (default No):\n" -" Modify SRV record '0 1 389 slow.example.com'? Yes/No (default No): y\n" -" SRV Priority [0]: (keep the default value)\n" -" SRV Weight [1]: 2 (modified value)\n" -" SRV Port [389]: (keep the default value)\n" -" SRV Target [slow.example.com]: (keep the default value)\n" -" 1 SRV record skipped. Only one value per DNS record type can be modified " -"at one time.\n" -" Record name: _ldap._tcp\n" -" SRV record: 0 3 389 fast.example.com, 1 1 389 backup.example.com, 0 2 " -"389 slow.example.com\n" -"\n" -" After this modification, three fifths of the requests should go to\n" -" fast.example.com and two fifths to slow.example.com.\n" -"\n" -" An example of the interactive mode for dnsrecord-del command:\n" -" ipa dnsrecord-del example.com www\n" -" No option to delete specific record provided.\n" -" Delete all? Yes/No (default No): (do not delete all records)\n" -" Current DNS record contents:\n" -"\n" -" A record: 192.0.2.2, 192.0.2.3\n" -"\n" -" Delete A record '192.0.2.2'? Yes/No (default No):\n" -" Delete A record '192.0.2.3'? Yes/No (default No): y\n" -" Record name: www\n" -" A record: 192.0.2.2 (A record 192.0.2.3 has been " -"deleted)\n" -"\n" -" Show zone example.com:\n" -" ipa dnszone-show example.com\n" -"\n" -" Find zone with \"example\" in its domain name:\n" -" ipa dnszone-find example\n" -"\n" -" Find records for resources with \"www\" in their name in zone example.com:\n" -" ipa dnsrecord-find example.com www\n" -"\n" -" Find A records with value 192.0.2.2 in zone example.com\n" -" ipa dnsrecord-find example.com --a-rec=192.0.2.2\n" -"\n" -" Show records for resource www in zone example.com\n" -" ipa dnsrecord-show example.com www\n" -"\n" -" Delegate zone sub.example to another nameserver:\n" -" ipa dnsrecord-add example.com ns.sub --a-rec=203.0.113.1\n" -" ipa dnsrecord-add example.com sub --ns-rec=ns.sub.example.com.\n" -"\n" -" Delete zone example.com with all resource records:\n" -" ipa dnszone-del example.com\n" -"\n" -" If a global forwarder is configured, all queries for which this server is " -"not\n" -" authoritative (e.g. sub.example.com) will be routed to the global " -"forwarder.\n" -" Global forwarding configuration can be overridden per-zone.\n" -"\n" -" Semantics of forwarding in IPA matches BIND semantics and depends on the " -"type\n" -" of zone:\n" -" * Master zone: local BIND replies authoritatively to queries for data in\n" -" the given zone (including authoritative NXDOMAIN answers) and forwarding\n" -" affects only queries for names below zone cuts (NS records) of locally\n" -" served zones.\n" -"\n" -" * Forward zone: forward zone contains no authoritative data. BIND " -"forwards\n" -" queries, which cannot be answered from its local cache, to configured\n" -" forwarders.\n" -"\n" -" Semantics of the --forward-policy option:\n" -" * none - disable forwarding for the given zone.\n" -" * first - forward all queries to configured forwarders. If they fail,\n" -" do resolution using DNS root servers.\n" -" * only - forward all queries to configured forwarders and if they fail,\n" -" return failure.\n" -"\n" -" Disable global forwarding for given sub-tree:\n" -" ipa dnszone-mod example.com --forward-policy=none\n" -"\n" -" This configuration forwards all queries for names outside the example.com\n" -" sub-tree to global forwarders. Normal recursive resolution process is used\n" -" for names inside the example.com sub-tree (i.e. NS records are followed " -"etc.).\n" -"\n" -" Forward all requests for the zone external.example.com to another " -"forwarder\n" -" using a \"first\" policy (it will send the queries to the selected " -"forwarder\n" -" and if not answered it will use global root servers):\n" -" ipa dnsforwardzone-add external.example.com --forward-" -"policy=first --forwarder=203.0.113.1\n" -"\n" -" Change forward-policy for external.example.com:\n" -" ipa dnsforwardzone-mod external.example.com --forward-policy=only\n" -"\n" -" Show forward zone external.example.com:\n" -" ipa dnsforwardzone-show external.example.com\n" -"\n" -" List all forward zones:\n" -" ipa dnsforwardzone-find\n" -"\n" -" Delete forward zone external.example.com:\n" -" ipa dnsforwardzone-del external.example.com\n" -"\n" -" Resolve a host name to see if it exists (will add default IPA domain\n" -" if one is not included):\n" -" ipa dns-resolve www.example.com\n" -" ipa dns-resolve www\n" -"\n" -"\n" -"GLOBAL DNS CONFIGURATION\n" -"\n" -"DNS configuration passed to command line install script is stored in a " -"local\n" -"configuration file on each IPA server where DNS service is configured. " -"These\n" -"local settings can be overridden with a common configuration stored in LDAP\n" -"server:\n" -"\n" -" Show global DNS configuration:\n" -" ipa dnsconfig-show\n" -"\n" -" Modify global DNS configuration and set a list of global forwarders:\n" -" ipa dnsconfig-mod --forwarder=203.0.113.113\n" -msgstr "" - -msgid "Global forwarders" -msgstr "" - -msgid "" -"Global forwarders. A custom port can be specified for each forwarder using a " -"standard format \"IP_ADDRESS port PORT\"" -msgstr "" - -msgid "Forward policy" -msgstr "" - -msgid "" -"Global forwarding policy. Set to \"none\" to disable any configured global " -"forwarders." -msgstr "" - -msgid "Allow PTR sync" -msgstr "" - -msgid "Allow synchronization of forward (A, AAAA) and reverse (PTR) records" -msgstr "" - -msgid "Zone refresh interval" -msgstr "" - -#, fuzzy -#| msgid "Host name" -msgid "Zone name" -msgstr "Номи мизбон" - -msgid "Zone name (FQDN)" -msgstr "" - -msgid "Reverse zone IP network" -msgstr "" - -msgid "IP network to create reverse zone name from" -msgstr "" - -msgid "Active zone" -msgstr "" - -msgid "Is zone active?" -msgstr "" - -msgid "Zone forwarders" -msgstr "" - -msgid "" -"Per-zone forwarders. A custom port can be specified for each forwarder using " -"a standard format \"IP_ADDRESS port PORT\"" -msgstr "" - -msgid "" -"Per-zone conditional forwarding policy. Set to \"none\" to disable " -"forwarding to global forwarder for this zone. In that case, conditional zone " -"forwarders are disregarded." -msgstr "" - -#, fuzzy -#| msgid "Rename" -msgid "Record name" -msgstr "Азнавномгузорӣ" - -msgid "Time to live" -msgstr "" - -msgid "Records" -msgstr "" - -msgid "Record type" -msgstr "" - -msgid "Record data" -msgstr "" - -msgid "A record" -msgstr "" - -msgid "Raw A records" -msgstr "" - -msgid "A IP Address" -msgstr "" - -msgid "IP Address" -msgstr "" - -msgid "A Create reverse" -msgstr "" - -msgid "Create reverse record for this IP Address" -msgstr "" - -msgid "AAAA record" -msgstr "" - -msgid "Raw AAAA records" -msgstr "" - -msgid "AAAA IP Address" -msgstr "" - -msgid "AAAA Create reverse" -msgstr "" - -msgid "A6 record" -msgstr "" - -msgid "Raw A6 records" -msgstr "" - -msgid "A6 Record data" -msgstr "" - -msgid "AFSDB record" -msgstr "" - -msgid "Raw AFSDB records" -msgstr "" - -msgid "AFSDB Subtype" -msgstr "" - -msgid "Subtype" -msgstr "" - -#, fuzzy -#| msgid "Hostname" -msgid "AFSDB Hostname" -msgstr "Номи мизбон" - -msgid "Hostname" -msgstr "Номи мизбон" - -msgid "APL record" -msgstr "" - -msgid "Raw APL records" -msgstr "" - -msgid "CERT record" -msgstr "" - -msgid "Raw CERT records" -msgstr "" - -msgid "CERT Certificate Type" -msgstr "" - -msgid "Certificate Type" -msgstr "" - -msgid "CERT Key Tag" -msgstr "" - -msgid "Key Tag" -msgstr "" - -msgid "CERT Algorithm" -msgstr "" - -msgid "Algorithm" -msgstr "" - -msgid "CERT Certificate/CRL" -msgstr "" - -msgid "Certificate/CRL" -msgstr "" - -msgid "CNAME record" -msgstr "" - -msgid "Raw CNAME records" -msgstr "" - -#, fuzzy -#| msgid "Hostname" -msgid "CNAME Hostname" -msgstr "Номи мизбон" - -msgid "A hostname which this alias hostname points to" -msgstr "" - -msgid "DHCID record" -msgstr "" - -msgid "Raw DHCID records" -msgstr "" - -msgid "DLV record" -msgstr "" - -msgid "Raw DLV records" -msgstr "" - -msgid "DLV Key Tag" -msgstr "" - -msgid "DLV Algorithm" -msgstr "" - -msgid "DLV Digest Type" -msgstr "" - -msgid "Digest Type" -msgstr "" - -msgid "DLV Digest" -msgstr "" - -msgid "Digest" -msgstr "" - -msgid "DNAME record" -msgstr "" - -msgid "Raw DNAME records" -msgstr "" - -#, fuzzy -#| msgid "Target" -msgid "DNAME Target" -msgstr "Мақсад" - -msgid "Target" -msgstr "Мақсад" - -msgid "DNSKEY record" -msgstr "" - -msgid "Raw DNSKEY records" -msgstr "" - -msgid "DS record" -msgstr "" - -msgid "Raw DS records" -msgstr "" - -msgid "DS Key Tag" -msgstr "" - -msgid "DS Algorithm" -msgstr "" - -msgid "DS Digest Type" -msgstr "" - -msgid "DS Digest" -msgstr "" - -msgid "HIP record" -msgstr "" - -msgid "Raw HIP records" -msgstr "" - -msgid "IPSECKEY record" -msgstr "" - -msgid "Raw IPSECKEY records" -msgstr "" - -msgid "KEY record" -msgstr "" - -msgid "Raw KEY records" -msgstr "" - -msgid "KX record" -msgstr "" - -msgid "Raw KX records" -msgstr "" - -msgid "KX Preference" -msgstr "" - -msgid "Preference given to this exchanger. Lower values are more preferred" -msgstr "" - -msgid "KX Exchanger" -msgstr "" - -msgid "A host willing to act as a key exchanger" -msgstr "" - -msgid "LOC record" -msgstr "" - -msgid "Raw LOC records" -msgstr "" - -msgid "LOC Degrees Latitude" -msgstr "" - -msgid "Degrees Latitude" -msgstr "" - -msgid "LOC Minutes Latitude" -msgstr "" - -msgid "Minutes Latitude" -msgstr "" - -msgid "LOC Seconds Latitude" -msgstr "" - -msgid "Seconds Latitude" -msgstr "" - -msgid "LOC Direction Latitude" -msgstr "" - -msgid "Direction Latitude" -msgstr "" - -msgid "LOC Degrees Longitude" -msgstr "" - -msgid "Degrees Longitude" -msgstr "" - -msgid "LOC Minutes Longitude" -msgstr "" - -msgid "Minutes Longitude" -msgstr "" - -msgid "LOC Seconds Longitude" -msgstr "" - -msgid "Seconds Longitude" -msgstr "" - -msgid "LOC Direction Longitude" -msgstr "" - -msgid "Direction Longitude" -msgstr "" - -msgid "LOC Altitude" -msgstr "" - -msgid "Altitude" -msgstr "" - -msgid "LOC Size" -msgstr "" - -msgid "Size" -msgstr "" - -msgid "LOC Horizontal Precision" -msgstr "" - -msgid "Horizontal Precision" -msgstr "" - -msgid "LOC Vertical Precision" -msgstr "" - -msgid "Vertical Precision" -msgstr "" - -msgid "MX record" -msgstr "" - -msgid "Raw MX records" -msgstr "" - -msgid "MX Preference" -msgstr "" - -msgid "MX Exchanger" -msgstr "" - -msgid "A host willing to act as a mail exchanger" -msgstr "" - -msgid "NAPTR record" -msgstr "" - -msgid "Raw NAPTR records" -msgstr "" - -msgid "NAPTR Order" -msgstr "" - -msgid "Order" -msgstr "" - -msgid "NAPTR Preference" -msgstr "" - -msgid "Preference" -msgstr "" - -msgid "NAPTR Flags" -msgstr "" - -msgid "Flags" -msgstr "" - -#, fuzzy -#| msgid "Service" -msgid "NAPTR Service" -msgstr "Хидмат" - -msgid "Service" -msgstr "Хидмат" - -msgid "NAPTR Regular Expression" -msgstr "" - -msgid "Regular Expression" -msgstr "" - -msgid "NAPTR Replacement" -msgstr "" - -msgid "Replacement" -msgstr "" - -msgid "NS record" -msgstr "" - -msgid "Raw NS records" -msgstr "" - -#, fuzzy -#| msgid "Hostname" -msgid "NS Hostname" -msgstr "Номи мизбон" - -msgid "NSEC record" -msgstr "" - -msgid "Raw NSEC records" -msgstr "" - -msgid "NSEC3 record" -msgstr "" - -msgid "Raw NSEC3 records" -msgstr "" - -msgid "PTR record" -msgstr "" - -msgid "Raw PTR records" -msgstr "" - -#, fuzzy -#| msgid "Hostname" -msgid "PTR Hostname" -msgstr "Номи мизбон" - -msgid "The hostname this reverse record points to" -msgstr "" - -msgid "RRSIG record" -msgstr "" - -msgid "Raw RRSIG records" -msgstr "" - -msgid "RP record" -msgstr "" - -msgid "Raw RP records" -msgstr "" - -msgid "SIG record" -msgstr "" - -msgid "Raw SIG records" -msgstr "" - -msgid "SPF record" -msgstr "" - -msgid "Raw SPF records" -msgstr "" - -msgid "SRV record" -msgstr "" - -msgid "Raw SRV records" -msgstr "" - -msgid "SRV Priority" -msgstr "" - -msgid "Priority" -msgstr "" - -msgid "SRV Weight" -msgstr "" - -msgid "Weight" -msgstr "" - -msgid "SRV Port" -msgstr "" - -msgid "Port" -msgstr "" - -#, fuzzy -#| msgid "Target" -msgid "SRV Target" -msgstr "Мақсад" - -msgid "" -"The domain name of the target host or '.' if the service is decidedly not " -"available at this domain" -msgstr "" - -msgid "SSHFP record" -msgstr "" - -msgid "Raw SSHFP records" -msgstr "" - -msgid "SSHFP Algorithm" -msgstr "" - -msgid "SSHFP Fingerprint Type" -msgstr "" - -msgid "Fingerprint Type" -msgstr "" - -msgid "SSHFP Fingerprint" -msgstr "" - -msgid "Fingerprint" -msgstr "" - -msgid "TA record" -msgstr "" - -msgid "Raw TA records" -msgstr "" - -msgid "TLSA record" -msgstr "" - -msgid "Raw TLSA records" -msgstr "" - -msgid "TLSA Certificate Usage" -msgstr "" - -msgid "Certificate Usage" -msgstr "" - -msgid "TLSA Selector" -msgstr "" - -#, fuzzy -#| msgid "Select All" -msgid "Selector" -msgstr "Интихоби ҳама" - -msgid "TLSA Matching Type" -msgstr "" - -msgid "Matching Type" -msgstr "" - -msgid "TLSA Certificate Association Data" -msgstr "" - -msgid "Certificate Association Data" -msgstr "" - -msgid "TKEY record" -msgstr "" - -msgid "Raw TKEY records" -msgstr "" - -msgid "TSIG record" -msgstr "" - -msgid "Raw TSIG records" -msgstr "" - -msgid "TXT record" -msgstr "" - -msgid "Raw TXT records" -msgstr "" - -msgid "TXT Text Data" -msgstr "" - -#, fuzzy -#| msgid "Data" -msgid "Text Data" -msgstr "Маълумот" - -msgid "Authoritative nameserver" -msgstr "" - -msgid "Authoritative nameserver domain name" -msgstr "" - -msgid "Administrator e-mail address" -msgstr "" - -msgid "SOA serial" -msgstr "" - -#, fuzzy -#| msgid "Serial number" -msgid "SOA record serial number" -msgstr "Рақами силсилавӣ" - -msgid "SOA refresh" -msgstr "" - -msgid "SOA record refresh time" -msgstr "" - -msgid "SOA retry" -msgstr "" - -msgid "SOA record retry time" -msgstr "" - -msgid "SOA expire" -msgstr "" - -msgid "SOA record expire time" -msgstr "" - -msgid "SOA minimum" -msgstr "" - -msgid "How long should negative responses be cached" -msgstr "" - -msgid "Time to live for records at zone apex" -msgstr "" - -msgid "BIND update policy" -msgstr "" - -msgid "Dynamic update" -msgstr "" - -msgid "Allow dynamic updates." -msgstr "" - -#, fuzzy -#| msgid "Allow" -msgid "Allow query" -msgstr "Иҷозат додан" - -msgid "" -"Semicolon separated list of IP addresses or networks which are allowed to " -"issue queries" -msgstr "" - -msgid "Allow transfer" -msgstr "" - -msgid "" -"Semicolon separated list of IP addresses or networks which are allowed to " -"transfer the zone" -msgstr "" - -msgid "" -"Allow synchronization of forward (A, AAAA) and reverse (PTR) records in the " -"zone" -msgstr "" - -msgid "Allow in-line DNSSEC signing" -msgstr "" - -msgid "Allow inline DNSSEC signing of records in the zone" -msgstr "" - -msgid "NSEC3PARAM record" -msgstr "" - -msgid "" -"NSEC3PARAM record for zone in format: hash_algorithm flags iterations salt" -msgstr "" - -msgid "Checks if any of the servers has the DNS service enabled." -msgstr "" - -msgid "Resolve a host name in DNS." -msgstr "" - -msgid "Modify global DNS configuration." -msgstr "" - -msgid "Show the current global DNS configuration." -msgstr "" - -msgid "Create new DNS forward zone." -msgstr "" - -msgid "Add a permission for per-forward zone access delegation." -msgstr "" - -#, fuzzy -#| msgid "Permission" -msgid "Permission value" -msgstr "Иҷозат" - -msgid "Delete DNS forward zone." -msgstr "" - -msgid "Disable DNS Forward Zone." -msgstr "" - -msgid "Enable DNS Forward Zone." -msgstr "" - -msgid "Search for DNS forward zones." -msgstr "" - -msgid "Modify DNS forward zone." -msgstr "" - -msgid "Remove a permission for per-forward zone access delegation." -msgstr "" - -msgid "Display information about a DNS forward zone." -msgstr "" - -msgid "Add new DNS resource record." -msgstr "" - -msgid "Force" -msgstr "Маҷбурӣ" - -msgid "force NS record creation even if its hostname is not in DNS" -msgstr "" - -msgid "Structured" -msgstr "" - -msgid "Parse all raw DNS records and return them in a structured way" -msgstr "" - -msgid "Delete DNS resource record." -msgstr "" - -msgid "Delete all associated records" -msgstr "" - -msgid "Delete DNS record entry." -msgstr "" - -msgid "Search for DNS resources." -msgstr "" - -msgid "Modify a DNS resource record." -msgstr "" - -msgid "Rename the DNS resource record object" -msgstr "" - -msgid "Display DNS resource." -msgstr "" - -msgid "Create new DNS zone (SOA record)." -msgstr "" - -msgid "Force DNS zone creation even if nameserver is not resolvable." -msgstr "" - -msgid "Add a permission for per-zone access delegation." -msgstr "" - -msgid "Delete DNS zone (SOA record)." -msgstr "" - -msgid "Disable DNS Zone." -msgstr "" - -msgid "Enable DNS Zone." -msgstr "" - -msgid "Search for DNS zones (SOA records)." -msgstr "" - -msgid "Forward zones only" -msgstr "" - -msgid "Search for forward zones only" -msgstr "" - -msgid "Modify DNS zone (SOA record)." -msgstr "" - -msgid "Force nameserver change even if nameserver not in DNS" -msgstr "" - -msgid "Remove a permission for per-zone access delegation." -msgstr "" - -msgid "Display information about a DNS zone (SOA record)." -msgstr "" - -msgid "" -"\n" -"Host-based access control\n" -"\n" -"Control who can access what services on what hosts. You\n" -"can use HBAC to control which users or groups can\n" -"access a service, or group of services, on a target host.\n" -"\n" -"You can also specify a category of users and target hosts.\n" -"This is currently limited to \"all\", but might be expanded in the\n" -"future.\n" -"\n" -"Target hosts in HBAC rules must be hosts managed by IPA.\n" -"\n" -"The available services and groups of services are controlled by the\n" -"hbacsvc and hbacsvcgroup plug-ins respectively.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Create a rule, \"test1\", that grants all users access to the host \"server" -"\" from\n" -" anywhere:\n" -" ipa hbacrule-add --usercat=all test1\n" -" ipa hbacrule-add-host --hosts=server.example.com test1\n" -"\n" -" Display the properties of a named HBAC rule:\n" -" ipa hbacrule-show test1\n" -"\n" -" Create a rule for a specific service. This lets the user john access\n" -" the sshd service on any machine from any machine:\n" -" ipa hbacrule-add --hostcat=all john_sshd\n" -" ipa hbacrule-add-user --users=john john_sshd\n" -" ipa hbacrule-add-service --hbacsvcs=sshd john_sshd\n" -"\n" -" Create a rule for a new service group. This lets the user john access\n" -" the FTP service on any machine from any machine:\n" -" ipa hbacsvcgroup-add ftpers\n" -" ipa hbacsvc-add sftp\n" -" ipa hbacsvcgroup-add-member --hbacsvcs=ftp --hbacsvcs=sftp ftpers\n" -" ipa hbacrule-add --hostcat=all john_ftp\n" -" ipa hbacrule-add-user --users=john john_ftp\n" -" ipa hbacrule-add-service --hbacsvcgroups=ftpers john_ftp\n" -"\n" -" Disable a named HBAC rule:\n" -" ipa hbacrule-disable test1\n" -"\n" -" Remove a named HBAC rule:\n" -" ipa hbacrule-del allow_server\n" -msgstr "" - -#, fuzzy -#| msgid "Rename" -msgid "Rule name" -msgstr "Азнавномгузорӣ" - -msgid "Rule type" -msgstr "" - -msgid "Rule type (allow)" -msgstr "" - -#, fuzzy -#| msgid "User name" -msgid "User category" -msgstr "Номи корбар" - -msgid "User category the rule applies to" -msgstr "" - -#, fuzzy -#| msgid "Host Name" -msgid "Host category" -msgstr "Номи мизбон" - -msgid "Host category the rule applies to" -msgstr "" - -#, fuzzy -#| msgid "Service" -msgid "Service category" -msgstr "Хидмат" - -msgid "Service category the rule applies to" -msgstr "" - -msgid "Enabled" -msgstr "Фаъолшуда" - -#, fuzzy -#| msgid "User" -msgid "Users" -msgstr "Корбар" - -#, fuzzy -#| msgid "User group" -msgid "User Groups" -msgstr "Гурӯҳи корбар" - -#, fuzzy -#| msgid "Hostname" -msgid "Hosts" -msgstr "Номи мизбон" - -#, fuzzy -#| msgid "Groups" -msgid "Host Groups" -msgstr "Гуруҳҳо" - -#, fuzzy -#| msgid "Service" -msgid "Services" -msgstr "Хидмат" - -#, fuzzy -#| msgid "Service" -msgid "Service Groups" -msgstr "Хидмат" - -msgid "External host" -msgstr "" - -msgid "Create a new HBAC rule." -msgstr "" - -msgid "Suppress processing of membership attributes." -msgstr "" - -msgid "Add target hosts and hostgroups to an HBAC rule." -msgstr "" - -msgid "member host" -msgstr "" - -msgid "hosts to add" -msgstr "" - -msgid "member host group" -msgstr "" - -msgid "host groups to add" -msgstr "" - -msgid "Members that could not be added" -msgstr "" - -msgid "Number of members added" -msgstr "" - -msgid "Add services to an HBAC rule." -msgstr "" - -msgid "member HBAC service" -msgstr "" - -msgid "HBAC services to add" -msgstr "" - -msgid "member HBAC service group" -msgstr "" - -msgid "HBAC service groups to add" -msgstr "" - -msgid "Add users and groups to an HBAC rule." -msgstr "" - -msgid "member user" -msgstr "" - -msgid "users to add" -msgstr "" - -#, fuzzy -#| msgid "User group" -msgid "member group" -msgstr "Гурӯҳи корбар" - -msgid "groups to add" -msgstr "" - -msgid "Delete an HBAC rule." -msgstr "" - -msgid "Disable an HBAC rule." -msgstr "" - -msgid "Enable an HBAC rule." -msgstr "" - -msgid "Search for HBAC rules." -msgstr "" - -msgid "Modify an HBAC rule." -msgstr "" - -msgid "Remove target hosts and hostgroups from an HBAC rule." -msgstr "" - -msgid "hosts to remove" -msgstr "" - -msgid "host groups to remove" -msgstr "" - -msgid "Members that could not be removed" -msgstr "" - -msgid "Number of members removed" -msgstr "" - -msgid "Remove service and service groups from an HBAC rule." -msgstr "" - -msgid "HBAC services to remove" -msgstr "" - -msgid "HBAC service groups to remove" -msgstr "" - -msgid "Remove users and groups from an HBAC rule." -msgstr "" - -msgid "users to remove" -msgstr "" - -msgid "groups to remove" -msgstr "" - -msgid "Display the properties of an HBAC rule." -msgstr "" - -msgid "" -"\n" -"HBAC Services\n" -"\n" -"The PAM services that HBAC can control access to. The name used here\n" -"must match the service name that PAM is evaluating.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a new HBAC service:\n" -" ipa hbacsvc-add tftp\n" -"\n" -" Modify an existing HBAC service:\n" -" ipa hbacsvc-mod --desc=\"TFTP service\" tftp\n" -"\n" -" Search for HBAC services. This example will return two results, the FTP\n" -" service and the newly-added tftp service:\n" -" ipa hbacsvc-find ftp\n" -"\n" -" Delete an HBAC service:\n" -" ipa hbacsvc-del tftp\n" -msgstr "" - -#, fuzzy -#| msgid "Server Name" -msgid "Service name" -msgstr "Номи сервер" - -#, fuzzy -#| msgid "Service" -msgid "HBAC service" -msgstr "Хидмат" - -#, fuzzy -#| msgid "description" -msgid "HBAC service description" -msgstr "шарҳ" - -msgid "Member of HBAC service groups" -msgstr "" - -msgid "Add a new HBAC service." -msgstr "" - -msgid "Delete an existing HBAC service." -msgstr "" - -msgid "Search for HBAC services." -msgstr "" - -msgid "Results should contain primary key attribute only (\"service\")" -msgstr "" - -msgid "Modify an HBAC service." -msgstr "" - -msgid "Display information about an HBAC service." -msgstr "" - -msgid "" -"\n" -"HBAC Service Groups\n" -"\n" -"HBAC service groups can contain any number of individual services,\n" -"or \"members\". Every group must have a description.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a new HBAC service group:\n" -" ipa hbacsvcgroup-add --desc=\"login services\" login\n" -"\n" -" Add members to an HBAC service group:\n" -" ipa hbacsvcgroup-add-member --hbacsvcs=sshd --hbacsvcs=login login\n" -"\n" -" Display information about a named group:\n" -" ipa hbacsvcgroup-show login\n" -"\n" -" Delete an HBAC service group:\n" -" ipa hbacsvcgroup-del login\n" -msgstr "" - -#, fuzzy -#| msgid "Server Name" -msgid "Service group name" -msgstr "Номи сервер" - -msgid "HBAC service group description" -msgstr "" - -msgid "Member HBAC service" -msgstr "" - -msgid "Add a new HBAC service group." -msgstr "" - -msgid "Add members to an HBAC service group." -msgstr "" - -msgid "Delete an HBAC service group." -msgstr "" - -msgid "Search for an HBAC service group." -msgstr "" - -msgid "Modify an HBAC service group." -msgstr "" - -msgid "Remove members from an HBAC service group." -msgstr "" - -msgid "Display information about an HBAC service group." -msgstr "" - -msgid "" -"\n" -"Hosts/Machines\n" -"\n" -"A host represents a machine. It can be used in a number of contexts:\n" -"- service entries are associated with a host\n" -"- a host stores the host/ service principal\n" -"- a host can be used in Host-based Access Control (HBAC) rules\n" -"- every enrolled client generates a host entry\n" -"\n" -"ENROLLMENT:\n" -"\n" -"There are three enrollment scenarios when enrolling a new client:\n" -"\n" -"1. You are enrolling as a full administrator. The host entry may exist\n" -" or not. A full administrator is a member of the hostadmin role\n" -" or the admins group.\n" -"2. You are enrolling as a limited administrator. The host must already\n" -" exist. A limited administrator is a member a role with the\n" -" Host Enrollment privilege.\n" -"3. The host has been created with a one-time password.\n" -"\n" -"RE-ENROLLMENT:\n" -"\n" -"Host that has been enrolled at some point, and lost its configuration (e.g. " -"VM\n" -"destroyed) can be re-enrolled.\n" -"\n" -"For more information, consult the manual pages for ipa-client-install.\n" -"\n" -"A host can optionally store information such as where it is located,\n" -"the OS that it runs, etc.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a new host:\n" -" ipa host-add --location=\"3rd floor lab\" --locality=Dallas test.example." -"com\n" -"\n" -" Delete a host:\n" -" ipa host-del test.example.com\n" -"\n" -" Add a new host with a one-time password:\n" -" ipa host-add --os='Fedora 12' --password=Secret123 test.example.com\n" -"\n" -" Add a new host with a random one-time password:\n" -" ipa host-add --os='Fedora 12' --random test.example.com\n" -"\n" -" Modify information about a host:\n" -" ipa host-mod --os='Fedora 12' test.example.com\n" -"\n" -" Remove SSH public keys of a host and update DNS to reflect this change:\n" -" ipa host-mod --sshpubkey= --updatedns test.example.com\n" -"\n" -" Disable the host Kerberos key, SSL certificate and all of its services:\n" -" ipa host-disable test.example.com\n" -"\n" -" Add a host that can manage this host's keytab and certificate:\n" -" ipa host-add-managedby --hosts=test2 test\n" -"\n" -" Allow user to create a keytab:\n" -" ipa host-allow-create-keytab test2 --users=tuser1\n" -msgstr "" - -msgid "Host name" -msgstr "Номи мизбон" - -msgid "A description of this host" -msgstr "" - -#, fuzzy -#| msgid "Location" -msgid "Locality" -msgstr "Макон" - -msgid "Host locality (e.g. \"Baltimore, MD\")" -msgstr "" - -msgid "Host location (e.g. \"Lab 2\")" -msgstr "" - -msgid "Platform" -msgstr "" - -msgid "Host hardware platform (e.g. \"Lenovo T61\")" -msgstr "" - -msgid "Operating system" -msgstr "" - -msgid "Host operating system and version (e.g. \"Fedora 9\")" -msgstr "" - -#, fuzzy -#| msgid "password" -msgid "User password" -msgstr "парол" - -msgid "Password used in bulk enrollment" -msgstr "" - -msgid "Generate a random password to be used in bulk enrollment" -msgstr "" - -#, fuzzy -#| msgid "password" -msgid "Random password" -msgstr "парол" - -msgid "Certificate" -msgstr "" - -msgid "Base-64 encoded server certificate" -msgstr "" - -#, fuzzy -#| msgid "Principal" -msgid "Principal name" -msgstr "Асосӣ" - -msgid "MAC address" -msgstr "" - -msgid "Hardware MAC address(es) on this host" -msgstr "" - -msgid "SSH public key" -msgstr "" - -msgid "Class" -msgstr "Синф" - -msgid "" -"Host category (semantics placed on this attribute are for local " -"interpretation)" -msgstr "" - -msgid "Assigned ID View" -msgstr "" - -msgid "Requires pre-authentication" -msgstr "" - -msgid "Pre-authentication is required for the service" -msgstr "" - -msgid "Trusted for delegation" -msgstr "" - -msgid "Client credentials may be delegated to the service" -msgstr "" - -msgid "Member of host-groups" -msgstr "" - -msgid "Roles" -msgstr "" - -msgid "Member of netgroups" -msgstr "" - -msgid "Member of Sudo rule" -msgstr "" - -msgid "Member of HBAC rule" -msgstr "" - -msgid "Indirect Member of netgroup" -msgstr "" - -msgid "Indirect Member of host-group" -msgstr "" - -msgid "Indirect Member of role" -msgstr "" - -msgid "Indirect Member of Sudo rule" -msgstr "" - -msgid "Indirect Member of HBAC rule" -msgstr "" - -msgid "Keytab" -msgstr "" - -#, fuzzy -#| msgid "Manager" -msgid "Managed by" -msgstr "Диспетчер" - -#, fuzzy -#| msgid "Manager" -msgid "Managing" -msgstr "Диспетчер" - -msgid "Users allowed to retrieve keytab" -msgstr "" - -msgid "Groups allowed to retrieve keytab" -msgstr "" - -msgid "Hosts allowed to retrieve keytab" -msgstr "" - -msgid "Host Groups allowed to retrieve keytab" -msgstr "" - -msgid "Users allowed to create keytab" -msgstr "" - -msgid "Groups allowed to create keytab" -msgstr "" - -msgid "Hosts allowed to create keytab" -msgstr "" - -msgid "Host Groups allowed to create keytab" -msgstr "" - -msgid "Add a new host." -msgstr "" - -msgid "force host name even if not in DNS" -msgstr "" - -msgid "skip reverse DNS detection" -msgstr "" - -msgid "Add the host to DNS with this IP address" -msgstr "" - -msgid "Add hosts that can manage this host." -msgstr "" - -msgid "" -"Allow users, groups, hosts or host groups to create a keytab of this host." -msgstr "" - -msgid "" -"Allow users, groups, hosts or host groups to retrieve a keytab of this host." -msgstr "" - -#, fuzzy -#| msgid "Delete all?" -msgid "Delete a host." -msgstr "Ҳамаро нест мекунед?" - -msgid "Remove entries from DNS" -msgstr "" - -msgid "Disable the Kerberos key, SSL certificate and all services of a host." -msgstr "" - -msgid "" -"Disallow users, groups, hosts or host groups to create a keytab of this host." -msgstr "" - -msgid "" -"Disallow users, groups, hosts or host groups to retrieve a keytab of this " -"host." -msgstr "" - -msgid "Search for hosts." -msgstr "" - -msgid "Results should contain primary key attribute only (\"hostname\")" -msgstr "" - -#, fuzzy -#| msgid "User group" -msgid "host group" -msgstr "Гурӯҳи корбар" - -msgid "Search for hosts with these member of host groups." -msgstr "" - -msgid "Search for hosts without these member of host groups." -msgstr "" - -#, fuzzy -#| msgid "User group" -msgid "netgroup" -msgstr "Гурӯҳи корбар" - -msgid "Search for hosts with these member of netgroups." -msgstr "" - -msgid "Search for hosts without these member of netgroups." -msgstr "" - -msgid "role" -msgstr "" - -msgid "Search for hosts with these member of roles." -msgstr "" - -msgid "Search for hosts without these member of roles." -msgstr "" - -msgid "HBAC rule" -msgstr "" - -msgid "Search for hosts with these member of HBAC rules." -msgstr "" - -msgid "Search for hosts without these member of HBAC rules." -msgstr "" - -msgid "sudo rule" -msgstr "" - -msgid "Search for hosts with these member of sudo rules." -msgstr "" - -msgid "Search for hosts without these member of sudo rules." -msgstr "" - -msgid "user" -msgstr "" - -msgid "Search for hosts with these enrolled by users." -msgstr "" - -msgid "Search for hosts without these enrolled by users." -msgstr "" - -#, fuzzy -#| msgid "hostname" -msgid "host" -msgstr "номи мизбон" - -msgid "Search for hosts with these managed by hosts." -msgstr "" - -msgid "Search for hosts without these managed by hosts." -msgstr "" - -msgid "Search for hosts with these managing hosts." -msgstr "" - -msgid "Search for hosts without these managing hosts." -msgstr "" - -msgid "Modify information about a host." -msgstr "" - -msgid "Kerberos principal name for this host" -msgstr "" - -msgid "Update DNS entries" -msgstr "" - -msgid "Remove hosts that can manage this host." -msgstr "" - -msgid "Display information about a host." -msgstr "" - -msgid "file to store certificate in" -msgstr "" - -msgid "" -"\n" -"Groups of hosts.\n" -"\n" -"Manage groups of hosts. This is useful for applying access control to a\n" -"number of hosts by using Host-based Access Control.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a new host group:\n" -" ipa hostgroup-add --desc=\"Baltimore hosts\" baltimore\n" -"\n" -" Add another new host group:\n" -" ipa hostgroup-add --desc=\"Maryland hosts\" maryland\n" -"\n" -" Add members to the hostgroup (using Bash brace expansion):\n" -" ipa hostgroup-add-member --hosts={box1,box2,box3} baltimore\n" -"\n" -" Add a hostgroup as a member of another hostgroup:\n" -" ipa hostgroup-add-member --hostgroups=baltimore maryland\n" -"\n" -" Remove a host from the hostgroup:\n" -" ipa hostgroup-remove-member --hosts=box2 baltimore\n" -"\n" -" Display a host group:\n" -" ipa hostgroup-show baltimore\n" -"\n" -" Delete a hostgroup:\n" -" ipa hostgroup-del baltimore\n" -msgstr "" - -#, fuzzy -#| msgid "User group" -msgid "Host-group" -msgstr "Гурӯҳи корбар" - -msgid "Name of host-group" -msgstr "" - -msgid "A description of this host-group" -msgstr "" - -msgid "Member hosts" -msgstr "" - -msgid "Member host-groups" -msgstr "" - -msgid "Indirect Member hosts" -msgstr "" - -msgid "Indirect Member host-groups" -msgstr "" - -msgid "Add a new hostgroup." -msgstr "" - -msgid "Add members to a hostgroup." -msgstr "" - -msgid "Delete a hostgroup." -msgstr "" - -msgid "Search for hostgroups." -msgstr "" - -msgid "Results should contain primary key attribute only (\"hostgroup-name\")" -msgstr "" - -msgid "Search for host groups with these member hosts." -msgstr "" - -msgid "Search for host groups without these member hosts." -msgstr "" - -msgid "Search for host groups with these member host groups." -msgstr "" - -msgid "Search for host groups without these member host groups." -msgstr "" - -msgid "Search for host groups with these member of host groups." -msgstr "" - -msgid "Search for host groups without these member of host groups." -msgstr "" - -msgid "Search for host groups with these member of netgroups." -msgstr "" - -msgid "Search for host groups without these member of netgroups." -msgstr "" - -msgid "Search for host groups with these member of HBAC rules." -msgstr "" - -msgid "Search for host groups without these member of HBAC rules." -msgstr "" - -msgid "Search for host groups with these member of sudo rules." -msgstr "" - -msgid "Search for host groups without these member of sudo rules." -msgstr "" - -msgid "Modify a hostgroup." -msgstr "" - -msgid "Remove members from a hostgroup." -msgstr "" - -msgid "Display information about a hostgroup." -msgstr "" - -msgid "" -"\n" -"ID Views\n" -"\n" -"Manage ID Views\n" -"\n" -"IPA allows to override certain properties of users and groups per each " -"host.\n" -"This functionality is primarily used to allow migration from older systems " -"or\n" -"other Identity Management solutions.\n" -msgstr "" - -msgid "Anchor to override" -msgstr "" - -#, fuzzy -#| msgid "Group" -msgid "Group name" -msgstr "Гурӯҳ" - -msgid "GID" -msgstr "" - -msgid "Group ID Number" -msgstr "" - -#, fuzzy -#| msgid "User name" -msgid "User login" -msgstr "Номи корбар" - -msgid "UID" -msgstr "" - -#, fuzzy -#| msgid "Serial Number" -msgid "User ID Number" -msgstr "Рақами силсилавӣ" - -msgid "GECOS" -msgstr "" - -msgid "Home directory" -msgstr "" - -msgid "Login shell" -msgstr "" - -msgid "ID View Name" -msgstr "" - -msgid "Add a new Group ID override." -msgstr "" - -msgid "Delete an Group ID override." -msgstr "" - -msgid "Search for an Group ID override." -msgstr "" - -msgid "Results should contain primary key attribute only (\"anchor\")" -msgstr "" - -msgid "Modify an Group ID override." -msgstr "" - -msgid "Rename the Group ID override object" -msgstr "" - -msgid "Display information about an Group ID override." -msgstr "" - -msgid "Add a new User ID override." -msgstr "" - -msgid "Delete an User ID override." -msgstr "" - -msgid "Search for an User ID override." -msgstr "" - -msgid "Modify an User ID override." -msgstr "" - -msgid "Rename the User ID override object" -msgstr "" - -msgid "Display information about an User ID override." -msgstr "" - -msgid "Add a new ID View." -msgstr "" - -msgid "" -"Applies ID View to specified hosts or current members of specified " -"hostgroups. If any other ID View is applied to the host, it is overriden." -msgstr "" - -#, fuzzy -#| msgid "hostname" -msgid "hosts" -msgstr "номи мизбон" - -msgid "Hosts to apply the ID View to" -msgstr "" - -#, fuzzy -#| msgid "Groups" -msgid "hostgroups" -msgstr "Гуруҳҳо" - -msgid "" -"Hostgroups to whose hosts apply the ID View to. Please note that view is not " -"applied automatically to any hosts added to the hostgroup after running the " -"idview-apply command." -msgstr "" - -msgid "Hosts that this ID View was applied to." -msgstr "" - -msgid "Hosts or hostgroups that this ID View could not be applied to." -msgstr "" - -msgid "Number of hosts the ID View was applied to:" -msgstr "" - -msgid "Delete an ID View." -msgstr "" - -msgid "Search for an ID View." -msgstr "" - -msgid "Modify an ID View." -msgstr "" - -msgid "Rename the ID View object" -msgstr "" - -msgid "Display information about an ID View." -msgstr "" - -msgid "Enumerate all the hosts the view applies to." -msgstr "" - -msgid "" -"Clears ID View from specified hosts or current members of specified " -"hostgroups." -msgstr "" - -msgid "Hosts to clear (any) ID View from." -msgstr "" - -msgid "" -"Hostgroups whose hosts should have ID Views cleared. Note that view is not " -"cleared automatically from any host added to the hostgroup after running " -"idview-unapply command." -msgstr "" - -msgid "Hosts that ID View was cleared from." -msgstr "" - -msgid "Hosts or hostgroups that ID View could not be cleared from." -msgstr "" - -msgid "Number of hosts that had a ID View was unset:" -msgstr "" - -msgid "" -"\n" -"Plugins not accessible directly through the CLI, commands used internally\n" -msgstr "" - -msgid "Dict of I18N messages" -msgstr "" - -msgid "Export plugin meta-data for the webUI." -msgstr "" - -msgid "Name of object to export" -msgstr "" - -msgid "Name of method to export" -msgstr "" - -msgid "Name of command to export" -msgstr "" - -msgid "Dict of JSON encoded IPA Objects" -msgstr "" - -msgid "Dict of JSON encoded IPA Methods" -msgstr "" - -msgid "Dict of JSON encoded IPA Commands" -msgstr "" - -msgid "" -"\n" -"Joining an IPA domain\n" -msgstr "" - -msgid "Join an IPA domain" -msgstr "" - -msgid "The hostname to register as" -msgstr "" - -msgid "The IPA realm" -msgstr "" - -msgid "Hardware platform of the host (e.g. Lenovo T61)" -msgstr "" - -msgid "Operating System and version of the host (e.g. Fedora 9)" -msgstr "" - -msgid "" -"\n" -"Kerberos ticket policy\n" -"\n" -"There is a single Kerberos ticket policy. This policy defines the\n" -"maximum ticket lifetime and the maximum renewal age, the period during\n" -"which the ticket is renewable.\n" -"\n" -"You can also create a per-user ticket policy by specifying the user login.\n" -"\n" -"For changes to the global policy to take effect, restarting the KDC service\n" -"is required, which can be achieved using:\n" -"\n" -"service krb5kdc restart\n" -"\n" -"Changes to per-user policies take effect immediately for newly requested\n" -"tickets (e.g. when the user next runs kinit).\n" -"\n" -"EXAMPLES:\n" -"\n" -" Display the current Kerberos ticket policy:\n" -" ipa krbtpolicy-show\n" -"\n" -" Reset the policy to the default:\n" -" ipa krbtpolicy-reset\n" -"\n" -" Modify the policy to 8 hours max life, 1-day max renewal:\n" -" ipa krbtpolicy-mod --maxlife=28800 --maxrenew=86400\n" -"\n" -" Display effective Kerberos ticket policy for user 'admin':\n" -" ipa krbtpolicy-show admin\n" -"\n" -" Reset per-user policy for user 'admin':\n" -" ipa krbtpolicy-reset admin\n" -"\n" -" Modify per-user policy for user 'admin':\n" -" ipa krbtpolicy-mod admin --maxlife=3600\n" -msgstr "" - -msgid "User name" -msgstr "Номи корбар" - -msgid "Manage ticket policy for specific user" -msgstr "" - -msgid "Max life" -msgstr "" - -msgid "Maximum ticket life (seconds)" -msgstr "" - -msgid "Max renew" -msgstr "" - -msgid "Maximum renewable age (seconds)" -msgstr "" - -msgid "Modify Kerberos ticket policy." -msgstr "" - -msgid "Reset Kerberos ticket policy to the default values." -msgstr "" - -msgid "Display the current Kerberos ticket policy." -msgstr "" - -msgid "" -"\n" -"Migration to IPA\n" -"\n" -"Migrate users and groups from an LDAP server to IPA.\n" -"\n" -"This performs an LDAP query against the remote server searching for\n" -"users and groups in a container. In order to migrate passwords you need\n" -"to bind as a user that can read the userPassword attribute on the remote\n" -"server. This is generally restricted to high-level admins such as\n" -"cn=Directory Manager in 389-ds (this is the default bind user).\n" -"\n" -"The default user container is ou=People.\n" -"\n" -"The default group container is ou=Groups.\n" -"\n" -"Users and groups that already exist on the IPA server are skipped.\n" -"\n" -"Two LDAP schemas define how group members are stored: RFC2307 and\n" -"RFC2307bis. RFC2307bis uses member and uniquemember to specify group\n" -"members, RFC2307 uses memberUid. The default schema is RFC2307bis.\n" -"\n" -"The schema compat feature allows IPA to reformat data for systems that\n" -"do not support RFC2307bis. It is recommended that this feature is disabled\n" -"during migration to reduce system overhead. It can be re-enabled after\n" -"migration. To migrate with it enabled use the \"--with-compat\" option.\n" -"\n" -"Migrated users do not have Kerberos credentials, they have only their\n" -"LDAP password. To complete the migration process, users need to go\n" -"to http://ipa.example.com/ipa/migration and authenticate using their\n" -"LDAP password in order to generate their Kerberos credentials.\n" -"\n" -"Migration is disabled by default. Use the command ipa config-mod to\n" -"enable it:\n" -"\n" -" ipa config-mod --enable-migration=TRUE\n" -"\n" -"If a base DN is not provided with --basedn then IPA will use either\n" -"the value of defaultNamingContext if it is set or the first value\n" -"in namingContexts set in the root of the remote LDAP server.\n" -"\n" -"Users are added as members to the default user group. This can be a\n" -"time-intensive task so during migration this is done in a batch\n" -"mode for every 100 users. As a result there will be a window in which\n" -"users will be added to IPA but will not be members of the default\n" -"user group.\n" -"\n" -"EXAMPLES:\n" -"\n" -" The simplest migration, accepting all defaults:\n" -" ipa migrate-ds ldap://ds.example.com:389\n" -"\n" -" Specify the user and group container. This can be used to migrate user\n" -" and group data from an IPA v1 server:\n" -" ipa migrate-ds --user-container='cn=users,cn=accounts' --group-" -"container='cn=groups,cn=accounts' ldap://ds.example.com:389\n" -"\n" -" Since IPA v2 server already contain predefined groups that may collide " -"with\n" -" groups in migrated (IPA v1) server (for example admins, ipausers), users\n" -" having colliding group as their primary group may happen to belong to\n" -" an unknown group on new IPA v2 server.\n" -" Use --group-overwrite-gid option to overwrite GID of already existing " -"groups\n" -" to prevent this issue:\n" -" ipa migrate-ds --group-overwrite-gid --user-container='cn=users," -"cn=accounts' --group-container='cn=groups,cn=accounts' " -"ldap://ds.example.com:389\n" -"\n" -" Migrated users or groups may have object class and accompanied attributes\n" -" unknown to the IPA v2 server. These object classes and attributes may be\n" -" left out of the migration process:\n" -" ipa migrate-ds --user-container='cn=users,cn=accounts' --group-" -"container='cn=groups,cn=accounts' --user-ignore-" -"objectclass=radiusprofile --user-ignore-" -"attribute=radiusgroupname ldap://ds.example.com:389\n" -"\n" -"LOGGING\n" -"\n" -"Migration will log warnings and errors to the Apache error log. This\n" -"file should be evaluated post-migration to correct or investigate any\n" -"issues that were discovered.\n" -"\n" -"For every 100 users migrated an info-level message will be displayed to\n" -"give the current progress and duration to make it possible to track\n" -"the progress of migration.\n" -"\n" -"If the log level is debug, either by setting debug = True in\n" -"/etc/ipa/default.conf or /etc/ipa/server.conf, then an entry will be " -"printed\n" -"for each user added plus a summary when the default user group is\n" -"updated.\n" -msgstr "" - -msgid "Migrate users and groups from DS to IPA." -msgstr "" - -#, fuzzy -#| msgid "LDAP DN" -msgid "LDAP URI" -msgstr "LDAP DN" - -msgid "LDAP URI of DS server to migrate from" -msgstr "" - -#, fuzzy -#| msgid "password" -msgid "bind password" -msgstr "парол" - -msgid "Bind DN" -msgstr "" - -#, fuzzy -#| msgid "User name" -msgid "User container" -msgstr "Номи корбар" - -msgid "DN of container for users in DS relative to base DN" -msgstr "" - -msgid "Group container" -msgstr "" - -msgid "DN of container for groups in DS relative to base DN" -msgstr "" - -msgid "User object class" -msgstr "" - -msgid "Objectclasses used to search for user entries in DS" -msgstr "" - -msgid "Group object class" -msgstr "" - -msgid "Objectclasses used to search for group entries in DS" -msgstr "" - -msgid "Ignore user object class" -msgstr "" - -msgid "Objectclasses to be ignored for user entries in DS" -msgstr "" - -msgid "Ignore user attribute" -msgstr "" - -msgid "Attributes to be ignored for user entries in DS" -msgstr "" - -msgid "Ignore group object class" -msgstr "" - -msgid "Objectclasses to be ignored for group entries in DS" -msgstr "" - -msgid "Ignore group attribute" -msgstr "" - -msgid "Attributes to be ignored for group entries in DS" -msgstr "" - -msgid "Overwrite GID" -msgstr "" - -msgid "" -"When migrating a group already existing in IPA domain overwrite the group " -"GID and report as success" -msgstr "" - -msgid "LDAP schema" -msgstr "" - -msgid "" -"The schema used on the LDAP server. Supported values are RFC2307 and " -"RFC2307bis. The default is RFC2307bis" -msgstr "" - -msgid "Continue" -msgstr "" - -msgid "" -"Continuous operation mode. Errors are reported but the process continues" -msgstr "" - -msgid "Base DN" -msgstr "" - -msgid "Base DN on remote LDAP server" -msgstr "" - -msgid "Ignore compat plugin" -msgstr "" - -msgid "Allows migration despite the usage of compat plugin" -msgstr "" - -msgid "CA certificate" -msgstr "" - -msgid "Load CA certificate of LDAP server from FILE" -msgstr "" - -msgid "groups to exclude from migration" -msgstr "" - -msgid "users to exclude from migration" -msgstr "" - -msgid "Lists of objects migrated; categorized by type." -msgstr "" - -msgid "Lists of objects that could not be migrated; categorized by type." -msgstr "" - -msgid "False if migration mode was disabled." -msgstr "" - -msgid "False if migration fails because the compatibility plug-in is enabled." -msgstr "" - -msgid "" -"\n" -"Misc plug-ins\n" -msgstr "" - -msgid "Show environment variables." -msgstr "" - -msgid "Forward to server instead of running locally" -msgstr "" - -msgid "" -"retrieve and print all attributes from the server. Affects command output." -msgstr "" - -msgid "Total number of variables env (>= count)" -msgstr "" - -msgid "Number of variables returned (<= total)" -msgstr "" - -msgid "Show all loaded plugins." -msgstr "" - -msgid "Dictionary mapping plugin names to bases" -msgstr "" - -msgid "Number of plugins loaded" -msgstr "" - -msgid "" -"\n" -"Netgroups\n" -"\n" -"A netgroup is a group used for permission checking. It can contain both\n" -"user and host values.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a new netgroup:\n" -" ipa netgroup-add --desc=\"NFS admins\" admins\n" -"\n" -" Add members to the netgroup:\n" -" ipa netgroup-add-member --users=tuser1 --users=tuser2 admins\n" -"\n" -" Remove a member from the netgroup:\n" -" ipa netgroup-remove-member --users=tuser2 admins\n" -"\n" -" Display information about a netgroup:\n" -" ipa netgroup-show admins\n" -"\n" -" Delete a netgroup:\n" -" ipa netgroup-del admins\n" -msgstr "" - -#, fuzzy -#| msgid "User name" -msgid "Netgroup name" -msgstr "Номи корбар" - -#, fuzzy -#| msgid "description" -msgid "Netgroup description" -msgstr "шарҳ" - -msgid "NIS domain name" -msgstr "" - -msgid "IPA unique ID" -msgstr "" - -#, fuzzy -#| msgid "User group" -msgid "Member netgroups" -msgstr "Гурӯҳи корбар" - -msgid "Indirect Member netgroups" -msgstr "" - -msgid "Member User" -msgstr "" - -#, fuzzy -#| msgid "User group" -msgid "Member Group" -msgstr "Гурӯҳи корбар" - -msgid "Member Host" -msgstr "" - -#, fuzzy -#| msgid "User group" -msgid "Member Hostgroup" -msgstr "Гурӯҳи корбар" - -msgid "Add a new netgroup." -msgstr "" - -msgid "Add members to a netgroup." -msgstr "" - -#, fuzzy -#| msgid "User group" -msgid "member netgroup" -msgstr "Гурӯҳи корбар" - -msgid "netgroups to add" -msgstr "" - -msgid "Delete a netgroup." -msgstr "" - -msgid "Search for a netgroup." -msgstr "" - -msgid "search for managed groups" -msgstr "" - -msgid "Search for netgroups with these member netgroups." -msgstr "" - -msgid "Search for netgroups without these member netgroups." -msgstr "" - -msgid "Search for netgroups with these member users." -msgstr "" - -msgid "Search for netgroups without these member users." -msgstr "" - -#, fuzzy -#| msgid "Group" -msgid "group" -msgstr "Гурӯҳ" - -msgid "Search for netgroups with these member groups." -msgstr "" - -msgid "Search for netgroups without these member groups." -msgstr "" - -msgid "Search for netgroups with these member hosts." -msgstr "" - -msgid "Search for netgroups without these member hosts." -msgstr "" - -msgid "Search for netgroups with these member host groups." -msgstr "" - -msgid "Search for netgroups without these member host groups." -msgstr "" - -msgid "Search for netgroups with these member of netgroups." -msgstr "" - -msgid "Search for netgroups without these member of netgroups." -msgstr "" - -msgid "Modify a netgroup." -msgstr "" - -msgid "Remove members from a netgroup." -msgstr "" - -msgid "netgroups to remove" -msgstr "" - -msgid "Display information about a netgroup." -msgstr "" - -msgid "" -"\n" -"OTP configuration\n" -"\n" -"Manage the default values that IPA uses for OTP tokens.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Show basic OTP configuration:\n" -" ipa otpconfig-show\n" -"\n" -" Show all OTP configuration options:\n" -" ipa otpconfig-show --all\n" -"\n" -" Change maximum TOTP authentication window to 10 minutes:\n" -" ipa otpconfig-mod --totp-auth-window=600\n" -"\n" -" Change maximum TOTP synchronization window to 12 hours:\n" -" ipa otpconfig-mod --totp-sync-window=43200\n" -"\n" -" Change maximum HOTP authentication window to 5:\n" -" ipa hotpconfig-mod --hotp-auth-window=5\n" -"\n" -" Change maximum HOTP synchronization window to 50:\n" -" ipa hotpconfig-mod --hotp-sync-window=50\n" -msgstr "" - -msgid "TOTP authentication Window" -msgstr "" - -msgid "TOTP authentication time variance (seconds)" -msgstr "" - -msgid "TOTP Synchronization Window" -msgstr "" - -msgid "TOTP synchronization time variance (seconds)" -msgstr "" - -msgid "HOTP Authentication Window" -msgstr "" - -msgid "HOTP authentication skip-ahead" -msgstr "" - -msgid "HOTP Synchronization Window" -msgstr "" - -msgid "HOTP synchronization skip-ahead" -msgstr "" - -msgid "Modify OTP configuration options." -msgstr "" - -msgid "Show the current OTP configuration." -msgstr "" - -msgid "" -"\n" -"OTP Tokens\n" -"\n" -"Manage OTP tokens.\n" -"\n" -"IPA supports the use of OTP tokens for multi-factor authentication. This\n" -"code enables the management of OTP tokens.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a new token:\n" -" ipa otptoken-add --type=totp --owner=jdoe --desc=\"My soft token\"\n" -"\n" -" Examine the token:\n" -" ipa otptoken-show a93db710-a31a-4639-8647-f15b2c70b78a\n" -"\n" -" Change the vendor:\n" -" ipa otptoken-mod a93db710-a31a-4639-8647-f15b2c70b78a --vendor=\"Red Hat" -"\"\n" -"\n" -" Delete a token:\n" -" ipa otptoken-del a93db710-a31a-4639-8647-f15b2c70b78a\n" -msgstr "" - -msgid "Unique ID" -msgstr "" - -msgid "Type of the token" -msgstr "" - -msgid "Token description (informational only)" -msgstr "" - -msgid "Owner" -msgstr "" - -msgid "Assigned user of the token (default: self)" -msgstr "" - -msgid "Manager" -msgstr "Диспетчер" - -msgid "Assigned manager of the token (default: self)" -msgstr "" - -#, fuzzy -#| msgid "Enabled" -msgid "Disabled" -msgstr "Фаъолшуда" - -msgid "Mark the token as disabled (default: false)" -msgstr "" - -#, fuzzy -#| msgid "Validity" -msgid "Validity start" -msgstr "Саҳеҳият" - -msgid "First date/time the token can be used" -msgstr "" - -#, fuzzy -#| msgid "Validity" -msgid "Validity end" -msgstr "Саҳеҳият" - -msgid "Last date/time the token can be used" -msgstr "" - -msgid "Vendor" -msgstr "" - -msgid "Token vendor name (informational only)" -msgstr "" - -msgid "Model" -msgstr "" - -msgid "Token model (informational only)" -msgstr "" - -#, fuzzy -#| msgid "Serial Number" -msgid "Serial" -msgstr "Рақами силсилавӣ" - -msgid "Token serial (informational only)" -msgstr "" - -msgid "Token secret (Base32; default: random)" -msgstr "" - -msgid "Token hash algorithm" -msgstr "" - -msgid "Digits" -msgstr "" - -msgid "Number of digits each token code will have" -msgstr "" - -msgid "Clock offset" -msgstr "" - -msgid "TOTP token / FreeIPA server time difference" -msgstr "" - -msgid "Clock interval" -msgstr "" - -msgid "Length of TOTP token code validity" -msgstr "" - -msgid "Counter" -msgstr "" - -msgid "Initial counter for the HOTP token" -msgstr "" - -msgid "Add a new OTP token." -msgstr "" - -msgid "(deprecated)" -msgstr "" - -msgid "Do not display QR code" -msgstr "" - -msgid "Add users that can manage this token." -msgstr "" - -msgid "Delete an OTP token." -msgstr "" - -msgid "Search for OTP token." -msgstr "" - -msgid "Results should contain primary key attribute only (\"id\")" -msgstr "" - -msgid "Modify a OTP token." -msgstr "" - -msgid "Rename the OTP token object" -msgstr "" - -msgid "Display information about an OTP token." -msgstr "" - -msgid "" -"\n" -"YubiKey Tokens\n" -"\n" -"Manage YubiKey tokens.\n" -"\n" -"This code is an extension to the otptoken plugin and provides support for\n" -"reading/writing YubiKey tokens directly.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a new token:\n" -" ipa otptoken-add-yubikey --owner=jdoe --desc=\"My YubiKey\"\n" -msgstr "" - -msgid "" -"\n" -"Set a user's password\n" -"\n" -"If someone other than a user changes that user's password (e.g., Helpdesk\n" -"resets it) then the password will need to be changed the first time it\n" -"is used. This is so the end-user is the only one who knows the password.\n" -"\n" -"The IPA password policy controls how often a password may be changed,\n" -"what strength requirements exist, and the length of the password history.\n" -"\n" -"EXAMPLES:\n" -"\n" -" To reset your own password:\n" -" ipa passwd\n" -"\n" -" To change another user's password:\n" -" ipa passwd tuser1\n" -msgstr "" - -msgid "Set a user's password." -msgstr "" - -msgid "New Password" -msgstr "Пароли нав" - -#, fuzzy -#| msgid "New Password" -msgid "Current Password" -msgstr "Пароли нав" - -msgid "OTP" -msgstr "" - -#, fuzzy -#| msgid "New Password" -msgid "One Time Password" -msgstr "Пароли нав" - -msgid "" -"\n" -"Permissions\n" -"\n" -"A permission enables fine-grained delegation of rights. A permission is\n" -"a human-readable wrapper around a 389-ds Access Control Rule,\n" -"or instruction (ACI).\n" -"A permission grants the right to perform a specific task such as adding a\n" -"user, modifying a group, etc.\n" -"\n" -"A permission may not contain other permissions.\n" -"\n" -"* A permission grants access to read, write, add, delete, read, search,\n" -" or compare.\n" -"* A privilege combines similar permissions (for example all the permissions\n" -" needed to add a user).\n" -"* A role grants a set of privileges to users, groups, hosts or hostgroups.\n" -"\n" -"A permission is made up of a number of different parts:\n" -"\n" -"1. The name of the permission.\n" -"2. The target of the permission.\n" -"3. The rights granted by the permission.\n" -"\n" -"Rights define what operations are allowed, and may be one or more\n" -"of the following:\n" -"1. write - write one or more attributes\n" -"2. read - read one or more attributes\n" -"3. search - search on one or more attributes\n" -"4. compare - compare one or more attributes\n" -"5. add - add a new entry to the tree\n" -"6. delete - delete an existing entry\n" -"7. all - all permissions are granted\n" -"\n" -"Note the distinction between attributes and entries. The permissions are\n" -"independent, so being able to add a user does not mean that the user will\n" -"be editable.\n" -"\n" -"There are a number of allowed targets:\n" -"1. subtree: a DN; the permission applies to the subtree under this DN\n" -"2. target filter: an LDAP filter\n" -"3. target: DN with possible wildcards, specifies entries permission applies " -"to\n" -"\n" -"Additionally, there are the following convenience options.\n" -"Setting one of these options will set the corresponding attribute(s).\n" -"1. type: a type of object (user, group, etc); sets subtree and target " -"filter.\n" -"2. memberof: apply to members of a group; sets target filter\n" -"3. targetgroup: grant access to modify a specific group (such as granting\n" -" the rights to manage group membership); sets target.\n" -"\n" -"Managed permissions\n" -"\n" -"Permissions that come with IPA by default can be so-called \"managed\"\n" -"permissions. These have a default set of attributes they apply to,\n" -"but the administrator can add/remove individual attributes to/from the set.\n" -"\n" -"Deleting or renaming a managed permission, as well as changing its target,\n" -"is not allowed.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a permission that grants the creation of users:\n" -" ipa permission-add --type=user --permissions=add \"Add Users\"\n" -"\n" -" Add a permission that grants the ability to manage group membership:\n" -" ipa permission-add --attrs=member --permissions=write --type=group " -"\"Manage Group Members\"\n" -msgstr "" - -#, fuzzy -#| msgid "Permission" -msgid "Permission name" -msgstr "Иҷозат" - -msgid "Granted rights" -msgstr "" - -msgid "Rights to grant (read, search, compare, write, add, delete, all)" -msgstr "" - -#, fuzzy -#| msgid "Attributes" -msgid "Effective attributes" -msgstr "Аттрибутҳо" - -msgid "All attributes to which the permission applies" -msgstr "" - -#, fuzzy -#| msgid "Attributes" -msgid "Included attributes" -msgstr "Аттрибутҳо" - -msgid "User-specified attributes to which the permission applies" -msgstr "" - -#, fuzzy -#| msgid "Attributes" -msgid "Excluded attributes" -msgstr "Аттрибутҳо" - -msgid "" -"User-specified attributes to which the permission explicitly does not apply" -msgstr "" - -#, fuzzy -#| msgid "Attributes" -msgid "Default attributes" -msgstr "Аттрибутҳо" - -msgid "Attributes to which the permission applies by default" -msgstr "" - -msgid "Bind rule type" -msgstr "" - -msgid "Subtree to apply permissions to" -msgstr "" - -msgid "Extra target filter" -msgstr "" - -msgid "Raw target filter" -msgstr "" - -msgid "All target filters, including those implied by type and memberof" -msgstr "" - -#, fuzzy -#| msgid "Target" -msgid "Target DN" -msgstr "Мақсад" - -msgid "" -"Optional DN to apply the permission to (must be in the subtree, but may not " -"yet exist)" -msgstr "" - -#, fuzzy -#| msgid "User group" -msgid "Member of group" -msgstr "Гурӯҳи корбар" - -msgid "Target members of a group (sets memberOf targetfilter)" -msgstr "" - -msgid "User group to apply permissions to (sets target)" -msgstr "" - -msgid "Type of IPA object (sets subtree and objectClass targetfilter)" -msgstr "" - -msgid "Deprecated; use extratargetfilter" -msgstr "" - -msgid "Deprecated; use ipapermlocation" -msgstr "" - -msgid "Deprecated; use ipapermright" -msgstr "" - -msgid "Granted to Privilege" -msgstr "" - -msgid "Indirect Member of roles" -msgstr "" - -msgid "Add a new permission." -msgstr "" - -msgid "Add members to a permission." -msgstr "" - -msgid "member privilege" -msgstr "" - -msgid "privileges to add" -msgstr "" - -msgid "Add a system permission without an ACI (internal command)" -msgstr "" - -#, fuzzy -#| msgid "Permissions" -msgid "Permission flags" -msgstr "Иҷозатҳо" - -#, fuzzy -#| msgid "Permission" -msgid "Delete a permission." -msgstr "Иҷозат" - -msgid "force delete of SYSTEM permissions" -msgstr "" - -msgid "Search for permissions." -msgstr "" - -#, fuzzy -#| msgid "Permission" -msgid "Modify a permission." -msgstr "Иҷозат" - -msgid "Rename the permission object" -msgstr "" - -msgid "Remove members from a permission." -msgstr "" - -msgid "privileges to remove" -msgstr "" - -msgid "Display information about a permission." -msgstr "" - -msgid "" -"\n" -"Ping the remote IPA server to ensure it is running.\n" -"\n" -"The ping command sends an echo request to an IPA server. The server\n" -"returns its version information. This is used by an IPA client\n" -"to confirm that the server is available and accepting requests.\n" -"\n" -"The server from xmlrpc_uri in /etc/ipa/default.conf is contacted first.\n" -"If it does not respond then the client will contact any servers defined\n" -"by ldap SRV records in DNS.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Ping an IPA server:\n" -" ipa ping\n" -" ------------------------------------------\n" -" IPA server version 2.1.9. API version 2.20\n" -" ------------------------------------------\n" -"\n" -" Ping an IPA server verbosely:\n" -" ipa -v ping\n" -" ipa: INFO: trying https://ipa.example.com/ipa/xml\n" -" ipa: INFO: Forwarding 'ping' to server 'https://ipa.example.com/ipa/xml'\n" -" -----------------------------------------------------\n" -" IPA server version 2.1.9. API version 2.20\n" -" -----------------------------------------------------\n" -msgstr "" - -msgid "Ping a remote server." -msgstr "" - -msgid "" -"\n" -"Kerberos pkinit options\n" -"\n" -"Enable or disable anonymous pkinit using the principal\n" -"WELLKNOWN/ANONYMOUS@REALM. The server must have been installed with\n" -"pkinit support.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Enable anonymous pkinit:\n" -" ipa pkinit-anonymous enable\n" -"\n" -" Disable anonymous pkinit:\n" -" ipa pkinit-anonymous disable\n" -"\n" -"For more information on anonymous pkinit see:\n" -"\n" -"http://k5wiki.kerberos.org/wiki/Projects/Anonymous_pkinit\n" -msgstr "" - -msgid "Enable or Disable Anonymous PKINIT." -msgstr "" - -msgid "" -"\n" -"Privileges\n" -"\n" -"A privilege combines permissions into a logical task. A permission provides\n" -"the rights to do a single task. There are some IPA operations that require\n" -"multiple permissions to succeed. A privilege is where permissions are\n" -"combined in order to perform a specific task.\n" -"\n" -"For example, adding a user requires the following permissions:\n" -" * Creating a new user entry\n" -" * Resetting a user password\n" -" * Adding the new user to the default IPA users group\n" -"\n" -"Combining these three low-level tasks into a higher level task in the\n" -"form of a privilege named \"Add User\" makes it easier to manage Roles.\n" -"\n" -"A privilege may not contain other privileges.\n" -"\n" -"See role and permission for additional information.\n" -msgstr "" - -#, fuzzy -#| msgid "filename" -msgid "Privilege name" -msgstr "номи файл" - -#, fuzzy -#| msgid "description" -msgid "Privilege description" -msgstr "шарҳ" - -msgid "Granting privilege to roles" -msgstr "" - -msgid "Add a new privilege." -msgstr "" - -msgid "Add members to a privilege." -msgstr "" - -msgid "member role" -msgstr "" - -msgid "roles to add" -msgstr "" - -msgid "Add permissions to a privilege." -msgstr "" - -#, fuzzy -#| msgid "Permission" -msgid "permission" -msgstr "Иҷозат" - -#, fuzzy -#| msgid "Permissions" -msgid "permissions" -msgstr "Иҷозатҳо" - -msgid "Number of permissions added" -msgstr "" - -#, fuzzy -#| msgid "Delete all?" -msgid "Delete a privilege." -msgstr "Ҳамаро нест мекунед?" - -msgid "Search for privileges." -msgstr "" - -msgid "Modify a privilege." -msgstr "" - -msgid "Rename the privilege object" -msgstr "" - -msgid "Remove members from a privilege" -msgstr "" - -msgid "roles to remove" -msgstr "" - -msgid "Remove permissions from a privilege." -msgstr "" - -msgid "Number of permissions removed" -msgstr "" - -msgid "Display information about a privilege." -msgstr "" - -msgid "" -"\n" -"Password policy\n" -"\n" -"A password policy sets limitations on IPA passwords, including maximum\n" -"lifetime, minimum lifetime, the number of passwords to save in\n" -"history, the number of character classes required (for stronger passwords)\n" -"and the minimum password length.\n" -"\n" -"By default there is a single, global policy for all users. You can also\n" -"create a password policy to apply to a group. Each user is only subject\n" -"to one password policy, either the group policy or the global policy. A\n" -"group policy stands alone; it is not a super-set of the global policy plus\n" -"custom settings.\n" -"\n" -"Each group password policy requires a unique priority setting. If a user\n" -"is in multiple groups that have password policies, this priority determines\n" -"which password policy is applied. A lower value indicates a higher priority\n" -"policy.\n" -"\n" -"Group password policies are automatically removed when the groups they\n" -"are associated with are removed.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Modify the global policy:\n" -" ipa pwpolicy-mod --minlength=10\n" -"\n" -" Add a new group password policy:\n" -" ipa pwpolicy-add --maxlife=90 --minlife=1 --history=10 --minclasses=3 --" -"minlength=8 --priority=10 localadmins\n" -"\n" -" Display the global password policy:\n" -" ipa pwpolicy-show\n" -"\n" -" Display a group password policy:\n" -" ipa pwpolicy-show localadmins\n" -"\n" -" Display the policy that would be applied to a given user:\n" -" ipa pwpolicy-show --user=tuser1\n" -"\n" -" Modify a group password policy:\n" -" ipa pwpolicy-mod --minclasses=2 localadmins\n" -msgstr "" - -msgid "Group" -msgstr "Гурӯҳ" - -msgid "Manage password policy for specific group" -msgstr "" - -msgid "Max lifetime (days)" -msgstr "" - -msgid "Maximum password lifetime (in days)" -msgstr "" - -msgid "Min lifetime (hours)" -msgstr "" - -msgid "Minimum password lifetime (in hours)" -msgstr "" - -msgid "History size" -msgstr "" - -msgid "Password history size" -msgstr "" - -msgid "Character classes" -msgstr "" - -msgid "Minimum number of character classes" -msgstr "" - -msgid "Min length" -msgstr "" - -msgid "Minimum length of password" -msgstr "" - -msgid "Priority of the policy (higher number means lower priority" -msgstr "" - -msgid "Max failures" -msgstr "" - -msgid "Consecutive failures before lockout" -msgstr "" - -msgid "Failure reset interval" -msgstr "" - -msgid "Period after which failure count will be reset (seconds)" -msgstr "" - -#, fuzzy -#| msgid "Location" -msgid "Lockout duration" -msgstr "Макон" - -msgid "Period for which lockout is enforced (seconds)" -msgstr "" - -msgid "Results should contain primary key attribute only (\"cn\")" -msgstr "" - -msgid "Add a new group password policy." -msgstr "" - -msgid "Delete a group password policy." -msgstr "" - -msgid "Search for group password policies." -msgstr "" - -msgid "Results should contain primary key attribute only (\"group\")" -msgstr "" - -msgid "Modify a group password policy." -msgstr "" - -msgid "Display information about password policy." -msgstr "" - -msgid "User" -msgstr "Корбар" - -msgid "Display effective policy for a specific user" -msgstr "" - -msgid "" -"\n" -"RADIUS Proxy Servers\n" -"\n" -"Manage RADIUS Proxy Servers.\n" -"\n" -"IPA supports the use of an external RADIUS proxy server for krb5 OTP\n" -"authentications. This permits a great deal of flexibility when\n" -"integrating with third-party authentication services.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a new server:\n" -" ipa radiusproxy-add MyRADIUS --server=radius.example.com:1812\n" -"\n" -" Find all servers whose entries include the string \"example.com\":\n" -" ipa radiusproxy-find example.com\n" -"\n" -" Examine the configuration:\n" -" ipa radiusproxy-show MyRADIUS\n" -"\n" -" Change the secret:\n" -" ipa radiusproxy-mod MyRADIUS --secret\n" -"\n" -" Delete a configuration:\n" -" ipa radiusproxy-del MyRADIUS\n" -msgstr "" - -msgid "RADIUS proxy server name" -msgstr "" - -msgid "A description of this RADIUS proxy server" -msgstr "" - -#, fuzzy -#| msgid "Service" -msgid "Server" -msgstr "Хидмат" - -msgid "The hostname or IP (with or without port)" -msgstr "" - -msgid "Secret" -msgstr "" - -msgid "The secret used to encrypt data" -msgstr "" - -msgid "Timeout" -msgstr "" - -msgid "The total timeout across all retries (in seconds)" -msgstr "" - -#, fuzzy -#| msgid "Retry" -msgid "Retries" -msgstr "Кӯшиш" - -msgid "The number of times to retry authentication" -msgstr "" - -#, fuzzy -#| msgid "Attribute" -msgid "User attribute" -msgstr "Аттрибут" - -msgid "The username attribute on the user object" -msgstr "" - -msgid "Add a new RADIUS proxy server." -msgstr "" - -msgid "Delete a RADIUS proxy server." -msgstr "" - -msgid "Search for RADIUS proxy servers." -msgstr "" - -msgid "Modify a RADIUS proxy server." -msgstr "" - -msgid "Rename the RADIUS proxy server object" -msgstr "" - -msgid "Display information about a RADIUS proxy server." -msgstr "" - -msgid "" -"\n" -"Realm domains\n" -"\n" -"Manage the list of domains associated with IPA realm.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Display the current list of realm domains:\n" -" ipa realmdomains-show\n" -"\n" -" Replace the list of realm domains:\n" -" ipa realmdomains-mod --domain=example.com\n" -" ipa realmdomains-mod --domain={example1.com,example2.com,example3.com}\n" -"\n" -" Add a domain to the list of realm domains:\n" -" ipa realmdomains-mod --add-domain=newdomain.com\n" -"\n" -" Delete a domain from the list of realm domains:\n" -" ipa realmdomains-mod --del-domain=olddomain.com\n" -msgstr "" - -msgid "Domain" -msgstr "" - -msgid "Add domain" -msgstr "" - -#, fuzzy -#| msgid "Delete all?" -msgid "Delete domain" -msgstr "Ҳамаро нест мекунед?" - -msgid "Modify realm domains." -msgstr "" - -msgid "Force adding domain even if not in DNS" -msgstr "" - -msgid "Display the list of realm domains." -msgstr "" - -msgid "" -"\n" -"Roles\n" -"\n" -"A role is used for fine-grained delegation. A permission grants the ability\n" -"to perform given low-level tasks (add a user, modify a group, etc.). A\n" -"privilege combines one or more permissions into a higher-level abstraction\n" -"such as useradmin. A useradmin would be able to add, delete and modify " -"users.\n" -"\n" -"Privileges are assigned to Roles.\n" -"\n" -"Users, groups, hosts and hostgroups may be members of a Role.\n" -"\n" -"Roles can not contain other roles.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a new role:\n" -" ipa role-add --desc=\"Junior-level admin\" junioradmin\n" -"\n" -" Add some privileges to this role:\n" -" ipa role-add-privilege --privileges=addusers junioradmin\n" -" ipa role-add-privilege --privileges=change_password junioradmin\n" -" ipa role-add-privilege --privileges=add_user_to_default_group " -"junioradmin\n" -"\n" -" Add a group of users to this role:\n" -" ipa group-add --desc=\"User admins\" useradmins\n" -" ipa role-add-member --groups=useradmins junioradmin\n" -"\n" -" Display information about a role:\n" -" ipa role-show junioradmin\n" -"\n" -" The result of this is that any users in the group 'junioradmin' can\n" -" add users, reset passwords or add a user to the default IPA user group.\n" -msgstr "" - -#, fuzzy -#| msgid "Rename" -msgid "Role name" -msgstr "Азнавномгузорӣ" - -msgid "A description of this role-group" -msgstr "" - -msgid "Member users" -msgstr "" - -#, fuzzy -#| msgid "User group" -msgid "Member groups" -msgstr "Гурӯҳи корбар" - -msgid "Privileges" -msgstr "" - -msgid "Member services" -msgstr "" - -msgid "Add a new role." -msgstr "" - -msgid "Add members to a role." -msgstr "" - -msgid "member service" -msgstr "" - -msgid "services to add" -msgstr "" - -msgid "Add privileges to a role." -msgstr "" - -msgid "privilege" -msgstr "" - -msgid "privileges" -msgstr "" - -msgid "Number of privileges added" -msgstr "" - -#, fuzzy -#| msgid "Delete all?" -msgid "Delete a role." -msgstr "Ҳамаро нест мекунед?" - -msgid "Search for roles." -msgstr "" - -msgid "Modify a role." -msgstr "" - -msgid "Rename the role object" -msgstr "" - -msgid "Remove members from a role." -msgstr "" - -msgid "services to remove" -msgstr "" - -msgid "Remove privileges from a role." -msgstr "" - -msgid "Number of privileges removed" -msgstr "" - -msgid "Display information about a role." -msgstr "" - -msgid "" -"\n" -"Self-service Permissions\n" -"\n" -"A permission enables fine-grained delegation of permissions. Access Control\n" -"Rules, or instructions (ACIs), grant permission to permissions to perform\n" -"given tasks such as adding a user, modifying a group, etc.\n" -"\n" -"A Self-service permission defines what an object can change in its own " -"entry.\n" -"\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a self-service rule to allow users to manage their address (using Bash\n" -" brace expansion):\n" -" ipa selfservice-add --permissions=write --attrs={street,postalCode,l,c," -"st} \"Users manage their own address\"\n" -"\n" -" When managing the list of attributes you need to include all attributes\n" -" in the list, including existing ones.\n" -" Add telephoneNumber to the list (using Bash brace expansion):\n" -" ipa selfservice-mod --attrs={street,postalCode,l,c,st,telephoneNumber} " -"\"Users manage their own address\"\n" -"\n" -" Display our updated rule:\n" -" ipa selfservice-show \"Users manage their own address\"\n" -"\n" -" Delete a rule:\n" -" ipa selfservice-del \"Users manage their own address\"\n" -msgstr "" - -#, fuzzy -#| msgid "User name" -msgid "Self-service name" -msgstr "Номи корбар" - -msgid "Attributes to which the permission applies." -msgstr "" - -msgid "Add a new self-service permission." -msgstr "" - -msgid "Delete a self-service permission." -msgstr "" - -msgid "Search for a self-service permission." -msgstr "" - -msgid "Modify a self-service permission." -msgstr "" - -msgid "Display information about a self-service permission." -msgstr "" - -msgid "" -"\n" -"SELinux User Mapping\n" -"\n" -"Map IPA users to SELinux users by host.\n" -"\n" -"Hosts, hostgroups, users and groups can be either defined within\n" -"the rule or it may point to an existing HBAC rule. When using\n" -"--hbacrule option to selinuxusermap-find an exact match is made on the\n" -"HBAC rule name, so only one or zero entries will be returned.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Create a rule, \"test1\", that sets all users to xguest_u:s0 on the host " -"\"server\":\n" -" ipa selinuxusermap-add --usercat=all --selinuxuser=xguest_u:s0 test1\n" -" ipa selinuxusermap-add-host --hosts=server.example.com test1\n" -"\n" -" Create a rule, \"test2\", that sets all users to guest_u:s0 and uses an " -"existing HBAC rule for users and hosts:\n" -" ipa selinuxusermap-add --usercat=all --hbacrule=webserver --" -"selinuxuser=guest_u:s0 test2\n" -"\n" -" Display the properties of a rule:\n" -" ipa selinuxusermap-show test2\n" -"\n" -" Create a rule for a specific user. This sets the SELinux context for\n" -" user john to unconfined_u:s0-s0:c0.c1023 on any machine:\n" -" ipa selinuxusermap-add --hostcat=all --selinuxuser=unconfined_u:s0-s0:c0." -"c1023 john_unconfined\n" -" ipa selinuxusermap-add-user --users=john john_unconfined\n" -"\n" -" Disable a rule:\n" -" ipa selinuxusermap-disable test1\n" -"\n" -" Enable a rule:\n" -" ipa selinuxusermap-enable test1\n" -"\n" -" Find a rule referencing a specific HBAC rule:\n" -" ipa selinuxusermap-find --hbacrule=allow_some\n" -"\n" -" Remove a rule:\n" -" ipa selinuxusermap-del john_unconfined\n" -"\n" -"SEEALSO:\n" -"\n" -" The list controlling the order in which the SELinux user map is applied\n" -" and the default SELinux user are available in the config-show command.\n" -msgstr "" - -msgid "SELinux User" -msgstr "" - -msgid "HBAC Rule" -msgstr "" - -msgid "HBAC Rule that defines the users, groups and hostgroups" -msgstr "" - -msgid "Create a new SELinux User Map." -msgstr "" - -msgid "Add target hosts and hostgroups to an SELinux User Map rule." -msgstr "" - -msgid "Add users and groups to an SELinux User Map rule." -msgstr "" - -msgid "Delete a SELinux User Map." -msgstr "" - -msgid "Disable an SELinux User Map rule." -msgstr "" - -msgid "Enable an SELinux User Map rule." -msgstr "" - -msgid "Search for SELinux User Maps." -msgstr "" - -msgid "Modify a SELinux User Map." -msgstr "" - -msgid "Remove target hosts and hostgroups from an SELinux User Map rule." -msgstr "" - -msgid "Remove users and groups from an SELinux User Map rule." -msgstr "" - -msgid "Display the properties of a SELinux User Map rule." -msgstr "" - -msgid "" -"\n" -"Services\n" -"\n" -"A IPA service represents a service that runs on a host. The IPA service\n" -"record can store a Kerberos principal, an SSL certificate, or both.\n" -"\n" -"An IPA service can be managed directly from a machine, provided that\n" -"machine has been given the correct permission. This is true even for\n" -"machines other than the one the service is associated with. For example,\n" -"requesting an SSL certificate using the host service principal credentials\n" -"of the host. To manage a service using host credentials you need to\n" -"kinit as the host:\n" -"\n" -" # kinit -kt /etc/krb5.keytab host/ipa.example.com@EXAMPLE.COM\n" -"\n" -"Adding an IPA service allows the associated service to request an SSL\n" -"certificate or keytab, but this is performed as a separate step; they\n" -"are not produced as a result of adding the service.\n" -"\n" -"Only the public aspect of a certificate is stored in a service record;\n" -"the private key is not stored.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a new IPA service:\n" -" ipa service-add HTTP/web.example.com\n" -"\n" -" Allow a host to manage an IPA service certificate:\n" -" ipa service-add-host --hosts=web.example.com HTTP/web.example.com\n" -" ipa role-add-member --hosts=web.example.com certadmin\n" -"\n" -" Override a default list of supported PAC types for the service:\n" -" ipa service-mod HTTP/web.example.com --pac-type=MS-PAC\n" -"\n" -" A typical use case where overriding the PAC type is needed is NFS.\n" -" Currently the related code in the Linux kernel can only handle Kerberos\n" -" tickets up to a maximal size. Since the PAC data can become quite large " -"it\n" -" is recommended to set --pac-type=NONE for NFS services.\n" -"\n" -" Delete an IPA service:\n" -" ipa service-del HTTP/web.example.com\n" -"\n" -" Find all IPA services associated with a host:\n" -" ipa service-find web.example.com\n" -"\n" -" Find all HTTP services:\n" -" ipa service-find HTTP\n" -"\n" -" Disable the service Kerberos key and SSL certificate:\n" -" ipa service-disable HTTP/web.example.com\n" -"\n" -" Request a certificate for an IPA service:\n" -" ipa cert-request --principal=HTTP/web.example.com example.csr\n" -"\n" -" Allow user to create a keytab:\n" -" ipa service-allow-create-keytab HTTP/web.example.com --users=tuser1\n" -"\n" -" Generate and retrieve a keytab for an IPA service:\n" -" ipa-getkeytab -s ipa.example.com -p HTTP/web.example.com -k /etc/httpd/" -"httpd.keytab\n" -msgstr "" - -#, fuzzy -#| msgid "Principal" -msgid "Service principal" -msgstr "Асосӣ" - -msgid "PAC type" -msgstr "" - -msgid "" -"Override default list of supported PAC types. Use 'NONE' to disable PAC " -"support for this service, e.g. this might be necessary for NFS services." -msgstr "" - -msgid "Add a new IPA new service." -msgstr "" - -msgid "force principal name even if not in DNS" -msgstr "" - -msgid "Add hosts that can manage this service." -msgstr "" - -msgid "" -"Allow users, groups, hosts or host groups to create a keytab of this service." -msgstr "" - -msgid "" -"Allow users, groups, hosts or host groups to retrieve a keytab of this " -"service." -msgstr "" - -msgid "Delete an IPA service." -msgstr "" - -msgid "Disable the Kerberos key and SSL certificate of a service." -msgstr "" - -msgid "" -"Disallow users, groups, hosts or host groups to create a keytab of this " -"service." -msgstr "" - -msgid "" -"Disallow users, groups, hosts or host groups to retrieve a keytab of this " -"service." -msgstr "" - -msgid "Search for IPA services." -msgstr "" - -msgid "Results should contain primary key attribute only (\"principal\")" -msgstr "" - -msgid "Search for services with these managed by hosts." -msgstr "" - -msgid "Search for services without these managed by hosts." -msgstr "" - -msgid "Modify an existing IPA service." -msgstr "" - -msgid "Remove hosts that can manage this service." -msgstr "" - -msgid "Display information about an IPA service." -msgstr "" - -msgid "" -"\n" -"Session Support for IPA\n" -"John Dennis \n" -"\n" -"Goals\n" -"=====\n" -"\n" -"Provide per-user session data caching which persists between\n" -"requests. Desired features are:\n" -"\n" -"* Integrates cleanly with minimum impact on existing infrastructure.\n" -"\n" -"* Provides maximum security balanced against real-world performance\n" -" demands.\n" -"\n" -"* Sessions must be able to be revoked (flushed).\n" -"\n" -"* Should be flexible and easy to use for developers.\n" -"\n" -"* Should leverage existing technology and code to the maximum extent\n" -" possible to avoid re-invention, excessive implementation time and to\n" -" benefit from robustness in field proven components commonly shared\n" -" in the open source community.\n" -"\n" -"* Must support multiple independent processes which share session\n" -" data.\n" -"\n" -"* System must function correctly if session data is available or not.\n" -"\n" -"* Must be high performance.\n" -"\n" -"* Should not be tied to specific web servers or browsers. Should\n" -" integrate with our chosen WSGI model.\n" -"\n" -"Issues\n" -"======\n" -"\n" -"Cookies\n" -"-------\n" -"\n" -"Most session implementations are based on the use of cookies. Cookies\n" -"have some inherent problems.\n" -"\n" -"* User has the option to disable cookies.\n" -"\n" -"* User stored cookie data is not secure. Can be mitigated by setting\n" -" flags indicating the cookie is only to be used with SSL secured HTTP\n" -" connections to specific web resources and setting the cookie to\n" -" expire at session termination. Most modern browsers enforce these.\n" -"\n" -"Where to store session data?\n" -"----------------------------\n" -"\n" -"Session data may be stored on either on the client or on the\n" -"server. Storing session data on the client addresses the problem of\n" -"session data availability when requests are serviced by independent web\n" -"servers because the session data travels with the request. However\n" -"there are data size limitations. Storing session data on the client\n" -"also exposes sensitive data but this can be mitigated by encrypting\n" -"the session data such that only the server can decrypt it.\n" -"\n" -"The more conventional approach is to bind session data to a unique\n" -"name, the session ID. The session ID is transmitted to the client and\n" -"the session data is paired with the session ID on the server in a\n" -"associative data store. The session data is retrieved by the server\n" -"using the session ID when the receiving the request. This eliminates\n" -"exposing sensitive session data on the client along with limitations\n" -"on data size. It however introduces the issue of session data\n" -"availability when requests are serviced by more than one server\n" -"process.\n" -"\n" -"Multi-process session data availability\n" -"---------------------------------------\n" -"\n" -"Apache (and other web servers) fork child processes to handle requests\n" -"in parallel. Also web servers may be deployed in a farm where requests\n" -"are load balanced in round robin fashion across different nodes. In\n" -"both cases session data cannot be stored in the memory of a server\n" -"process because it is not available to other processes, either sibling\n" -"children of a master server process or server processes on distinct\n" -"nodes.\n" -"\n" -"Typically this is addressed by storing session data in a SQL\n" -"database. When a request is received by a server process containing a\n" -"session ID in it's cookie data the session ID is used to perform a SQL\n" -"query and the resulting data is then attached to the request as it\n" -"proceeds through the request processing pipeline. This of course\n" -"introduces coherency issues.\n" -"\n" -"For IPA the introduction of a SQL database dependency is undesired and\n" -"should be avoided.\n" -"\n" -"Session data may also be shared by independent processes by storing\n" -"the session data in files.\n" -"\n" -"An alternative solution which has gained considerable popularity\n" -"recently is the use of a fast memory based caching server. Data is\n" -"stored in a single process memory and may be queried and set via a\n" -"light weight protocol using standard socket mechanisms, memcached is\n" -"one example. A typical use is to optimize SQL queries by storing a SQL\n" -"result in shared memory cache avoiding the more expensive SQL\n" -"operation. But the memory cache has distinct advantages in non-SQL\n" -"situations as well.\n" -"\n" -"Possible implementations for use by IPA\n" -"=======================================\n" -"\n" -"Apache Sessions\n" -"---------------\n" -"\n" -"Apache has 2.3 has implemented session support via these modules:\n" -"\n" -" mod_session\n" -" Overarching session support based on cookies.\n" -"\n" -" See: http://httpd.apache.org/docs/2.3/mod/mod_session.html\n" -"\n" -" mod_session_cookie\n" -" Stores session data in the client.\n" -"\n" -" See: http://httpd.apache.org/docs/2.3/mod/mod_session_cookie.html\n" -"\n" -" mod_session_crypto\n" -" Encrypts session data for security. Encryption key is shared\n" -" configuration parameter visible to all Apache processes and is\n" -" stored in a configuration file.\n" -"\n" -" See: http://httpd.apache.org/docs/2.3/mod/mod_session_crypto.html\n" -"\n" -" mod_session_dbd\n" -" Stores session data in a SQL database permitting multiple\n" -" processes to access and share the same session data.\n" -"\n" -" See: http://httpd.apache.org/docs/2.3/mod/mod_session_dbd.html\n" -"\n" -"Issues with Apache sessions\n" -"~~~~~~~~~~~~~~~~~~~~~~~~~~~\n" -"\n" -"Although Apache has implemented generic session support and Apache is\n" -"our web server of preference it nonetheless introduces issues for IPA.\n" -"\n" -" * Session support is only available in httpd >= 2.3 which at the\n" -" time of this writing is currently only available as a Beta release\n" -" from upstream. We currently only ship httpd 2.2, the same is true\n" -" for other distributions.\n" -"\n" -" * We could package and ship the sessions modules as a temporary\n" -" package in httpd 2.2 environments. But this has the following\n" -" consequences:\n" -"\n" -" - The code has to be backported. the module API has changed\n" -" slightly between httpd 2.2 and 2.3. The backporting is not\n" -" terribly difficult and a proof of concept has been\n" -" implemented.\n" -"\n" -" - We would then be on the hook to package and maintain a special\n" -" case Apache package. This is maintenance burden as well as a\n" -" distribution packaging burden. Both of which would be best\n" -" avoided if possible.\n" -"\n" -" * The design of the Apache session modules is such that they can\n" -" only be manipulated by other Apache modules. The ability of\n" -" consumers of the session data to control the session data is\n" -" simplistic, constrained and static during the period the request\n" -" is processed. Request handlers which are not native Apache modules\n" -" (e.g. IPA via WSGI) can only examine the session data\n" -" via request headers and reset it in response headers.\n" -"\n" -" * Shared session data is available exclusively via SQL.\n" -"\n" -"However using the 2.3 Apache session modules would give us robust\n" -"session support implemented in C based on standardized Apache\n" -"interfaces which are widely used.\n" -"\n" -"Python Web Frameworks\n" -"---------------------\n" -"\n" -"Virtually every Python web framework supports cookie based sessions,\n" -"e.g. Django, Twisted, Zope, Turbogears etc. Early on in IPA we decided\n" -"to avoid the use of these frameworks. Trying to pull in just one part\n" -"of these frameworks just to get session support would be problematic\n" -"because the code does not function outside it's framework.\n" -"\n" -"IPA implemented sessions\n" -"------------------------\n" -"\n" -"Originally it was believed the path of least effort was to utilize\n" -"existing session support, most likely what would be provided by\n" -"Apache. However there are enough basic modular components available in\n" -"native Python and other standard packages it should be possible to\n" -"provide session support meeting the aforementioned goals with a modest\n" -"implementation effort. Because we're leveraging existing components\n" -"the implementation difficulties are subsumed by other components which\n" -"have already been field proven and have community support. This is a\n" -"smart strategy.\n" -"\n" -"Proposed Solution\n" -"=================\n" -"\n" -"Our interface to the web server is via WSGI which invokes a callback\n" -"per request passing us an environmental context for the request. For\n" -"this discussion we'll name the WSGI callback \"application()\", a\n" -"conventional name in WSGI parlance.\n" -"\n" -"Shared session data will be handled by memcached. We will create one\n" -"instance of memcached on each server node dedicated to IPA\n" -"exclusively. Communication with memcached will be via a UNIX socket\n" -"located in the file system under /var/run/ipa_memcached. It will be\n" -"protected by file permissions and optionally SELinux policy.\n" -"\n" -"In application() we examine the request cookies and if there is an IPA\n" -"session cookie with a session ID we retrieve the session data from our\n" -"memcached instance.\n" -"\n" -"The session data will be a Python dict. IPA components will read or\n" -"write their session information by using a pre-agreed upon name\n" -"(e.g. key) in the dict. This is a very flexible system and consistent\n" -"with how we pass data in most parts of IPA.\n" -"\n" -"If the session data is not available an empty session data dict will\n" -"be created.\n" -"\n" -"How does this session data travel with the request in the IPA\n" -"pipeline? In IPA we use the HTTP request/response to implement RPC. In\n" -"application() we convert the request into a procedure call passing it\n" -"arguments derived from the HTTP request. The passed parameters are\n" -"specific to the RPC method being invoked. The context the RPC call is\n" -"executing in is not passed as an RPC parameter.\n" -"\n" -"How would the contextual information such as session data be bound to\n" -"the request and hence the RPC call?\n" -"\n" -"In IPA when a RPC invocation is being prepared from a request we\n" -"recognize this will only ever be processed serially by one Python\n" -"thread. A thread local dict called \"context\" is allocated for each\n" -"thread. The context dict is cleared in between requests (e.g. RPC method\n" -"invocations). The per-thread context dict is populated during the\n" -"lifetime of the request and is used as a global data structure unique to\n" -"the request that various IPA component can read from and write to with\n" -"the assurance the data is unique to the current request and/or method\n" -"call.\n" -"\n" -"The session data dict will be written into the context dict under the\n" -"session key before the RPC method begins execution. Thus session data\n" -"can be read and written by any IPA component by accessing\n" -"``context.session``.\n" -"\n" -"When the RPC method finishes execution the session data bound to the\n" -"request/method is retrieved from the context and written back to the\n" -"memcached instance. The session ID is set in the response sent back to\n" -"the client in the ``Set-Cookie`` header along with the flags\n" -"controlling it's usage.\n" -"\n" -"Issues and details\n" -"------------------\n" -"\n" -"IPA code cannot depend on session data being present, however it\n" -"should always update session data with the hope it will be available\n" -"in the future. Session data may not be available because:\n" -"\n" -" * This is the first request from the user and no session data has\n" -" been created yet.\n" -"\n" -" * The user may have cookies disabled.\n" -"\n" -" * The session data may have been flushed. memcached operates with\n" -" a fixed memory allocation and will flush entries on a LRU basis,\n" -" like with any cache there is no guarantee of persistence.\n" -"\n" -" Also we may have have deliberately expired or deleted session\n" -" data, see below.\n" -"\n" -"Cookie manipulation is done via the standard Python Cookie module.\n" -"\n" -"Session cookies will be set to only persist as long as the browser has\n" -"the session open. They will be tagged so the browser only returns\n" -"the session ID on SSL secured HTTP requests. They will not be visible\n" -"to Javascript in the browser.\n" -"\n" -"Session ID's will be created by using 48 bits of random data and\n" -"converted to 12 hexadecimal digits. Newly generated session ID's will\n" -"be checked for prior existence to handle the unlikely case the random\n" -"number repeats.\n" -"\n" -"memcached will have significantly higher performance than a SQL or file\n" -"based storage solution. Communication is effectively though a pipe\n" -"(UNIX socket) using a very simple protocol and the data is held\n" -"entirely in process memory. memcached also scales easily, it is easy\n" -"to add more memcached processes and distribute the load across them.\n" -"At this point in time we don't anticipate the need for this.\n" -"\n" -"A very nice feature of the Python memcached module is that when a data\n" -"item is written to the cache it is done with standard Python pickling\n" -"(pickling is a standard Python mechanism to marshal and unmarshal\n" -"Python objects). We adopt the convention the object written to cache\n" -"will be a dict to meet our internal data handling conventions. The\n" -"pickling code will recursively handle nested objects in the dict. Thus\n" -"we gain a lot of flexibility using standard Python data structures to\n" -"store and retrieve our session data without having to author and debug\n" -"code to marshal and unmarshal the data if some other storage mechanism\n" -"had been used. This is a significant implementation win. Of course\n" -"some common sense limitations need to observed when deciding on what\n" -"is written to the session cache keeping in mind the data is shared\n" -"between processes and it should not be excessively large (a\n" -"configurable option)\n" -"\n" -"We can set an expiration on memcached entries. We may elect to do that\n" -"to force session data to be refreshed periodically. For example we may\n" -"wish the client to present fresh credentials on a periodic basis even\n" -"if the cached credentials are otherwise within their validity period.\n" -"\n" -"We can explicitly delete session data if for some reason we believe it\n" -"is stale, invalid or compromised.\n" -"\n" -"memcached also gives us certain facilities to prevent race conditions\n" -"between different processes utilizing the cache. For example you can\n" -"check of the entry has been modified since you last read it or use CAS\n" -"(Check And Set) semantics. What has to be protected in terms of cache\n" -"coherency will likely have to be determined as the session support is\n" -"utilized and different data items are added to the cache. This is very\n" -"much data and context specific. Fortunately memcached operations are\n" -"atomic.\n" -"\n" -"Controlling the memcached process\n" -"---------------------------------\n" -"\n" -"We need a mechanism to start the memcached process and secure it so\n" -"that only IPA components can access it.\n" -"\n" -"Although memcached ships with both an initscript and systemd unit\n" -"files those are for generic instances. We want a memcached instance\n" -"dedicated exclusively to IPA usage. To accomplish this we would install\n" -"a systemd unit file or an SysV initscript to control the IPA specific\n" -"memcached service. ipactl would be extended to know about this\n" -"additional service. systemd's cgroup facility would give us additional\n" -"mechanisms to integrate the IPA memcached service within a larger IPA\n" -"process group.\n" -"\n" -"Protecting the memcached data would be done via file permissions (and\n" -"optionally SELinux policy) on the UNIX domain socket. Although recent\n" -"implementations of memcached support authentication via SASL this\n" -"introduces a performance and complexity burden not warranted when\n" -"cached is dedicated to our exclusive use and access controlled by OS\n" -"mechanisms.\n" -"\n" -"Conventionally daemons are protected by assigning a system uid and/or\n" -"gid to the daemon. A daemon launched by root will drop it's privileges\n" -"by assuming the effective uid:gid assigned to it. File system access\n" -"is controlled by the OS via the effective identity and SELinux policy\n" -"can be crafted based on the identity. Thus the memcached UNIX socket\n" -"would be protected by having it owned by a specific system user and/or\n" -"membership in a restricted system group (discounting for the moment\n" -"SELinux).\n" -"\n" -"Unfortunately we currently do not have an IPA system uid whose\n" -"identity our processes operate under nor do we have an IPA system\n" -"group. IPA does manage a collection of related processes (daemons) and\n" -"historically each has been assigned their own uid. When these\n" -"unrelated processes communicate they mutually authenticate via other\n" -"mechanisms. We do not have much of a history of using shared file\n" -"system objects across identities. When file objects are created they\n" -"are typically assigned the identity of daemon needing to access the\n" -"object and are not accessed by other daemons, or they carry root\n" -"identity.\n" -"\n" -"When our WSGI application runs in Apache it is run as a WSGI\n" -"daemon. This means when Apache starts up it forks off WSGI processes\n" -"for us and we are independent of other Apache processes. When WSGI is\n" -"run in this mode there is the ability to set the uid:gid of the WSGI\n" -"process hosting us, however we currently do not take advantage of this\n" -"option. WSGI can be run in other modes as well, only in daemon mode\n" -"can the uid:gid be independently set from the rest of Apache. All\n" -"processes started by Apache can be set to a common uid:gid specified\n" -"in the global Apache configuration, by default it's\n" -"apache:apache. Thus when our IPA code executes it is running as\n" -"apache:apache.\n" -"\n" -"To protect our memcached UNIX socket we can do one of two things:\n" -"\n" -"1. Assign it's uid:gid as apache:apache. This would limit access to\n" -" our cache only to processes running under httpd. It's somewhat\n" -" restricted but far from ideal. Any code running in the web server\n" -" could potentially access our cache. It's difficult to control what the\n" -" web server runs and admins may not understand the consequences of\n" -" configuring httpd to serve other things besides IPA.\n" -"\n" -"2. Create an IPA specific uid:gid, for example ipa:ipa. We then configure\n" -" our WSGI application to run as the ipa:ipa user and group. We also\n" -" configure our memcached instance to run as the ipa:ipa user and\n" -" group. In this configuration we are now fully protected, only our WSGI\n" -" code can read & write to our memcached UNIX socket.\n" -"\n" -"However there may be unforeseen issues by converting our code to run as\n" -"something other than apache:apache. This would require some\n" -"investigation and testing.\n" -"\n" -"IPA is dependent on other system daemons, specifically Directory\n" -"Server (ds) and Certificate Server (cs). Currently we configure ds to\n" -"run under the dirsrv:dirsrv user and group, an identity of our\n" -"creation. We allow cs to default to it's pkiuser:pkiuser user and\n" -"group. Should these other cooperating daemons also run under the\n" -"common ipa:ipa user and group identities? At first blush there would\n" -"seem to be an advantage to coalescing all process identities under a\n" -"common IPA user and group identity. However these other processes do\n" -"not depend on user and group permissions when working with external\n" -"agents, processes, etc. Rather they are designed to be stand-alone\n" -"network services which authenticate their clients via other\n" -"mechanisms. They do depend on user and group permission to manage\n" -"their own file system objects. If somehow the ipa user and/or group\n" -"were compromised or malicious code somehow executed under the ipa\n" -"identity there would be an advantage in having the cooperating\n" -"processes cordoned off under their own identities providing one extra\n" -"layer of protection. (Note, these cooperating daemons may not even be\n" -"co-located on the same node in which case the issue is moot)\n" -"\n" -"The UNIX socket behavior (ldapi) with Directory Server is as follows:\n" -"\n" -" * The socket ownership is: root:root\n" -"\n" -" * The socket permissions are: 0666\n" -"\n" -" * When connecting via ldapi you must authenticate as you would\n" -" normally with a TCP socket, except ...\n" -"\n" -" * If autobind is enabled and the uid:gid is available via\n" -" SO_PEERCRED and the uid:gid can be found in the set of users known\n" -" to the Directory Server then that connection will be bound as that\n" -" user.\n" -"\n" -" * Otherwise an anonymous bind will occur.\n" -"\n" -"memcached UNIX socket behavior is as follows:\n" -"\n" -" * memcached can be invoked with a user argument, no group may be\n" -" specified. The effective uid is the uid of the user argument and\n" -" the effective gid is the primary group of the user, let's call\n" -" this euid:egid\n" -"\n" -" * The socket ownership is: euid:egid\n" -"\n" -" * The socket permissions are 0700 by default, but this can be\n" -" modified by the -a mask command line arg which sets the umask\n" -" (defaults to 0700).\n" -"\n" -"Overview of authentication in IPA\n" -"=================================\n" -"\n" -"This describes how we currently authenticate and how we plan to\n" -"improve authentication performance. First some definitions.\n" -"\n" -"There are 4 major players:\n" -"\n" -" 1. client\n" -" 2. mod_auth_kerb (in Apache process)\n" -" 3. wsgi handler (in IPA wsgi python process)\n" -" 4. ds (directory server)\n" -"\n" -"There are several resources:\n" -"\n" -" 1. /ipa/ui (unprotected, web UI static resources)\n" -" 2. /ipa/xml (protected, xmlrpc RPC used by command line clients)\n" -" 3. /ipa/json (protected, json RPC used by javascript in web UI)\n" -" 4. ds (protected, wsgi acts as proxy, our LDAP server)\n" -"\n" -"Current Model\n" -"-------------\n" -"\n" -"This describes how things work in our current system for the web UI.\n" -"\n" -" 1. Client requests /ipa/ui, this is unprotected, is static and\n" -" contains no sensitive information. Apache replies with html and\n" -" javascript. The javascript requests /ipa/json.\n" -"\n" -" 2. Client sends post to /ipa/json.\n" -"\n" -" 3. mod_auth_kerb is configured to protect /ipa/json, replies 401\n" -" authenticate negotiate.\n" -"\n" -" 4. Client resends with credentials\n" -"\n" -" 5. mod_auth_kerb validates credentials\n" -"\n" -" a. if invalid replies 403 access denied (stops here)\n" -"\n" -" b. if valid creates temporary ccache, adds KRB5CCNAME to request\n" -" headers\n" -"\n" -" 6. Request passed to wsgi handler\n" -"\n" -" a. validates request, KRB5CCNAME must be present, referrer, etc.\n" -"\n" -" b. ccache saved and used to bind to ds\n" -"\n" -" c. routes to specified RPC handler.\n" -"\n" -" 7. wsgi handler replies to client\n" -"\n" -"Proposed new session based optimization\n" -"---------------------------------------\n" -"\n" -"The round trip negotiate and credential validation in steps 3,4,5 is\n" -"expensive. This can be avoided if we can cache the client\n" -"credentials. With client sessions we can store the client credentials\n" -"in the session bound to the client.\n" -"\n" -"A few notes about the session implementation.\n" -"\n" -" * based on session cookies, cookies must be enabled\n" -"\n" -" * session cookie is secure, only passed on secure connections, only\n" -" passed to our URL resource, never visible to client javascript\n" -" etc.\n" -"\n" -" * session cookie has a session id which is used by wsgi handler to\n" -" retrieve client session data from shared multi-process cache.\n" -"\n" -"Changes to Apache's resource protection\n" -"---------------------------------------\n" -"\n" -" * /ipa/json is no longer protected by mod_auth_kerb. This is\n" -" necessary to avoid the negotiate expense in steps 3,4,5\n" -" above. Instead the /ipa/json resource will be protected in our wsgi\n" -" handler via the session cookie.\n" -"\n" -" * A new protected URI is introduced, /ipa/login. This resource\n" -" does no serve any data, it is used exclusively for authentication.\n" -"\n" -"The new sequence is:\n" -"\n" -" 1. Client requests /ipa/ui, this is unprotected. Apache replies with\n" -" html and javascript. The javascript requests /ipa/json.\n" -"\n" -" 2. Client sends post to /ipa/json, which is unprotected.\n" -"\n" -" 3. wsgi handler obtains session data from session cookie.\n" -"\n" -" a. if ccache is present in session data and is valid\n" -"\n" -" - request is further validated\n" -"\n" -" - ccache is established for bind to ds\n" -"\n" -" - request is routed to RPC handler\n" -"\n" -" - wsgi handler eventually replies to client\n" -"\n" -" b. if ccache is not present or not valid processing continues ...\n" -"\n" -" 4. wsgi handler replies with 401 Unauthorized\n" -"\n" -" 5. client sends request to /ipa/login to obtain session credentials\n" -"\n" -" 6. mod_auth_kerb replies 401 negotiate on /ipa/login\n" -"\n" -" 7. client sends credentials to /ipa/login\n" -"\n" -" 8. mod_auth_kerb validates credentials\n" -"\n" -" a. if valid\n" -"\n" -" - mod_auth_kerb permits access to /ipa/login. wsgi handler is\n" -" invoked and does the following:\n" -"\n" -" * establishes session for client\n" -"\n" -" * retrieves the ccache from KRB5CCNAME and stores it\n" -"\n" -" a. if invalid\n" -"\n" -" - mod_auth_kerb sends 403 access denied (processing stops)\n" -"\n" -" 9. client now posts the same data again to /ipa/json including\n" -" session cookie. Processing repeats starting at step 2 and since\n" -" the session data now contains a valid ccache step 3a executes, a\n" -" successful reply is sent to client.\n" -"\n" -"Command line client using xmlrpc\n" -"--------------------------------\n" -"\n" -"The above describes the web UI utilizing the json RPC mechanism. The\n" -"IPA command line tools utilize a xmlrpc RPC mechanism on the same\n" -"HTTP server. Access to the xmlrpc is via the /ipa/xml URI. The json\n" -"and xmlrpc API's are the same, they differ only on how their procedure\n" -"calls are marshalled and unmarshalled.\n" -"\n" -"Under the new scheme /ipa/xml will continue to be Kerberos protected\n" -"at all times. Apache's mod_auth_kerb will continue to require the\n" -"client provides valid Kerberos credentials.\n" -"\n" -"When the WSGI handler routes to /ipa/xml the Kerberos credentials will\n" -"be extracted from the KRB5CCNAME environment variable as provided by\n" -"mod_auth_kerb. Everything else remains the same.\n" -msgstr "" - -msgid "RPC command used to log the current user out of their session." -msgstr "" - -msgid "" -"\n" -"Sudo Commands\n" -"\n" -"Commands used as building blocks for sudo\n" -"\n" -"EXAMPLES:\n" -"\n" -" Create a new command\n" -" ipa sudocmd-add --desc='For reading log files' /usr/bin/less\n" -"\n" -" Remove a command\n" -" ipa sudocmd-del /usr/bin/less\n" -msgstr "" - -#, fuzzy -#| msgid "Commands" -msgid "Sudo Command" -msgstr "Фармонҳо" - -msgid "A description of this command" -msgstr "" - -msgid "Sudo Command Groups" -msgstr "" - -msgid "Create new Sudo Command." -msgstr "" - -msgid "Delete Sudo Command." -msgstr "" - -msgid "Search for Sudo Commands." -msgstr "" - -msgid "Results should contain primary key attribute only (\"command\")" -msgstr "" - -msgid "Modify Sudo Command." -msgstr "" - -msgid "Display Sudo Command." -msgstr "" - -msgid "" -"\n" -"Groups of Sudo Commands\n" -"\n" -"Manage groups of Sudo Commands.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a new Sudo Command Group:\n" -" ipa sudocmdgroup-add --desc='administrators commands' admincmds\n" -"\n" -" Remove a Sudo Command Group:\n" -" ipa sudocmdgroup-del admincmds\n" -"\n" -" Manage Sudo Command Group membership, commands:\n" -" ipa sudocmdgroup-add-member --sudocmds=/usr/bin/less --sudocmds=/usr/bin/" -"vim admincmds\n" -"\n" -" Manage Sudo Command Group membership, commands:\n" -" ipa group-remove-member --sudocmds=/usr/bin/less admincmds\n" -"\n" -" Show a Sudo Command Group:\n" -" ipa group-show localadmins\n" -msgstr "" - -msgid "Sudo Command Group" -msgstr "" - -#, fuzzy -#| msgid "description" -msgid "Group description" -msgstr "шарҳ" - -msgid "Commands" -msgstr "Фармонҳо" - -msgid "Member Sudo commands" -msgstr "" - -msgid "Create new Sudo Command Group." -msgstr "" - -msgid "Add members to Sudo Command Group." -msgstr "" - -msgid "member sudo command" -msgstr "" - -msgid "sudo commands to add" -msgstr "" - -msgid "Delete Sudo Command Group." -msgstr "" - -msgid "Search for Sudo Command Groups." -msgstr "" - -msgid "" -"Results should contain primary key attribute only (\"sudocmdgroup-name\")" -msgstr "" - -msgid "Modify Sudo Command Group." -msgstr "" - -msgid "Remove members from Sudo Command Group." -msgstr "" - -msgid "sudo commands to remove" -msgstr "" - -msgid "Display Sudo Command Group." -msgstr "" - -msgid "" -"\n" -"Sudo Rules\n" -"\n" -"Sudo (su \"do\") allows a system administrator to delegate authority to\n" -"give certain users (or groups of users) the ability to run some (or all)\n" -"commands as root or another user while providing an audit trail of the\n" -"commands and their arguments.\n" -"\n" -"FreeIPA provides a means to configure the various aspects of Sudo:\n" -" Users: The user(s)/group(s) allowed to invoke Sudo.\n" -" Hosts: The host(s)/hostgroup(s) which the user is allowed to to invoke " -"Sudo.\n" -" Allow Command: The specific command(s) permitted to be run via Sudo.\n" -" Deny Command: The specific command(s) prohibited to be run via Sudo.\n" -" RunAsUser: The user(s) or group(s) of users whose rights Sudo will be " -"invoked with.\n" -" RunAsGroup: The group(s) whose gid rights Sudo will be invoked with.\n" -" Options: The various Sudoers Options that can modify Sudo's behavior.\n" -"\n" -"An order can be added to a sudorule to control the order in which they\n" -"are evaluated (if the client supports it). This order is an integer and\n" -"must be unique.\n" -"\n" -"FreeIPA provides a designated binddn to use with Sudo located at:\n" -"uid=sudo,cn=sysaccounts,cn=etc,dc=example,dc=com\n" -"\n" -"To enable the binddn run the following command to set the password:\n" -"LDAPTLS_CACERT=/etc/ipa/ca.crt /usr/bin/ldappasswd -S -W -h ipa.example.com -" -"ZZ -D \"cn=Directory Manager\" uid=sudo,cn=sysaccounts,cn=etc,dc=example," -"dc=com\n" -"\n" -"EXAMPLES:\n" -"\n" -" Create a new rule:\n" -" ipa sudorule-add readfiles\n" -"\n" -" Add sudo command object and add it as allowed command in the rule:\n" -" ipa sudocmd-add /usr/bin/less\n" -" ipa sudorule-add-allow-command readfiles --sudocmds /usr/bin/less\n" -"\n" -" Add a host to the rule:\n" -" ipa sudorule-add-host readfiles --hosts server.example.com\n" -"\n" -" Add a user to the rule:\n" -" ipa sudorule-add-user readfiles --users jsmith\n" -"\n" -" Add a special Sudo rule for default Sudo server configuration:\n" -" ipa sudorule-add defaults\n" -"\n" -" Set a default Sudo option:\n" -" ipa sudorule-add-option defaults --sudooption '!authenticate'\n" -msgstr "" - -msgid "Command category" -msgstr "" - -msgid "Command category the rule applies to" -msgstr "" - -msgid "RunAs User category" -msgstr "" - -msgid "RunAs User category the rule applies to" -msgstr "" - -msgid "RunAs Group category" -msgstr "" - -msgid "RunAs Group category the rule applies to" -msgstr "" - -msgid "Sudo order" -msgstr "" - -msgid "integer to order the Sudo rules" -msgstr "" - -msgid "External User" -msgstr "" - -msgid "External User the rule applies to (sudorule-find only)" -msgstr "" - -#, fuzzy -#| msgid "Host Name" -msgid "Host Masks" -msgstr "Номи мизбон" - -msgid "Sudo Allow Commands" -msgstr "" - -#, fuzzy -#| msgid "Commands" -msgid "Sudo Deny Commands" -msgstr "Фармонҳо" - -msgid "Sudo Allow Command Groups" -msgstr "" - -msgid "Sudo Deny Command Groups" -msgstr "" - -msgid "RunAs Users" -msgstr "" - -msgid "Run as a user" -msgstr "" - -msgid "Groups of RunAs Users" -msgstr "" - -msgid "Run as any user within a specified group" -msgstr "" - -msgid "RunAs External User" -msgstr "" - -msgid "External User the commands can run as (sudorule-find only)" -msgstr "" - -msgid "External Groups of RunAs Users" -msgstr "" - -msgid "External Groups of users that the command can run as" -msgstr "" - -#, fuzzy -#| msgid "Groups" -msgid "RunAs Groups" -msgstr "Гуруҳҳо" - -msgid "Run with the gid of a specified POSIX group" -msgstr "" - -msgid "RunAs External Group" -msgstr "" - -msgid "External Group the commands can run as (sudorule-find only)" -msgstr "" - -msgid "Sudo Option" -msgstr "" - -msgid "Create new Sudo Rule." -msgstr "" - -msgid "Add commands and sudo command groups affected by Sudo Rule." -msgstr "" - -msgid "member sudo command group" -msgstr "" - -msgid "sudo command groups to add" -msgstr "" - -msgid "Add hosts and hostgroups affected by Sudo Rule." -msgstr "" - -msgid "host masks of allowed hosts" -msgstr "" - -msgid "Add an option to the Sudo Rule." -msgstr "" - -msgid "Add group for Sudo to execute as." -msgstr "" - -msgid "Add users and groups for Sudo to execute as." -msgstr "" - -msgid "Add users and groups affected by Sudo Rule." -msgstr "" - -msgid "Delete Sudo Rule." -msgstr "" - -msgid "Disable a Sudo Rule." -msgstr "" - -msgid "Enable a Sudo Rule." -msgstr "" - -msgid "Search for Sudo Rule." -msgstr "" - -msgid "Results should contain primary key attribute only (\"sudorule-name\")" -msgstr "" - -msgid "Modify Sudo Rule." -msgstr "" - -msgid "Remove commands and sudo command groups affected by Sudo Rule." -msgstr "" - -msgid "sudo command groups to remove" -msgstr "" - -msgid "Remove hosts and hostgroups affected by Sudo Rule." -msgstr "" - -msgid "Remove an option from Sudo Rule." -msgstr "" - -msgid "Remove group for Sudo to execute as." -msgstr "" - -msgid "Remove users and groups for Sudo to execute as." -msgstr "" - -msgid "Remove users and groups affected by Sudo Rule." -msgstr "" - -#, fuzzy -#| msgid "Display name" -msgid "Display Sudo Rule." -msgstr "Номи намоишӣ" - -msgid "" -"\n" -"Users\n" -"\n" -"Manage user entries. All users are POSIX users.\n" -"\n" -"IPA supports a wide range of username formats, but you need to be aware of " -"any\n" -"restrictions that may apply to your particular environment. For example,\n" -"usernames that start with a digit or usernames that exceed a certain length\n" -"may cause problems for some UNIX systems.\n" -"Use 'ipa config-mod' to change the username format allowed by IPA tools.\n" -"\n" -"Disabling a user account prevents that user from obtaining new Kerberos\n" -"credentials. It does not invalidate any credentials that have already\n" -"been issued.\n" -"\n" -"Password management is not a part of this module. For more information\n" -"about this topic please see: ipa help passwd\n" -"\n" -"Account lockout on password failure happens per IPA master. The user-status\n" -"command can be used to identify which master the user is locked out on.\n" -"It is on that master the administrator must unlock the user.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a new user:\n" -" ipa user-add --first=Tim --last=User --password tuser1\n" -"\n" -" Find all users whose entries include the string \"Tim\":\n" -" ipa user-find Tim\n" -"\n" -" Find all users with \"Tim\" as the first name:\n" -" ipa user-find --first=Tim\n" -"\n" -" Disable a user account:\n" -" ipa user-disable tuser1\n" -"\n" -" Enable a user account:\n" -" ipa user-enable tuser1\n" -"\n" -" Delete a user:\n" -" ipa user-del tuser1\n" -msgstr "" - -msgid "First name" -msgstr "Ном" - -msgid "Last name" -msgstr "Насаб" - -#, fuzzy -#| msgid "First name" -msgid "Full name" -msgstr "Ном" - -msgid "Display name" -msgstr "Номи намоишӣ" - -msgid "Initials" -msgstr "Ному насаб" - -msgid "Kerberos principal" -msgstr "" - -msgid "Kerberos principal expiration" -msgstr "" - -msgid "Email address" -msgstr "" - -msgid "Prompt to set the user password" -msgstr "" - -msgid "Generate a random user password" -msgstr "" - -msgid "User ID Number (system will assign one if not provided)" -msgstr "" - -msgid "Street address" -msgstr "" - -msgid "City" -msgstr "Шаҳр" - -msgid "State/Province" -msgstr "" - -msgid "ZIP" -msgstr "Рамзи ZIP" - -#, fuzzy -#| msgid "Serial Number" -msgid "Telephone Number" -msgstr "Рақами силсилавӣ" - -msgid "Mobile Telephone Number" -msgstr "" - -#, fuzzy -#| msgid "Fax Number" -msgid "Pager Number" -msgstr "Рақами факс" - -msgid "Fax Number" -msgstr "Рақами факс" - -msgid "Org. Unit" -msgstr "" - -msgid "Job Title" -msgstr "Вазифа" - -msgid "Car License" -msgstr "" - -msgid "Account disabled" -msgstr "" - -msgid "User authentication types" -msgstr "" - -msgid "Types of supported user authentication" -msgstr "" - -msgid "" -"User category (semantics placed on this attribute are for local " -"interpretation)" -msgstr "" - -#, fuzzy -#| msgid "Configuration" -msgid "RADIUS proxy configuration" -msgstr "Ҷӯрсозӣ" - -msgid "RADIUS proxy username" -msgstr "" - -#, fuzzy -#| msgid "Serial Number" -msgid "Department Number" -msgstr "Рақами силсилавӣ" - -msgid "Employee Number" -msgstr "" - -msgid "Employee Type" -msgstr "" - -msgid "Preferred Language" -msgstr "" - -#, fuzzy -#| msgid "User group" -msgid "Member of groups" -msgstr "Гурӯҳи корбар" - -msgid "Indirect Member of group" -msgstr "" - -msgid "Kerberos keys available" -msgstr "" - -msgid "Add a new user." -msgstr "" - -msgid "Don't create user private group" -msgstr "" - -#, fuzzy -#| msgid "Delete all?" -msgid "Delete a user." -msgstr "Ҳамаро нест мекунед?" - -msgid "Disable a user account." -msgstr "" - -msgid "Enable a user account." -msgstr "" - -msgid "Search for users." -msgstr "" - -msgid "Self" -msgstr "" - -msgid "Display user record for current Kerberos principal" -msgstr "" - -msgid "Results should contain primary key attribute only (\"login\")" -msgstr "" - -msgid "Search for users with these member of groups." -msgstr "" - -msgid "Search for users without these member of groups." -msgstr "" - -msgid "Search for users with these member of netgroups." -msgstr "" - -msgid "Search for users without these member of netgroups." -msgstr "" - -msgid "Search for users with these member of roles." -msgstr "" - -msgid "Search for users without these member of roles." -msgstr "" - -msgid "Search for users with these member of HBAC rules." -msgstr "" - -msgid "Search for users without these member of HBAC rules." -msgstr "" - -msgid "Search for users with these member of sudo rules." -msgstr "" - -msgid "Search for users without these member of sudo rules." -msgstr "" - -msgid "Modify a user." -msgstr "" - -msgid "Rename the user object" -msgstr "" - -msgid "Display information about a user." -msgstr "" - -msgid "" -"\n" -"Lockout status of a user account\n" -"\n" -" An account may become locked if the password is entered incorrectly too\n" -" many times within a specific time period as controlled by password\n" -" policy. A locked account is a temporary condition and may be unlocked " -"by\n" -" an administrator.\n" -"\n" -" This connects to each IPA master and displays the lockout status on\n" -" each one.\n" -"\n" -" To determine whether an account is locked on a given server you need\n" -" to compare the number of failed logins and the time of the last " -"failure.\n" -" For an account to be locked it must exceed the maxfail failures within\n" -" the failinterval duration as specified in the password policy " -"associated\n" -" with the user.\n" -"\n" -" The failed login counter is modified only when a user attempts a log in\n" -" so it is possible that an account may appear locked but the last failed\n" -" login attempt is older than the lockouttime of the password policy. " -"This\n" -" means that the user may attempt a login again.\n" -" " -msgstr "" - -msgid "" -"\n" -"Unlock a user account\n" -"\n" -" An account may become locked if the password is entered incorrectly too\n" -" many times within a specific time period as controlled by password\n" -" policy. A locked account is a temporary condition and may be unlocked " -"by\n" -" an administrator.\n" -" " -msgstr "" - -msgid "" -"\n" -"Auto Membership Rule.\n" -"\n" -"Bring clarity to the membership of hosts and users by configuring inclusive\n" -"or exclusive regex patterns, you can automatically assign a new entries " -"into\n" -"a group or hostgroup based upon attribute information.\n" -"\n" -"A rule is directly associated with a group by name, so you cannot create\n" -"a rule without an accompanying group or hostgroup.\n" -"\n" -"A condition is a regular expression used by 389-ds to match a new incoming\n" -"entry with an automember rule. If it matches an inclusive rule then the\n" -"entry is added to the appropriate group or hostgroup.\n" -"\n" -"A default group or hostgroup could be specified for entries that do not\n" -"match any rule. In case of user entries this group will be a fallback group\n" -"because all users are by default members of group specified in IPA config.\n" -"\n" -"The automember-rebuild command can be used to retroactively run automember " -"rules\n" -"against existing entries, thus rebuilding their membership.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add the initial group or hostgroup:\n" -" ipa hostgroup-add --desc=\"Web Servers\" webservers\n" -" ipa group-add --desc=\"Developers\" devel\n" -"\n" -" Add the initial rule:\n" -" ipa automember-add --type=hostgroup webservers\n" -" ipa automember-add --type=group devel\n" -"\n" -" Add a condition to the rule:\n" -" ipa automember-add-condition --key=fqdn --type=hostgroup --inclusive-" -"regex=^web[1-9]+\\.example\\.com webservers\n" -" ipa automember-add-condition --key=manager --type=group --inclusive-" -"regex=^uid=mscott devel\n" -"\n" -" Add an exclusive condition to the rule to prevent auto assignment:\n" -" ipa automember-add-condition --key=fqdn --type=hostgroup --exclusive-" -"regex=^web5\\.example\\.com webservers\n" -"\n" -" Add a host:\n" -" ipa host-add web1.example.com\n" -"\n" -" Add a user:\n" -" ipa user-add --first=Tim --last=User --password tuser1 --manager=mscott\n" -"\n" -" Verify automembership:\n" -" ipa hostgroup-show webservers\n" -" Host-group: webservers\n" -" Description: Web Servers\n" -" Member hosts: web1.example.com\n" -"\n" -" ipa group-show devel\n" -" Group name: devel\n" -" Description: Developers\n" -" GID: 1004200000\n" -" Member users: tuser\n" -"\n" -" Remove a condition from the rule:\n" -" ipa automember-remove-condition --key=fqdn --type=hostgroup --inclusive-" -"regex=^web[1-9]+\\.example\\.com webservers\n" -"\n" -" Modify the automember rule:\n" -" ipa automember-mod\n" -"\n" -" Set the default (fallback) target group:\n" -" ipa automember-default-group-set --default-group=webservers --" -"type=hostgroup\n" -" ipa automember-default-group-set --default-group=ipausers --type=group\n" -"\n" -" Remove the default (fallback) target group:\n" -" ipa automember-default-group-remove --type=hostgroup\n" -" ipa automember-default-group-remove --type=group\n" -"\n" -" Show the default (fallback) target group:\n" -" ipa automember-default-group-show --type=hostgroup\n" -" ipa automember-default-group-show --type=group\n" -"\n" -" Find all of the automember rules:\n" -" ipa automember-find\n" -"\n" -" Display a automember rule:\n" -" ipa automember-show --type=hostgroup webservers\n" -" ipa automember-show --type=group devel\n" -"\n" -" Delete an automember rule:\n" -" ipa automember-del --type=hostgroup webservers\n" -" ipa automember-del --type=group devel\n" -"\n" -" Rebuild membership for all users:\n" -" ipa automember-rebuild --type=group\n" -"\n" -" Rebuild membership for all hosts:\n" -" ipa automember-rebuild --type=hostgroup\n" -"\n" -" Rebuild membership for specified users:\n" -" ipa automember-rebuild --users=tuser1 --users=tuser2\n" -"\n" -" Rebuild membership for specified hosts:\n" -" ipa automember-rebuild --hosts=web1.example.com --hosts=web2.example." -"com\n" -msgstr "" - -msgid "A description of this auto member rule" -msgstr "" - -msgid "Default (fallback) Group" -msgstr "" - -msgid "Default group for entries to land" -msgstr "" - -msgid "Add an automember rule." -msgstr "" - -msgid "Automember Rule" -msgstr "" - -msgid "Grouping Type" -msgstr "" - -msgid "Grouping to which the rule applies" -msgstr "" - -msgid "Add conditions to an automember rule." -msgstr "" - -msgid "Inclusive Regex" -msgstr "" - -msgid "Exclusive Regex" -msgstr "" - -#, fuzzy -#| msgid "Attribute" -msgid "Attribute Key" -msgstr "Аттрибут" - -msgid "" -"Attribute to filter via regex. For example fqdn for a host, or manager for a " -"user" -msgstr "" - -msgid "Conditions that could not be added" -msgstr "" - -msgid "Number of conditions added" -msgstr "" - -msgid "Remove default (fallback) group for all unmatched entries." -msgstr "" - -msgid "Set default (fallback) group for all unmatched entries." -msgstr "" - -msgid "Default (fallback) group for entries to land" -msgstr "" - -msgid "Display information about the default (fallback) automember groups." -msgstr "" - -msgid "Delete an automember rule." -msgstr "" - -msgid "Search for automember rules." -msgstr "" - -msgid "Modify an automember rule." -msgstr "" - -msgid "Rebuild auto membership." -msgstr "" - -msgid "Rebuild membership for all members of a grouping" -msgstr "" - -msgid "Rebuild membership for specified users" -msgstr "" - -msgid "Rebuild membership for specified hosts" -msgstr "" - -msgid "No wait" -msgstr "" - -msgid "Don't wait for rebuilding membership" -msgstr "" - -msgid "Remove conditions from an automember rule." -msgstr "" - -msgid "Conditions that could not be removed" -msgstr "" - -msgid "Number of conditions removed" -msgstr "" - -msgid "Display information about an automember rule." -msgstr "" - -msgid "" -"\n" -"IPA certificate operations\n" -"\n" -"Implements a set of commands for managing server SSL certificates.\n" -"\n" -"Certificate requests exist in the form of a Certificate Signing Request " -"(CSR)\n" -"in PEM format.\n" -"\n" -"The dogtag CA uses just the CN value of the CSR and forces the rest of the\n" -"subject to values configured in the server.\n" -"\n" -"A certificate is stored with a service principal and a service principal\n" -"needs a host.\n" -"\n" -"In order to request a certificate:\n" -"\n" -"* The host must exist\n" -"* The service must exist (or you use the --add option to automatically add " -"it)\n" -"\n" -"SEARCHING:\n" -"\n" -"Certificates may be searched on by certificate subject, serial number,\n" -"revocation reason, validity dates and the issued date.\n" -"\n" -"When searching on dates the _from date does a >= search and the _to date\n" -"does a <= search. When combined these are done as an AND.\n" -"\n" -"Dates are treated as GMT to match the dates in the certificates.\n" -"\n" -"The date format is YYYY-mm-dd.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Request a new certificate and add the principal:\n" -" ipa cert-request --add --principal=HTTP/lion.example.com example.csr\n" -"\n" -" Retrieve an existing certificate:\n" -" ipa cert-show 1032\n" -"\n" -" Revoke a certificate (see RFC 5280 for reason details):\n" -" ipa cert-revoke --revocation-reason=6 1032\n" -"\n" -" Remove a certificate from revocation hold status:\n" -" ipa cert-remove-hold 1032\n" -"\n" -" Check the status of a signing request:\n" -" ipa cert-status 10\n" -"\n" -" Search for certificates by hostname:\n" -" ipa cert-find --subject=ipaserver.example.com\n" -"\n" -" Search for revoked certificates by reason:\n" -" ipa cert-find --revocation-reason=5\n" -"\n" -" Search for certificates based on issuance date\n" -" ipa cert-find --issuedon-from=2013-02-01 --issuedon-to=2013-02-07\n" -"\n" -"IPA currently immediately issues (or declines) all certificate requests so\n" -"the status of a request is not normally useful. This is for future use\n" -"or the case where a CA does not immediately issue a certificate.\n" -"\n" -"The following revocation reasons are supported:\n" -"\n" -" * 0 - unspecified\n" -" * 1 - keyCompromise\n" -" * 2 - cACompromise\n" -" * 3 - affiliationChanged\n" -" * 4 - superseded\n" -" * 5 - cessationOfOperation\n" -" * 6 - certificateHold\n" -" * 8 - removeFromCRL\n" -" * 9 - privilegeWithdrawn\n" -" * 10 - aACompromise\n" -"\n" -"Note that reason code 7 is not used. See RFC 5280 for more details:\n" -"\n" -"http://www.ietf.org/rfc/rfc5280.txt\n" -msgstr "" - -msgid "Checks if any of the servers has the CA service enabled." -msgstr "" - -msgid "Search for existing certificates." -msgstr "" - -msgid "Match cn attribute in subject" -msgstr "" - -msgid "Reason" -msgstr "" - -msgid "Reason for revoking the certificate (0-10)" -msgstr "" - -#, fuzzy -#| msgid "Serial number" -msgid "minimum serial number" -msgstr "Рақами силсилавӣ" - -#, fuzzy -#| msgid "Serial number" -msgid "maximum serial number" -msgstr "Рақами силсилавӣ" - -msgid "match the common name exactly" -msgstr "" - -msgid "Valid not after from this date (YYYY-mm-dd)" -msgstr "" - -msgid "Valid not after to this date (YYYY-mm-dd)" -msgstr "" - -msgid "Valid not before from this date (YYYY-mm-dd)" -msgstr "" - -msgid "Valid not before to this date (YYYY-mm-dd)" -msgstr "" - -msgid "Issued on from this date (YYYY-mm-dd)" -msgstr "" - -msgid "Issued on to this date (YYYY-mm-dd)" -msgstr "" - -msgid "Revoked on from this date (YYYY-mm-dd)" -msgstr "" - -msgid "Revoked on to this date (YYYY-mm-dd)" -msgstr "" - -msgid "Maximum number of certs returned" -msgstr "" - -msgid "Take a revoked certificate off hold." -msgstr "" - -msgid "Serial number" -msgstr "Рақами силсилавӣ" - -msgid "Serial number in decimal or if prefixed with 0x in hexadecimal" -msgstr "" - -msgid "Submit a certificate signing request." -msgstr "" - -msgid "CSR" -msgstr "" - -msgid "Service principal for this certificate (e.g. HTTP/test.example.com)" -msgstr "" - -msgid "automatically add the principal if it doesn't exist" -msgstr "" - -msgid "Revoke a certificate." -msgstr "" - -msgid "Retrieve an existing certificate." -msgstr "" - -#, fuzzy -#| msgid "filename" -msgid "Output filename" -msgstr "номи файл" - -msgid "File to store the certificate in." -msgstr "" - -msgid "Check the status of a certificate signing request." -msgstr "" - -msgid "Request id" -msgstr "" - -msgid "" -"\n" -"Groups of users\n" -"\n" -"Manage groups of users. By default, new groups are POSIX groups. You\n" -"can add the --nonposix option to the group-add command to mark a new group\n" -"as non-POSIX. You can use the --posix argument with the group-mod command\n" -"to convert a non-POSIX group into a POSIX group. POSIX groups cannot be\n" -"converted to non-POSIX groups.\n" -"\n" -"Every group must have a description.\n" -"\n" -"POSIX groups must have a Group ID (GID) number. Changing a GID is\n" -"supported but can have an impact on your file permissions. It is not " -"necessary\n" -"to supply a GID when creating a group. IPA will generate one automatically\n" -"if it is not provided.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a new group:\n" -" ipa group-add --desc='local administrators' localadmins\n" -"\n" -" Add a new non-POSIX group:\n" -" ipa group-add --nonposix --desc='remote administrators' remoteadmins\n" -"\n" -" Convert a non-POSIX group to posix:\n" -" ipa group-mod --posix remoteadmins\n" -"\n" -" Add a new POSIX group with a specific Group ID number:\n" -" ipa group-add --gid=500 --desc='unix admins' unixadmins\n" -"\n" -" Add a new POSIX group and let IPA assign a Group ID number:\n" -" ipa group-add --desc='printer admins' printeradmins\n" -"\n" -" Remove a group:\n" -" ipa group-del unixadmins\n" -"\n" -" To add the \"remoteadmins\" group to the \"localadmins\" group:\n" -" ipa group-add-member --groups=remoteadmins localadmins\n" -"\n" -" Add multiple users to the \"localadmins\" group:\n" -" ipa group-add-member --users=test1 --users=test2 localadmins\n" -"\n" -" Remove a user from the \"localadmins\" group:\n" -" ipa group-remove-member --users=test2 localadmins\n" -"\n" -" Display information about a named group.\n" -" ipa group-show localadmins\n" -"\n" -"External group membership is designed to allow users from trusted domains\n" -"to be mapped to local POSIX groups in order to actually use IPA resources.\n" -"External members should be added to groups that specifically created as\n" -"external and non-POSIX. Such group later should be included into one of " -"POSIX\n" -"groups.\n" -"\n" -"An external group member is currently a Security Identifier (SID) as defined " -"by\n" -"the trusted domain. When adding external group members, it is possible to\n" -"specify them in either SID, or DOM\\name, or name@domain format. IPA will " -"attempt\n" -"to resolve passed name to SID with the use of Global Catalog of the trusted " -"domain.\n" -"\n" -"Example:\n" -"\n" -"1. Create group for the trusted domain admins' mapping and their local POSIX " -"group:\n" -"\n" -" ipa group-add --desc=' admins external map' ad_admins_external " -"--external\n" -" ipa group-add --desc=' admins' ad_admins\n" -"\n" -"2. Add security identifier of Domain Admins of the to the " -"ad_admins_external\n" -" group:\n" -"\n" -" ipa group-add-member ad_admins_external --external 'AD\\Domain Admins'\n" -"\n" -"3. Allow members of ad_admins_external group to be associated with ad_admins " -"POSIX group:\n" -"\n" -" ipa group-add-member ad_admins --groups ad_admins_external\n" -"\n" -"4. List members of external members of ad_admins_external group to see their " -"SIDs:\n" -"\n" -" ipa group-show ad_admins_external\n" -msgstr "" - -msgid "GID (use this option to set it manually)" -msgstr "" - -msgid "Indirect Member users" -msgstr "" - -msgid "Indirect Member groups" -msgstr "" - -msgid "Create a new group." -msgstr "" - -msgid "Create as a non-POSIX group" -msgstr "" - -msgid "Allow adding external non-IPA members from trusted domains" -msgstr "" - -msgid "Add members to a group." -msgstr "" - -#, fuzzy -#| msgid "Serial Number" -msgid "External member" -msgstr "Рақами силсилавӣ" - -msgid "Members of a trusted domain in DOM\\name or name@domain form" -msgstr "" - -#, fuzzy -#| msgid "Delete" -msgid "Delete group." -msgstr "Нест кардан" - -msgid "Detach a managed group from a user." -msgstr "" - -msgid "Search for groups." -msgstr "" - -msgid "search for private groups" -msgstr "" - -msgid "search for POSIX groups" -msgstr "" - -msgid "" -"search for groups with support of external non-IPA members from trusted " -"domains" -msgstr "" - -msgid "search for non-POSIX groups" -msgstr "" - -msgid "Results should contain primary key attribute only (\"group-name\")" -msgstr "" - -msgid "Search for groups with these member users." -msgstr "" - -msgid "Search for groups without these member users." -msgstr "" - -msgid "Search for groups with these member groups." -msgstr "" - -msgid "Search for groups without these member groups." -msgstr "" - -msgid "Search for groups with these member of groups." -msgstr "" - -msgid "Search for groups without these member of groups." -msgstr "" - -msgid "Search for groups with these member of netgroups." -msgstr "" - -msgid "Search for groups without these member of netgroups." -msgstr "" - -msgid "Search for groups with these member of roles." -msgstr "" - -msgid "Search for groups without these member of roles." -msgstr "" - -msgid "Search for groups with these member of HBAC rules." -msgstr "" - -msgid "Search for groups without these member of HBAC rules." -msgstr "" - -msgid "Search for groups with these member of sudo rules." -msgstr "" - -msgid "Search for groups without these member of sudo rules." -msgstr "" - -msgid "Modify a group." -msgstr "" - -msgid "change to a POSIX group" -msgstr "" - -msgid "change to support external non-IPA members from trusted domains" -msgstr "" - -msgid "Rename the group object" -msgstr "" - -msgid "Remove members from a group." -msgstr "" - -msgid "Display information about a named group." -msgstr "" - -msgid "" -"\n" -"Simulate use of Host-based access controls\n" -"\n" -"HBAC rules control who can access what services on what hosts.\n" -"You can use HBAC to control which users or groups can access a service,\n" -"or group of services, on a target host.\n" -"\n" -"Since applying HBAC rules implies use of a production environment,\n" -"this plugin aims to provide simulation of HBAC rules evaluation without\n" -"having access to the production environment.\n" -"\n" -" Test user coming to a service on a named host against\n" -" existing enabled rules.\n" -"\n" -" ipa hbactest --user= --host= --service=\n" -" [--rules=rules-list] [--nodetail] [--enabled] [--disabled]\n" -" [--sizelimit= ]\n" -"\n" -" --user, --host, and --service are mandatory, others are optional.\n" -"\n" -" If --rules is specified simulate enabling of the specified rules and test\n" -" the login of the user using only these rules.\n" -"\n" -" If --enabled is specified, all enabled HBAC rules will be added to " -"simulation\n" -"\n" -" If --disabled is specified, all disabled HBAC rules will be added to " -"simulation\n" -"\n" -" If --nodetail is specified, do not return information about rules matched/" -"not matched.\n" -"\n" -" If both --rules and --enabled are specified, apply simulation to --rules " -"_and_\n" -" all IPA enabled rules.\n" -"\n" -" If no --rules specified, simulation is run against all IPA enabled rules.\n" -" By default there is a IPA-wide limit to number of entries fetched, you can " -"change it\n" -" with --sizelimit option.\n" -"\n" -"EXAMPLES:\n" -"\n" -" 1. Use all enabled HBAC rules in IPA database to simulate:\n" -" $ ipa hbactest --user=a1a --host=bar --service=sshd\n" -" --------------------\n" -" Access granted: True\n" -" --------------------\n" -" Not matched rules: my-second-rule\n" -" Not matched rules: my-third-rule\n" -" Not matched rules: myrule\n" -" Matched rules: allow_all\n" -"\n" -" 2. Disable detailed summary of how rules were applied:\n" -" $ ipa hbactest --user=a1a --host=bar --service=sshd --nodetail\n" -" --------------------\n" -" Access granted: True\n" -" --------------------\n" -"\n" -" 3. Test explicitly specified HBAC rules:\n" -" $ ipa hbactest --user=a1a --host=bar --service=sshd \\\n" -" --rules=myrule --rules=my-second-rule\n" -" ---------------------\n" -" Access granted: False\n" -" ---------------------\n" -" Not matched rules: my-second-rule\n" -" Not matched rules: myrule\n" -"\n" -" 4. Use all enabled HBAC rules in IPA database + explicitly specified " -"rules:\n" -" $ ipa hbactest --user=a1a --host=bar --service=sshd \\\n" -" --rules=myrule --rules=my-second-rule --enabled\n" -" --------------------\n" -" Access granted: True\n" -" --------------------\n" -" Not matched rules: my-second-rule\n" -" Not matched rules: my-third-rule\n" -" Not matched rules: myrule\n" -" Matched rules: allow_all\n" -"\n" -" 5. Test all disabled HBAC rules in IPA database:\n" -" $ ipa hbactest --user=a1a --host=bar --service=sshd --disabled\n" -" ---------------------\n" -" Access granted: False\n" -" ---------------------\n" -" Not matched rules: new-rule\n" -"\n" -" 6. Test all disabled HBAC rules in IPA database + explicitly specified " -"rules:\n" -" $ ipa hbactest --user=a1a --host=bar --service=sshd \\\n" -" --rules=myrule --rules=my-second-rule --disabled\n" -" ---------------------\n" -" Access granted: False\n" -" ---------------------\n" -" Not matched rules: my-second-rule\n" -" Not matched rules: my-third-rule\n" -" Not matched rules: myrule\n" -"\n" -" 7. Test all (enabled and disabled) HBAC rules in IPA database:\n" -" $ ipa hbactest --user=a1a --host=bar --service=sshd \\\n" -" --enabled --disabled\n" -" --------------------\n" -" Access granted: True\n" -" --------------------\n" -" Not matched rules: my-second-rule\n" -" Not matched rules: my-third-rule\n" -" Not matched rules: myrule\n" -" Not matched rules: new-rule\n" -" Matched rules: allow_all\n" -"\n" -"\n" -"HBACTEST AND TRUSTED DOMAINS\n" -"\n" -"When an external trusted domain is configured in IPA, HBAC rules are also " -"applied\n" -"on users accessing IPA resources from the trusted domain. Trusted domain " -"users and\n" -"groups (and their SIDs) can be then assigned to external groups which can " -"be\n" -"members of POSIX groups in IPA which can be used in HBAC rules and thus " -"allowing\n" -"access to resources protected by the HBAC system.\n" -"\n" -"hbactest plugin is capable of testing access for both local IPA users and " -"users\n" -"from the trusted domains, either by a fully qualified user name or by user " -"SID.\n" -"Such user names need to have a trusted domain specified as a short name\n" -"(DOMAIN\\Administrator) or with a user principal name (UPN), " -"Administrator@ad.test.\n" -"\n" -"Please note that hbactest executed with a trusted domain user as --user " -"parameter\n" -"can be only run by members of \"trust admins\" group.\n" -"\n" -"EXAMPLES:\n" -"\n" -" 1. Test if a user from a trusted domain specified by its shortname " -"matches any\n" -" rule:\n" -"\n" -" $ ipa hbactest --user 'DOMAIN\\Administrator' --host `hostname` --" -"service sshd\n" -" --------------------\n" -" Access granted: True\n" -" --------------------\n" -" Matched rules: allow_all\n" -" Matched rules: can_login\n" -"\n" -" 2. Test if a user from a trusted domain specified by its domain name " -"matches\n" -" any rule:\n" -"\n" -" $ ipa hbactest --user 'Administrator@domain.com' --host `hostname` --" -"service sshd\n" -" --------------------\n" -" Access granted: True\n" -" --------------------\n" -" Matched rules: allow_all\n" -" Matched rules: can_login\n" -"\n" -" 3. Test if a user from a trusted domain specified by its SID matches any " -"rule:\n" -"\n" -" $ ipa hbactest --user S-1-5-21-3035198329-144811719-1378114514-500 \\\n" -" --host `hostname` --service sshd\n" -" --------------------\n" -" Access granted: True\n" -" --------------------\n" -" Matched rules: allow_all\n" -" Matched rules: can_login\n" -"\n" -" 4. Test if other user from a trusted domain specified by its SID matches " -"any rule:\n" -"\n" -" $ ipa hbactest --user S-1-5-21-3035198329-144811719-1378114514-1203 \\\n" -" --host `hostname` --service sshd\n" -" --------------------\n" -" Access granted: True\n" -" --------------------\n" -" Matched rules: allow_all\n" -" Not matched rules: can_login\n" -"\n" -" 5. Test if other user from a trusted domain specified by its shortname " -"matches\n" -" any rule:\n" -"\n" -" $ ipa hbactest --user 'DOMAIN\\Otheruser' --host `hostname` --service " -"sshd\n" -" --------------------\n" -" Access granted: True\n" -" --------------------\n" -" Matched rules: allow_all\n" -" Not matched rules: can_login\n" -msgstr "" - -msgid "Simulate use of Host-based access controls" -msgstr "" - -#, fuzzy -#| msgid "Target" -msgid "Target host" -msgstr "Мақсад" - -msgid "Rules to test. If not specified, --enabled is assumed" -msgstr "" - -msgid "Hide details which rules are matched, not matched, or invalid" -msgstr "" - -msgid "Include all enabled IPA rules into test [default]" -msgstr "" - -msgid "Include all disabled IPA rules into test" -msgstr "" - -msgid "Maximum number of rules to process when no --rules is specified" -msgstr "" - -msgid "Warning" -msgstr "" - -msgid "Matched rules" -msgstr "" - -msgid "Not matched rules" -msgstr "" - -msgid "Non-existent or invalid rules" -msgstr "" - -msgid "Result of simulation" -msgstr "" - -msgid "" -"\n" -"Cross-realm trusts\n" -"\n" -"Manage trust relationship between IPA and Active Directory domains.\n" -"\n" -"In order to allow users from a remote domain to access resources in IPA\n" -"domain, trust relationship needs to be established. Currently IPA supports\n" -"only trusts between IPA and Active Directory domains under control of " -"Windows\n" -"Server 2008 or later, with functional level 2008 or later.\n" -"\n" -"Please note that DNS on both IPA and Active Directory domain sides should " -"be\n" -"configured properly to discover each other. Trust relationship relies on\n" -"ability to discover special resources in the other domain via DNS records.\n" -"\n" -"Examples:\n" -"\n" -"1. Establish cross-realm trust with Active Directory using AD administrator\n" -" credentials:\n" -"\n" -" ipa trust-add --type=ad --admin --" -"password\n" -"\n" -"2. List all existing trust relationships:\n" -"\n" -" ipa trust-find\n" -"\n" -"3. Show details of the specific trust relationship:\n" -"\n" -" ipa trust-show \n" -"\n" -"4. Delete existing trust relationship:\n" -"\n" -" ipa trust-del \n" -"\n" -"Once trust relationship is established, remote users will need to be mapped\n" -"to local POSIX groups in order to actually use IPA resources. The mapping " -"should\n" -"be done via use of external membership of non-POSIX group and then this " -"group\n" -"should be included into one of local POSIX groups.\n" -"\n" -"Example:\n" -"\n" -"1. Create group for the trusted domain admins' mapping and their local POSIX " -"group:\n" -"\n" -" ipa group-add --desc=' admins external map' ad_admins_external " -"--external\n" -" ipa group-add --desc=' admins' ad_admins\n" -"\n" -"2. Add security identifier of Domain Admins of the to the " -"ad_admins_external\n" -" group:\n" -"\n" -" ipa group-add-member ad_admins_external --external 'AD\\Domain Admins'\n" -"\n" -"3. Allow members of ad_admins_external group to be associated with ad_admins " -"POSIX group:\n" -"\n" -" ipa group-add-member ad_admins --groups ad_admins_external\n" -"\n" -"4. List members of external members of ad_admins_external group to see their " -"SIDs:\n" -"\n" -" ipa group-show ad_admins_external\n" -"\n" -"\n" -"GLOBAL TRUST CONFIGURATION\n" -"\n" -"When IPA AD trust subpackage is installed and ipa-adtrust-install is run,\n" -"a local domain configuration (SID, GUID, NetBIOS name) is generated. These\n" -"identifiers are then used when communicating with a trusted domain of the\n" -"particular type.\n" -"\n" -"1. Show global trust configuration for Active Directory type of trusts:\n" -"\n" -" ipa trustconfig-show --type ad\n" -"\n" -"2. Modify global configuration for all trusts of Active Directory type and " -"set\n" -" a different fallback primary group (fallback primary group GID is used " -"as\n" -" a primary user GID if user authenticating to IPA domain does not have any " -"other\n" -" primary GID already set):\n" -"\n" -" ipa trustconfig-mod --type ad --fallback-primary-group \"alternative AD " -"group\"\n" -"\n" -"3. Change primary fallback group back to default hidden group (any group " -"with\n" -" posixGroup object class is allowed):\n" -"\n" -" ipa trustconfig-mod --type ad --fallback-primary-group \"Default SMB Group" -"\"\n" -msgstr "" - -msgid "Domain NetBIOS name" -msgstr "" - -msgid "Domain Security Identifier" -msgstr "" - -msgid "SID blacklist incoming" -msgstr "" - -msgid "SID blacklist outgoing" -msgstr "" - -msgid "Security Identifier" -msgstr "" - -#, fuzzy -#| msgid "ACI name" -msgid "NetBIOS name" -msgstr "Номи ACI" - -msgid "Domain GUID" -msgstr "" - -msgid "Fallback primary group" -msgstr "" - -#, fuzzy -#| msgid "Display name" -msgid "Domain name" -msgstr "Номи намоишӣ" - -msgid "Trusted domain partner" -msgstr "" - -msgid "Determine whether ipa-adtrust-install has been run on this system" -msgstr "" - -msgid "" -"Determine whether Schema Compatibility plugin is configured to serve trusted " -"domain users and groups" -msgstr "" - -msgid "Determine whether ipa-adtrust-install has been run with sidgen task" -msgstr "" - -msgid "" -"\n" -"Add new trust to use.\n" -"\n" -"This command establishes trust relationship to another domain\n" -"which becomes 'trusted'. As result, users of the trusted domain\n" -"may access resources of this domain.\n" -"\n" -"Only trusts to Active Directory domains are supported right now.\n" -"\n" -"The command can be safely run multiple times against the same domain,\n" -"this will cause change to trust relationship credentials on both\n" -"sides.\n" -" " -msgstr "" - -msgid "Trust type (ad for Active Directory, default)" -msgstr "" - -msgid "Active Directory domain administrator" -msgstr "" - -msgid "Active Directory domain administrator's password" -msgstr "" - -msgid "Domain controller for the Active Directory domain (optional)" -msgstr "" - -msgid "Shared secret for the trust" -msgstr "" - -msgid "First Posix ID of the range reserved for the trusted domain" -msgstr "" - -msgid "Size of the ID range reserved for the trusted domain" -msgstr "" - -msgid "Range type" -msgstr "" - -msgid "" -"Type of trusted domain ID range, one of ipa-ad-trust-posix, ipa-ad-trust" -msgstr "" - -#, fuzzy -#| msgid "Delete all?" -msgid "Delete a trust." -msgstr "Ҳамаро нест мекунед?" - -msgid "Refresh list of the domains associated with the trust" -msgstr "" - -msgid "Search for trusts." -msgstr "" - -msgid "Results should contain primary key attribute only (\"realm\")" -msgstr "" - -msgid "" -"\n" -"Modify a trust (for future use).\n" -"\n" -" Currently only the default option to modify the LDAP attributes is\n" -" available. More specific options will be added in coming releases.\n" -" " -msgstr "" - -msgid "Resolve security identifiers of users and groups in trusted domains" -msgstr "" - -msgid "Security Identifiers (SIDs)" -msgstr "" - -msgid "Display information about a trust." -msgstr "" - -msgid "Modify global trust configuration." -msgstr "" - -msgid "Show global trust configuration." -msgstr "" - -msgid "Allow access from the trusted domain" -msgstr "" - -msgid "Remove information about the domain associated with the trust." -msgstr "" - -msgid "Disable use of IPA resources by the domain of the trust" -msgstr "" - -msgid "Allow use of IPA resources by the domain of the trust" -msgstr "" - -msgid "Search domains of the trust" -msgstr "" - -msgid "Results should contain primary key attribute only (\"domain\")" -msgstr "" - -msgid "Modify trustdomain of the trust" -msgstr "" - -msgid "" -"\n" -"ID ranges\n" -"\n" -"Manage ID ranges used to map Posix IDs to SIDs and back.\n" -"\n" -"There are two type of ID ranges which are both handled by this utility:\n" -"\n" -" - the ID ranges of the local domain\n" -" - the ID ranges of trusted remote domains\n" -"\n" -"Both types have the following attributes in common:\n" -"\n" -" - base-id: the first ID of the Posix ID range\n" -" - range-size: the size of the range\n" -"\n" -"With those two attributes a range object can reserve the Posix IDs starting\n" -"with base-id up to but not including base-id+range-size exclusively.\n" -"\n" -"Additionally an ID range of the local domain may set\n" -" - rid-base: the first RID(*) of the corresponding RID range\n" -" - secondary-rid-base: first RID of the secondary RID range\n" -"\n" -"and an ID range of a trusted domain must set\n" -" - rid-base: the first RID of the corresponding RID range\n" -" - sid: domain SID of the trusted domain\n" -"\n" -"\n" -"\n" -"EXAMPLE: Add a new ID range for a trusted domain\n" -"\n" -"Since there might be more than one trusted domain the domain SID must be " -"given\n" -"while creating the ID range.\n" -"\n" -" ipa idrange-add --base-id=1200000 --range-size=200000 --rid-" -"base=0 --dom-sid=S-1-5-21-123-456-789 trusted_dom_range\n" -"\n" -"This ID range is then used by the IPA server and the SSSD IPA provider to\n" -"assign Posix UIDs to users from the trusted domain.\n" -"\n" -"If e.g. a range for a trusted domain is configured with the following " -"values:\n" -" base-id = 1200000\n" -" range-size = 200000\n" -" rid-base = 0\n" -"the RIDs 0 to 199999 are mapped to the Posix ID from 1200000 to 13999999. " -"So\n" -"RID 1000 <-> Posix ID 1201000\n" -"\n" -"\n" -"\n" -"EXAMPLE: Add a new ID range for the local domain\n" -"\n" -"To create an ID range for the local domain it is not necessary to specify a\n" -"domain SID. But since it is possible that a user and a group can have the " -"same\n" -"value as Posix ID a second RID interval is needed to handle conflicts.\n" -"\n" -" ipa idrange-add --base-id=1200000 --range-size=200000 --rid-" -"base=1000 --secondary-rid-base=1000000 local_range\n" -"\n" -"The data from the ID ranges of the local domain are used by the IPA server\n" -"internally to assign SIDs to IPA users and groups. The SID will then be " -"stored\n" -"in the user or group objects.\n" -"\n" -"If e.g. the ID range for the local domain is configured with the values " -"from\n" -"the example above then a new user with the UID 1200007 will get the RID " -"1007.\n" -"If this RID is already used by a group the RID will be 1000007. This can " -"only\n" -"happen if a user or a group object was created with a fixed ID because the\n" -"automatic assignment will not assign the same ID twice. Since there are " -"only\n" -"users and groups sharing the same ID namespace it is sufficient to have " -"only\n" -"one fallback range to handle conflicts.\n" -"\n" -"To find the Posix ID for a given RID from the local domain it has to be\n" -"checked first if the RID falls in the primary or secondary RID range and\n" -"the rid-base or the secondary-rid-base has to be subtracted, respectively,\n" -"and the base-id has to be added to get the Posix ID.\n" -"\n" -"Typically the creation of ID ranges happens behind the scenes and this CLI\n" -"must not be used at all. The ID range for the local domain will be created\n" -"during installation or upgrade from an older version. The ID range for a\n" -"trusted domain will be created together with the trust by 'ipa trust-" -"add ...'.\n" -"\n" -"USE CASES:\n" -"\n" -" Add an ID range from a transitively trusted domain\n" -"\n" -" If the trusted domain (A) trusts another domain (B) as well and this " -"trust\n" -" is transitive 'ipa trust-add domain-A' will only create a range for\n" -" domain A. The ID range for domain B must be added manually.\n" -"\n" -" Add an additional ID range for the local domain\n" -"\n" -" If the ID range of the local domain is exhausted, i.e. no new IDs can " -"be\n" -" assigned to Posix users or groups by the DNA plugin, a new range has to " -"be\n" -" created to allow new users and groups to be added. (Currently there is " -"no\n" -" connection between this range CLI and the DNA plugin, but a future " -"version\n" -" might be able to modify the configuration of the DNS plugin as well)\n" -"\n" -"In general it is not necessary to modify or delete ID ranges. If there is " -"no\n" -"other way to achieve a certain configuration than to modify or delete an ID\n" -"range it should be done with great care. Because UIDs are stored in the " -"file\n" -"system and are used for access control it might be possible that users are\n" -"allowed to access files of other users if an ID range got deleted and " -"reused\n" -"for a different domain.\n" -"\n" -"(*) The RID is typically the last integer of a user or group SID which " -"follows\n" -"the domain SID. E.g. if the domain SID is S-1-5-21-123-456-789 and a user " -"from\n" -"this domain has the SID S-1-5-21-123-456-789-1010 then 1010 is the RID of " -"the\n" -"user. RIDs are unique in a domain, 32bit values and are used for users and\n" -"groups.\n" -"\n" -"WARNING:\n" -"\n" -"DNA plugin in 389-ds will allocate IDs based on the ranges configured for " -"the\n" -"local domain. Currently the DNA plugin *cannot* be reconfigured itself " -"based\n" -"on the local ranges set via this family of commands.\n" -"\n" -"Manual configuration change has to be done in the DNA plugin configuration " -"for\n" -"the new local range. Specifically, The dnaNextRange attribute of 'cn=Posix\n" -"IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has to " -"be\n" -"modified to match the new range.\n" -msgstr "" - -#, fuzzy -#| msgid "Rename" -msgid "Range name" -msgstr "Азнавномгузорӣ" - -msgid "First Posix ID of the range" -msgstr "" - -msgid "Number of IDs in the range" -msgstr "" - -msgid "First RID of the corresponding RID range" -msgstr "" - -msgid "First RID of the secondary RID range" -msgstr "" - -msgid "Domain SID of the trusted domain" -msgstr "" - -msgid "Name of the trusted domain" -msgstr "" - -msgid "ID range type, one of ipa-ad-trust-posix, ipa-ad-trust, ipa-local" -msgstr "" - -msgid "" -"\n" -"Add new ID range.\n" -"\n" -" To add a new ID range you always have to specify\n" -"\n" -" --base-id\n" -" --range-size\n" -"\n" -" Additionally\n" -"\n" -" --rid-base\n" -" --secondary-rid-base\n" -"\n" -" may be given for a new ID range for the local domain while\n" -"\n" -" --rid-base\n" -" --dom-sid\n" -"\n" -" must be given to add a new range for a trusted AD domain.\n" -"\n" -" WARNING:\n" -"\n" -" DNA plugin in 389-ds will allocate IDs based on the ranges configured " -"for the\n" -" local domain. Currently the DNA plugin *cannot* be reconfigured itself " -"based\n" -" on the local ranges set via this family of commands.\n" -"\n" -" Manual configuration change has to be done in the DNA plugin " -"configuration for\n" -" the new local range. Specifically, The dnaNextRange attribute of " -"'cn=Posix\n" -" IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has " -"to be\n" -" modified to match the new range.\n" -" " -msgstr "" - -msgid "Delete an ID range." -msgstr "" - -msgid "Search for ranges." -msgstr "" - -msgid "Modify ID range." -msgstr "" - -msgid "Display information about a range." -msgstr "" - -msgid "Time limit of search in seconds (0 is unlimited)" -msgstr "" - -msgid "Maximum number of entries returned (0 is unlimited)" -msgstr "" - -msgid "" -"\n" -"Manage CA ACL rules.\n" -"\n" -"This plugin is used to define rules governing which principals are\n" -"permitted to have certificates issued using a given certificate\n" -"profile.\n" -"\n" -"PROFILE ID SYNTAX:\n" -"\n" -"A Profile ID is a string without spaces or punctuation starting with a " -"letter\n" -"and followed by a sequence of letters, digits or underscore (\"_\").\n" -"\n" -"EXAMPLES:\n" -"\n" -" Create a CA ACL \"test\" that grants all users access to the\n" -" \"UserCert\" profile:\n" -" ipa caacl-add test --usercat=all\n" -" ipa caacl-add-profile test --certprofiles UserCert\n" -"\n" -" Display the properties of a named CA ACL:\n" -" ipa caacl-show test\n" -"\n" -" Create a CA ACL to let user \"alice\" use the \"DNP3\" profile:\n" -" ipa caacl-add-profile alice_dnp3 --certprofiles DNP3\n" -" ipa caacl-add-user alice_dnp3 --user=alice\n" -"\n" -" Disable a CA ACL:\n" -" ipa caacl-disable test\n" -"\n" -" Remove a CA ACL:\n" -" ipa caacl-del test\n" -msgstr "" - -#, fuzzy -#| msgid "ACI name" -msgid "ACL name" -msgstr "Номи ACI" - -msgid "Profile category" -msgstr "" - -msgid "Profile category the ACL applies to" -msgstr "" - -msgid "User category the ACL applies to" -msgstr "" - -msgid "Host category the ACL applies to" -msgstr "" - -msgid "Service category the ACL applies to" -msgstr "" - -msgid "Profiles" -msgstr "" - -msgid "Create a new CA ACL." -msgstr "" - -msgid "Add target hosts and hostgroups to a CA ACL." -msgstr "" - -msgid "Add profiles to a CA ACL." -msgstr "" - -msgid "member Certificate Profile" -msgstr "" - -msgid "Certificate Profiles to add" -msgstr "" - -msgid "Add services to a CA ACL." -msgstr "" - -msgid "Add users and groups to a CA ACL." -msgstr "" - -msgid "Delete a CA ACL." -msgstr "" - -msgid "Disable a CA ACL." -msgstr "" - -msgid "Enable a CA ACL." -msgstr "" - -msgid "Search for CA ACLs." -msgstr "" - -msgid "Modify a CA ACL." -msgstr "" - -msgid "Remove target hosts and hostgroups from a CA ACL." -msgstr "" - -msgid "Remove profiles from a CA ACL." -msgstr "" - -msgid "Certificate Profiles to remove" -msgstr "" - -msgid "Remove services from a CA ACL." -msgstr "" - -msgid "Remove users and groups from a CA ACL." -msgstr "" - -msgid "Display the properties of a CA ACL." -msgstr "" - -msgid "" -"\n" -"Manage Certificate Profiles\n" -"\n" -"Certificate Profiles are used by Certificate Authority (CA) in the signing " -"of\n" -"certificates to determine if a Certificate Signing Request (CSR) is " -"acceptable,\n" -"and if so what features and extensions will be present on the certificate.\n" -"\n" -"The Certificate Profile format is the property-list format understood by " -"the\n" -"Dogtag or Red Hat Certificate System CA.\n" -"\n" -"PROFILE ID SYNTAX:\n" -"\n" -"A Profile ID is a string without spaces or punctuation starting with a " -"letter\n" -"and followed by a sequence of letters, digits or underscore (\"_\").\n" -"\n" -"EXAMPLES:\n" -"\n" -" Import a profile that will not store issued certificates:\n" -" ipa certprofile-import ShortLivedUserCert --file UserCert.profile " -"--desc \"User Certificates\" --store=false\n" -"\n" -" Delete a certificate profile:\n" -" ipa certprofile-del ShortLivedUserCert\n" -"\n" -" Show information about a profile:\n" -" ipa certprofile-show ShortLivedUserCert\n" -"\n" -" Save profile configuration to a file:\n" -" ipa certprofile-show caIPAserviceCert --out caIPAserviceCert.cfg\n" -"\n" -" Search for profiles that do not store certificates:\n" -" ipa certprofile-find --store=false\n" -"\n" -"PROFILE CONFIGURATION FORMAT:\n" -"\n" -"The profile configuration format is the raw property-list format\n" -"used by Dogtag Certificate System. The XML format is not supported.\n" -"\n" -"The following restrictions apply to profiles managed by FreeIPA:\n" -"\n" -"- When importing a profile the \"profileId\" field, if present, must\n" -" match the ID given on the command line.\n" -"\n" -"- The \"classId\" field must be set to \"caEnrollImpl\"\n" -"\n" -"- The \"auth.instance_id\" field must be set to \"raCertAuth\"\n" -"\n" -"- The \"certReqInputImpl\" input class and \"certOutputImpl\" output\n" -" class must be used.\n" -msgstr "" - -msgid "Profile ID for referring to this profile" -msgstr "" - -#, fuzzy -#| msgid "description" -msgid "Profile description" -msgstr "шарҳ" - -msgid "Brief description of this profile" -msgstr "" - -msgid "Store issued certificates" -msgstr "" - -msgid "Whether to store certs issued using this profile" -msgstr "" - -msgid "Delete a Certificate Profile." -msgstr "" - -msgid "Search for Certificate Profiles." -msgstr "" - -msgid "Import a Certificate Profile." -msgstr "" - -msgid "Filename of a raw profile. The XML format is not supported." -msgstr "" - -msgid "Modify Certificate Profile configuration." -msgstr "" - -msgid "File containing profile configuration" -msgstr "" - -msgid "Display the properties of a Certificate Profile." -msgstr "" - -msgid "Write profile configuration to file" -msgstr "" - -msgid "Maximum amount of time (seconds) for a search (-1 or 0 is unlimited)" -msgstr "" - -msgid "Maximum number of records to search (-1 or 0 is unlimited)" -msgstr "" - -msgid "" -"\n" -"Raise the IPA Domain Level.\n" -msgstr "" - -msgid "Query current Domain Level." -msgstr "" - -msgid "Current domain level:" -msgstr "" - -msgid "Change current Domain Level." -msgstr "" - -msgid "Domain Level" -msgstr "" - -msgid "Add certificates to host entry" -msgstr "" - -msgid "Remove certificates from host entry" -msgstr "" - -msgid "Fallback to AD DC LDAP" -msgstr "" - -msgid "" -"Allow falling back to AD DC LDAP when resolving AD trusted objects. For two-" -"way trusts only." -msgstr "" - -msgid "" -"Applies ID View to specified hosts or current members of specified " -"hostgroups. If any other ID View is applied to the host, it is overridden." -msgstr "" - -msgid "Add to default group" -msgstr "" - -msgid "Add migrated users without a group to a default group (default: true)" -msgstr "" - -#, fuzzy -#| msgid "Search" -msgid "Search scope" -msgstr "Ҷустуҷӯ" - -msgid "" -"LDAP search scope for users and groups: base, onelevel, or subtree. Defaults " -"to onelevel" -msgstr "" - -msgid "Remove users that can manage this token." -msgstr "" - -msgid "Target DN subtree" -msgstr "" - -msgid "" -"Optional DN subtree where an entry can be moved to (must be in the subtree, " -"but may not yet exist)" -msgstr "" - -msgid "Origin DN subtree" -msgstr "" - -msgid "" -"Optional DN subtree from where an entry can be moved (must be in the " -"subtree, but may not yet exist)" -msgstr "" - -msgid "" -"\n" -"IPA servers\n" -"\n" -"Get information about installed IPA servers.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Find all servers:\n" -" ipa server-find\n" -"\n" -" Show specific server:\n" -" ipa server-show ipa.example.com\n" -msgstr "" - -#, fuzzy -#| msgid "Server Name" -msgid "Server name" -msgstr "Номи сервер" - -#, fuzzy -#| msgid "IPA Server" -msgid "IPA server hostname" -msgstr "Сервери IPA" - -msgid "Managed suffix" -msgstr "" - -msgid "Min domain level" -msgstr "" - -msgid "Minimum domain level" -msgstr "" - -msgid "Max domain level" -msgstr "" - -msgid "Maximum domain level" -msgstr "" - -#, fuzzy -#| msgid "IPA Server" -msgid "Delete IPA server." -msgstr "Сервери IPA" - -msgid "Search for IPA servers." -msgstr "" - -#, fuzzy -#| msgid "IPA Server" -msgid "Show IPA server." -msgstr "Сервери IPA" - -msgid "Add new certificates to a service" -msgstr "" - -msgid "Remove certificates from a service" -msgstr "" - -msgid "" -"\n" -"Service Constrained Delegation\n" -"\n" -"Manage rules to allow constrained delegation of credentials so\n" -"that a service can impersonate a user when communicating with another\n" -"service without requiring the user to actually forward their TGT.\n" -"This makes for a much better method of delegating credentials as it\n" -"prevents exposure of the short term secret of the user.\n" -"\n" -"The naming convention is to append the word \"target\" or \"targets\" to\n" -"a matching rule name. This is not mandatory but helps conceptually\n" -"to associate rules and targets.\n" -"\n" -"A rule consists of two things:\n" -" - A list of targets the rule applies to\n" -" - A list of memberPrincipals that are allowed to delegate for\n" -" those targets\n" -"\n" -"A target consists of a list of principals that can be delegated.\n" -"\n" -"In English, a rule says that this principal can delegate as this\n" -"list of principals, as defined by these targets.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a new constrained delegation rule:\n" -" ipa servicedelegationrule-add ftp-delegation\n" -"\n" -" Add a new constrained delegation target:\n" -" ipa servicedelegationtarget-add ftp-delegation-target\n" -"\n" -" Add a principal to the rule:\n" -" ipa servicedelegationrule-add-member --principals=ftp/ipa.example." -"com ftp-delegation\n" -"\n" -" Add our target to the rule:\n" -" ipa servicedelegationrule-add-target --servicedelegationtargets=ftp-" -"delegation-target ftp-delegation\n" -"\n" -" Add a principal to the target:\n" -" ipa servicedelegationtarget-add-member --principals=ldap/ipa.example." -"com ftp-delegation-target\n" -"\n" -" Display information about a named delegation rule and target:\n" -" ipa servicedelegationrule_show ftp-delegation\n" -" ipa servicedelegationtarget_show ftp-delegation-target\n" -"\n" -" Remove a constrained delegation:\n" -" ipa servicedelegationrule-del ftp-delegation-target\n" -" ipa servicedelegationtarget-del ftp-delegation\n" -"\n" -"In this example the ftp service can get a TGT for the ldap service on\n" -"the bound user's behalf.\n" -"\n" -"It is strongly discouraged to modify the delegations that ship with\n" -"IPA, ipa-http-delegation and its targets ipa-cifs-delegation-targets and\n" -"ipa-ldap-delegation-targets. Incorrect changes can remove the ability\n" -"to delegate, causing the framework to stop functioning.\n" -msgstr "" - -#, fuzzy -#| msgid "Target" -msgid "Allowed Target" -msgstr "Мақсад" - -msgid "Create a new service delegation rule." -msgstr "" - -msgid "Add member to a named service delegation rule." -msgstr "" - -#, fuzzy -#| msgid "Principal" -msgid "member principal" -msgstr "Асосӣ" - -#, fuzzy -#| msgid "Principal" -msgid "principal to add" -msgstr "Асосӣ" - -msgid "Add target to a named service delegation rule." -msgstr "" - -msgid "member service delegation target" -msgstr "" - -msgid "service delegation targets to add" -msgstr "" - -msgid "Delete service delegation." -msgstr "" - -msgid "Search for service delegations rule." -msgstr "" - -msgid "Results should contain primary key attribute only (\"delegation-name\")" -msgstr "" - -msgid "Remove member from a named service delegation rule." -msgstr "" - -msgid "principal to remove" -msgstr "" - -msgid "Remove target from a named service delegation rule." -msgstr "" - -msgid "service delegation targets to remove" -msgstr "" - -msgid "Display information about a named service delegation rule." -msgstr "" - -msgid "Create a new service delegation target." -msgstr "" - -msgid "Add member to a named service delegation target." -msgstr "" - -msgid "Delete service delegation target." -msgstr "" - -msgid "Search for service delegation target." -msgstr "" - -msgid "Remove member from a named service delegation target." -msgstr "" - -msgid "Display information about a named service delegation target." -msgstr "" - -msgid "" -"\n" -"Stageusers\n" -"\n" -"Manage stage user entries.\n" -"\n" -"Stage user entries are directly under the container: \"cn=stage users,\n" -"cn=accounts, cn=provisioning, SUFFIX\".\n" -"User can not authenticate with those entries (even if the entries\n" -"contain credentials) and are candidate to become Active entries.\n" -"\n" -"Active user entries are Posix users directly under the container: " -"\"cn=accounts, SUFFIX\".\n" -"User can authenticate with Active entries, at the condition they have\n" -"credentials\n" -"\n" -"Delete user entries are Posix users directly under the container: " -"\"cn=deleted users,\n" -"cn=accounts, cn=provisioning, SUFFIX\".\n" -"User can not authenticate with those entries (even if the entries contain " -"credentials)\n" -"\n" -"The stage user container contains entries\n" -" - created by 'stageuser-add' commands that are Posix users\n" -" - created by external provisioning system\n" -"\n" -"A valid stage user entry MUST:\n" -" - entry RDN is 'uid'\n" -" - ipaUniqueID is 'autogenerate'\n" -"\n" -"IPA supports a wide range of username formats, but you need to be aware of " -"any\n" -"restrictions that may apply to your particular environment. For example,\n" -"usernames that start with a digit or usernames that exceed a certain length\n" -"may cause problems for some UNIX systems.\n" -"Use 'ipa config-mod' to change the username format allowed by IPA tools.\n" -"\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a new stageuser:\n" -" ipa stageuser-add --first=Tim --last=User --password tuser1\n" -"\n" -" Add a stageuser from the Delete container\n" -" ipa stageuser-add --first=Tim --last=User --from-delete tuser1\n" -msgstr "" - -msgid "Activate a stage user." -msgstr "" - -msgid "Add a new stage user." -msgstr "" - -msgid "Create Stage user in from a delete user" -msgstr "" - -msgid "Delete a stage user." -msgstr "" - -msgid "Search for stage users." -msgstr "" - -msgid "Search for stage users with these member of groups." -msgstr "" - -msgid "Search for stage users without these member of groups." -msgstr "" - -msgid "Search for stage users with these member of netgroups." -msgstr "" - -msgid "Search for stage users without these member of netgroups." -msgstr "" - -msgid "Search for stage users with these member of roles." -msgstr "" - -msgid "Search for stage users without these member of roles." -msgstr "" - -msgid "Search for stage users with these member of HBAC rules." -msgstr "" - -msgid "Search for stage users without these member of HBAC rules." -msgstr "" - -msgid "Search for stage users with these member of sudo rules." -msgstr "" - -msgid "Search for stage users without these member of sudo rules." -msgstr "" - -msgid "Modify a stage user." -msgstr "" - -msgid "Rename the stage user object" -msgstr "" - -msgid "Display information about a stage user." -msgstr "" - -msgid "" -"\n" -"Topology\n" -"\n" -"Management of a replication topology.\n" -"\n" -"Requires minimum domain level 1.\n" -msgstr "" - -msgid "Segment name" -msgstr "" - -msgid "Arbitrary string identifying the segment" -msgstr "" - -msgid "Left node" -msgstr "" - -msgid "Left replication node - an IPA server" -msgstr "" - -msgid "Right node" -msgstr "" - -msgid "Right replication node - an IPA server" -msgstr "" - -msgid "Connectivity" -msgstr "" - -msgid "Direction of replication between left and right replication node" -msgstr "" - -#, fuzzy -#| msgid "Attributes" -msgid "Attributes to strip" -msgstr "Аттрибутҳо" - -msgid "" -"A space separated list of attributes which are removed from replication " -"updates." -msgstr "" - -#, fuzzy -#| msgid "Attributes" -msgid "Attributes to replicate" -msgstr "Аттрибутҳо" - -msgid "" -"Attributes that are not replicated to a consumer server during a fractional " -"update. E.g., `(objectclass=*) $ EXCLUDE accountlockout memberof" -msgstr "" - -msgid "Attributes for total update" -msgstr "" - -msgid "" -"Attributes that are not replicated to a consumer server during a total " -"update. E.g. (objectclass=*) $ EXCLUDE accountlockout" -msgstr "" - -msgid "Session timeout" -msgstr "" - -msgid "" -"Number of seconds outbound LDAP operations waits for a response from the " -"remote replica before timing out and failing" -msgstr "" - -msgid "Replication agreement enabled" -msgstr "" - -msgid "" -"Whether a replication agreement is active, meaning whether replication is " -"occurring per that agreement" -msgstr "" - -#, fuzzy -#| msgid "filename" -msgid "Suffix name" -msgstr "номи файл" - -msgid "LDAP suffix to be managed" -msgstr "" - -msgid "Add a new segment." -msgstr "" - -msgid "Delete a segment." -msgstr "" - -msgid "Search for topology segments." -msgstr "" - -msgid "Modify a segment." -msgstr "" - -msgid "" -"Request a full re-initialization of the node retrieving data from the other " -"node." -msgstr "" - -msgid "Initialize left node" -msgstr "" - -msgid "Initialize right node" -msgstr "" - -msgid "Stop already started refresh of chosen node(s)" -msgstr "" - -#, fuzzy -#| msgid "Display name" -msgid "Display a segment." -msgstr "Номи намоишӣ" - -msgid "Add a new topology suffix to be managed." -msgstr "" - -msgid "Delete a topology suffix." -msgstr "" - -msgid "Search for topology suffices." -msgstr "" - -msgid "Modify a topology suffix." -msgstr "" - -msgid "Show managed suffix." -msgstr "" - -msgid "" -"\n" -"Verify replication topology for suffix.\n" -"\n" -"Checks done:\n" -" 1. check if a topology is not disconnected. In other words if there are\n" -" replication paths between all servers.\n" -" 2. check if servers don't have more than the recommended number of\n" -" replication agreements\n" -" " -msgstr "" - -msgid "Preserved user" -msgstr "" - -msgid "Add one or more certificates to the user entry" -msgstr "" - -msgid "Remove one or more certificates to the user entry" -msgstr "" - -msgid "Move deleted user into staged area" -msgstr "" - -msgid "Undelete a delete user account." -msgstr "" - -msgid "" -"\n" -"Vaults\n" -"\n" -"Manage vaults.\n" -"\n" -"Vault is a secure place to store a secret.\n" -"\n" -"Based on the ownership there are three vault categories:\n" -"* user/private vault\n" -"* service vault\n" -"* shared vault\n" -"\n" -"User vaults are vaults owned used by a particular user. Private\n" -"vaults are vaults owned the current user. Service vaults are\n" -"vaults owned by a service. Shared vaults are owned by the admin\n" -"but they can be used by other users or services.\n" -"\n" -"Based on the security mechanism there are three types of\n" -"vaults:\n" -"* standard vault\n" -"* symmetric vault\n" -"* asymmetric vault\n" -"\n" -"Standard vault uses a secure mechanism to transport and\n" -"store the secret. The secret can only be retrieved by users\n" -"that have access to the vault.\n" -"\n" -"Symmetric vault is similar to the standard vault, but it\n" -"pre-encrypts the secret using a password before transport.\n" -"The secret can only be retrieved using the same password.\n" -"\n" -"Asymmetric vault is similar to the standard vault, but it\n" -"pre-encrypts the secret using a public key before transport.\n" -"The secret can only be retrieved using the private key.\n" -"\n" -"EXAMPLES:\n" -"\n" -" List vaults:\n" -" ipa vault-find\n" -" [--user |--service |--shared]\n" -"\n" -" Add a standard vault:\n" -" ipa vault-add \n" -" [--user |--service |--shared]\n" -" --type standard\n" -"\n" -" Add a symmetric vault:\n" -" ipa vault-add \n" -" [--user |--service |--shared]\n" -" --type symmetric --password-file password.txt\n" -"\n" -" Add an asymmetric vault:\n" -" ipa vault-add \n" -" [--user |--service |--shared]\n" -" --type asymmetric --public-key-file public.pem\n" -"\n" -" Show a vault:\n" -" ipa vault-show \n" -" [--user |--service |--shared]\n" -"\n" -" Modify vault description:\n" -" ipa vault-mod \n" -" [--user |--service |--shared]\n" -" --desc \n" -"\n" -" Modify vault type:\n" -" ipa vault-mod \n" -" [--user |--service |--shared]\n" -" --type \n" -" [old password/private key]\n" -" [new password/public key]\n" -"\n" -" Modify symmetric vault password:\n" -" ipa vault-mod \n" -" [--user |--service |--shared]\n" -" --change-password\n" -" ipa vault-mod \n" -" [--user |--service |--shared]\n" -" --old-password \n" -" --new-password \n" -" ipa vault-mod \n" -" [--user |--service |--shared]\n" -" --old-password-file \n" -" --new-password-file \n" -"\n" -" Modify asymmetric vault keys:\n" -" ipa vault-mod \n" -" [--user |--service |--shared]\n" -" --private-key-file \n" -" --public-key-file \n" -"\n" -" Delete a vault:\n" -" ipa vault-del \n" -" [--user |--service |--shared]\n" -"\n" -" Display vault configuration:\n" -" ipa vaultconfig-show\n" -"\n" -" Archive data into standard vault:\n" -" ipa vault-archive \n" -" [--user |--service |--shared]\n" -" --in \n" -"\n" -" Archive data into symmetric vault:\n" -" ipa vault-archive \n" -" [--user |--service |--shared]\n" -" --in \n" -" --password-file password.txt\n" -"\n" -" Archive data into asymmetric vault:\n" -" ipa vault-archive \n" -" [--user |--service |--shared]\n" -" --in \n" -"\n" -" Retrieve data from standard vault:\n" -" ipa vault-retrieve \n" -" [--user |--service |--shared]\n" -" --out \n" -"\n" -" Retrieve data from symmetric vault:\n" -" ipa vault-retrieve \n" -" [--user |--service |--shared]\n" -" --out \n" -" --password-file password.txt\n" -"\n" -" Retrieve data from asymmetric vault:\n" -" ipa vault-retrieve \n" -" [--user |--service |--shared]\n" -" --out --private-key-file private.pem\n" -"\n" -" Add vault owners:\n" -" ipa vault-add-owner \n" -" [--user |--service |--shared]\n" -" [--users ] [--groups ] [--services ]\n" -"\n" -" Delete vault owners:\n" -" ipa vault-remove-owner \n" -" [--user |--service |--shared]\n" -" [--users ] [--groups ] [--services ]\n" -"\n" -" Add vault members:\n" -" ipa vault-add-member \n" -" [--user |--service |--shared]\n" -" [--users ] [--groups ] [--services ]\n" -"\n" -" Delete vault members:\n" -" ipa vault-remove-member \n" -" [--user |--service |--shared]\n" -" [--users ] [--groups ] [--services ]\n" -msgstr "" - -#, fuzzy -#| msgid "Last name" -msgid "Vault name" -msgstr "Насаб" - -#, fuzzy -#| msgid "description" -msgid "Vault description" -msgstr "шарҳ" - -msgid "Vault type" -msgstr "" - -msgid "Salt" -msgstr "" - -msgid "Vault salt" -msgstr "" - -msgid "Public key" -msgstr "" - -msgid "Vault public key" -msgstr "" - -msgid "Owner users" -msgstr "" - -#, fuzzy -#| msgid "User group" -msgid "Owner groups" -msgstr "Гурӯҳи корбар" - -msgid "Owner services" -msgstr "" - -msgid "Failed owners" -msgstr "" - -#, fuzzy -#| msgid "Service" -msgid "Vault service" -msgstr "Хидмат" - -msgid "Shared vault" -msgstr "" - -msgid "Vault user" -msgstr "" - -msgid "Transport Certificate" -msgstr "" - -msgid "Service name of the service vault" -msgstr "" - -msgid "Username of the user vault" -msgstr "" - -msgid "Add members to a vault." -msgstr "" - -msgid "Add owners to a vault." -msgstr "" - -msgid "owner user" -msgstr "" - -#, fuzzy -#| msgid "User group" -msgid "owner group" -msgstr "Гурӯҳи корбар" - -#, fuzzy -#| msgid "Service" -msgid "owner service" -msgstr "Хидмат" - -msgid "Owners that could not be added" -msgstr "" - -msgid "Number of owners added" -msgstr "" - -msgid "Session key wrapped with transport certificate" -msgstr "" - -msgid "Vault data encrypted with session key" -msgstr "" - -msgid "Nonce" -msgstr "" - -#, fuzzy -#| msgid "Delete all?" -msgid "Delete a vault." -msgstr "Ҳамаро нест мекунед?" - -msgid "Search for vaults." -msgstr "" - -msgid "List all service vaults" -msgstr "" - -msgid "List all user vaults" -msgstr "" - -msgid "Remove members from a vault." -msgstr "" - -msgid "Remove owners from a vault." -msgstr "" - -msgid "Owners that could not be removed" -msgstr "" - -msgid "Number of owners removed" -msgstr "" - -msgid "Display information about a vault." -msgstr "" - -#, fuzzy -#| msgid "Configuration" -msgid "Show vault configuration." -msgstr "Ҷӯрсозӣ" - -msgid "Output file to store the transport certificate" -msgstr "" - -msgid "Add owners to a vault container." -msgstr "" - -msgid "Delete a vault container." -msgstr "" - -msgid "Remove owners from a vault container." -msgstr "" - -msgid "Display information about a vault container." -msgstr "" - -msgid "Certificate Profile to use" -msgstr "" - -msgid "Two-way trust" -msgstr "" - -msgid "" -"Establish bi-directional trust. By default trust is inbound one-way only." -msgstr "" - -msgid "" -"\n" -"ID ranges\n" -"\n" -"Manage ID ranges used to map Posix IDs to SIDs and back.\n" -"\n" -"There are two type of ID ranges which are both handled by this utility:\n" -"\n" -" - the ID ranges of the local domain\n" -" - the ID ranges of trusted remote domains\n" -"\n" -"Both types have the following attributes in common:\n" -"\n" -" - base-id: the first ID of the Posix ID range\n" -" - range-size: the size of the range\n" -"\n" -"With those two attributes a range object can reserve the Posix IDs starting\n" -"with base-id up to but not including base-id+range-size exclusively.\n" -"\n" -"Additionally an ID range of the local domain may set\n" -" - rid-base: the first RID(*) of the corresponding RID range\n" -" - secondary-rid-base: first RID of the secondary RID range\n" -"\n" -"and an ID range of a trusted domain must set\n" -" - rid-base: the first RID of the corresponding RID range\n" -" - sid: domain SID of the trusted domain\n" -"\n" -"\n" -"\n" -"EXAMPLE: Add a new ID range for a trusted domain\n" -"\n" -"Since there might be more than one trusted domain the domain SID must be " -"given\n" -"while creating the ID range.\n" -"\n" -" ipa idrange-add --base-id=1200000 --range-size=200000 --rid-" -"base=0 --dom-sid=S-1-5-21-123-456-789 trusted_dom_range\n" -"\n" -"This ID range is then used by the IPA server and the SSSD IPA provider to\n" -"assign Posix UIDs to users from the trusted domain.\n" -"\n" -"If e.g. a range for a trusted domain is configured with the following " -"values:\n" -" base-id = 1200000\n" -" range-size = 200000\n" -" rid-base = 0\n" -"the RIDs 0 to 199999 are mapped to the Posix ID from 1200000 to 13999999. " -"So\n" -"RID 1000 <-> Posix ID 1201000\n" -"\n" -"\n" -"\n" -"EXAMPLE: Add a new ID range for the local domain\n" -"\n" -"To create an ID range for the local domain it is not necessary to specify a\n" -"domain SID. But since it is possible that a user and a group can have the " -"same\n" -"value as Posix ID a second RID interval is needed to handle conflicts.\n" -"\n" -" ipa idrange-add --base-id=1200000 --range-size=200000 --rid-" -"base=1000 --secondary-rid-base=1000000 local_range\n" -"\n" -"The data from the ID ranges of the local domain are used by the IPA server\n" -"internally to assign SIDs to IPA users and groups. The SID will then be " -"stored\n" -"in the user or group objects.\n" -"\n" -"If e.g. the ID range for the local domain is configured with the values " -"from\n" -"the example above then a new user with the UID 1200007 will get the RID " -"1007.\n" -"If this RID is already used by a group the RID will be 1000007. This can " -"only\n" -"happen if a user or a group object was created with a fixed ID because the\n" -"automatic assignment will not assign the same ID twice. Since there are " -"only\n" -"users and groups sharing the same ID namespace it is sufficient to have " -"only\n" -"one fallback range to handle conflicts.\n" -"\n" -"To find the Posix ID for a given RID from the local domain it has to be\n" -"checked first if the RID falls in the primary or secondary RID range and\n" -"the rid-base or the secondary-rid-base has to be subtracted, respectively,\n" -"and the base-id has to be added to get the Posix ID.\n" -"\n" -"Typically the creation of ID ranges happens behind the scenes and this CLI\n" -"must not be used at all. The ID range for the local domain will be created\n" -"during installation or upgrade from an older version. The ID range for a\n" -"trusted domain will be created together with the trust by 'ipa trust-" -"add ...'.\n" -"\n" -"USE CASES:\n" -"\n" -" Add an ID range from a transitively trusted domain\n" -"\n" -" If the trusted domain (A) trusts another domain (B) as well and this " -"trust\n" -" is transitive 'ipa trust-add domain-A' will only create a range for\n" -" domain A. The ID range for domain B must be added manually.\n" -"\n" -" Add an additional ID range for the local domain\n" -"\n" -" If the ID range of the local domain is exhausted, i.e. no new IDs can " -"be\n" -" assigned to Posix users or groups by the DNA plugin, a new range has to " -"be\n" -" created to allow new users and groups to be added. (Currently there is " -"no\n" -" connection between this range CLI and the DNA plugin, but a future " -"version\n" -" might be able to modify the configuration of the DNS plugin as well)\n" -"\n" -"In general it is not necessary to modify or delete ID ranges. If there is " -"no\n" -"other way to achieve a certain configuration than to modify or delete an ID\n" -"range it should be done with great care. Because UIDs are stored in the " -"file\n" -"system and are used for access control it might be possible that users are\n" -"allowed to access files of other users if an ID range got deleted and " -"reused\n" -"for a different domain.\n" -"\n" -"(*) The RID is typically the last integer of a user or group SID which " -"follows\n" -"the domain SID. E.g. if the domain SID is S-1-5-21-123-456-789 and a user " -"from\n" -"this domain has the SID S-1-5-21-123-456-789-1010 then 1010 is the RID of " -"the\n" -"user. RIDs are unique in a domain, 32bit values and are used for users and\n" -"groups.\n" -"\n" -"=======\n" -"WARNING:\n" -"\n" -"DNA plugin in 389-ds will allocate IDs based on the ranges configured for " -"the\n" -"local domain. Currently the DNA plugin *cannot* be reconfigured itself " -"based\n" -"on the local ranges set via this family of commands.\n" -"\n" -"Manual configuration change has to be done in the DNA plugin configuration " -"for\n" -"the new local range. Specifically, The dnaNextRange attribute of 'cn=Posix\n" -"IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has to " -"be\n" -"modified to match the new range.\n" -"=======\n" -msgstr "" - -msgid "" -"\n" -"Add new ID range.\n" -"\n" -" To add a new ID range you always have to specify\n" -"\n" -" --base-id\n" -" --range-size\n" -"\n" -" Additionally\n" -"\n" -" --rid-base\n" -" --secondary-rid-base\n" -"\n" -" may be given for a new ID range for the local domain while\n" -"\n" -" --rid-base\n" -" --dom-sid\n" -"\n" -" must be given to add a new range for a trusted AD domain.\n" -"\n" -"=======\n" -"WARNING:\n" -"\n" -"DNA plugin in 389-ds will allocate IDs based on the ranges configured for " -"the\n" -"local domain. Currently the DNA plugin *cannot* be reconfigured itself " -"based\n" -"on the local ranges set via this family of commands.\n" -"\n" -"Manual configuration change has to be done in the DNA plugin configuration " -"for\n" -"the new local range. Specifically, The dnaNextRange attribute of 'cn=Posix\n" -"IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has to " -"be\n" -"modified to match the new range.\n" -"=======\n" -" " -msgstr "" - -msgid "" -"\n" -"Modify ID range.\n" -"\n" -"=======\n" -"WARNING:\n" -"\n" -"DNA plugin in 389-ds will allocate IDs based on the ranges configured for " -"the\n" -"local domain. Currently the DNA plugin *cannot* be reconfigured itself " -"based\n" -"on the local ranges set via this family of commands.\n" -"\n" -"Manual configuration change has to be done in the DNA plugin configuration " -"for\n" -"the new local range. Specifically, The dnaNextRange attribute of 'cn=Posix\n" -"IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has to " -"be\n" -"modified to match the new range.\n" -"=======\n" -" " -msgstr "" - -msgid "Resolve a host name in DNS. (Deprecated)" -msgstr "" - -#, fuzzy -#| msgid "Hostname" -msgid "Hostname (FQDN)" -msgstr "Номи мизбон" - -msgid "Force DNS zone creation even if it will overlap with an existing zone." -msgstr "" - -msgid "" -"Force DNS zone creation even if nameserver is not resolvable. (Deprecated)" -msgstr "" - -msgid "" -"\n" -"Groups of users\n" -"\n" -"Manage groups of users. By default, new groups are POSIX groups. You\n" -"can add the --nonposix option to the group-add command to mark a new group\n" -"as non-POSIX. You can use the --posix argument with the group-mod command\n" -"to convert a non-POSIX group into a POSIX group. POSIX groups cannot be\n" -"converted to non-POSIX groups.\n" -"\n" -"Every group must have a description.\n" -"\n" -"POSIX groups must have a Group ID (GID) number. Changing a GID is\n" -"supported but can have an impact on your file permissions. It is not " -"necessary\n" -"to supply a GID when creating a group. IPA will generate one automatically\n" -"if it is not provided.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a new group:\n" -" ipa group-add --desc='local administrators' localadmins\n" -"\n" -" Add a new non-POSIX group:\n" -" ipa group-add --nonposix --desc='remote administrators' remoteadmins\n" -"\n" -" Convert a non-POSIX group to posix:\n" -" ipa group-mod --posix remoteadmins\n" -"\n" -" Add a new POSIX group with a specific Group ID number:\n" -" ipa group-add --gid=500 --desc='unix admins' unixadmins\n" -"\n" -" Add a new POSIX group and let IPA assign a Group ID number:\n" -" ipa group-add --desc='printer admins' printeradmins\n" -"\n" -" Remove a group:\n" -" ipa group-del unixadmins\n" -"\n" -" To add the \"remoteadmins\" group to the \"localadmins\" group:\n" -" ipa group-add-member --groups=remoteadmins localadmins\n" -"\n" -" Add multiple users to the \"localadmins\" group:\n" -" ipa group-add-member --users=test1 --users=test2 localadmins\n" -"\n" -" Remove a user from the \"localadmins\" group:\n" -" ipa group-remove-member --users=test2 localadmins\n" -"\n" -" Display information about a named group.\n" -" ipa group-show localadmins\n" -"\n" -"External group membership is designed to allow users from trusted domains\n" -"to be mapped to local POSIX groups in order to actually use IPA resources.\n" -"External members should be added to groups that specifically created as\n" -"external and non-POSIX. Such group later should be included into one of " -"POSIX\n" -"groups.\n" -"\n" -"An external group member is currently a Security Identifier (SID) as defined " -"by\n" -"the trusted domain. When adding external group members, it is possible to\n" -"specify them in either SID, or DOM\n" -"ame, or name@domain format. IPA will attempt\n" -"to resolve passed name to SID with the use of Global Catalog of the trusted " -"domain.\n" -"\n" -"Example:\n" -"\n" -"1. Create group for the trusted domain admins' mapping and their local POSIX " -"group:\n" -"\n" -" ipa group-add --desc=' admins external map' ad_admins_external " -"--external\n" -" ipa group-add --desc=' admins' ad_admins\n" -"\n" -"2. Add security identifier of Domain Admins of the to the " -"ad_admins_external\n" -" group:\n" -"\n" -" ipa group-add-member ad_admins_external --external 'AD\\Domain Admins'\n" -"\n" -"3. Allow members of ad_admins_external group to be associated with ad_admins " -"POSIX group:\n" -"\n" -" ipa group-add-member ad_admins --groups ad_admins_external\n" -"\n" -"4. List members of external members of ad_admins_external group to see their " -"SIDs:\n" -"\n" -" ipa group-show ad_admins_external\n" -msgstr "" - -msgid "" -"\n" -"Simulate use of Host-based access controls\n" -"\n" -"HBAC rules control who can access what services on what hosts.\n" -"You can use HBAC to control which users or groups can access a service,\n" -"or group of services, on a target host.\n" -"\n" -"Since applying HBAC rules implies use of a production environment,\n" -"this plugin aims to provide simulation of HBAC rules evaluation without\n" -"having access to the production environment.\n" -"\n" -" Test user coming to a service on a named host against\n" -" existing enabled rules.\n" -"\n" -" ipa hbactest --user= --host= --service=\n" -" [--rules=rules-list] [--nodetail] [--enabled] [--disabled]\n" -" [--sizelimit= ]\n" -"\n" -" --user, --host, and --service are mandatory, others are optional.\n" -"\n" -" If --rules is specified simulate enabling of the specified rules and test\n" -" the login of the user using only these rules.\n" -"\n" -" If --enabled is specified, all enabled HBAC rules will be added to " -"simulation\n" -"\n" -" If --disabled is specified, all disabled HBAC rules will be added to " -"simulation\n" -"\n" -" If --nodetail is specified, do not return information about rules matched/" -"not matched.\n" -"\n" -" If both --rules and --enabled are specified, apply simulation to --rules " -"_and_\n" -" all IPA enabled rules.\n" -"\n" -" If no --rules specified, simulation is run against all IPA enabled rules.\n" -" By default there is a IPA-wide limit to number of entries fetched, you can " -"change it\n" -" with --sizelimit option.\n" -"\n" -"EXAMPLES:\n" -"\n" -" 1. Use all enabled HBAC rules in IPA database to simulate:\n" -" $ ipa hbactest --user=a1a --host=bar --service=sshd\n" -" --------------------\n" -" Access granted: True\n" -" --------------------\n" -" Not matched rules: my-second-rule\n" -" Not matched rules: my-third-rule\n" -" Not matched rules: myrule\n" -" Matched rules: allow_all\n" -"\n" -" 2. Disable detailed summary of how rules were applied:\n" -" $ ipa hbactest --user=a1a --host=bar --service=sshd --nodetail\n" -" --------------------\n" -" Access granted: True\n" -" --------------------\n" -"\n" -" 3. Test explicitly specified HBAC rules:\n" -" $ ipa hbactest --user=a1a --host=bar --service=sshd --" -"rules=myrule --rules=my-second-rule\n" -" ---------------------\n" -" Access granted: False\n" -" ---------------------\n" -" Not matched rules: my-second-rule\n" -" Not matched rules: myrule\n" -"\n" -" 4. Use all enabled HBAC rules in IPA database + explicitly specified " -"rules:\n" -" $ ipa hbactest --user=a1a --host=bar --service=sshd --" -"rules=myrule --rules=my-second-rule --enabled\n" -" --------------------\n" -" Access granted: True\n" -" --------------------\n" -" Not matched rules: my-second-rule\n" -" Not matched rules: my-third-rule\n" -" Not matched rules: myrule\n" -" Matched rules: allow_all\n" -"\n" -" 5. Test all disabled HBAC rules in IPA database:\n" -" $ ipa hbactest --user=a1a --host=bar --service=sshd --disabled\n" -" ---------------------\n" -" Access granted: False\n" -" ---------------------\n" -" Not matched rules: new-rule\n" -"\n" -" 6. Test all disabled HBAC rules in IPA database + explicitly specified " -"rules:\n" -" $ ipa hbactest --user=a1a --host=bar --service=sshd --" -"rules=myrule --rules=my-second-rule --disabled\n" -" ---------------------\n" -" Access granted: False\n" -" ---------------------\n" -" Not matched rules: my-second-rule\n" -" Not matched rules: my-third-rule\n" -" Not matched rules: myrule\n" -"\n" -" 7. Test all (enabled and disabled) HBAC rules in IPA database:\n" -" $ ipa hbactest --user=a1a --host=bar --service=sshd --enabled " -"--disabled\n" -" --------------------\n" -" Access granted: True\n" -" --------------------\n" -" Not matched rules: my-second-rule\n" -" Not matched rules: my-third-rule\n" -" Not matched rules: myrule\n" -" Not matched rules: new-rule\n" -" Matched rules: allow_all\n" -"\n" -"\n" -"HBACTEST AND TRUSTED DOMAINS\n" -"\n" -"When an external trusted domain is configured in IPA, HBAC rules are also " -"applied\n" -"on users accessing IPA resources from the trusted domain. Trusted domain " -"users and\n" -"groups (and their SIDs) can be then assigned to external groups which can " -"be\n" -"members of POSIX groups in IPA which can be used in HBAC rules and thus " -"allowing\n" -"access to resources protected by the HBAC system.\n" -"\n" -"hbactest plugin is capable of testing access for both local IPA users and " -"users\n" -"from the trusted domains, either by a fully qualified user name or by user " -"SID.\n" -"Such user names need to have a trusted domain specified as a short name\n" -"(DOMAIN\\Administrator) or with a user principal name (UPN), " -"Administrator@ad.test.\n" -"\n" -"Please note that hbactest executed with a trusted domain user as --user " -"parameter\n" -"can be only run by members of \"trust admins\" group.\n" -"\n" -"EXAMPLES:\n" -"\n" -" 1. Test if a user from a trusted domain specified by its shortname " -"matches any\n" -" rule:\n" -"\n" -" $ ipa hbactest --user 'DOMAIN\\Administrator' --host `hostname` --" -"service sshd\n" -" --------------------\n" -" Access granted: True\n" -" --------------------\n" -" Matched rules: allow_all\n" -" Matched rules: can_login\n" -"\n" -" 2. Test if a user from a trusted domain specified by its domain name " -"matches\n" -" any rule:\n" -"\n" -" $ ipa hbactest --user 'Administrator@domain.com' --host `hostname` --" -"service sshd\n" -" --------------------\n" -" Access granted: True\n" -" --------------------\n" -" Matched rules: allow_all\n" -" Matched rules: can_login\n" -"\n" -" 3. Test if a user from a trusted domain specified by its SID matches any " -"rule:\n" -"\n" -" $ ipa hbactest --user " -"S-1-5-21-3035198329-144811719-1378114514-500 --host `hostname` --" -"service sshd\n" -" --------------------\n" -" Access granted: True\n" -" --------------------\n" -" Matched rules: allow_all\n" -" Matched rules: can_login\n" -"\n" -" 4. Test if other user from a trusted domain specified by its SID matches " -"any rule:\n" -"\n" -" $ ipa hbactest --user " -"S-1-5-21-3035198329-144811719-1378114514-1203 --host `hostname` " -"--service sshd\n" -" --------------------\n" -" Access granted: True\n" -" --------------------\n" -" Matched rules: allow_all\n" -" Not matched rules: can_login\n" -"\n" -" 5. Test if other user from a trusted domain specified by its shortname " -"matches\n" -" any rule:\n" -"\n" -" $ ipa hbactest --user 'DOMAIN\\Otheruser' --host `hostname` --service " -"sshd\n" -" --------------------\n" -" Access granted: True\n" -" --------------------\n" -" Matched rules: allow_all\n" -" Not matched rules: can_login\n" -msgstr "" - -msgid "Managed suffixes" -msgstr "" - -msgid "Check connection to remote IPA server." -msgstr "" - -#, fuzzy -#| msgid "Server Name" -msgid "Remote server name" -msgstr "Номи сервер" - -msgid "Remote IPA server hostname" -msgstr "" - -msgid "suffix" -msgstr "" - -msgid "Search for servers with these managed suffixes." -msgstr "" - -msgid "Search for servers without these managed suffixes." -msgstr "" - -msgid "Add a manager to the stage user entry" -msgstr "" - -msgid "Remove a manager to the stage user entry" -msgstr "" - -msgid "" -"\n" -"Topology\n" -"\n" -"Management of a replication topology at domain level 1.\n" -"\n" -"IPA server's data is stored in LDAP server in two suffixes:\n" -"* domain suffix, e.g., 'dc=example,dc=com', contains all domain related " -"data\n" -"* ca suffix, 'o=ipaca', is present only on server with CA installed. It\n" -" contains data for Certificate Server component\n" -"\n" -"Data stored on IPA servers is replicated to other IPA servers. The way it " -"is\n" -"replicated is defined by replication agreements. Replication agreements " -"needs\n" -"to be set for both suffixes separately. On domain level 0 they are managed\n" -"using ipa-replica-manage and ipa-csreplica-manage tools. With domain level " -"1\n" -"they are managed centrally using `ipa topology*` commands.\n" -"\n" -"Agreements are represented by topology segments. By default topology " -"segment\n" -"represents 2 replication agreements - one for each direction, e.g., A to B " -"and\n" -"B to A. Creation of unidirectional segments is not allowed.\n" -"\n" -"To verify that no server is disconnected in the topology of the given " -"suffix,\n" -"use:\n" -" ipa topologysuffix-verify $suffix\n" -"\n" -"\n" -"Examples:\n" -" Find all IPA servers:\n" -" ipa server-find\n" -"\n" -" Find all suffixes:\n" -" ipa topologysuffix-find\n" -"\n" -" Add topology segment to 'domain' suffix:\n" -" ipa topologysegment-add domain --left IPA_SERVER_A --right IPA_SERVER_B\n" -"\n" -" Add topology segment to 'ca' suffix:\n" -" ipa topologysegment-add ca --left IPA_SERVER_A --right IPA_SERVER_B\n" -"\n" -" List all topology segments in 'domain' suffix:\n" -" ipa topologysegment-find domain\n" -"\n" -" List all topology segments in 'ca' suffix:\n" -" ipa topologysegment-find ca\n" -"\n" -" Delete topology segment in 'domain' suffix:\n" -" ipa topologysegment-del domain segment_name\n" -"\n" -" Delete topology segment in 'ca' suffix:\n" -" ipa topologysegment-del ca segment_name\n" -"\n" -" Verify topology of 'domain' suffix:\n" -" ipa topologysuffix-verify domain\n" -"\n" -" Verify topology of 'ca' suffix:\n" -" ipa topologysuffix-verify ca\n" -msgstr "" - -msgid "Managed LDAP suffix DN" -msgstr "" - -msgid "Search for topology suffixes." -msgstr "" - -msgid "Add a manager to the user entry" -msgstr "" - -msgid "Remove a manager to the user entry" -msgstr "" - -msgid "" -"\n" -"Directory Server Access Control Instructions (ACIs)\n" -"\n" -"ACIs are used to allow or deny access to information. This module is\n" -"currently designed to allow, not deny, access.\n" -"\n" -"The aci commands are designed to grant permissions that allow updating\n" -"existing entries or adding or deleting new ones. The goal of the ACIs\n" -"that ship with IPA is to provide a set of low-level permissions that\n" -"grant access to special groups called taskgroups. These low-level\n" -"permissions can be combined into roles that grant broader access. These\n" -"roles are another type of group, roles.\n" -"\n" -"For example, if you have taskgroups that allow adding and modifying users " -"you\n" -"could create a role, useradmin. You would assign users to the useradmin\n" -"role to allow them to do the operations defined by the taskgroups.\n" -"\n" -"You can create ACIs that delegate permission so users in group A can write\n" -"attributes on group B.\n" -"\n" -"The type option is a map that applies to all entries in the users, groups " -"or\n" -"host location. It is primarily designed to be used when granting add\n" -"permissions (to write new entries).\n" -"\n" -"An ACI consists of three parts:\n" -"1. target\n" -"2. permissions\n" -"3. bind rules\n" -"\n" -"The target is a set of rules that define which LDAP objects are being\n" -"targeted. This can include a list of attributes, an area of that LDAP\n" -"tree or an LDAP filter.\n" -"\n" -"The targets include:\n" -"- attrs: list of attributes affected\n" -"- type: an object type (user, group, host, service, etc)\n" -"- memberof: members of a group\n" -"- targetgroup: grant access to modify a specific group. This is primarily\n" -" designed to enable users to add or remove members of a specific group.\n" -"- filter: A legal LDAP filter used to narrow the scope of the target.\n" -"- subtree: Used to apply a rule across an entire set of objects. For " -"example,\n" -" to allow adding users you need to grant \"add\" permission to the subtree\n" -" ldap://uid=*,cn=users,cn=accounts,dc=example,dc=com. The subtree option\n" -" is a fail-safe for objects that may not be covered by the type option.\n" -"\n" -"The permissions define what the ACI is allowed to do, and are one or\n" -"more of:\n" -"1. write - write one or more attributes\n" -"2. read - read one or more attributes\n" -"3. add - add a new entry to the tree\n" -"4. delete - delete an existing entry\n" -"5. all - all permissions are granted\n" -"\n" -"Note the distinction between attributes and entries. The permissions are\n" -"independent, so being able to add a user does not mean that the user will\n" -"be editable.\n" -"\n" -"The bind rule defines who this ACI grants permissions to. The LDAP server\n" -"allows this to be any valid LDAP entry but we encourage the use of\n" -"taskgroups so that the rights can be easily shared through roles.\n" -"\n" -"For a more thorough description of access controls see\n" -"http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Managing_Access_Control." -"html\n" -"\n" -"EXAMPLES:\n" -"\n" -"NOTE: ACIs are now added via the permission plugin. These examples are to\n" -"demonstrate how the various options work but this is done via the " -"permission\n" -"command-line now (see last example).\n" -"\n" -" Add an ACI so that the group \"secretaries\" can update the address on any " -"user:\n" -" ipa group-add --desc=\"Office secretaries\" secretaries\n" -" ipa aci-add --attrs=streetAddress --memberof=ipausers --group=secretaries " -"--permissions=write --prefix=none \"Secretaries write addresses\"\n" -"\n" -" Show the new ACI:\n" -" ipa aci-show --prefix=none \"Secretaries write addresses\"\n" -"\n" -" Add an ACI that allows members of the \"addusers\" permission to add new " -"users:\n" -" ipa aci-add --type=user --permission=addusers --permissions=add --" -"prefix=none \"Add new users\"\n" -"\n" -" Add an ACI that allows members of the editors manage members of the admins " -"group:\n" -" ipa aci-add --permissions=write --attrs=member --targetgroup=admins --" -"group=editors --prefix=none \"Editors manage admins\"\n" -"\n" -" Add an ACI that allows members of the admins group to manage the street and " -"zip code of those in the editors group:\n" -" ipa aci-add --permissions=write --memberof=editors --group=admins --" -"attrs=street,postalcode --prefix=none \"admins edit the address of editors" -"\"\n" -"\n" -" Add an ACI that allows the admins group manage the street and zipcode of " -"those who work for the boss:\n" -" ipa aci-add --permissions=write --group=admins --attrs=street,postalcode " -"--filter=\"(manager=uid=boss,cn=users,cn=accounts,dc=example,dc=com)\" --" -"prefix=none \"Edit the address of those who work for the boss\"\n" -"\n" -" Add an entirely new kind of record to IPA that isn't covered by any of the " -"--type options, creating a permission:\n" -" ipa permission-add --permissions=add --subtree=\"cn=*,cn=orange," -"cn=accounts,dc=example,dc=com\" --desc=\"Add Orange Entries\" add_orange\n" -"\n" -"\n" -"The show command shows the raw 389-ds ACI.\n" -"\n" -"IMPORTANT: When modifying the target attributes of an existing ACI you\n" -"must include all existing attributes as well. When doing an aci-mod the\n" -"targetattr REPLACES the current attributes, it does not add to them.\n" -msgstr "" - -msgid "" -"comma-separated list of permissions to grant(read, write, add, delete, all)" -msgstr "" - -msgid "Comma-separated list of attributes" -msgstr "" - -msgid "" -"\n" -"Auto Membership Rule.\n" -"\n" -"Bring clarity to the membership of hosts and users by configuring inclusive\n" -"or exclusive regex patterns, you can automatically assign a new entries " -"into\n" -"a group or hostgroup based upon attribute information.\n" -"\n" -"A rule is directly associated with a group by name, so you cannot create\n" -"a rule without an accompanying group or hostgroup.\n" -"\n" -"A condition is a regular expression used by 389-ds to match a new incoming\n" -"entry with an automember rule. If it matches an inclusive rule then the\n" -"entry is added to the appropriate group or hostgroup.\n" -"\n" -"A default group or hostgroup could be specified for entries that do not\n" -"match any rule. In case of user entries this group will be a fallback group\n" -"because all users are by default members of group specified in IPA config.\n" -"\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add the initial group or hostgroup:\n" -" ipa hostgroup-add --desc=\"Web Servers\" webservers\n" -" ipa group-add --desc=\"Developers\" devel\n" -"\n" -" Add the initial rule:\n" -" ipa automember-add --type=hostgroup webservers\n" -" ipa automember-add --type=group devel\n" -"\n" -" Add a condition to the rule:\n" -" ipa automember-add-condition --key=fqdn --type=hostgroup --inclusive-" -"regex=^web[1-9]+\\.example\\.com webservers\n" -" ipa automember-add-condition --key=manager --type=group --inclusive-" -"regex=^uid=mscott devel\n" -"\n" -" Add an exclusive condition to the rule to prevent auto assignment:\n" -" ipa automember-add-condition --key=fqdn --type=hostgroup --exclusive-" -"regex=^web5\\.example\\.com webservers\n" -"\n" -" Add a host:\n" -" ipa host-add web1.example.com\n" -"\n" -" Add a user:\n" -" ipa user-add --first=Tim --last=User --password tuser1 --manager=mscott\n" -"\n" -" Verify automembership:\n" -" ipa hostgroup-show webservers\n" -" Host-group: webservers\n" -" Description: Web Servers\n" -" Member hosts: web1.example.com\n" -"\n" -" ipa group-show devel\n" -" Group name: devel\n" -" Description: Developers\n" -" GID: 1004200000\n" -" Member users: tuser\n" -"\n" -" Remove a condition from the rule:\n" -" ipa automember-remove-condition --key=fqdn --type=hostgroup --inclusive-" -"regex=^web[1-9]+\\.example\\.com webservers\n" -"\n" -" Modify the automember rule:\n" -" ipa automember-mod\n" -"\n" -" Set the default (fallback) target group:\n" -" ipa automember-default-group-set --default-group=webservers --" -"type=hostgroup\n" -" ipa automember-default-group-set --default-group=ipausers --type=group\n" -"\n" -" Remove the default (fallback) target group:\n" -" ipa automember-default-group-remove --type=hostgroup\n" -" ipa automember-default-group-remove --type=group\n" -"\n" -" Show the default (fallback) target group:\n" -" ipa automember-default-group-show --type=hostgroup\n" -" ipa automember-default-group-show --type=group\n" -"\n" -" Find all of the automember rules:\n" -" ipa automember-find\n" -"\n" -" Display a automember rule:\n" -" ipa automember-show --type=hostgroup webservers\n" -" ipa automember-show --type=group devel\n" -"\n" -" Delete an automember rule:\n" -" ipa automember-del --type=hostgroup webservers\n" -" ipa automember-del --type=group devel\n" -msgstr "" - -msgid "" -"\n" -"IPA certificate operations\n" -"\n" -"Implements a set of commands for managing server SSL certificates.\n" -"\n" -"Certificate requests exist in the form of a Certificate Signing Request " -"(CSR)\n" -"in PEM format.\n" -"\n" -"If using the selfsign back end then the subject in the CSR needs to match\n" -"the subject configured in the server. The dogtag CA uses just the CN\n" -"value of the CSR and forces the rest of the subject.\n" -"\n" -"A certificate is stored with a service principal and a service principal\n" -"needs a host.\n" -"\n" -"In order to request a certificate:\n" -"\n" -"* The host must exist\n" -"* The service must exist (or you use the --add option to automatically add " -"it)\n" -"\n" -"EXAMPLES:\n" -"\n" -" Request a new certificate and add the principal:\n" -" ipa cert-request --add --principal=HTTP/lion.example.com example.csr\n" -"\n" -" Retrieve an existing certificate:\n" -" ipa cert-show 1032\n" -"\n" -" Revoke a certificate (see RFC 5280 for reason details):\n" -" ipa cert-revoke --revocation-reason=6 1032\n" -"\n" -" Remove a certificate from revocation hold status:\n" -" ipa cert-remove-hold 1032\n" -"\n" -" Check the status of a signing request:\n" -" ipa cert-status 10\n" -"\n" -"IPA currently immediately issues (or declines) all certificate requests so\n" -"the status of a request is not normally useful. This is for future use\n" -"or the case where a CA does not immediately issue a certificate.\n" -"\n" -"The following revocation reasons are supported:\n" -"\n" -" * 0 - unspecified\n" -" * 1 - keyCompromise\n" -" * 2 - cACompromise\n" -" * 3 - affiliationChanged\n" -" * 4 - superseded\n" -" * 5 - cessationOfOperation\n" -" * 6 - certificateHold\n" -" * 8 - removeFromCRL\n" -" * 9 - privilegeWithdrawn\n" -" * 10 - aACompromise\n" -"\n" -"Note that reason code 7 is not used. See RFC 5280 for more details:\n" -"\n" -"http://www.ietf.org/rfc/rfc5280.txt\n" -msgstr "" - -msgid "" -"\n" -"Group to Group Delegation\n" -"\n" -"A permission enables fine-grained delegation of permissions. Access Control\n" -"Rules, or instructions (ACIs), grant permission to permissions to perform\n" -"given tasks such as adding a user, modifying a group, etc.\n" -"\n" -"Group to Group Delegations grants the members of one group to update a set\n" -"of attributes of members of another group.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a delegation rule to allow managers to edit employee's addresses:\n" -" ipa delegation-add --attrs=street --group=managers --" -"membergroup=employees \"managers edit employees' street\"\n" -"\n" -" When managing the list of attributes you need to include all attributes\n" -" in the list, including existing ones. Add postalCode to the list:\n" -" ipa delegation-mod --attrs=street,postalCode --group=managers --" -"membergroup=employees \"managers edit employees' street\"\n" -"\n" -" Display our updated rule:\n" -" ipa delegation-show \"managers edit employees' street\"\n" -"\n" -" Delete a rule:\n" -" ipa delegation-del \"managers edit employees' street\"\n" -msgstr "" - -msgid "" -"Comma-separated list of permissions to grant (read, write). Default is write." -msgstr "" - -msgid "" -"\n" -"Domain Name System (DNS)\n" -"\n" -"Manage DNS zone and resource records.\n" -"\n" -"\n" -"USING STRUCTURED PER-TYPE OPTIONS\n" -"\n" -"There are many structured DNS RR types where DNS data stored in LDAP server\n" -"is not just a scalar value, for example an IP address or a domain name, but\n" -"a data structure which may be often complex. A good example is a LOC record\n" -"[RFC1876] which consists of many mandatory and optional parts (degrees,\n" -"minutes, seconds of latitude and longitude, altitude or precision).\n" -"\n" -"It may be difficult to manipulate such DNS records without making a mistake\n" -"and entering an invalid value. DNS module provides an abstraction over " -"these\n" -"raw records and allows to manipulate each RR type with specific options. " -"For\n" -"each supported RR type, DNS module provides a standard option to manipulate\n" -"a raw records with format ---rec, e.g. --mx-rec, and special " -"options\n" -"for every part of the RR structure with format ---, e.g.\n" -"--mx-preference and --mx-exchanger.\n" -"\n" -"When adding a record, either RR specific options or standard option for a " -"raw\n" -"value can be used, they just should not be combined in one add operation. " -"When\n" -"modifying an existing entry, new RR specific options can be used to change\n" -"one part of a DNS record, where the standard option for raw value is used\n" -"to specify the modified value. The following example demonstrates\n" -"a modification of MX record preference from 0 to 1 in a record without\n" -"modifying the exchanger:\n" -"ipa dnsrecord-mod --mx-rec=\"0 mx.example.com.\" --mx-preference=1\n" -"\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add new zone:\n" -" ipa dnszone-add example.com --name-" -"server=ns --admin-email=admin@example." -"com --ip-address=10.0.0.1\n" -"\n" -" Add system permission that can be used for per-zone privilege delegation:\n" -" ipa dnszone-add-permission example.com\n" -"\n" -" Modify the zone to allow dynamic updates for hosts own records in realm " -"EXAMPLE.COM:\n" -" ipa dnszone-mod example.com --dynamic-update=TRUE\n" -"\n" -" This is the equivalent of:\n" -" ipa dnszone-mod example.com --dynamic-update=TRUE --update-policy=" -"\"grant EXAMPLE.COM krb5-self * A; grant EXAMPLE.COM krb5-self * AAAA; grant " -"EXAMPLE.COM krb5-self * SSHFP;\"\n" -"\n" -" Modify the zone to allow zone transfers for local network only:\n" -" ipa dnszone-mod example.com --allow-transfer=10.0.0.0/8\n" -"\n" -" Add new reverse zone specified by network IP address:\n" -" ipa dnszone-add --name-from-ip=80.142.15.0/24 --name-" -"server=ns.example.com.\n" -"\n" -" Add second nameserver for example.com:\n" -" ipa dnsrecord-add example.com @ --ns-rec=nameserver2.example.com\n" -"\n" -" Add a mail server for example.com:\n" -" ipa dnsrecord-add example.com @ --mx-rec=\"10 mail1\"\n" -"\n" -" Add another record using MX record specific options:\n" -" ipa dnsrecord-add example.com @ --mx-preference=20 --mx-exchanger=mail2\n" -"\n" -" Add another record using interactive mode (started when dnsrecord-add, " -"dnsrecord-mod,\n" -" or dnsrecord-del are executed with no options):\n" -" ipa dnsrecord-add example.com @\n" -" Please choose a type of DNS resource record to be added\n" -" The most common types for this type of zone are: NS, MX, LOC\n" -"\n" -" DNS resource record type: MX\n" -" MX Preference: 30\n" -" MX Exchanger: mail3\n" -" Record name: example.com\n" -" MX record: 10 mail1, 20 mail2, 30 mail3\n" -" NS record: nameserver.example.com., nameserver2.example.com.\n" -"\n" -" Delete previously added nameserver from example.com:\n" -" ipa dnsrecord-del example.com @ --ns-rec=nameserver2.example.com.\n" -"\n" -" Add LOC record for example.com:\n" -" ipa dnsrecord-add example.com @ --loc-rec=\"49 11 42.4 N 16 36 29.6 E " -"227.64m\"\n" -"\n" -" Add new A record for www.example.com. Create a reverse record in " -"appropriate\n" -" reverse zone as well. In this case a PTR record \"2\" pointing to www." -"example.com\n" -" will be created in zone 15.142.80.in-addr.arpa.\n" -" ipa dnsrecord-add example.com www --a-rec=80.142.15.2 --a-create-reverse\n" -"\n" -" Add new PTR record for www.example.com\n" -" ipa dnsrecord-add 15.142.80.in-addr.arpa. 2 --ptr-rec=www.example.com.\n" -"\n" -" Add new SRV records for LDAP servers. Three quarters of the requests\n" -" should go to fast.example.com, one quarter to slow.example.com. If neither\n" -" is available, switch to backup.example.com.\n" -" ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"0 3 389 fast.example." -"com\"\n" -" ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"0 1 389 slow.example." -"com\"\n" -" ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"1 1 389 backup." -"example.com\"\n" -"\n" -" The interactive mode can be used for easy modification:\n" -" ipa dnsrecord-mod example.com _ldap._tcp\n" -" No option to modify specific record provided.\n" -" Current DNS record contents:\n" -"\n" -" SRV record: 0 3 389 fast.example.com, 0 1 389 slow.example.com, 1 1 389 " -"backup.example.com\n" -"\n" -" Modify SRV record '0 3 389 fast.example.com'? Yes/No (default No):\n" -" Modify SRV record '0 1 389 slow.example.com'? Yes/No (default No): y\n" -" SRV Priority [0]: (keep the default value)\n" -" SRV Weight [1]: 2 (modified value)\n" -" SRV Port [389]: (keep the default value)\n" -" SRV Target [slow.example.com]: (keep the default value)\n" -" 1 SRV record skipped. Only one value per DNS record type can be modified " -"at one time.\n" -" Record name: _ldap._tcp\n" -" SRV record: 0 3 389 fast.example.com, 1 1 389 backup.example.com, 0 2 " -"389 slow.example.com\n" -"\n" -" After this modification, three fifths of the requests should go to\n" -" fast.example.com and two fifths to slow.example.com.\n" -"\n" -" An example of the interactive mode for dnsrecord-del command:\n" -" ipa dnsrecord-del example.com www\n" -" No option to delete specific record provided.\n" -" Delete all? Yes/No (default No): (do not delete all records)\n" -" Current DNS record contents:\n" -"\n" -" A record: 1.2.3.4, 11.22.33.44\n" -"\n" -" Delete A record '1.2.3.4'? Yes/No (default No):\n" -" Delete A record '11.22.33.44'? Yes/No (default No): y\n" -" Record name: www\n" -" A record: 1.2.3.4 (A record 11.22.33.44 has been " -"deleted)\n" -"\n" -" Show zone example.com:\n" -" ipa dnszone-show example.com\n" -"\n" -" Find zone with \"example\" in its domain name:\n" -" ipa dnszone-find example\n" -"\n" -" Find records for resources with \"www\" in their name in zone example.com:\n" -" ipa dnsrecord-find example.com www\n" -"\n" -" Find A records with value 10.10.0.1 in zone example.com\n" -" ipa dnsrecord-find example.com --a-rec=10.10.0.1\n" -"\n" -" Show records for resource www in zone example.com\n" -" ipa dnsrecord-show example.com www\n" -"\n" -" Delegate zone sub.example to another nameserver:\n" -" ipa dnsrecord-add example.com ns.sub --a-rec=10.0.100.5\n" -" ipa dnsrecord-add example.com sub --ns-rec=ns.sub.example.com.\n" -"\n" -" If global forwarder is configured, all requests to sub.example.com will be\n" -" routed through the global forwarder. To change the behavior for example." -"com\n" -" zone only and forward the request directly to ns.sub.example.com., global\n" -" forwarding may be disabled per-zone:\n" -" ipa dnszone-mod example.com --forward-policy=none\n" -"\n" -" Forward all requests for the zone external.com to another nameserver using\n" -" a \"first\" policy (it will send the queries to the selected forwarder and " -"if\n" -" not answered it will use global resolvers):\n" -" ipa dnszone-add external.com\n" -" ipa dnszone-mod external.com --" -"forwarder=10.20.0.1 --forward-policy=first\n" -"\n" -" Delete zone example.com with all resource records:\n" -" ipa dnszone-del example.com\n" -"\n" -" Resolve a host name to see if it exists (will add default IPA domain\n" -" if one is not included):\n" -" ipa dns-resolve www.example.com\n" -" ipa dns-resolve www\n" -"\n" -"\n" -"GLOBAL DNS CONFIGURATION\n" -"\n" -"DNS configuration passed to command line install script is stored in a " -"local\n" -"configuration file on each IPA server where DNS service is configured. " -"These\n" -"local settings can be overridden with a common configuration stored in LDAP\n" -"server:\n" -"\n" -" Show global DNS configuration:\n" -" ipa dnsconfig-show\n" -"\n" -" Modify global DNS configuration and set a list of global forwarders:\n" -" ipa dnsconfig-mod --forwarder=10.0.0.1\n" -msgstr "" - -msgid "" -"A list of global forwarders. A custom port can be specified for each " -"forwarder using a standard format \"IP_ADDRESS port PORT\"" -msgstr "" - -msgid "An interval between regular polls of the name server for new DNS zones" -msgstr "" - -msgid "DNS class" -msgstr "" - -msgid "Comma-separated list of raw A records" -msgstr "" - -msgid "Comma-separated list of raw AAAA records" -msgstr "" - -msgid "Comma-separated list of raw A6 records" -msgstr "" - -msgid "Comma-separated list of raw AFSDB records" -msgstr "" - -msgid "Comma-separated list of raw APL records" -msgstr "" - -msgid "Comma-separated list of raw CERT records" -msgstr "" - -msgid "Comma-separated list of raw CNAME records" -msgstr "" - -msgid "Comma-separated list of raw DHCID records" -msgstr "" - -msgid "Comma-separated list of raw DLV records" -msgstr "" - -msgid "Comma-separated list of raw DNAME records" -msgstr "" - -msgid "Comma-separated list of raw DNSKEY records" -msgstr "" - -msgid "Comma-separated list of raw DS records" -msgstr "" - -msgid "Comma-separated list of raw HIP records" -msgstr "" - -msgid "Comma-separated list of raw IPSECKEY records" -msgstr "" - -msgid "Comma-separated list of raw KEY records" -msgstr "" - -msgid "KEY Flags" -msgstr "" - -msgid "KEY Protocol" -msgstr "" - -msgid "Protocol" -msgstr "" - -msgid "KEY Algorithm" -msgstr "" - -msgid "KEY Public Key" -msgstr "" - -msgid "Public Key" -msgstr "" - -msgid "Comma-separated list of raw KX records" -msgstr "" - -msgid "Comma-separated list of raw LOC records" -msgstr "" - -msgid "Comma-separated list of raw MX records" -msgstr "" - -msgid "Comma-separated list of raw NAPTR records" -msgstr "" - -msgid "Comma-separated list of raw NS records" -msgstr "" - -msgid "Comma-separated list of raw NSEC records" -msgstr "" - -msgid "NSEC Next Domain Name" -msgstr "" - -msgid "Next Domain Name" -msgstr "" - -msgid "NSEC Type Map" -msgstr "" - -#, fuzzy -#| msgid "Type" -msgid "Type Map" -msgstr "Намуд" - -msgid "Comma-separated list of raw NSEC3 records" -msgstr "" - -msgid "Comma-separated list of raw NSEC3PARAM records" -msgstr "" - -msgid "Comma-separated list of raw PTR records" -msgstr "" - -msgid "Comma-separated list of raw RRSIG records" -msgstr "" - -msgid "RRSIG Type Covered" -msgstr "" - -msgid "Type Covered" -msgstr "" - -msgid "RRSIG Algorithm" -msgstr "" - -msgid "RRSIG Labels" -msgstr "" - -msgid "Labels" -msgstr "" - -msgid "RRSIG Original TTL" -msgstr "" - -msgid "Original TTL" -msgstr "" - -msgid "RRSIG Signature Expiration" -msgstr "" - -msgid "Signature Expiration" -msgstr "" - -msgid "RRSIG Signature Inception" -msgstr "" - -msgid "Signature Inception" -msgstr "" - -msgid "RRSIG Key Tag" -msgstr "" - -msgid "RRSIG Signer's Name" -msgstr "" - -#, fuzzy -#| msgid "Server Name" -msgid "Signer's Name" -msgstr "Номи сервер" - -msgid "RRSIG Signature" -msgstr "" - -msgid "Signature" -msgstr "" - -msgid "Comma-separated list of raw RP records" -msgstr "" - -msgid "Comma-separated list of raw SIG records" -msgstr "" - -msgid "SIG Type Covered" -msgstr "" - -msgid "SIG Algorithm" -msgstr "" - -msgid "SIG Labels" -msgstr "" - -msgid "SIG Original TTL" -msgstr "" - -msgid "SIG Signature Expiration" -msgstr "" - -msgid "SIG Signature Inception" -msgstr "" - -msgid "SIG Key Tag" -msgstr "" - -msgid "SIG Signer's Name" -msgstr "" - -msgid "SIG Signature" -msgstr "" - -msgid "Comma-separated list of raw SPF records" -msgstr "" - -msgid "Comma-separated list of raw SRV records" -msgstr "" - -msgid "Comma-separated list of raw SSHFP records" -msgstr "" - -msgid "Comma-separated list of raw TA records" -msgstr "" - -msgid "Comma-separated list of raw TKEY records" -msgstr "" - -msgid "Comma-separated list of raw TSIG records" -msgstr "" - -msgid "Comma-separated list of raw TXT records" -msgstr "" - -msgid "SOA time to live" -msgstr "" - -msgid "SOA record time to live" -msgstr "" - -msgid "SOA class" -msgstr "" - -msgid "SOA record class" -msgstr "" - -msgid "" -"A list of per-zone forwarders. A custom port can be specified for each " -"forwarder using a standard format \"IP_ADDRESS port PORT\"" -msgstr "" - -msgid "Add forward record for nameserver located in the created zone" -msgstr "" - -msgid "" -"\n" -"Entitlements\n" -"\n" -"Manage entitlements for client machines\n" -"\n" -"Entitlements can be managed either by registering with an entitlement\n" -"server with a username and password or by manually importing entitlement\n" -"certificates. An entitlement certificate contains embedded information\n" -"such as the product being entitled, the quantity and the validity dates.\n" -"\n" -"An entitlement server manages the number of client entitlements available.\n" -"To mark these entitlements as used by the IPA server you provide a quantity\n" -"and they are marked as consumed on the entitlement server.\n" -"\n" -" Register with an entitlement server:\n" -" ipa entitle-register consumer\n" -"\n" -" Import an entitlement certificate:\n" -" ipa entitle-import /home/user/ipaclient.pem\n" -"\n" -" Display current entitlements:\n" -" ipa entitle-status\n" -"\n" -" Retrieve details on entitlement certificates:\n" -" ipa entitle-get\n" -"\n" -" Consume some entitlements from the entitlement server:\n" -" ipa entitle-consume 50\n" -"\n" -"The registration ID is a Unique Identifier (UUID). This ID will be\n" -"IMPORTED if you have used entitle-import.\n" -"\n" -"Changes to /etc/rhsm/rhsm.conf require a restart of the httpd service.\n" -msgstr "" - -msgid "Consume an entitlement." -msgstr "" - -msgid "Quantity" -msgstr "" - -msgid "Search for entitlement accounts." -msgstr "" - -msgid "Retrieve the entitlement certs." -msgstr "" - -msgid "Import an entitlement certificate." -msgstr "" - -msgid "UUID" -msgstr "" - -msgid "Enrollment UUID" -msgstr "" - -msgid "Register to the entitlement system." -msgstr "" - -msgid "Username" -msgstr "Номи корбар" - -msgid "Enrollment UUID (not implemented)" -msgstr "" - -msgid "Registration password" -msgstr "" - -msgid "Display current entitlements." -msgstr "" - -msgid "Re-sync the local entitlement cache with the entitlement server." -msgstr "" - -msgid "" -"\n" -"Groups of users\n" -"\n" -"Manage groups of users. By default, new groups are POSIX groups. You\n" -"can add the --nonposix option to the group-add command to mark a new group\n" -"as non-POSIX. You can use the --posix argument with the group-mod command\n" -"to convert a non-POSIX group into a POSIX group. POSIX groups cannot be\n" -"converted to non-POSIX groups.\n" -"\n" -"Every group must have a description.\n" -"\n" -"POSIX groups must have a Group ID (GID) number. Changing a GID is\n" -"supported but can have an impact on your file permissions. It is not " -"necessary\n" -"to supply a GID when creating a group. IPA will generate one automatically\n" -"if it is not provided.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a new group:\n" -" ipa group-add --desc='local administrators' localadmins\n" -"\n" -" Add a new non-POSIX group:\n" -" ipa group-add --nonposix --desc='remote administrators' remoteadmins\n" -"\n" -" Convert a non-POSIX group to posix:\n" -" ipa group-mod --posix remoteadmins\n" -"\n" -" Add a new POSIX group with a specific Group ID number:\n" -" ipa group-add --gid=500 --desc='unix admins' unixadmins\n" -"\n" -" Add a new POSIX group and let IPA assign a Group ID number:\n" -" ipa group-add --desc='printer admins' printeradmins\n" -"\n" -" Remove a group:\n" -" ipa group-del unixadmins\n" -"\n" -" To add the \"remoteadmins\" group to the \"localadmins\" group:\n" -" ipa group-add-member --groups=remoteadmins localadmins\n" -"\n" -" Add a list of users to the \"localadmins\" group:\n" -" ipa group-add-member --users=test1,test2 localadmins\n" -"\n" -" Remove a user from the \"localadmins\" group:\n" -" ipa group-remove-member --users=test2 localadmins\n" -"\n" -" Display information about a named group.\n" -" ipa group-show localadmins\n" -"\n" -"External group membership is designed to allow users from trusted domains\n" -"to be mapped to local POSIX groups in order to actually use IPA resources.\n" -"External members should be added to groups that specifically created as\n" -"external and non-POSIX. Such group later should be included into one of " -"POSIX\n" -"groups.\n" -"\n" -"An external group member is currently a Security Identifier (SID) as defined " -"by\n" -"the trusted domain. When adding external group members, it is possible to\n" -"specify them in either SID, or DOM\n" -"ame, or name@domain format. IPA will attempt\n" -"to resolve passed name to SID with the use of Global Catalog of the trusted " -"domain.\n" -"\n" -"Example:\n" -"\n" -"1. Create group for the trusted domain admins' mapping and their local POSIX " -"group:\n" -"\n" -" ipa group-add --desc=' admins external map' ad_admins_external " -"--external\n" -" ipa group-add --desc=' admins' ad_admins\n" -"\n" -"2. Add security identifier of Domain Admins of the to the " -"ad_admins_external\n" -" group:\n" -"\n" -" ipa group-add-member ad_admins_external --external 'AD\\Domain Admins'\n" -"\n" -"3. Allow members of ad_admins_external group to be associated with ad_admins " -"POSIX group:\n" -"\n" -" ipa group-add-member ad_admins --groups ad_admins_external\n" -"\n" -"4. List members of external members of ad_admins_external group to see their " -"SIDs:\n" -"\n" -" ipa group-show ad_admins_external\n" -msgstr "" - -msgid "" -"comma-separated list of members of a trusted domain in DOM\\name or " -"name@domain form" -msgstr "" - -msgid "comma-separated list of users to add" -msgstr "" - -msgid "comma-separated list of groups to add" -msgstr "" - -msgid "comma-separated list of users to remove" -msgstr "" - -msgid "comma-separated list of groups to remove" -msgstr "" - -msgid "" -"\n" -"Host-based access control\n" -"\n" -"Control who can access what services on what hosts and from where. You\n" -"can use HBAC to control which users or groups on a source host can\n" -"access a service, or group of services, on a target host.\n" -"\n" -"You can also specify a category of users, target hosts, and source\n" -"hosts. This is currently limited to \"all\", but might be expanded in the\n" -"future.\n" -"\n" -"Target hosts and source hosts in HBAC rules must be hosts managed by IPA.\n" -"\n" -"The available services and groups of services are controlled by the\n" -"hbacsvc and hbacsvcgroup plug-ins respectively.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Create a rule, \"test1\", that grants all users access to the host \"server" -"\" from\n" -" anywhere:\n" -" ipa hbacrule-add --usercat=all --srchostcat=all test1\n" -" ipa hbacrule-add-host --hosts=server.example.com test1\n" -"\n" -" Display the properties of a named HBAC rule:\n" -" ipa hbacrule-show test1\n" -"\n" -" Create a rule for a specific service. This lets the user john access\n" -" the sshd service on any machine from any machine:\n" -" ipa hbacrule-add --hostcat=all --srchostcat=all john_sshd\n" -" ipa hbacrule-add-user --users=john john_sshd\n" -" ipa hbacrule-add-service --hbacsvcs=sshd john_sshd\n" -"\n" -" Create a rule for a new service group. This lets the user john access\n" -" the FTP service on any machine from any machine:\n" -" ipa hbacsvcgroup-add ftpers\n" -" ipa hbacsvc-add sftp\n" -" ipa hbacsvcgroup-add-member --hbacsvcs=ftp,sftp ftpers\n" -" ipa hbacrule-add --hostcat=all --srchostcat=all john_ftp\n" -" ipa hbacrule-add-user --users=john john_ftp\n" -" ipa hbacrule-add-service --hbacsvcgroups=ftpers john_ftp\n" -"\n" -" Disable a named HBAC rule:\n" -" ipa hbacrule-disable test1\n" -"\n" -" Remove a named HBAC rule:\n" -" ipa hbacrule-del allow_server\n" -msgstr "" - -msgid "Source host category" -msgstr "" - -msgid "Source host category the rule applies to" -msgstr "" - -msgid "Source Hosts" -msgstr "" - -msgid "Source Host Groups" -msgstr "" - -msgid "comma-separated list of hosts to add" -msgstr "" - -msgid "comma-separated list of host groups to add" -msgstr "" - -msgid "comma-separated list of HBAC services to add" -msgstr "" - -msgid "comma-separated list of HBAC service groups to add" -msgstr "" - -msgid "Add source hosts and hostgroups from a HBAC rule." -msgstr "" - -msgid "comma-separated list of hosts to remove" -msgstr "" - -msgid "comma-separated list of host groups to remove" -msgstr "" - -msgid "comma-separated list of HBAC services to remove" -msgstr "" - -msgid "comma-separated list of HBAC service groups to remove" -msgstr "" - -msgid "Remove source hosts and hostgroups from an HBAC rule." -msgstr "" - -msgid "" -"\n" -"HBAC Service Groups\n" -"\n" -"HBAC service groups can contain any number of individual services,\n" -"or \"members\". Every group must have a description.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a new HBAC service group:\n" -" ipa hbacsvcgroup-add --desc=\"login services\" login\n" -"\n" -" Add members to an HBAC service group:\n" -" ipa hbacsvcgroup-add-member --hbacsvcs=sshd,login login\n" -"\n" -" Display information about a named group:\n" -" ipa hbacsvcgroup-show login\n" -"\n" -" Add a new group to the \"login\" group:\n" -" ipa hbacsvcgroup-add --desc=\"switch users\" login\n" -" ipa hbacsvcgroup-add-member --hbacsvcs=su,su-l login\n" -"\n" -" Delete an HBAC service group:\n" -" ipa hbacsvcgroup-del login\n" -msgstr "" - -msgid "" -"\n" -"Simulate use of Host-based access controls\n" -"\n" -"HBAC rules control who can access what services on what hosts and from " -"where.\n" -"You can use HBAC to control which users or groups can access a service,\n" -"or group of services, on a target host.\n" -"\n" -"Since applying HBAC rules implies use of a production environment,\n" -"this plugin aims to provide simulation of HBAC rules evaluation without\n" -"having access to the production environment.\n" -"\n" -" Test user coming to a service on a named host against\n" -" existing enabled rules.\n" -"\n" -" ipa hbactest --user= --host= --service=\n" -" [--rules=rules-list] [--nodetail] [--enabled] [--disabled]\n" -" [--srchost= ] [--sizelimit= ]\n" -"\n" -" --user, --host, and --service are mandatory, others are optional.\n" -"\n" -" If --rules is specified simulate enabling of the specified rules and test\n" -" the login of the user using only these rules.\n" -"\n" -" If --enabled is specified, all enabled HBAC rules will be added to " -"simulation\n" -"\n" -" If --disabled is specified, all disabled HBAC rules will be added to " -"simulation\n" -"\n" -" If --nodetail is specified, do not return information about rules matched/" -"not matched.\n" -"\n" -" If both --rules and --enabled are specified, apply simulation to --rules " -"_and_\n" -" all IPA enabled rules.\n" -"\n" -" If no --rules specified, simulation is run against all IPA enabled rules.\n" -" By default there is a IPA-wide limit to number of entries fetched, you can " -"change it\n" -" with --sizelimit option.\n" -"\n" -" If --srchost is specified, it will be ignored. It is left because of " -"compatibility reasons only.\n" -"\n" -"EXAMPLES:\n" -"\n" -" 1. Use all enabled HBAC rules in IPA database to simulate:\n" -" $ ipa hbactest --user=a1a --host=bar --service=sshd\n" -" --------------------\n" -" Access granted: True\n" -" --------------------\n" -" notmatched: my-second-rule\n" -" notmatched: my-third-rule\n" -" notmatched: myrule\n" -" matched: allow_all\n" -"\n" -" 2. Disable detailed summary of how rules were applied:\n" -" $ ipa hbactest --user=a1a --host=bar --service=sshd --nodetail\n" -" --------------------\n" -" Access granted: True\n" -" --------------------\n" -"\n" -" 3. Test explicitly specified HBAC rules:\n" -" $ ipa hbactest --user=a1a --host=bar --service=sshd --rules=my-" -"second-rule,myrule\n" -" ---------------------\n" -" Access granted: False\n" -" ---------------------\n" -" notmatched: my-second-rule\n" -" notmatched: myrule\n" -"\n" -" 4. Use all enabled HBAC rules in IPA database + explicitly specified " -"rules:\n" -" $ ipa hbactest --user=a1a --host=bar --service=sshd --rules=my-" -"second-rule,myrule --enabled\n" -" --------------------\n" -" Access granted: True\n" -" --------------------\n" -" notmatched: my-second-rule\n" -" notmatched: my-third-rule\n" -" notmatched: myrule\n" -" matched: allow_all\n" -"\n" -" 5. Test all disabled HBAC rules in IPA database:\n" -" $ ipa hbactest --user=a1a --host=bar --service=sshd --disabled\n" -" ---------------------\n" -" Access granted: False\n" -" ---------------------\n" -" notmatched: new-rule\n" -"\n" -" 6. Test all disabled HBAC rules in IPA database + explicitly specified " -"rules:\n" -" $ ipa hbactest --user=a1a --host=bar --service=sshd --rules=my-" -"second-rule,myrule --disabled\n" -" ---------------------\n" -" Access granted: False\n" -" ---------------------\n" -" notmatched: my-second-rule\n" -" notmatched: my-third-rule\n" -" notmatched: myrule\n" -"\n" -" 7. Test all (enabled and disabled) HBAC rules in IPA database:\n" -" $ ipa hbactest --user=a1a --host=bar --service=sshd --enabled " -"--disabled\n" -" --------------------\n" -" Access granted: True\n" -" --------------------\n" -" notmatched: my-second-rule\n" -" notmatched: my-third-rule\n" -" notmatched: myrule\n" -" notmatched: new-rule\n" -" matched: allow_all\n" -msgstr "" - -msgid "Source host" -msgstr "" - -msgid "" -"\n" -"Hosts/Machines\n" -"\n" -"A host represents a machine. It can be used in a number of contexts:\n" -"- service entries are associated with a host\n" -"- a host stores the host/ service principal\n" -"- a host can be used in Host-based Access Control (HBAC) rules\n" -"- every enrolled client generates a host entry\n" -"\n" -"ENROLLMENT:\n" -"\n" -"There are three enrollment scenarios when enrolling a new client:\n" -"\n" -"1. You are enrolling as a full administrator. The host entry may exist\n" -" or not. A full administrator is a member of the hostadmin role\n" -" or the admins group.\n" -"2. You are enrolling as a limited administrator. The host must already\n" -" exist. A limited administrator is a member a role with the\n" -" Host Enrollment privilege.\n" -"3. The host has been created with a one-time password.\n" -"\n" -"A host can only be enrolled once. If a client has enrolled and needs to\n" -"be re-enrolled, the host entry must be removed and re-created. Note that\n" -"re-creating the host entry will result in all services for the host being\n" -"removed, and all SSL certificates associated with those services being\n" -"revoked.\n" -"\n" -"A host can optionally store information such as where it is located,\n" -"the OS that it runs, etc.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a new host:\n" -" ipa host-add --location=\"3rd floor lab\" --locality=Dallas test.example." -"com\n" -"\n" -" Delete a host:\n" -" ipa host-del test.example.com\n" -"\n" -" Add a new host with a one-time password:\n" -" ipa host-add --os='Fedora 12' --password=Secret123 test.example.com\n" -"\n" -" Add a new host with a random one-time password:\n" -" ipa host-add --os='Fedora 12' --random test.example.com\n" -"\n" -" Modify information about a host:\n" -" ipa host-mod --os='Fedora 12' test.example.com\n" -"\n" -" Remove SSH public keys of a host and update DNS to reflect this change:\n" -" ipa host-mod --sshpubkey= --updatedns test.example.com\n" -"\n" -" Disable the host Kerberos key, SSL certificate and all of its services:\n" -" ipa host-disable test.example.com\n" -"\n" -" Add a host that can manage this host's keytab and certificate:\n" -" ipa host-add-managedby --hosts=test2 test\n" -msgstr "" - -msgid "" -"\n" -"Groups of hosts.\n" -"\n" -"Manage groups of hosts. This is useful for applying access control to a\n" -"number of hosts by using Host-based Access Control.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a new host group:\n" -" ipa hostgroup-add --desc=\"Baltimore hosts\" baltimore\n" -"\n" -" Add another new host group:\n" -" ipa hostgroup-add --desc=\"Maryland hosts\" maryland\n" -"\n" -" Add members to the hostgroup:\n" -" ipa hostgroup-add-member --hosts=box1,box2,box3 baltimore\n" -"\n" -" Add a hostgroup as a member of another hostgroup:\n" -" ipa hostgroup-add-member --hostgroups=baltimore maryland\n" -"\n" -" Remove a host from the hostgroup:\n" -" ipa hostgroup-remove-member --hosts=box2 baltimore\n" -"\n" -" Display a host group:\n" -" ipa hostgroup-show baltimore\n" -"\n" -" Delete a hostgroup:\n" -" ipa hostgroup-del baltimore\n" -msgstr "" - -msgid "" -"Comma-separated list of objectclasses used to search for user entries in DS" -msgstr "" - -msgid "" -"Comma-separated list of objectclasses used to search for group entries in DS" -msgstr "" - -msgid "" -"Comma-separated list of objectclasses to be ignored for user entries in DS" -msgstr "" - -msgid "Comma-separated list of attributes to be ignored for user entries in DS" -msgstr "" - -msgid "" -"Comma-separated list of objectclasses to be ignored for group entries in DS" -msgstr "" - -msgid "" -"Comma-separated list of attributes to be ignored for group entries in DS" -msgstr "" - -msgid "comma-separated list of groups to exclude from migration" -msgstr "" - -msgid "comma-separated list of users to exclude from migration" -msgstr "" - -msgid "" -"\n" -"Netgroups\n" -"\n" -"A netgroup is a group used for permission checking. It can contain both\n" -"user and host values.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a new netgroup:\n" -" ipa netgroup-add --desc=\"NFS admins\" admins\n" -"\n" -" Add members to the netgroup:\n" -" ipa netgroup-add-member --users=tuser1,tuser2 admins\n" -"\n" -" Remove a member from the netgroup:\n" -" ipa netgroup-remove-member --users=tuser2 admins\n" -"\n" -" Display information about a netgroup:\n" -" ipa netgroup-show admins\n" -"\n" -" Delete a netgroup:\n" -" ipa netgroup-del admins\n" -msgstr "" - -msgid "comma-separated list of netgroups to add" -msgstr "" - -msgid "comma-separated list of netgroups to remove" -msgstr "" - -msgid "" -"\n" -"Permissions\n" -"\n" -"A permission enables fine-grained delegation of rights. A permission is\n" -"a human-readable form of a 389-ds Access Control Rule, or instruction " -"(ACI).\n" -"A permission grants the right to perform a specific task such as adding a\n" -"user, modifying a group, etc.\n" -"\n" -"A permission may not contain other permissions.\n" -"\n" -"* A permission grants access to read, write, add or delete.\n" -"* A privilege combines similar permissions (for example all the permissions\n" -" needed to add a user).\n" -"* A role grants a set of privileges to users, groups, hosts or hostgroups.\n" -"\n" -"A permission is made up of a number of different parts:\n" -"\n" -"1. The name of the permission.\n" -"2. The target of the permission.\n" -"3. The rights granted by the permission.\n" -"\n" -"Rights define what operations are allowed, and may be one or more\n" -"of the following:\n" -"1. write - write one or more attributes\n" -"2. read - read one or more attributes\n" -"3. add - add a new entry to the tree\n" -"4. delete - delete an existing entry\n" -"5. all - all permissions are granted\n" -"\n" -"Read permission is granted for most attributes by default so the read\n" -"permission is not expected to be used very often.\n" -"\n" -"Note the distinction between attributes and entries. The permissions are\n" -"independent, so being able to add a user does not mean that the user will\n" -"be editable.\n" -"\n" -"There are a number of allowed targets:\n" -"1. type: a type of object (user, group, etc).\n" -"2. memberof: a member of a group or hostgroup\n" -"3. filter: an LDAP filter\n" -"4. subtree: an LDAP filter specifying part of the LDAP DIT. This is a\n" -" super-set of the \"type\" target.\n" -"5. targetgroup: grant access to modify a specific group (such as granting\n" -" the rights to manage group membership)\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a permission that grants the creation of users:\n" -" ipa permission-add --type=user --permissions=add \"Add Users\"\n" -"\n" -" Add a permission that grants the ability to manage group membership:\n" -" ipa permission-add --attrs=member --permissions=write --type=group " -"\"Manage Group Members\"\n" -msgstr "" - -msgid "" -"Comma-separated list of permissions to grant (read, write, add, delete, all)" -msgstr "" - -msgid "" -"Type of IPA object (user, group, host, hostgroup, service, netgroup, dns)" -msgstr "" - -msgid "Target members of a group" -msgstr "" - -msgid "User group to apply permissions to" -msgstr "" - -msgid "comma-separated list of privileges to add" -msgstr "" - -msgid "Add a system permission without an ACI" -msgstr "" - -#, fuzzy -#| msgid "Permission" -msgid "Permission type" -msgstr "Иҷозат" - -msgid "comma-separated list of privileges to remove" -msgstr "" - -msgid "" -"\n" -"Ping the remote IPA server to ensure it is running.\n" -"\n" -"The ping command sends an echo request to an IPA server. The server\n" -"returns its version information. This is used by an IPA client\n" -"to confirm that the server is available and accepting requests.\n" -"\n" -"The server from xmlrpc_uri in /etc/ipa/default.conf is contacted first.\n" -"If it does not respond then the client will contact any servers defined\n" -"by ldap SRV records in DNS.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Ping an IPA server:\n" -" ipa ping\n" -" ------------------------------------------\n" -" IPA server version 2.1.9. API version 2.20\n" -" ------------------------------------------\n" -"\n" -" Ping an IPA server verbosely:\n" -" ipa -v ping\n" -" ipa: INFO: trying https://ipa.example.com/ipa/xml\n" -" ipa: INFO: Forwarding 'ping' to server u'https://ipa.example.com/ipa/" -"xml'\n" -" -----------------------------------------------------\n" -" IPA server version 2.1.9. API version 2.20\n" -" -----------------------------------------------------\n" -msgstr "" - -msgid "comma-separated list of roles to add" -msgstr "" - -msgid "comma-separated list of permissions" -msgstr "" - -msgid "comma-separated list of roles to remove" -msgstr "" - -msgid "comma-separated list of privileges" -msgstr "" - -msgid "" -"\n" -"Self-service Permissions\n" -"\n" -"A permission enables fine-grained delegation of permissions. Access Control\n" -"Rules, or instructions (ACIs), grant permission to permissions to perform\n" -"given tasks such as adding a user, modifying a group, etc.\n" -"\n" -"A Self-service permission defines what an object can change in its own " -"entry.\n" -"\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a self-service rule to allow users to manage their address:\n" -" ipa selfservice-add --permissions=write --attrs=street,postalCode,l,c,st " -"\"Users manage their own address\"\n" -"\n" -" When managing the list of attributes you need to include all attributes\n" -" in the list, including existing ones. Add telephoneNumber to the list:\n" -" ipa selfservice-mod --attrs=street,postalCode,l,c,st,telephoneNumber " -"\"Users manage their own address\"\n" -"\n" -" Display our updated rule:\n" -" ipa selfservice-show \"Users manage their own address\"\n" -"\n" -" Delete a rule:\n" -" ipa selfservice-del \"Users manage their own address\"\n" -msgstr "" - -msgid "" -"\n" -"Services\n" -"\n" -"A IPA service represents a service that runs on a host. The IPA service\n" -"record can store a Kerberos principal, an SSL certificate, or both.\n" -"\n" -"An IPA service can be managed directly from a machine, provided that\n" -"machine has been given the correct permission. This is true even for\n" -"machines other than the one the service is associated with. For example,\n" -"requesting an SSL certificate using the host service principal credentials\n" -"of the host. To manage a service using host credentials you need to\n" -"kinit as the host:\n" -"\n" -" # kinit -kt /etc/krb5.keytab host/ipa.example.com@EXAMPLE.COM\n" -"\n" -"Adding an IPA service allows the associated service to request an SSL\n" -"certificate or keytab, but this is performed as a separate step; they\n" -"are not produced as a result of adding the service.\n" -"\n" -"Only the public aspect of a certificate is stored in a service record;\n" -"the private key is not stored.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a new IPA service:\n" -" ipa service-add HTTP/web.example.com\n" -"\n" -" Allow a host to manage an IPA service certificate:\n" -" ipa service-add-host --hosts=web.example.com HTTP/web.example.com\n" -" ipa role-add-member --hosts=web.example.com certadmin\n" -"\n" -" Override a default list of supported PAC types for the service:\n" -" ipa service-mod HTTP/web.example.com --pac-type=MS-PAC\n" -"\n" -" Delete an IPA service:\n" -" ipa service-del HTTP/web.example.com\n" -"\n" -" Find all IPA services associated with a host:\n" -" ipa service-find web.example.com\n" -"\n" -" Find all HTTP services:\n" -" ipa service-find HTTP\n" -"\n" -" Disable the service Kerberos key and SSL certificate:\n" -" ipa service-disable HTTP/web.example.com\n" -"\n" -" Request a certificate for an IPA service:\n" -" ipa cert-request --principal=HTTP/web.example.com example.csr\n" -"\n" -" Generate and retrieve a keytab for an IPA service:\n" -" ipa-getkeytab -s ipa.example.com -p HTTP/web.example.com -k /etc/httpd/" -"httpd.keytab\n" -msgstr "" - -msgid "" -"Override default list of supported PAC types. Use 'NONE' to disable PAC " -"support for this service" -msgstr "" - -msgid "" -"\n" -"Groups of Sudo Commands\n" -"\n" -"Manage groups of Sudo Commands.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a new Sudo Command Group:\n" -" ipa sudocmdgroup-add --desc='administrators commands' admincmds\n" -"\n" -" Remove a Sudo Command Group:\n" -" ipa sudocmdgroup-del admincmds\n" -"\n" -" Manage Sudo Command Group membership, commands:\n" -" ipa sudocmdgroup-add-member --sudocmds=/usr/bin/less,/usr/bin/vim " -"admincmds\n" -"\n" -" Manage Sudo Command Group membership, commands:\n" -" ipa group-remove-member --sudocmds=/usr/bin/less admincmds\n" -"\n" -" Show a Sudo Command Group:\n" -" ipa group-show localadmins\n" -msgstr "" - -msgid "comma-separated list of sudo commands to add" -msgstr "" - -msgid "comma-separated list of sudo commands to remove" -msgstr "" - -msgid "" -"\n" -"Sudo Rules\n" -"\n" -"Sudo (su \"do\") allows a system administrator to delegate authority to\n" -"give certain users (or groups of users) the ability to run some (or all)\n" -"commands as root or another user while providing an audit trail of the\n" -"commands and their arguments.\n" -"\n" -"FreeIPA provides a means to configure the various aspects of Sudo:\n" -" Users: The user(s)/group(s) allowed to invoke Sudo.\n" -" Hosts: The host(s)/hostgroup(s) which the user is allowed to to invoke " -"Sudo.\n" -" Allow Command: The specific command(s) permitted to be run via Sudo.\n" -" Deny Command: The specific command(s) prohibited to be run via Sudo.\n" -" RunAsUser: The user(s) or group(s) of users whose rights Sudo will be " -"invoked with.\n" -" RunAsGroup: The group(s) whose gid rights Sudo will be invoked with.\n" -" Options: The various Sudoers Options that can modify Sudo's behavior.\n" -"\n" -"An order can be added to a sudorule to control the order in which they\n" -"are evaluated (if the client supports it). This order is an integer and\n" -"must be unique.\n" -"\n" -"FreeIPA provides a designated binddn to use with Sudo located at:\n" -"uid=sudo,cn=sysaccounts,cn=etc,dc=example,dc=com\n" -"\n" -"To enable the binddn run the following command to set the password:\n" -"LDAPTLS_CACERT=/etc/ipa/ca.crt /usr/bin/ldappasswd -S -W -h ipa.example.com -" -"ZZ -D \"cn=Directory Manager\" uid=sudo,cn=sysaccounts,cn=etc,dc=example," -"dc=com\n" -"\n" -"For more information, see the FreeIPA Documentation to Sudo.\n" -msgstr "" - -msgid "comma-separated list of sudo command groups to add" -msgstr "" - -msgid "comma-separated list of sudo command groups to remove" -msgstr "" - -msgid "Active directory domain administrator's password" -msgstr "" - -msgid "GECOS field" -msgstr "" - -msgid "" -"\n" -"ID ranges\n" -"\n" -"Manage ID ranges used to map Posix IDs to SIDs and back.\n" -"\n" -"There are two type of ID ranges which are both handled by this utility:\n" -"\n" -" - the ID ranges of the local domain\n" -" - the ID ranges of trusted remote domains\n" -"\n" -"Both types have the following attributes in common:\n" -"\n" -" - base-id: the first ID of the Posix ID range\n" -" - range-size: the size of the range\n" -"\n" -"With those two attributes a range object can reserve the Posix IDs starting\n" -"with base-id up to but not including base-id+range-size exclusively.\n" -"\n" -"Additionally an ID range of the local domain may set\n" -" - rid-base: the first RID(*) of the corresponding RID range\n" -" - secondary-rid-base: first RID of the secondary RID range\n" -"\n" -"and an ID range of a trusted domain must set\n" -" - rid-base: the first RID of the corresponding RID range\n" -" - dom_sid: domain SID of the trusted domain\n" -"\n" -"\n" -"\n" -"EXAMPLE: Add a new ID range for a trusted domain\n" -"\n" -"Since there might be more than one trusted domain the domain SID must be " -"given\n" -"while creating the ID range.\n" -"\n" -" ipa idrange-add --base-id=1200000 --range-size=200000 --rid-" -"base=0 --dom-sid=S-1-5-21-123-456-789 trusted_dom_range\n" -"\n" -"This ID range is then used by the IPA server and the SSSD IPA provider to\n" -"assign Posix UIDs to users from the trusted domain.\n" -"\n" -"If e.g. a range for a trusted domain is configured with the following " -"values:\n" -" base-id = 1200000\n" -" range-size = 200000\n" -" rid-base = 0\n" -"the RIDs 0 to 199999 are mapped to the Posix ID from 1200000 to 13999999. " -"So\n" -"RID 1000 <-> Posix ID 1201000\n" -"\n" -"\n" -"\n" -"EXAMPLE: Add a new ID range for the local domain\n" -"\n" -"To create an ID range for the local domain it is not necessary to specify a\n" -"domain SID. But since it is possible that a user and a group can have the " -"same\n" -"value as Posix ID a second RID interval is needed to handle conflicts.\n" -"\n" -" ipa idrange-add --base-id=1200000 --range-size=200000 --rid-" -"base=1000 --secondary-rid-base=1000000 local_range\n" -"\n" -"The data from the ID ranges of the local domain are used by the IPA server\n" -"internally to assign SIDs to IPA users and groups. The SID will then be " -"stored\n" -"in the user or group objects.\n" -"\n" -"If e.g. the ID range for the local domain is configured with the values " -"from\n" -"the example above then a new user with the UID 1200007 will get the RID " -"1007.\n" -"If this RID is already used by a group the RID will be 1000007. This can " -"only\n" -"happen if a user or a group object was created with a fixed ID because the\n" -"automatic assignment will not assign the same ID twice. Since there are " -"only\n" -"users and groups sharing the same ID namespace it is sufficient to have " -"only\n" -"one fallback range to handle conflicts.\n" -"\n" -"To find the Posix ID for a given RID from the local domain it has to be\n" -"checked first if the RID falls in the primary or secondary RID range and\n" -"the rid-base or the secondary-rid-base has to be subtracted, respectively,\n" -"and the base-id has to be added to get the Posix ID.\n" -"\n" -"Typically the creation of ID ranges happens behind the scenes and this CLI\n" -"must not be used at all. The ID range for the local domain will be created\n" -"during installation or upgrade from an older version. The ID range for a\n" -"trusted domain will be created together with the trust by 'ipa trust-" -"add ...'.\n" -"\n" -"USE CASES:\n" -"\n" -" Add an ID range from a transitively trusted domain\n" -"\n" -" If the trusted domain (A) trusts another domain (B) as well and this " -"trust\n" -" is transitive 'ipa trust-add domain-A' will only create a range for\n" -" domain A. The ID range for domain B must be added manually.\n" -"\n" -" Add an additional ID range for the local domain\n" -"\n" -" If the ID range of the local domain is exhausted, i.e. no new IDs can " -"be\n" -" assigned to Posix users or groups by the DNA plugin, a new range has to " -"be\n" -" created to allow new users and groups to be added. (Currently there is " -"no\n" -" connection between this range CLI and the DNA plugin, but a future " -"version\n" -" might be able to modify the configuration of the DNS plugin as well)\n" -"\n" -"In general it is not necessary to modify or delete ID ranges. If there is " -"no\n" -"other way to achieve a certain configuration than to modify or delete an ID\n" -"range it should be done with great care. Because UIDs are stored in the " -"file\n" -"system and are used for access control it might be possible that users are\n" -"allowed to access files of other users if an ID range got deleted and " -"reused\n" -"for a different domain.\n" -"\n" -"(*) The RID is typically the last integer of a user or group SID which " -"follows\n" -"the domain SID. E.g. if the domain SID is S-1-5-21-123-456-789 and a user " -"from\n" -"this domain has the SID S-1-5-21-123-456-789-1010 then 1010 is the RID of " -"the\n" -"user. RIDs are unique in a domain, 32bit values and are used for users and\n" -"groups.\n" -"\n" -"WARNING:\n" -"\n" -"DNA plugin in 389-ds will allocate IDs based on the ranges configured for " -"the\n" -"local domain. Currently the DNA plugin *cannot* be reconfigured itself " -"based\n" -"on the local ranges set via this family of commands.\n" -"\n" -"Manual configuration change has to be done in the DNA plugin configuration " -"for\n" -"the new local range. Specifically, The dnaNextRange attribute of 'cn=Posix\n" -"IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has to " -"be\n" -"modified to match the new range.\n" -msgstr "" - -msgid "" -"\n" -"Add new ID range.\n" -"\n" -" To add a new ID range you always have to specify\n" -"\n" -" --base-id\n" -" --range-size\n" -"\n" -" Additionally\n" -"\n" -" --rid-base\n" -" --secondary-rid-base\n" -"\n" -" may be given for a new ID range for the local domain while\n" -"\n" -" --rid-bas\n" -" --dom-sid\n" -"\n" -" must be given to add a new range for a trusted AD domain.\n" -"\n" -" WARNING:\n" -"\n" -" DNA plugin in 389-ds will allocate IDs based on the ranges configured " -"for the\n" -" local domain. Currently the DNA plugin *cannot* be reconfigured itself " -"based\n" -" on the local ranges set via this family of commands.\n" -"\n" -" Manual configuration change has to be done in the DNA plugin " -"configuration for\n" -" the new local range. Specifically, The dnaNextRange attribute of " -"'cn=Posix\n" -" IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has " -"to be\n" -" modified to match the new range.\n" -" " -msgstr "" - -msgid "Failed members" -msgstr "" - -msgid "Failed source hosts/hostgroups" -msgstr "" - -msgid "Failed hosts/hostgroups" -msgstr "" - -msgid "Failed users/groups" -msgstr "" - -msgid "Failed service/service groups" -msgstr "" - -msgid "Failed to remove" -msgstr "" - -msgid "Failed RunAs" -msgstr "" - -msgid "Failed RunAsGroup" -msgstr "" - -msgid "Failed profiles" -msgstr "" - -msgid "Failed CAs" -msgstr "" - -msgid "Failed member manager" -msgstr "" - -msgid "Failed managedby" -msgstr "" - -msgid "Failed allowed to retrieve keytab" -msgstr "" - -msgid "Failed allowed to create keytab" -msgstr "" - -msgid "Failed targets" -msgstr "" - -msgid "" -"\n" -"Routines for constructing certificate signing requests using IPA data and\n" -"stored templates.\n" -msgstr "" - -#, python-format -msgid "Required CSR generation rule %(name)s is missing data" -msgstr "" - -msgid "Template error when formatting certificate data" -msgstr "" - -#, python-format -msgid "No generation rule %(rulename)s found." -msgstr "" - -#, python-format -msgid "Generation rule \"%(rulename)s\" is missing the \"rule\" key" -msgstr "" - -#, python-format -msgid "No CSR generation rules are defined for profile %(profile_id)s" -msgstr "" - -msgid "any of the configured servers" -msgstr "" - -msgid "Exceeded number of tries to forward a request." -msgstr "" - -#, python-format -msgid "%(count)d variables" -msgstr "" - -#, python-format -msgid "%(count)d plugin loaded" -msgid_plural "%(count)d plugins loaded" -msgstr[0] "" - -msgid "incorrect type" -msgstr "" - -msgid "Only one value is allowed" -msgstr "" - -msgid "this option is deprecated" -msgstr "" - -msgid "must be True or False" -msgstr "" - -msgid "must be an integer" -msgstr "" - -#, python-format -msgid "must be at least %(minvalue)d" -msgstr "" - -#, python-format -msgid "can be at most %(maxvalue)d" -msgstr "" - -msgid "must be a decimal number" -msgstr "" - -#, python-format -msgid "must be at least %(minvalue)s" -msgstr "" - -#, python-format -msgid "can be at most %(maxvalue)s" -msgstr "" - -#, python-format -msgid "" -"number class '%(cls)s' is not included in a list of allowed number classes: " -"%(allowed)s" -msgstr "" - -#, python-format -msgid "must match pattern \"%(pattern)s\"" -msgstr "" - -msgid "must be binary data" -msgstr "" - -#, python-format -msgid "must be at least %(minlength)d bytes" -msgstr "" - -#, python-format -msgid "can be at most %(maxlength)d bytes" -msgstr "" - -#, python-format -msgid "must be exactly %(length)d bytes" -msgstr "" - -msgid "must be a certificate" -msgstr "" - -msgid "must be a certificate signing request" -msgstr "" - -#, python-format -msgid "Failure decoding Certificate Signing Request: %s" -msgstr "" - -msgid "must be Unicode text" -msgstr "" - -msgid "Leading and trailing spaces are not allowed" -msgstr "" - -#, python-format -msgid "must be at least %(minlength)d characters" -msgstr "" - -#, python-format -msgid "can be at most %(maxlength)d characters" -msgstr "" - -#, python-format -msgid "must be exactly %(length)d characters" -msgstr "" - -#, python-format -msgid "The character %(char)r is not allowed." -msgstr "" - -#, python-format -msgid "must be '%(value)s'" -msgstr "" - -#, python-format -msgid "must be one of %(values)s" -msgstr "" - -msgid "must be datetime value" -msgstr "" - -msgid "does not match any of accepted formats: " -msgstr "" - -msgid "incomplete time value" -msgstr "" - -msgid "must be DNS name" -msgstr "" - -msgid "must be absolute" -msgstr "" - -msgid "must be relative" -msgstr "" - -msgid "must be dictionary" -msgstr "" - -msgid "must be Kerberos principal" -msgstr "" - -#, python-format -msgid "Malformed principal: '%(value)s'" -msgstr "" - -msgid "Service principal is required" -msgstr "" - -msgid "A dictionary representing an LDAP entry" -msgstr "" - -msgid "A list of LDAP entries" -msgstr "" - -msgid "All commands should at least have a result" -msgstr "" - -#, python-format -msgid "Enter %(label)s again to verify: " -msgstr "" - -msgid "Passwords do not match!" -msgstr "Паролҳо номувофиқанд!" - -msgid "No matching entries found" -msgstr "" - -msgid "Topic or Command" -msgstr "" - -msgid "The topic or command name." -msgstr "" - -#, fuzzy -#| msgid "Commands" -msgid "Topic commands:" -msgstr "Фармонҳо" - -msgid "To get command help, use:" -msgstr "" - -msgid " ipa --help" -msgstr "" - -#, fuzzy -#| msgid "Commands" -msgid "Command name" -msgstr "Фармонҳо" - -msgid "Positional arguments" -msgstr "" - -#, python-format -msgid "Same as --%s" -msgstr "" - -msgid "Deprecated options" -msgstr "" - -msgid "No file to read" -msgstr "" - -#, python-format -msgid "%(cver)s client incompatible with %(sver)s server at '%(server)s'" -msgstr "" - -#, python-format -msgid "unknown error %(code)d from %(server)s: %(error)s" -msgstr "" - -msgid "an internal error has occurred" -msgstr "" - -#, python-format -msgid "an internal error has occurred on server at '%(server)s'" -msgstr "" - -#, python-format -msgid "unknown command '%(name)s'" -msgstr "" - -#, python-format -msgid "error on server '%(server)s': %(error)s" -msgstr "" - -#, python-format -msgid "cannot connect to '%(uri)s': %(error)s" -msgstr "" - -#, python-format -msgid "Invalid JSON-RPC request: %(error)s" -msgstr "" - -#, python-format -msgid "error marshalling data for XML-RPC transport: %(error)s" -msgstr "" - -#, python-format -msgid "Missing or invalid HTTP Referer, %(referer)s" -msgstr "" - -#, python-format -msgid "" -"System encoding must be UTF-8, '%(encoding)s' is not supported. Set LC_ALL=" -"\"C.UTF-8\", or LC_ALL=\"\" and LC_CTYPE=\"C.UTF-8\"." -msgstr "" - -#, python-format -msgid "Kerberos error: %(major)s/%(minor)s" -msgstr "" - -msgid "did not receive Kerberos credentials" -msgstr "" - -#, python-format -msgid "Service '%(service)s' not found in Kerberos database" -msgstr "" - -msgid "No credentials cache found" -msgstr "" - -msgid "Ticket expired" -msgstr "" - -msgid "Credentials cache permissions incorrect" -msgstr "" - -msgid "Bad format in credentials cache" -msgstr "" - -msgid "Cannot resolve KDC for requested realm" -msgstr "" - -msgid "Session error" -msgstr "" - -#, python-format -msgid "Principal %(principal)s cannot be authenticated: %(message)s" -msgstr "" - -#, python-format -msgid "Insufficient access: %(info)s" -msgstr "" - -#, python-format -msgid "command '%(name)s' takes no arguments" -msgstr "" - -#, python-format -msgid "command '%(name)s' takes at most %(count)d argument" -msgid_plural "command '%(name)s' takes at most %(count)d arguments" -msgstr[0] "" - -#, python-format -msgid "overlapping arguments and options: %(names)s" -msgstr "" - -#, python-format -msgid "'%(name)s' is required" -msgstr "" - -#, python-format -msgid "invalid '%(name)s': %(error)s" -msgstr "" - -#, python-format -msgid "api has no such namespace: '%(name)s'" -msgstr "" - -msgid "Passwords do not match" -msgstr "Паролҳо номувофиқанд" - -msgid "Command not implemented" -msgstr "" - -msgid "Client is not configured. Run ipa-client-install." -msgstr "" - -#, python-format -msgid "Could not get %(name)s interactively" -msgstr "" - -#, python-format -msgid "Command '%(name)s' has been deprecated" -msgstr "" - -#, python-format -msgid "Domain '%(domain)s' is not a root domain for forest '%(forest)s'" -msgstr "" - -#, python-format -msgid "%(reason)s" -msgstr "" - -msgid "This entry already exists" -msgstr "" - -msgid "You must enroll a host in order to create a host service" -msgstr "" - -#, python-format -msgid "" -"Service principal is not of the form: service/fully-qualified host name: " -"%(reason)s" -msgstr "" - -msgid "" -"The realm for the principal does not match the realm for this IPA server" -msgstr "" - -msgid "This command requires root access" -msgstr "" - -msgid "This is already a posix group" -msgstr "" - -#, python-format -msgid "Principal is not of the form user@REALM: '%(principal)s'" -msgstr "" - -msgid "This entry is already enabled" -msgstr "" - -msgid "This entry is already disabled" -msgstr "" - -msgid "This entry cannot be enabled or disabled" -msgstr "" - -msgid "This entry is not a member" -msgstr "" - -msgid "A group may not be a member of itself" -msgstr "" - -msgid "This entry is already a member" -msgstr "" - -#, python-format -msgid "Base64 decoding failed: %(reason)s" -msgstr "" - -msgid "A group may not be added as a member of itself" -msgstr "" - -msgid "The default users group cannot be removed" -msgstr "" - -msgid "Deleting a managed group is not allowed. It must be detached first." -msgstr "" - -msgid "A managed group cannot have a password policy." -msgstr "" - -#, python-format -msgid "'%(entry)s' doesn't have a certificate." -msgstr "" - -#, python-format -msgid "Unable to create private group. A group '%(group)s' already exists." -msgstr "" - -#, python-format -msgid "" -"A problem was encountered when verifying that all members were %(verb)s: " -"%(exc)s" -msgstr "" - -#, python-format -msgid "%(attr)s does not contain '%(value)s'" -msgstr "" - -#, python-format -msgid "" -"The search criteria was not specific enough. Expected 1 and found %(found)d." -msgstr "" - -msgid "This group already allows external members" -msgstr "" - -msgid "This group cannot be posix because it is external" -msgstr "" - -msgid "This is already a posix group and cannot be converted to external one" -msgstr "" - -#, python-format -msgid "Server removal aborted: %(reason)s." -msgstr "" - -#, python-format -msgid "%(operation)s is not supported for %(principal_type)s principals" -msgstr "" - -#, python-format -msgid "Request failed with status %(status)s: %(reason)s" -msgstr "" - -#, python-format -msgid "" -"Mapping ruleset \"%(ruleset)s\" has more than one rule for the %(helper)s " -"helper" -msgstr "" - -#, python-format -msgid "'%(attr)s' already contains one or more values" -msgstr "" - -#, python-format -msgid "no command nor help topic '%(topic)s'" -msgstr "" - -msgid "change collided with another change" -msgstr "" - -msgid "no modifications to be performed" -msgstr "" - -#, fuzzy, python-format -#| msgid "%(info)s" -msgid "%(desc)s: %(info)s" -msgstr "%(info)s" - -msgid "limits exceeded for this query" -msgstr "" - -#, python-format -msgid "%(info)s" -msgstr "%(info)s" - -msgid "modifying primary key is not allowed" -msgstr "" - -#, python-format -msgid "%(attr)s: Only one value allowed." -msgstr "" - -#, python-format -msgid "%(attr)s: Invalid syntax." -msgstr "" - -#, python-format -msgid "Bad search filter %(info)s" -msgstr "" - -msgid "Not allowed on non-leaf entry" -msgstr "" - -msgid "LDAP timeout" -msgstr "" - -#, python-format -msgid "%(task)s LDAP task timeout, Task DN: '%(task_dn)s'" -msgstr "" - -msgid "Configured time limit exceeded" -msgstr "" - -msgid "Configured size limit exceeded" -msgstr "" - -msgid "Configured administrative server limit exceeded" -msgstr "" - -#, python-format -msgid "Certificate operation cannot be completed: %(error)s" -msgstr "" - -#, fuzzy, python-format -#| msgid "Syntax Error: %(error)s" -msgid "Certificate format error: %(error)s" -msgstr "Хатогии синтаксисӣ: %(error)s" - -msgid "Already registered" -msgstr "Ааллакай қайд карда шуд" - -#, fuzzy -#| msgid "Already registered" -msgid "Not registered yet" -msgstr "Ааллакай қайд карда шуд" - -#, python-format -msgid "%(key)s cannot be deleted because %(label)s %(dependent)s requires it" -msgstr "" - -#, python-format -msgid "" -"%(key)s cannot be deleted or disabled because it is the last member of " -"%(label)s %(container)s" -msgstr "" - -#, python-format -msgid "%(label)s %(key)s cannot be deleted/modified: %(reason)s" -msgstr "" - -#, python-format -msgid "%(name)s certificate is not valid" -msgstr "" - -#, python-format -msgid "Schema is up to date (FP '%(fingerprint)s', TTL %(ttl)s s)" -msgstr "" - -#, python-format -msgid "Host '%(hostname)s' does not have corresponding DNS A/AAAA record" -msgstr "" - -#, python-format -msgid "DNS check failed: Expected {%(expected)s} got {%(got)s}" -msgstr "" - -#, python-format -msgid "%(exception)s" -msgstr "" - -#, python-format -msgid "" -"Forest '%(forest)s' has existing trust to forest(s) %(domains)s which " -"prevents a trust to '%(conflict)s'" -msgstr "" - -msgid "Results are truncated, try a more specific search" -msgstr "" - -#, python-format -msgid "Unknown option: %(option)s" -msgstr "" - -msgid "Client version. Used to determine if server will accept request." -msgstr "" - -msgid "Additional instructions:" -msgstr "" - -#, python-format -msgid "" -"API Version number was not sent, forward compatibility not guaranteed. " -"Assuming server's API version, %(server_version)s" -msgstr "" - -msgid "" -"DNS forwarder semantics changed since IPA 4.0.\n" -"You may want to use forward zones (dnsforwardzone-*) instead.\n" -"For more details read the docs." -msgstr "" - -#, python-format -msgid "" -"DNSSEC support is experimental.\n" -"%(additional_info)s" -msgstr "" - -#, python-format -msgid "'%(option)s' option is deprecated. %(additional_info)s" -msgstr "" - -#, python-format -msgid "" -"Semantic of %(label)s was changed. %(current_behavior)s\n" -"%(hint)s" -msgstr "" - -#, python-format -msgid "DNS server %(server)s: %(error)s." -msgstr "" - -#, python-format -msgid "" -"DNS server %(server)s does not support DNSSEC: %(error)s.\n" -"If DNSSEC validation is enabled on IPA server(s), please disable it." -msgstr "" - -#, python-format -msgid "" -"forward zone \"%(fwzone)s\" is not effective because of missing proper NS " -"delegation in authoritative zone \"%(authzone)s\". Please add NS record " -"\"%(ns_rec)s\" to parent zone \"%(authzone)s\"." -msgstr "" - -#, python-format -msgid "" -"DNS server %(server)s does not support EDNS0 (RFC 6891): %(error)s.\n" -"If DNSSEC validation is enabled on IPA server(s), please disable it." -msgstr "" - -#, python-format -msgid "" -"DNSSEC validation failed: %(error)s.\n" -"Please verify your DNSSEC configuration or disable DNSSEC validation on all " -"IPA servers." -msgstr "" - -#, python-format -msgid "" -"The _kerberos TXT record from domain %(domain)s could not be created " -"(%(error)s).\n" -"This can happen if the zone is not managed by IPA. Please create the record " -"manually, containing the following value: '%(realm)s'" -msgstr "" - -#, python-format -msgid "" -"The _kerberos TXT record from domain %(domain)s could not be removed " -"(%(error)s).\n" -"This can happen if the zone is not managed by IPA. Please remove the record " -"manually." -msgstr "" - -msgid "" -"No DNSSEC key master is installed. DNSSEC zone signing will not work until " -"the DNSSEC key master is installed." -msgstr "" - -#, python-format -msgid "" -"Relative record name '%(record)s' contains the zone name '%(zone)s' as a " -"suffix, which results in FQDN '%(fqdn)s'. This is usually a mistake caused " -"by a missing dot at the end of the name specification." -msgstr "" - -#, python-format -msgid "'%(command)s' is deprecated. %(additional_info)s" -msgstr "" - -#, python-format -msgid "%(line)s" -msgstr "" - -#, python-format -msgid "Search result has been truncated: %(reason)s" -msgstr "" - -#, python-format -msgid "" -"Your trust to %(domain)s is broken. Please re-create it by running 'ipa " -"trust-add' again." -msgstr "" - -#, python-format -msgid "DNS record(s) of host %(host)s could not be removed. (%(reason)s)" -msgstr "" - -msgid "" -"Forwarding policy conflicts with some automatic empty zones. Queries for " -"zones specified by RFC 6303 will ignore forwarding and recursion and always " -"result in NXDOMAIN answers. To override this behavior use forward policy " -"'only'." -msgstr "" - -#, python-format -msgid "Update of system record '%(record)s' failed with error: %(error)s" -msgstr "" - -#, python-format -msgid "" -"IPA does not manage the zone %(zone)s, please add records to your DNS server " -"manually" -msgstr "" - -msgid "" -"Automatic update of DNS system records failed. Please re-run update of " -"system records manually to get list of missing records." -msgstr "" - -#, python-format -msgid "" -"Service %(service)s requires restart on IPA server %(server)s to apply " -"configuration changes." -msgstr "" - -#, python-format -msgid "" -"No DNS servers in IPA location %(location)s. Without DNS servers location is " -"not working as expected." -msgstr "" - -#, python-format -msgid "%(subject)s: Malformed certificate. %(reason)s" -msgstr "" - -#, python-format -msgid "The host was added but the DNS update failed with: %(reason)s" -msgstr "" - -#, python-format -msgid "The certificate for %(ca)s is not available on this server." -msgstr "" - -#, fuzzy, python-format -#| msgid "File %(file)s not found" -msgid "%(filename)s: file not found" -msgstr "Файли %(file)s пайдо нашуд." - -msgid "Filename is empty" -msgstr "" - -#, python-format -msgid "Permission denied: %(file)s" -msgstr "" - -msgid "empty DNS label" -msgstr "" - -msgid "DNS label cannot be longer that 63 characters" -msgstr "" - -#, python-format -msgid "" -"only letters, numbers, %(chars)s are allowed. DNS label may not start or end " -"with %(chars2)s" -msgstr "" - -msgid "single label {}s are not supported" -msgstr "" - -msgid "too many '@' characters" -msgstr "" - -msgid "cannot be longer that {} characters" -msgstr "" - -msgid "hostname contains empty label (consecutive dots)" -msgstr "" - -msgid "not fully qualified" -msgstr "" - -msgid "invalid SSH public key" -msgstr "" - -msgid "options are not allowed" -msgstr "" - -msgid "invalid hostmask" -msgstr "" - -#, python-format -msgid "query '%(owner)s %(rtype)s': %(error)s" -msgstr "" - -#, python-format -msgid "query '%(owner)s %(rtype)s' with EDNS0: %(error)s" -msgstr "" - -#, python-format -msgid "" -"answer to query '%(owner)s %(rtype)s' is missing DNSSEC signatures (no RRSIG " -"data)" -msgstr "" - -#, python-format -msgid "record '%(owner)s %(rtype)s' failed DNSSEC validation on server %(ip)s" -msgstr "" - -msgid "invalid escape code in domain name" -msgstr "" - -msgid "domain name cannot be longer than 255 characters" -msgstr "" - -msgid "DNS label cannot be longer than 63 characters" -msgstr "" - -msgid "invalid domain name" -msgstr "" - -#, python-format -msgid "domain name '%(domain)s' should be normalized to: %(normalized)s" -msgstr "" - -#, python-format -msgid "invalid domain-name: %s" -msgstr "" - -#, python-format -msgid "invalid IP address version (is %(value)d, must be %(required_value)d)!" -msgstr "" - -msgid "invalid IP address format" -msgstr "" - -#, python-format -msgid "%(port)s is not a valid port" -msgstr "" - -msgid "" -"at least one value equal to the canonical principal name must be present" -msgstr "" - -msgid "realm or UPN suffix overlaps with trusted domain namespace" -msgstr "" - -#, python-format -msgid "Retrieving CA cert chain failed: %s" -msgstr "" - -#, python-format -msgid "request failed with HTTP status %d" -msgstr "" - -#, python-format -msgid "Retrieving CA status failed: %s" -msgstr "" - -#, python-format -msgid "Retrieving CA status failed with status %d" -msgstr "" - -#, python-format -msgid "objectclass %s not found" -msgstr "" - -#, python-format -msgid "Unable to communicate with CMS (status %d)" -msgstr "" - -#, python-format -msgid "Replication agreement for %(hostname)s not found" -msgstr "" - -msgid "" -"\n" -"Sudo Rules\n" -msgstr "" - -msgid "" -"\n" -"Sudo (su \"do\") allows a system administrator to delegate authority to\n" -"give certain users (or groups of users) the ability to run some (or all)\n" -"commands as root or another user while providing an audit trail of the\n" -"commands and their arguments.\n" -msgstr "" - -msgid "" -"\n" -"FreeIPA provides a means to configure the various aspects of Sudo:\n" -" Users: The user(s)/group(s) allowed to invoke Sudo.\n" -" Hosts: The host(s)/hostgroup(s) which the user is allowed to to invoke " -"Sudo.\n" -" Allow Command: The specific command(s) permitted to be run via Sudo.\n" -" Deny Command: The specific command(s) prohibited to be run via Sudo.\n" -" RunAsUser: The user(s) or group(s) of users whose rights Sudo will be " -"invoked with.\n" -" RunAsGroup: The group(s) whose gid rights Sudo will be invoked with.\n" -" Options: The various Sudoers Options that can modify Sudo's behavior.\n" -msgstr "" - -msgid "" -"\n" -"An order can be added to a sudorule to control the order in which they\n" -"are evaluated (if the client supports it). This order is an integer and\n" -"must be unique.\n" -msgstr "" - -msgid "" -"\n" -"FreeIPA provides a designated binddn to use with Sudo located at:\n" -"uid=sudo,cn=sysaccounts,cn=etc,dc=example,dc=com\n" -msgstr "" - -msgid "" -"\n" -"To enable the binddn run the following command to set the password:\n" -"LDAPTLS_CACERT=/etc/ipa/ca.crt /usr/bin/ldappasswd -S -W -h ipa.example.com -" -"ZZ -D \"cn=Directory Manager\" uid=sudo,cn=sysaccounts,cn=etc,dc=example," -"dc=com\n" -msgstr "" - -msgid "" -"\n" -" Create a new rule:\n" -" ipa sudorule-add readfiles\n" -msgstr "" - -msgid "" -"\n" -" Add sudo command object and add it as allowed command in the rule:\n" -" ipa sudocmd-add /usr/bin/less\n" -" ipa sudorule-add-allow-command readfiles --sudocmds /usr/bin/less\n" -msgstr "" - -msgid "" -"\n" -" Add a host to the rule:\n" -" ipa sudorule-add-host readfiles --hosts server.example.com\n" -msgstr "" - -msgid "" -"\n" -" Add a user to the rule:\n" -" ipa sudorule-add-user readfiles --users jsmith\n" -msgstr "" - -msgid "" -"\n" -" Add a special Sudo rule for default Sudo server configuration:\n" -" ipa sudorule-add defaults\n" -msgstr "" - -msgid "" -"\n" -" Set a default Sudo option:\n" -" ipa sudorule-add-option defaults --sudooption '!authenticate'\n" -msgstr "" - -msgid "" -"\n" -" Set SELinux type and role transitions on a rule:\n" -" ipa sudorule-add-option sysadmin_sudo --sudooption type=unconfined_t\n" -" ipa sudorule-add-option sysadmin_sudo --sudooption role=unconfined_r\n" -msgstr "" - -msgid "this option has been deprecated." -msgstr "" - -msgid "sudo rules" -msgstr "" - -msgid "Sudo Rules" -msgstr "" - -#, fuzzy -#| msgid "Sudo" -msgid "Sudo Rule" -msgstr "Sudo" - -#, python-format -msgid "order must be a unique value (%(order)d already used by %(rule)s)" -msgstr "" - -#, python-format -msgid "Added Sudo Rule \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Deleted Sudo Rule \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Modified Sudo Rule \"%(value)s\"" -msgstr "" - -#, python-format -msgid "" -"%(type)s category cannot be set to 'all' while there are allowed %(objects)s" -msgstr "" - -msgid "users" -msgstr "" - -#, fuzzy -#| msgid "Commands" -msgid "command" -msgstr "Фармонҳо" - -#, fuzzy -#| msgid "Commands" -msgid "commands" -msgstr "Фармонҳо" - -msgid "runAs user" -msgstr "" - -msgid "runAs users" -msgstr "" - -msgid "group runAs" -msgstr "" - -#, fuzzy -#| msgid "User group" -msgid "runAs groups" -msgstr "Гурӯҳи корбар" - -#, python-format -msgid "%(count)d Sudo Rule matched" -msgid_plural "%(count)d Sudo Rules matched" -msgstr[0] "" - -msgid "commands cannot be added when command category='all'" -msgstr "" - -msgid "users cannot be added when user category='all'" -msgstr "" - -msgid "hosts cannot be added when host category='all'" -msgstr "" - -msgid "users cannot be added when runAs user or runAs group category='all'" -msgstr "" - -#, python-format -msgid "RunAsUser does not accept '%(name)s' as a user name" -msgstr "" - -#, python-format -msgid "RunAsUser does not accept '%(name)s' as a group name" -msgstr "" - -#, python-format -msgid "RunAsGroup does not accept '%(name)s' as a group name" -msgstr "" - -msgid "automount location" -msgstr "" - -msgid "automount locations" -msgstr "" - -msgid "Automount Locations" -msgstr "" - -#, fuzzy -#| msgid "Location" -msgid "Automount Location" -msgstr "Макон" - -#, python-format -msgid "Added automount location \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Deleted automount location \"%(value)s\"" -msgstr "" - -#, python-format -msgid "%(count)d automount location matched" -msgid_plural "%(count)d automount locations matched" -msgstr[0] "" - -msgid "automount map" -msgstr "" - -msgid "automount maps" -msgstr "" - -msgid "Automount Maps" -msgstr "" - -msgid "Automount Map" -msgstr "" - -#, python-format -msgid "Added automount map \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Deleted automount map \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Modified automount map \"%(value)s\"" -msgstr "" - -#, python-format -msgid "%(count)d automount map matched" -msgid_plural "%(count)d automount maps matched" -msgstr[0] "" - -msgid "Automount key object." -msgstr "" - -msgid "automount key" -msgstr "" - -msgid "automount keys" -msgstr "" - -msgid "Automount Keys" -msgstr "" - -msgid "Automount Key" -msgstr "" - -#, python-format -msgid "" -"The key,info pair must be unique. A key named %(key)s with info %(info)s " -"already exists" -msgstr "" - -#, python-format -msgid "key named %(key)s already exists" -msgstr "" - -#, python-format -msgid "The automount key %(key)s with info %(info)s does not exist" -msgstr "" - -#, python-format -msgid "" -"More than one entry with key %(key)s found, use --info to select specific " -"entry." -msgstr "" - -#, python-format -msgid "Added automount key \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Added automount indirect map \"%(value)s\"" -msgstr "" - -msgid "mount point is relative to parent map, cannot begin with /" -msgstr "" - -#, python-format -msgid "Deleted automount key \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Modified automount key \"%(value)s\"" -msgstr "" - -#, python-format -msgid "%(count)d automount key matched" -msgid_plural "%(count)d automount keys matched" -msgstr[0] "" - -msgid "" -"\n" -"Hosts/Machines\n" -"\n" -"A host represents a machine. It can be used in a number of contexts:\n" -"- service entries are associated with a host\n" -"- a host stores the host/ service principal\n" -"- a host can be used in Host-based Access Control (HBAC) rules\n" -"- every enrolled client generates a host entry\n" -msgstr "" - -msgid "" -"\n" -"ENROLLMENT:\n" -"\n" -"There are three enrollment scenarios when enrolling a new client:\n" -"\n" -"1. You are enrolling as a full administrator. The host entry may exist\n" -" or not. A full administrator is a member of the hostadmin role\n" -" or the admins group.\n" -"2. You are enrolling as a limited administrator. The host must already\n" -" exist. A limited administrator is a member a role with the\n" -" Host Enrollment privilege.\n" -"3. The host has been created with a one-time password.\n" -msgstr "" - -msgid "" -"\n" -"RE-ENROLLMENT:\n" -"\n" -"Host that has been enrolled at some point, and lost its configuration (e.g. " -"VM\n" -"destroyed) can be re-enrolled.\n" -"\n" -"For more information, consult the manual pages for ipa-client-install.\n" -"\n" -"A host can optionally store information such as where it is located,\n" -"the OS that it runs, etc.\n" -msgstr "" - -msgid "" -"\n" -" Add a new host:\n" -" ipa host-add --location=\"3rd floor lab\" --locality=Dallas test.example." -"com\n" -msgstr "" - -msgid "" -"\n" -" Delete a host:\n" -" ipa host-del test.example.com\n" -msgstr "" - -msgid "" -"\n" -" Add a new host with a one-time password:\n" -" ipa host-add --os='Fedora 12' --password=Secret123 test.example.com\n" -msgstr "" - -msgid "" -"\n" -" Add a new host with a random one-time password:\n" -" ipa host-add --os='Fedora 12' --random test.example.com\n" -msgstr "" - -msgid "" -"\n" -" Modify information about a host:\n" -" ipa host-mod --os='Fedora 12' test.example.com\n" -msgstr "" - -msgid "" -"\n" -" Remove SSH public keys of a host and update DNS to reflect this change:\n" -" ipa host-mod --sshpubkey= --updatedns test.example.com\n" -msgstr "" - -msgid "" -"\n" -" Disable the host Kerberos key, SSL certificate and all of its services:\n" -" ipa host-disable test.example.com\n" -msgstr "" - -msgid "" -"\n" -" Add a host that can manage this host's keytab and certificate:\n" -" ipa host-add-managedby --hosts=test2 test\n" -msgstr "" - -msgid "" -"\n" -" Allow user to create a keytab:\n" -" ipa host-allow-create-keytab test2 --users=tuser1\n" -msgstr "" - -#, fuzzy -#| msgid "Hostname" -msgid "Host" -msgstr "Номи мизбон" - -msgid "Base-64 encoded host certificate" -msgstr "" - -msgid "Subject" -msgstr "Мавзӯъ" - -msgid "Serial Number" -msgstr "Рақами силсилавӣ" - -#, fuzzy -#| msgid "Serial Number" -msgid "Serial Number (hex)" -msgstr "Рақами силсилавӣ" - -msgid "Issuer" -msgstr "Диҳанда" - -msgid "Not Before" -msgstr "" - -msgid "Not After" -msgstr "" - -msgid "Fingerprint (SHA1)" -msgstr "" - -msgid "Fingerprint (SHA256)" -msgstr "" - -msgid "Revocation reason" -msgstr "" - -#, fuzzy -#| msgid "Principal" -msgid "Principal alias" -msgstr "Асосӣ" - -msgid "SSH public key fingerprint" -msgstr "" - -msgid "Authentication Indicators" -msgstr "" - -msgid "" -"Defines an allow list for Authentication Indicators. Use 'otp' to allow OTP-" -"based 2FA authentications. Use 'radius' to allow RADIUS-based 2FA " -"authentications. Use 'pkinit' to allow PKINIT-based 2FA authentications. Use " -"'hardened' to allow brute-force hardened password authentication by SPAKE or " -"FAST. With no indicator specified, all authentication mechanisms are allowed." -msgstr "" - -#, python-format -msgid "Added host \"%(value)s\"" -msgstr "" - -#, python-format -msgid "can be at most %(len)d characters" -msgstr "" - -#, python-format -msgid "Deleted host \"%(value)s\"" -msgstr "" - -msgid "Remove A, AAAA, SSHFP and PTR records of the host(s) managed by IPA DNS" -msgstr "" - -msgid "No A, AAAA, SSHFP or PTR records found." -msgstr "" - -#, python-format -msgid "Modified host \"%(value)s\"" -msgstr "" - -msgid "Password cannot be set on enrolled host." -msgstr "" - -msgid "cn is immutable" -msgstr "" - -#, python-format -msgid "%(count)d host matched" -msgid_plural "%(count)d hosts matched" -msgstr[0] "" - -#, python-format -msgid "Disabled host \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Added certificates to host \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Removed certificates from host \"%(value)s\"" -msgstr "" - -msgid "Add new principal alias to host entry" -msgstr "" - -#, python-format -msgid "Added new aliases to host \"%(value)s\"" -msgstr "" - -msgid "Remove principal alias from a host entry" -msgstr "" - -#, python-format -msgid "Removed aliases from host \"%(value)s\"" -msgstr "" - -msgid "" -"\n" -"Manage CA ACL rules.\n" -"\n" -"This plugin is used to define rules governing which CAs and profiles\n" -"may be used to issue certificates to particular principals or groups\n" -"of principals.\n" -"\n" -"SUBJECT PRINCIPAL SCOPE:\n" -"\n" -"For a certificate request to be allowed, the principal(s) that are\n" -"the subject of a certificate request (not necessarily the principal\n" -"actually requesting the certificate) must be included in the scope\n" -"of a CA ACL that also includes the target CA and profile.\n" -"\n" -"Users can be included by name, group or the \"all users\" category.\n" -"Hosts can be included by name, hostgroup or the \"all hosts\"\n" -"category. Services can be included by service name or the \"all\n" -"services\" category. CA ACLs may be associated with a single type of\n" -"principal, or multiple types.\n" -"\n" -"CERTIFICATE AUTHORITY SCOPE:\n" -"\n" -"A CA ACL can be associated with one or more CAs by name, or by the\n" -"\"all CAs\" category. For compatibility reasons, a CA ACL with no CA\n" -"association implies an association with the 'ipa' CA (and only this\n" -"CA).\n" -"\n" -"PROFILE SCOPE:\n" -"\n" -"A CA ACL can be associated with one or more profiles by Profile ID.\n" -"The Profile ID is a string without spaces or punctuation starting\n" -"with a letter and followed by a sequence of letters, digits or\n" -"underscore (\"_\").\n" -"\n" -"EXAMPLES:\n" -"\n" -" Create a CA ACL \"test\" that grants all users access to the\n" -" \"UserCert\" profile on all CAs:\n" -" ipa caacl-add test --usercat=all --cacat=all\n" -" ipa caacl-add-profile test --certprofiles UserCert\n" -"\n" -" Display the properties of a named CA ACL:\n" -" ipa caacl-show test\n" -"\n" -" Create a CA ACL to let user \"alice\" use the \"DNP3\" profile on \"DNP3-CA" -"\":\n" -" ipa caacl-add alice_dnp3\n" -" ipa caacl-add-ca alice_dnp3 --cas DNP3-CA\n" -" ipa caacl-add-profile alice_dnp3 --certprofiles DNP3\n" -" ipa caacl-add-user alice_dnp3 --user=alice\n" -"\n" -" Disable a CA ACL:\n" -" ipa caacl-disable test\n" -"\n" -" Remove a CA ACL:\n" -" ipa caacl-del test\n" -msgstr "" - -msgid "CA ACL" -msgstr "" - -msgid "CA ACLs" -msgstr "" - -msgid "CA category" -msgstr "" - -msgid "CA category the ACL applies to" -msgstr "" - -msgid "CAs" -msgstr "" - -#, python-format -msgid "Added CA ACL \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Deleted CA ACL \"%(value)s\"" -msgstr "" - -msgid "default CA ACL can be only disabled" -msgstr "" - -#, python-format -msgid "Modified CA ACL \"%(value)s\"" -msgstr "" - -msgid "CA category cannot be set to 'all' while there are allowed CAs" -msgstr "" - -msgid "" -"profile category cannot be set to 'all' while there are allowed profiles" -msgstr "" - -msgid "user category cannot be set to 'all' while there are allowed users" -msgstr "" - -msgid "host category cannot be set to 'all' while there are allowed hosts" -msgstr "" - -msgid "" -"service category cannot be set to 'all' while there are allowed services" -msgstr "" - -#, python-format -msgid "%(count)d CA ACL matched" -msgid_plural "%(count)d CA ACLs matched" -msgstr[0] "" - -#, python-format -msgid "Enabled CA ACL \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Disabled CA ACL \"%(value)s\"" -msgstr "" - -#, python-format -msgid "%i user or group added." -msgstr "" - -#, python-format -msgid "%i users or groups added." -msgstr "" - -#, python-format -msgid "%i user or group removed." -msgstr "" - -#, python-format -msgid "%i users or groups removed." -msgstr "" - -#, python-format -msgid "%i host or hostgroup added." -msgstr "" - -#, python-format -msgid "%i hosts or hostgroups added." -msgstr "" - -#, python-format -msgid "%i host or hostgroup removed." -msgstr "" - -#, python-format -msgid "%i hosts or hostgroups removed." -msgstr "" - -#, python-format -msgid "%i service added." -msgstr "" - -#, python-format -msgid "%i services added." -msgstr "" - -msgid "services cannot be added when service category='all'" -msgstr "" - -#, python-format -msgid "%i service removed." -msgstr "" - -#, python-format -msgid "%i services removed." -msgstr "" - -#, python-format -msgid "%i profile added." -msgstr "" - -#, python-format -msgid "%i profiles added." -msgstr "" - -msgid "profiles cannot be added when profile category='all'" -msgstr "" - -#, python-format -msgid "%i profile removed." -msgstr "" - -#, python-format -msgid "%i profiles removed." -msgstr "" - -msgid "Add CAs to a CA ACL." -msgstr "" - -#, python-format -msgid "%i CA added." -msgstr "" - -#, python-format -msgid "%i CAs added." -msgstr "" - -msgid "CAs cannot be added when CA category='all'" -msgstr "" - -msgid "Remove CAs from a CA ACL." -msgstr "" - -#, python-format -msgid "%i CA removed." -msgstr "" - -#, python-format -msgid "%i CAs removed." -msgstr "" - -msgid "The deny type has been deprecated." -msgstr "" - -msgid "HBAC rules" -msgstr "" - -msgid "HBAC Rules" -msgstr "" - -#, fuzzy -#| msgid "Service" -msgid "HBAC Services" -msgstr "Хидмат" - -msgid "HBAC Service Groups" -msgstr "" - -#, python-format -msgid "Added HBAC rule \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Deleted HBAC rule \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Modified HBAC rule \"%(value)s\"" -msgstr "" - -#, python-format -msgid "%(count)d HBAC rule matched" -msgid_plural "%(count)d HBAC rules matched" -msgstr[0] "" - -#, python-format -msgid "Enabled HBAC rule \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Disabled HBAC rule \"%(value)s\"" -msgstr "" - -msgid "Access time" -msgstr "" - -msgid "Add source hosts and hostgroups to an HBAC rule." -msgstr "" - -msgid "operation not defined" -msgstr "" - -#, python-format -msgid "not allowed to perform operation: %s" -msgstr "" - -msgid "No such virtual command" -msgstr "" - -#, fuzzy -#| msgid "Configuration" -msgid "" -"\n" -"DNS server configuration\n" -msgstr "Ҷӯрсозӣ" - -msgid "" -"\n" -"Manipulate DNS server configuration\n" -msgstr "" - -msgid "" -"\n" -" Show configuration of a specific DNS server:\n" -" ipa dnsserver-show\n" -msgstr "" - -msgid "" -"\n" -" Update configuration of a specific DNS server:\n" -" ipa dnsserver-mod\n" -msgstr "" - -#, fuzzy -#| msgid "IPA Server" -msgid "DNS server" -msgstr "Сервери IPA" - -msgid "DNS servers" -msgstr "" - -#, fuzzy -#| msgid "IPA Server" -msgid "DNS Servers" -msgstr "Сервери IPA" - -#, fuzzy -#| msgid "IPA Server" -msgid "DNS Server" -msgstr "Сервери IPA" - -#, fuzzy -#| msgid "Server Name" -msgid "DNS Server name" -msgstr "Номи сервер" - -msgid "SOA mname override" -msgstr "" - -msgid "SOA mname (authoritative server) override" -msgstr "" - -msgid "Forwarders" -msgstr "" - -msgid "" -"Per-server forwarders. A custom port can be specified for each forwarder " -"using a standard format \"IP_ADDRESS port PORT\"" -msgstr "" - -msgid "" -"Per-server conditional forwarding policy. Set to \"none\" to disable " -"forwarding to global forwarder for this zone. In that case, conditional zone " -"forwarders are disregarded." -msgstr "" - -msgid "DNS is not configured" -msgstr "" - -msgid "Modify DNS server configuration" -msgstr "" - -#, python-format -msgid "Modified DNS server \"%(value)s\"" -msgstr "" - -msgid "Search for DNS servers." -msgstr "" - -#, python-format -msgid "%(count)d DNS server matched" -msgid_plural "%(count)d DNS servers matched" -msgstr[0] "" - -msgid "IPA DNS Server is not installed" -msgstr "" - -msgid "Display configuration of a DNS server." -msgstr "" - -msgid "Add a new DNS server." -msgstr "" - -#, python-format -msgid "Added new DNS server \"%(value)s\"" -msgstr "" - -msgid "Delete a DNS server" -msgstr "" - -#, python-format -msgid "Deleted DNS server \"%(value)s\"" -msgstr "" - -msgid "Host-based access control commands" -msgstr "" - -msgid "" -"\n" -"HBAC Services\n" -"\n" -"The PAM services that HBAC can control access to. The name used here\n" -"must match the service name that PAM is evaluating.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a new HBAC service:\n" -" ipa hbacsvc-add tftp\n" -"\n" -" Modify an existing HBAC service:\n" -" ipa hbacsvc-mod --desc=\"TFTP service\" tftp\n" -"\n" -" Search for HBAC services. This example will return two results, the FTP\n" -" service and the newly-added tftp service:\n" -" ipa hbacsvc-find ftp\n" -"\n" -" Delete an HBAC service:\n" -" ipa hbacsvc-del tftp\n" -"\n" -msgstr "" - -#, fuzzy -#| msgid "Service" -msgid "HBAC services" -msgstr "Хидмат" - -#, fuzzy -#| msgid "Service" -msgid "HBAC Service" -msgstr "Хидмат" - -#, python-format -msgid "Added HBAC service \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Deleted HBAC service \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Modified HBAC service \"%(value)s\"" -msgstr "" - -#, python-format -msgid "%(count)d HBAC service matched" -msgid_plural "%(count)d HBAC services matched" -msgstr[0] "" - -#, fuzzy -#| msgid "User group" -msgid "HBAC service group" -msgstr "Гурӯҳи корбар" - -#, fuzzy -#| msgid "User group" -msgid "HBAC service groups" -msgstr "Гурӯҳи корбар" - -msgid "HBAC Service Group" -msgstr "" - -#, python-format -msgid "Added HBAC service group \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Deleted HBAC service group \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Modified HBAC service group \"%(value)s\"" -msgstr "" - -#, python-format -msgid "%(count)d HBAC service group matched" -msgid_plural "%(count)d HBAC service groups matched" -msgstr[0] "" - -#, python-format -msgid "" -"cannot add permission \"%(perm)s\" with bindtype \"%(bindtype)s\" to a " -"privilege" -msgstr "" - -msgid "Privilege" -msgstr "" - -#, python-format -msgid "Added privilege \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Deleted privilege \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Modified privilege \"%(value)s\"" -msgstr "" - -#, python-format -msgid "%(count)d privilege matched" -msgid_plural "%(count)d privileges matched" -msgstr[0] "" - -msgid "Class of Service object used for linking policies with groups" -msgstr "" - -#, python-format -msgid "priority must be a unique value (%(prio)d already used by %(gname)s)" -msgstr "" - -msgid "Add Class of Service entry" -msgstr "" - -msgid "Delete Class of Service entry" -msgstr "" - -msgid "Modify Class of Service entry" -msgstr "" - -msgid "Display Class of Service entry" -msgstr "" - -msgid "Search for Class of Service entry" -msgstr "" - -#, fuzzy -#| msgid "password" -msgid "password policy" -msgstr "парол" - -#, fuzzy -#| msgid "password" -msgid "password policies" -msgstr "парол" - -#, fuzzy -#| msgid "Password" -msgid "Password Policies" -msgstr "Парол" - -#, fuzzy -#| msgid "Password" -msgid "Password Policy" -msgstr "Парол" - -msgid "Maximum password life must be greater than minimum." -msgstr "" - -msgid "cannot delete global password policy" -msgstr "" - -msgid "priority cannot be set on global policy" -msgstr "" - -msgid "" -"\n" -"Realm domains\n" -"\n" -"Manage the list of domains associated with IPA realm.\n" -"\n" -"This list is useful for Domain Controllers from other realms which have\n" -"established trust with this IPA realm. They need the information to know\n" -"which request should be forwarded to KDC of this IPA realm.\n" -"\n" -"Automatic management: a domain is automatically added to the realm domains\n" -"list when a new DNS Zone managed by IPA is created. Same applies for " -"deletion.\n" -"\n" -"Externally managed DNS: domains which are not managed in IPA server DNS\n" -"need to be manually added to the list using ipa realmdomains-mod command.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Display the current list of realm domains:\n" -" ipa realmdomains-show\n" -"\n" -" Replace the list of realm domains:\n" -" ipa realmdomains-mod --domain=example.com\n" -" ipa realmdomains-mod --domain={example1.com,example2.com,example3.com}\n" -"\n" -" Add a domain to the list of realm domains:\n" -" ipa realmdomains-mod --add-domain=newdomain.com\n" -"\n" -" Delete a domain from the list of realm domains:\n" -" ipa realmdomains-mod --del-domain=olddomain.com\n" -msgstr "" - -msgid "Realm domains" -msgstr "" - -msgid "Realm Domains" -msgstr "" - -msgid "" -"\n" -" Modify realm domains\n" -"\n" -" DNS check: When manually adding a domain to the list, a DNS check is\n" -" performed by default. It ensures that the domain is associated with\n" -" the IPA realm, by checking whether the domain has a _kerberos TXT " -"record\n" -" containing the IPA realm name. This check can be skipped by specifying\n" -" --force option.\n" -"\n" -" Removal: when a realm domain which has a matching DNS zone managed by\n" -" IPA is being removed, a corresponding _kerberos TXT record in the zone " -"is\n" -" removed automatically as well. Other records in the zone or the zone\n" -" itself are not affected.\n" -" " -msgstr "" - -#, python-format -msgid "" -"DNS zone for each realmdomain must contain SOA or NS records. No records " -"found for: %s" -msgstr "" - -#, python-format -msgid "The following domains do not belong to this realm: %(domains)s" -msgstr "" - -#, python-format -msgid "" -"The realm of the following domains could not be detected: %(domains)s. If " -"these are domains that belong to the this realm, please create a _kerberos " -"TXT record containing \"%(realm)s\" in each of them." -msgstr "" - -msgid "" -"The --domain option cannot be used together with --add-domain or --del-" -"domain. Use --domain to specify the whole realm domain list explicitly, to " -"add/remove individual domains, use --add-domain/del-domain." -msgstr "" - -msgid "IPA server domain cannot be omitted" -msgstr "" - -msgid "IPA server domain cannot be deleted" -msgstr "" - -msgid "" -"\n" -"Services\n" -"\n" -"A IPA service represents a service that runs on a host. The IPA service\n" -"record can store a Kerberos principal, an SSL certificate, or both.\n" -"\n" -"An IPA service can be managed directly from a machine, provided that\n" -"machine has been given the correct permission. This is true even for\n" -"machines other than the one the service is associated with. For example,\n" -"requesting an SSL certificate using the host service principal credentials\n" -"of the host. To manage a service using host credentials you need to\n" -"kinit as the host:\n" -"\n" -" # kinit -kt /etc/krb5.keytab host/ipa.example.com@EXAMPLE.COM\n" -"\n" -"Adding an IPA service allows the associated service to request an SSL\n" -"certificate or keytab, but this is performed as a separate step; they\n" -"are not produced as a result of adding the service.\n" -"\n" -"Only the public aspect of a certificate is stored in a service record;\n" -"the private key is not stored.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a new IPA service:\n" -" ipa service-add HTTP/web.example.com\n" -"\n" -" Allow a host to manage an IPA service certificate:\n" -" ipa service-add-host --hosts=web.example.com HTTP/web.example.com\n" -" ipa role-add-member --hosts=web.example.com certadmin\n" -"\n" -" Override a default list of supported PAC types for the service:\n" -" ipa service-mod HTTP/web.example.com --pac-type=MS-PAC\n" -"\n" -" A typical use case where overriding the PAC type is needed is NFS.\n" -" Currently the related code in the Linux kernel can only handle Kerberos\n" -" tickets up to a maximal size. Since the PAC data can become quite large " -"it\n" -" is recommended to set --pac-type=NONE for NFS services.\n" -"\n" -" Delete an IPA service:\n" -" ipa service-del HTTP/web.example.com\n" -"\n" -" Find all IPA services associated with a host:\n" -" ipa service-find web.example.com\n" -"\n" -" Find all HTTP services:\n" -" ipa service-find HTTP\n" -"\n" -" Disable the service Kerberos key and SSL certificate:\n" -" ipa service-disable HTTP/web.example.com\n" -"\n" -" Request a certificate for an IPA service:\n" -" ipa cert-request --principal=HTTP/web.example.com example.csr\n" -msgstr "" - -msgid "" -"\n" -" Allow user to create a keytab:\n" -" ipa service-allow-create-keytab HTTP/web.example.com --users=tuser1\n" -msgstr "" - -msgid "" -"\n" -" Generate and retrieve a keytab for an IPA service:\n" -" ipa-getkeytab -s ipa.example.com -p HTTP/web.example.com -k /etc/httpd/" -"httpd.keytab\n" -"\n" -msgstr "" - -msgid "Trusted to authenticate as user" -msgstr "" - -msgid "The service is allowed to authenticate on behalf of a client" -msgstr "" - -msgid "Malformed principal" -msgstr "" - -msgid "{} is required by the IPA master" -msgstr "" - -#, fuzzy -#| msgid "Service" -msgid "service" -msgstr "Хидмат" - -#, fuzzy -#| msgid "Service" -msgid "services" -msgstr "Хидмат" - -msgid "Service principal alias" -msgstr "" - -msgid "Base-64 encoded service certificate" -msgstr "" - -msgid "NONE value cannot be combined with other PAC types" -msgstr "" - -msgid "Add a new IPA service." -msgstr "" - -#, python-format -msgid "Added service \"%(value)s\"" -msgstr "" - -msgid "force principal name even if host not in DNS" -msgstr "" - -msgid "Skip host check" -msgstr "" - -msgid "" -"force service to be created even when host object does not exist to manage it" -msgstr "" - -#, python-format -msgid "The host '%s' does not exist to add a service to." -msgstr "" - -msgid "Add a new SMB service." -msgstr "" - -msgid "SMB service NetBIOS name" -msgstr "" - -#, python-format -msgid "Deleted service \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Modified service \"%(value)s\"" -msgstr "" - -#, python-format -msgid "%(count)d service matched" -msgid_plural "%(count)d services matched" -msgstr[0] "" - -#, python-format -msgid "Disabled service \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Added certificates to service principal \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Removed certificates from service principal \"%(value)s\"" -msgstr "" - -msgid "Add new principal alias to a service" -msgstr "" - -#, python-format -msgid "Added new aliases to the service principal \"%(value)s\"" -msgstr "" - -msgid "Remove principal alias from a service" -msgstr "" - -#, python-format -msgid "Removed aliases to the service principal \"%(value)s\"" -msgstr "" - -msgid "" -"=======\n" -"WARNING:\n" -"\n" -"DNA plugin in 389-ds will allocate IDs based on the ranges configured for " -"the\n" -"local domain. Currently the DNA plugin *cannot* be reconfigured itself " -"based\n" -"on the local ranges set via this family of commands.\n" -"\n" -"Manual configuration change has to be done in the DNA plugin configuration " -"for\n" -"the new local range. Specifically, The dnaNextRange attribute of 'cn=Posix\n" -"IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has to " -"be\n" -"modified to match the new range.\n" -"=======\n" -msgstr "" - -msgid "" -"\n" -"ID ranges\n" -"\n" -"Manage ID ranges used to map Posix IDs to SIDs and back.\n" -"\n" -"There are two type of ID ranges which are both handled by this utility:\n" -"\n" -" - the ID ranges of the local domain\n" -" - the ID ranges of trusted remote domains\n" -"\n" -"Both types have the following attributes in common:\n" -"\n" -" - base-id: the first ID of the Posix ID range\n" -" - range-size: the size of the range\n" -"\n" -"With those two attributes a range object can reserve the Posix IDs starting\n" -"with base-id up to but not including base-id+range-size exclusively.\n" -"\n" -"Additionally an ID range of the local domain may set\n" -" - rid-base: the first RID(*) of the corresponding RID range\n" -" - secondary-rid-base: first RID of the secondary RID range\n" -"\n" -"and an ID range of a trusted domain must set\n" -" - rid-base: the first RID of the corresponding RID range\n" -" - sid: domain SID of the trusted domain\n" -"\n" -"\n" -"\n" -"EXAMPLE: Add a new ID range for a trusted domain\n" -"\n" -"Since there might be more than one trusted domain the domain SID must be " -"given\n" -"while creating the ID range.\n" -"\n" -" ipa idrange-add --base-id=1200000 --range-size=200000 --rid-base=0 \\\n" -" --dom-sid=S-1-5-21-123-456-789 trusted_dom_range\n" -"\n" -"This ID range is then used by the IPA server and the SSSD IPA provider to\n" -"assign Posix UIDs to users from the trusted domain.\n" -"\n" -"If e.g. a range for a trusted domain is configured with the following " -"values:\n" -" base-id = 1200000\n" -" range-size = 200000\n" -" rid-base = 0\n" -"the RIDs 0 to 199999 are mapped to the Posix ID from 1200000 to 13999999. " -"So\n" -"RID 1000 <-> Posix ID 1201000\n" -"\n" -"\n" -"\n" -"EXAMPLE: Add a new ID range for the local domain\n" -"\n" -"To create an ID range for the local domain it is not necessary to specify a\n" -"domain SID. But since it is possible that a user and a group can have the " -"same\n" -"value as Posix ID a second RID interval is needed to handle conflicts.\n" -"\n" -" ipa idrange-add --base-id=1200000 --range-size=200000 --rid-base=1000 \\\n" -" --secondary-rid-base=1000000 local_range\n" -"\n" -"The data from the ID ranges of the local domain are used by the IPA server\n" -"internally to assign SIDs to IPA users and groups. The SID will then be " -"stored\n" -"in the user or group objects.\n" -"\n" -"If e.g. the ID range for the local domain is configured with the values " -"from\n" -"the example above then a new user with the UID 1200007 will get the RID " -"1007.\n" -"If this RID is already used by a group the RID will be 1000007. This can " -"only\n" -"happen if a user or a group object was created with a fixed ID because the\n" -"automatic assignment will not assign the same ID twice. Since there are " -"only\n" -"users and groups sharing the same ID namespace it is sufficient to have " -"only\n" -"one fallback range to handle conflicts.\n" -"\n" -"To find the Posix ID for a given RID from the local domain it has to be\n" -"checked first if the RID falls in the primary or secondary RID range and\n" -"the rid-base or the secondary-rid-base has to be subtracted, respectively,\n" -"and the base-id has to be added to get the Posix ID.\n" -"\n" -"Typically the creation of ID ranges happens behind the scenes and this CLI\n" -"must not be used at all. The ID range for the local domain will be created\n" -"during installation or upgrade from an older version. The ID range for a\n" -"trusted domain will be created together with the trust by 'ipa trust-" -"add ...'.\n" -"\n" -"USE CASES:\n" -"\n" -" Add an ID range from a transitively trusted domain\n" -"\n" -" If the trusted domain (A) trusts another domain (B) as well and this " -"trust\n" -" is transitive 'ipa trust-add domain-A' will only create a range for\n" -" domain A. The ID range for domain B must be added manually.\n" -"\n" -" Add an additional ID range for the local domain\n" -"\n" -" If the ID range of the local domain is exhausted, i.e. no new IDs can " -"be\n" -" assigned to Posix users or groups by the DNA plugin, a new range has to " -"be\n" -" created to allow new users and groups to be added. (Currently there is " -"no\n" -" connection between this range CLI and the DNA plugin, but a future " -"version\n" -" might be able to modify the configuration of the DNS plugin as well)\n" -"\n" -"In general it is not necessary to modify or delete ID ranges. If there is " -"no\n" -"other way to achieve a certain configuration than to modify or delete an ID\n" -"range it should be done with great care. Because UIDs are stored in the " -"file\n" -"system and are used for access control it might be possible that users are\n" -"allowed to access files of other users if an ID range got deleted and " -"reused\n" -"for a different domain.\n" -"\n" -"(*) The RID is typically the last integer of a user or group SID which " -"follows\n" -"the domain SID. E.g. if the domain SID is S-1-5-21-123-456-789 and a user " -"from\n" -"this domain has the SID S-1-5-21-123-456-789-1010 then 1010 is the RID of " -"the\n" -"user. RIDs are unique in a domain, 32bit values and are used for users and\n" -"groups.\n" -"\n" -msgstr "" - -msgid "ID Ranges" -msgstr "" - -msgid "ID Range" -msgstr "" - -msgid "local domain range" -msgstr "" - -msgid "Active Directory domain range" -msgstr "" - -msgid "Active Directory trust range with POSIX attributes" -msgstr "" - -msgid "ID range type, one of allowed values" -msgstr "" - -msgid "" -"range modification leaving objects with ID out of the defined range is not " -"allowed" -msgstr "" - -msgid "" -"Cannot perform SID validation without Samba 4 support installed. Make sure " -"you have installed server-trust-ad sub-package of IPA on the server" -msgstr "" - -msgid "" -"Cross-realm trusts are not configured. Make sure you have run ipa-adtrust-" -"install on the IPA server first" -msgstr "" - -msgid "SID is not recognized as a valid SID for a trusted domain" -msgstr "" - -msgid "" -"\n" -" Add new ID range.\n" -"\n" -" To add a new ID range you always have to specify\n" -"\n" -" --base-id\n" -" --range-size\n" -"\n" -" Additionally\n" -"\n" -" --rid-base\n" -" --secondary-rid-base\n" -"\n" -" may be given for a new ID range for the local domain while\n" -"\n" -" --rid-base\n" -" --dom-sid\n" -"\n" -" must be given to add a new range for a trusted AD domain.\n" -"\n" -msgstr "" - -#, python-format -msgid "Added ID range \"%(value)s\"" -msgstr "" - -msgid "Options dom-sid and dom-name cannot be used together" -msgstr "" - -msgid "Specified trusted domain name could not be found." -msgstr "" - -msgid "Options dom-sid/dom-name and rid-base must be used together" -msgstr "" - -msgid "" -"Option rid-base must not be used when IPA range type is ipa-ad-trust-posix" -msgstr "" - -msgid "" -"IPA Range type must be one of ipa-ad-trust or ipa-ad-trust-posix when SID of " -"the trusted domain is specified" -msgstr "" - -msgid "Options dom-sid/dom-name and secondary-rid-base cannot be used together" -msgstr "" - -msgid "" -"IPA Range type must not be one of ipa-ad-trust or ipa-ad-trust-posix when " -"SID of the trusted domain is not specified." -msgstr "" - -msgid "Options secondary-rid-base and rid-base must be used together" -msgstr "" - -msgid "Primary RID range and secondary RID range cannot overlap" -msgstr "" - -msgid "" -"You must specify both rid-base and secondary-rid-base options, because ipa-" -"adtrust-install has already been run." -msgstr "" - -#, python-format -msgid "Deleted ID range \"%(value)s\"" -msgstr "" - -#, python-format -msgid "%(count)d range matched" -msgid_plural "%(count)d ranges matched" -msgstr[0] "" - -msgid "" -"Modify ID range.\n" -"\n" -msgstr "" - -#, python-format -msgid "Modified ID range \"%(value)s\"" -msgstr "" - -msgid "" -"This command can not be used to change ID allocation for local IPA domain. " -"Run `ipa help idrange` for more information" -msgstr "" - -msgid "" -"SID for the specified trusted domain name could not be found. Please specify " -"the SID directly using dom-sid option." -msgstr "" - -msgid "Options dom-sid and secondary-rid-base cannot be used together" -msgstr "" - -msgid "Options dom-sid and rid-base must be used together" -msgstr "" - -#, fuzzy -#| msgid "Groups" -msgid "netgroups" -msgstr "Гуруҳҳо" - -#, fuzzy -#| msgid "Groups" -msgid "Netgroups" -msgstr "Гуруҳҳо" - -#, fuzzy -#| msgid "User group" -msgid "Netgroup" -msgstr "Гурӯҳи корбар" - -#, python-format -msgid "Added netgroup \"%(value)s\"" -msgstr "" - -#, python-format -msgid "" -"hostgroup with name \"%s\" already exists. Hostgroups and netgroups share a " -"common namespace" -msgstr "" - -#, python-format -msgid "Deleted netgroup \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Modified netgroup \"%(value)s\"" -msgstr "" - -#, python-format -msgid "%(count)d netgroup matched" -msgid_plural "%(count)d netgroups matched" -msgstr[0] "" - -msgid "One time password commands" -msgstr "" - -#, fuzzy -#| msgid "Configuration" -msgid "OTP configuration options" -msgstr "Ҷӯрсозӣ" - -#, fuzzy -#| msgid "Configuration" -msgid "OTP Configuration" -msgstr "Ҷӯрсозӣ" - -#, python-format -msgid "Changed password for \"%(value)s\"" -msgstr "" - -msgid "" -"\n" -"Kerberos PKINIT feature status reporting tools.\n" -"\n" -"Report IPA masters on which Kerberos PKINIT is enabled or disabled\n" -"\n" -"EXAMPLES:\n" -" List PKINIT status on all masters:\n" -" ipa pkinit-status\n" -"\n" -" Check PKINIT status on `ipa.example.com`:\n" -" ipa pkinit-status --server ipa.example.com\n" -"\n" -" List all IPA masters with disabled PKINIT:\n" -" ipa pkinit-status --status='disabled'\n" -"\n" -"For more info about PKINIT support see:\n" -"\n" -"https://www.freeipa.org/page/V4/Kerberos_PKINIT\n" -msgstr "" - -msgid "pkinit" -msgstr "" - -msgid "PKINIT" -msgstr "" - -msgid "PKINIT status" -msgstr "" - -msgid "Whether PKINIT is enabled or disabled" -msgstr "" - -msgid "Report PKINIT status on the IPA masters" -msgstr "" - -#, python-format -msgid "%(count)s server matched" -msgid_plural "%(count)s servers matched" -msgstr[0] "" - -msgid "" -"\n" -"RADIUS Proxy Servers\n" -msgstr "" - -msgid "" -"\n" -"Manage RADIUS Proxy Servers.\n" -msgstr "" - -msgid "" -"\n" -"IPA supports the use of an external RADIUS proxy server for krb5 OTP\n" -"authentications. This permits a great deal of flexibility when\n" -"integrating with third-party authentication services.\n" -msgstr "" - -msgid "" -"\n" -" Add a new server:\n" -" ipa radiusproxy-add MyRADIUS --server=radius.example.com:1812\n" -msgstr "" - -msgid "" -"\n" -" Find all servers whose entries include the string \"example.com\":\n" -" ipa radiusproxy-find example.com\n" -msgstr "" - -msgid "" -"\n" -" Examine the configuration:\n" -" ipa radiusproxy-show MyRADIUS\n" -msgstr "" - -msgid "" -"\n" -" Change the secret:\n" -" ipa radiusproxy-mod MyRADIUS --secret\n" -msgstr "" - -msgid "" -"\n" -" Delete a configuration:\n" -" ipa radiusproxy-del MyRADIUS\n" -msgstr "" - -msgid "invalid attribute name" -msgstr "" - -#, fuzzy -#| msgid "Serial number" -msgid "invalid port number" -msgstr "Рақами силсилавӣ" - -msgid "RADIUS proxy server" -msgstr "" - -msgid "RADIUS proxy servers" -msgstr "" - -#, fuzzy -#| msgid "IPA Server" -msgid "RADIUS Servers" -msgstr "Сервери IPA" - -#, fuzzy -#| msgid "IPA Server" -msgid "RADIUS Server" -msgstr "Сервери IPA" - -#, python-format -msgid "Added RADIUS proxy server \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Deleted RADIUS proxy server \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Modified RADIUS proxy server \"%(value)s\"" -msgstr "" - -#, python-format -msgid "%(count)d RADIUS proxy server matched" -msgid_plural "%(count)d RADIUS proxy servers matched" -msgstr[0] "" - -#, fuzzy -#| msgid "View" -msgid "ID View" -msgstr "Намоиш" - -msgid "system ID View" -msgstr "" - -#, fuzzy -#| msgid "View" -msgid "ID Views" -msgstr "Намоиш" - -msgid "User object overrides" -msgstr "" - -msgid "Group object overrides" -msgstr "" - -msgid "Hosts the view applies to" -msgstr "" - -msgid "Domain resolution order" -msgstr "" - -msgid "colon-separated list of domains used for short name qualification" -msgstr "" - -#, python-format -msgid "Added ID View \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Deleted ID View \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Modified an ID View \"%(value)s\"" -msgstr "" - -#, python-format -msgid "%(count)d ID View matched" -msgid_plural "%(count)d ID Views matched" -msgstr[0] "" - -msgid "Default Trust View cannot be applied on hosts" -msgstr "" - -msgid "not found" -msgstr "" - -msgid "ID View cannot be applied to IPA master" -msgstr "" - -msgid "ID View already applied" -msgstr "" - -msgid "value" -msgstr "" - -#, python-format -msgid "ID View applied to %i host." -msgstr "" - -#, python-format -msgid "ID View applied to %i hosts." -msgstr "" - -#, python-format -msgid "ID View cleared from %i host." -msgstr "" - -#, python-format -msgid "ID View cleared from %i hosts." -msgstr "" - -msgid "" -"You are trying to reference a magic private group which is not allowed to be " -"overridden. Try overriding the GID attribute of the corresponding user " -"instead." -msgstr "" - -msgid "IPA object" -msgstr "" - -msgid "" -"system IPA objects (e.g. system groups, user private groups) cannot be " -"overridden" -msgstr "" - -#, python-format -msgid "Anchor '%(anchor)s' could not be resolved." -msgstr "" - -msgid "Default Trust View cannot contain IPA users" -msgstr "" - -msgid "Add a new ID override." -msgstr "" - -#, python-format -msgid "Added ID override \"%(value)s\"" -msgstr "" - -msgid "Delete an ID override." -msgstr "" - -#, python-format -msgid "Deleted ID override \"%(value)s\"" -msgstr "" - -msgid "Modify an ID override." -msgstr "" - -#, python-format -msgid "Modified an ID override \"%(value)s\"" -msgstr "" - -msgid "ID override" -msgstr "" - -msgid "ID overrides cannot be renamed" -msgstr "" - -msgid "Search for an ID override." -msgstr "" - -#, python-format -msgid "%(count)d ID override matched" -msgid_plural "%(count)d ID overrides matched" -msgstr[0] "" - -msgid "Display information about an ID override." -msgstr "" - -msgid "User ID override" -msgstr "" - -msgid "User ID overrides" -msgstr "" - -msgid "Base-64 encoded user certificate" -msgstr "" - -msgid "Group ID override" -msgstr "" - -msgid "Group ID overrides" -msgstr "" - -msgid "Add one or more certificates to the idoverrideuser entry" -msgstr "" - -#, python-format -msgid "Added certificates to idoverrideuser \"%(value)s\"" -msgstr "" - -msgid "Remove one or more certificates to the idoverrideuser entry" -msgstr "" - -#, python-format -msgid "Removed certificates from idoverrideuser \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Added User ID override \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Deleted User ID override \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Modified an User ID override \"%(value)s\"" -msgstr "" - -#, python-format -msgid "%(count)d User ID override matched" -msgid_plural "%(count)d User ID overrides matched" -msgstr[0] "" - -#, python-format -msgid "Added Group ID override \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Deleted Group ID override \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Modified an Group ID override \"%(value)s\"" -msgstr "" - -#, python-format -msgid "%(count)d Group ID override matched" -msgid_plural "%(count)d Group ID overrides matched" -msgstr[0] "" - -#, fuzzy -#| msgid "Location" -msgid "" -"\n" -"IPA locations\n" -msgstr "Макон" - -msgid "" -"\n" -"Manipulate DNS locations\n" -msgstr "" - -msgid "" -"\n" -" Find all locations:\n" -" ipa location-find\n" -msgstr "" - -msgid "" -"\n" -" Show specific location:\n" -" ipa location-show location\n" -msgstr "" - -msgid "" -"\n" -" Add location:\n" -" ipa location-add location --description 'My location'\n" -msgstr "" - -msgid "" -"\n" -" Delete location:\n" -" ipa location-del location\n" -msgstr "" - -#, fuzzy -#| msgid "Location" -msgid "location" -msgstr "Макон" - -#, fuzzy -#| msgid "Location" -msgid "locations" -msgstr "Макон" - -#, fuzzy -#| msgid "Location" -msgid "IPA Locations" -msgstr "Макон" - -#, fuzzy -#| msgid "Location" -msgid "IPA Location" -msgstr "Макон" - -#, fuzzy -#| msgid "Location" -msgid "Location name" -msgstr "Макон" - -msgid "IPA location name" -msgstr "" - -#, fuzzy -#| msgid "description" -msgid "IPA Location description" -msgstr "шарҳ" - -#, fuzzy -#| msgid "Service" -msgid "Servers" -msgstr "Хидмат" - -msgid "Servers that belongs to the IPA location" -msgstr "" - -msgid "Advertised by servers" -msgstr "" - -msgid "List of servers which advertise the given location" -msgstr "" - -msgid "Add a new IPA location." -msgstr "" - -#, python-format -msgid "Added IPA location \"%(value)s\"" -msgstr "" - -msgid "Delete an IPA location." -msgstr "" - -#, python-format -msgid "Deleted IPA location \"%(value)s\"" -msgstr "" - -msgid "IPA Server" -msgstr "Сервери IPA" - -msgid "Modify information about an IPA location." -msgstr "" - -#, python-format -msgid "Modified IPA location \"%(value)s\"" -msgstr "" - -msgid "Search for IPA locations." -msgstr "" - -#, python-format -msgid "%(count)d IPA location matched" -msgid_plural "%(count)d IPA locations matched" -msgstr[0] "" - -msgid "Display information about an IPA location." -msgstr "" - -msgid "Servers in location" -msgstr "" - -msgid "roles" -msgstr "" - -msgid "Role" -msgstr "" - -#, python-format -msgid "Added role \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Deleted role \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Modified role \"%(value)s\"" -msgstr "" - -#, python-format -msgid "%(count)d role matched" -msgid_plural "%(count)d roles matched" -msgstr[0] "" - -msgid "" -"\n" -"API Schema\n" -msgstr "" - -msgid "" -"\n" -"Provides API introspection capabilities.\n" -msgstr "" - -msgid "" -"\n" -" Show user-find details:\n" -" ipa command-show user-find\n" -msgstr "" - -msgid "" -"\n" -" Find user-find parameters:\n" -" ipa param-find user-find\n" -msgstr "" - -#, fuzzy -#| msgid "Host Name" -msgid "Name" -msgstr "Номи мизбон" - -#, fuzzy -#| msgid "Location" -msgid "Documentation" -msgstr "Макон" - -msgid "Exclude from" -msgstr "" - -msgid "Include in" -msgstr "" - -#, python-format -msgid "Results should contain primary key attribute only (\"%s\")" -msgstr "" - -msgid "Help topic" -msgstr "" - -#, fuzzy -#| msgid "Permission" -msgid "Version" -msgstr "Иҷозат" - -msgid "Parameters" -msgstr "" - -msgid "Method of" -msgstr "" - -#, fuzzy -#| msgid "hostname" -msgid "Method name" -msgstr "номи мизбон" - -#, fuzzy, python-format -#| msgid "File %(file)s not found" -msgid "%(pkey)s: %(oname)s not found" -msgstr "Файли %(file)s пайдо нашуд." - -msgid "Display information about a command." -msgstr "" - -msgid "Search for commands." -msgstr "" - -msgid "Return command defaults" -msgstr "" - -msgid "Display information about a class." -msgstr "" - -msgid "Search for classes." -msgstr "" - -msgid "Display information about a help topic." -msgstr "" - -msgid "Search for help topics." -msgstr "" - -msgid "Required" -msgstr "" - -msgid "Multi-value" -msgstr "" - -msgid "Always ask" -msgstr "" - -msgid "CLI metavar" -msgstr "" - -#, fuzzy -#| msgid "ACI name" -msgid "CLI name" -msgstr "Номи ACI" - -#, fuzzy -#| msgid "password" -msgid "Confirm (password)" -msgstr "парол" - -msgid "Default" -msgstr "" - -msgid "Default from" -msgstr "" - -msgid "Label" -msgstr "" - -msgid "Convert on server" -msgstr "" - -msgid "Option group" -msgstr "" - -msgid "Sensitive" -msgstr "" - -msgid "Positional argument" -msgstr "" - -#, python-format -msgid "%(metaobject)s: %(oname)s not found" -msgstr "" - -msgid "Display information about a command parameter." -msgstr "" - -msgid "Search command parameters." -msgstr "" - -#, python-format -msgid "%(command_name)s: %(oname)s not found" -msgstr "" - -msgid "Display information about a command output." -msgstr "" - -msgid "Search for command outputs." -msgstr "" - -msgid "Store and provide schema for commands and topics" -msgstr "" - -msgid "Fingerprint of schema cached by client" -msgstr "" - -msgid "HBAC rule and local members cannot both be set" -msgstr "" - -msgid "Invalid SELinux user name, must match {}" -msgstr "" - -#, python-brace-format -msgid "Invalid MLS value, must match {mls}, where max level {mls_max}" -msgstr "" - -#, python-brace-format -msgid "Invalid MCS value, must match {mcs}, where max category {mcs_max}" -msgstr "" - -msgid "SELinux user map list not found in configuration" -msgstr "" - -#, python-format -msgid "SELinux user %(user)s not found in ordering list (in config)" -msgstr "" - -msgid "SELinux User Map rule" -msgstr "" - -msgid "SELinux User Map rules" -msgstr "" - -msgid "SELinux User Maps" -msgstr "" - -msgid "SELinux User Map" -msgstr "" - -#, fuzzy, python-format -#| msgid "File %(file)s not found" -msgid "HBAC rule %(rule)s not found" -msgstr "Файли %(file)s пайдо нашуд." - -#, python-format -msgid "Added SELinux User Map \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Deleted SELinux User Map \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Modified SELinux User Map \"%(value)s\"" -msgstr "" - -#, python-format -msgid "%(count)d SELinux User Map matched" -msgid_plural "%(count)d SELinux User Maps matched" -msgstr[0] "" - -#, python-format -msgid "Enabled SELinux User Map \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Disabled SELinux User Map \"%(value)s\"" -msgstr "" - -msgid "" -"\n" -"Service Constrained Delegation\n" -"\n" -"Manage rules to allow constrained delegation of credentials so\n" -"that a service can impersonate a user when communicating with another\n" -"service without requiring the user to actually forward their TGT.\n" -"This makes for a much better method of delegating credentials as it\n" -"prevents exposure of the short term secret of the user.\n" -"\n" -"The naming convention is to append the word \"target\" or \"targets\" to\n" -"a matching rule name. This is not mandatory but helps conceptually\n" -"to associate rules and targets.\n" -"\n" -"A rule consists of two things:\n" -" - A list of targets the rule applies to\n" -" - A list of memberPrincipals that are allowed to delegate for\n" -" those targets\n" -"\n" -"A target consists of a list of principals that can be delegated.\n" -"\n" -"In English, a rule says that this principal can delegate as this\n" -"list of principals, as defined by these targets.\n" -"\n" -"In both a rule and a target Kerberos principals may be specified\n" -"by their name or an alias and the realm can be omitted. Additionally,\n" -"hosts can be specified by their names. If Kerberos principal specified\n" -"has a single component and does not end with '$' sign, it will be treated\n" -"as a host name. Kerberos principal names ending with '$' are typically\n" -"used as aliases for Active Directory-related services.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a new constrained delegation rule:\n" -" ipa servicedelegationrule-add ftp-delegation\n" -"\n" -" Add a new constrained delegation target:\n" -" ipa servicedelegationtarget-add ftp-delegation-target\n" -"\n" -" Add a principal to the rule:\n" -" ipa servicedelegationrule-add-member --principals=ftp/ipa.example." -"com ftp-delegation\n" -"\n" -" Add a host principal of the host 'ipa.example.com' to the rule:\n" -" ipa servicedelegationrule-add-member --principals=ipa.example.com " -"ftp-delegation\n" -"\n" -" Add our target to the rule:\n" -" ipa servicedelegationrule-add-target --servicedelegationtargets=ftp-" -"delegation-target ftp-delegation\n" -"\n" -" Add a principal to the target:\n" -" ipa servicedelegationtarget-add-member --principals=ldap/ipa.example." -"com ftp-delegation-target\n" -"\n" -" Display information about a named delegation rule and target:\n" -" ipa servicedelegationrule_show ftp-delegation\n" -" ipa servicedelegationtarget_show ftp-delegation-target\n" -"\n" -" Remove a constrained delegation:\n" -" ipa servicedelegationrule-del ftp-delegation-target\n" -" ipa servicedelegationtarget-del ftp-delegation\n" -"\n" -"In this example the ftp service can get a TGT for the ldap service on\n" -"the bound user's behalf.\n" -"\n" -"It is strongly discouraged to modify the delegations that ship with\n" -"IPA, ipa-http-delegation and its targets ipa-cifs-delegation-targets and\n" -"ipa-ldap-delegation-targets. Incorrect changes can remove the ability\n" -"to delegate, causing the framework to stop functioning.\n" -msgstr "" - -msgid "Allowed to Impersonate" -msgstr "" - -#, fuzzy -#| msgid "Principal" -msgid "Member principals" -msgstr "Асосӣ" - -#, python-format -msgid "Malformed principal: %(error)s" -msgstr "" - -msgid "Add target to a named service delegation." -msgstr "" - -#, python-format -msgid "member %s" -msgstr "" - -msgid "Remove member from a named service delegation." -msgstr "" - -msgid "service delegation rule" -msgstr "" - -msgid "service delegation rules" -msgstr "" - -msgid "Service delegation rules" -msgstr "" - -msgid "Service delegation rule" -msgstr "" - -#, python-format -msgid "Added service delegation rule \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Deleted service delegation \"%(value)s\"" -msgstr "" - -msgid "privileged service delegation rule" -msgstr "" - -#, python-format -msgid "%(count)d service delegation rule matched" -msgid_plural "%(count)d service delegation rules matched" -msgstr[0] "" - -msgid "service delegation target" -msgstr "" - -msgid "service delegation targets" -msgstr "" - -msgid "Service delegation targets" -msgstr "" - -msgid "Service delegation target" -msgstr "" - -#, python-format -msgid "Added service delegation target \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Deleted service delegation target \"%(value)s\"" -msgstr "" - -msgid "privileged service delegation target" -msgstr "" - -#, python-format -msgid "%(count)d service delegation target matched" -msgid_plural "%(count)d service delegation targets matched" -msgstr[0] "" - -msgid "" -"\n" -"Session Support for IPA\n" -msgstr "" - -msgid "" -"\n" -"Stageusers\n" -"\n" -"Manage stage user entries.\n" -"\n" -"Stage user entries are directly under the container: \"cn=stage users,\n" -"cn=accounts, cn=provisioning, SUFFIX\".\n" -"Users can not authenticate with those entries (even if the entries\n" -"contain credentials). Those entries are only candidate to become Active " -"entries.\n" -"\n" -"Active user entries are Posix users directly under the container: " -"\"cn=accounts, SUFFIX\".\n" -"Users can authenticate with Active entries, at the condition they have\n" -"credentials.\n" -"\n" -"Deleted user entries are Posix users directly under the container: " -"\"cn=deleted users,\n" -"cn=accounts, cn=provisioning, SUFFIX\".\n" -"Users can not authenticate with those entries, even if the entries contain " -"credentials.\n" -"\n" -"The stage user container contains entries:\n" -" - created by 'stageuser-add' commands that are Posix users,\n" -" - created by external provisioning system.\n" -"\n" -"A valid stage user entry MUST have:\n" -" - entry RDN is 'uid',\n" -" - ipaUniqueID is 'autogenerate'.\n" -"\n" -"IPA supports a wide range of username formats, but you need to be aware of " -"any\n" -"restrictions that may apply to your particular environment. For example,\n" -"usernames that start with a digit or usernames that exceed a certain length\n" -"may cause problems for some UNIX systems.\n" -"Use 'ipa config-mod' to change the username format allowed by IPA tools.\n" -"\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a new stageuser:\n" -" ipa stageuser-add --first=Tim --last=User --password tuser1\n" -"\n" -" Add a stageuser from the deleted users container:\n" -" ipa stageuser-add --first=Tim --last=User --from-delete tuser1\n" -"\n" -msgstr "" - -msgid "Stage Users" -msgstr "" - -msgid "Stage User" -msgstr "" - -msgid "stage user" -msgstr "" - -msgid "stage users" -msgstr "" - -#, python-format -msgid "Added stage user \"%(value)s\"" -msgstr "" - -msgid "givenname is required" -msgstr "" - -msgid "sn is required" -msgstr "" - -#, python-format -msgid "Deleted stage user \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Modified stage user \"%(value)s\"" -msgstr "" - -#, python-format -msgid "%(count)d user matched" -msgid_plural "%(count)d users matched" -msgstr[0] "" - -#, python-format -msgid "Activate a stage user \"%(value)s\"" -msgstr "" - -msgid "Entry RDN is not 'uid'" -msgstr "" - -#, python-format -msgid "Entry has no '%(attribute)s'" -msgstr "" - -#, python-format -msgid "active user with name \"%(user)s\" already exists" -msgstr "" - -#, python-format -msgid "Stage user %s activated" -msgstr "" - -msgid "Add one or more certificates to the stageuser entry" -msgstr "" - -#, python-format -msgid "Added certificates to stageuser \"%(value)s\"" -msgstr "" - -msgid "Remove one or more certificates to the stageuser entry" -msgstr "" - -#, python-format -msgid "Removed certificates from stageuser \"%(value)s\"" -msgstr "" - -msgid "Add new principal alias to the stageuser entry" -msgstr "" - -#, python-format -msgid "Added new aliases to stageuser \"%(value)s\"" -msgstr "" - -msgid "Remove principal alias from the stageuser entry" -msgstr "" - -#, python-format -msgid "Removed aliases from stageuser \"%(value)s\"" -msgstr "" - -msgid "Add one or more certificate mappings to the stage user entry." -msgstr "" - -msgid "Remove one or more certificate mappings from the stage user entry." -msgstr "" - -msgid "commands for controlling sudo configuration" -msgstr "" - -msgid "" -"\n" -"Sudo Commands\n" -"\n" -"Commands used as building blocks for sudo\n" -"\n" -"EXAMPLES:\n" -"\n" -" Create a new command\n" -" ipa sudocmd-add --desc='For reading log files' /usr/bin/less\n" -"\n" -" Remove a command\n" -" ipa sudocmd-del /usr/bin/less\n" -"\n" -msgstr "" - -#, fuzzy -#| msgid "Commands" -msgid "sudo command" -msgstr "Фармонҳо" - -#, fuzzy -#| msgid "Commands" -msgid "sudo commands" -msgstr "Фармонҳо" - -#, fuzzy -#| msgid "Commands" -msgid "Sudo Commands" -msgstr "Фармонҳо" - -#, python-format -msgid "Added Sudo Command \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Deleted Sudo Command \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Modified Sudo Command \"%(value)s\"" -msgstr "" - -#, python-format -msgid "%(count)d Sudo Command matched" -msgid_plural "%(count)d Sudo Commands matched" -msgstr[0] "" - -msgid "" -"\n" -"Groups of Sudo Commands\n" -"\n" -"Manage groups of Sudo Commands.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a new Sudo Command Group:\n" -" ipa sudocmdgroup-add --desc='administrators commands' admincmds\n" -"\n" -" Remove a Sudo Command Group:\n" -" ipa sudocmdgroup-del admincmds\n" -"\n" -" Manage Sudo Command Group membership, commands:\n" -" ipa sudocmdgroup-add-member --sudocmds=/usr/bin/less --sudocmds=/usr/bin/" -"vim admincmds\n" -"\n" -" Manage Sudo Command Group membership, commands:\n" -" ipa sudocmdgroup-remove-member --sudocmds=/usr/bin/less admincmds\n" -"\n" -" Show a Sudo Command Group:\n" -" ipa sudocmdgroup-show admincmds\n" -msgstr "" - -msgid "sudo command group" -msgstr "" - -msgid "sudo command groups" -msgstr "" - -#, python-format -msgid "Added Sudo Command Group \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Deleted Sudo Command Group \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Modified Sudo Command Group \"%(value)s\"" -msgstr "" - -#, python-format -msgid "%(count)d Sudo Command Group matched" -msgid_plural "%(count)d Sudo Command Groups matched" -msgstr[0] "" - -#, python-format -msgid "" -"Insufficient 'write' privilege to the 'krbLastPwdChange' attribute of entry " -"'%s'." -msgstr "" - -msgid "kerberos ticket policy settings" -msgstr "" - -msgid "Kerberos Ticket Policy" -msgstr "" - -msgid "OTP max life" -msgstr "" - -msgid "OTP token maximum ticket life (seconds)" -msgstr "" - -msgid "OTP max renew" -msgstr "" - -msgid "OTP token ticket maximum renewable age (seconds)" -msgstr "" - -msgid "RADIUS max life" -msgstr "" - -msgid "RADIUS maximum ticket life (seconds)" -msgstr "" - -msgid "RADIUS max renew" -msgstr "" - -msgid "RADIUS ticket maximum renewable age (seconds)" -msgstr "" - -msgid "PKINIT max life" -msgstr "" - -msgid "PKINIT maximum ticket life (seconds)" -msgstr "" - -msgid "PKINIT max renew" -msgstr "" - -msgid "PKINIT ticket maximum renewable age (seconds)" -msgstr "" - -msgid "Hardened max life" -msgstr "" - -msgid "Hardened ticket maximum ticket life (seconds)" -msgstr "" - -msgid "Hardened max renew" -msgstr "" - -msgid "Hardened ticket maximum renewable age (seconds)" -msgstr "" - -#, python-format -msgid "Ticket policy for %s could not be read" -msgstr "" - -msgid "Default ticket policy could not be read" -msgstr "" - -msgid "" -"\n" -"Return information about currently authenticated identity\n" -"\n" -"Who am I command returns information on how to get\n" -"more details about the identity authenticated for this\n" -"request. The information includes:\n" -"\n" -" * type of object\n" -" * command to retrieve details of the object\n" -" * arguments and options to pass to the command\n" -"\n" -"The information is returned as a dictionary. Examples below use\n" -"'key: value' output for illustrative purposes.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Look up as IPA user:\n" -" kinit admin\n" -" ipa console\n" -" >> api.Command.whoami()\n" -" ------------------------------------------\n" -" object: user\n" -" command: user_show/1\n" -" arguments: admin\n" -" ------------------------------------------\n" -"\n" -" Look up as a user from a trusted domain:\n" -" kinit user@AD.DOMAIN\n" -" ipa console\n" -" >> api.Command.whoami()\n" -" ------------------------------------------\n" -" object: idoverrideuser\n" -" command: idoverrideuser_show/1\n" -" arguments: ('default trust view', 'user@ad.domain')\n" -" ------------------------------------------\n" -"\n" -" Look up as a host:\n" -" kinit -k\n" -" ipa console\n" -" >> api.Command.whoami()\n" -" ------------------------------------------\n" -" object: host\n" -" command: host_show/1\n" -" arguments: ipa.example.com\n" -" ------------------------------------------\n" -"\n" -" Look up as a Kerberos service:\n" -" kinit -k -t /path/to/keytab HTTP/ipa.example.com\n" -" ipa console\n" -" >> api.Command.whoami()\n" -" ------------------------------------------\n" -" object: service\n" -" command: service_show/1\n" -" arguments: HTTP/ipa.example.com\n" -" ------------------------------------------\n" -msgstr "" - -msgid "Describe currently authenticated identity." -msgstr "" - -msgid "Object class name" -msgstr "" - -msgid "Function to get details" -msgstr "" - -msgid "Arguments to details function" -msgstr "" - -msgid "Cannot query Directory Manager with API" -msgstr "" - -msgid "delegation" -msgstr "" - -msgid "delegations" -msgstr "" - -msgid "Delegations" -msgstr "" - -#, fuzzy -#| msgid "Delete" -msgid "Delegation" -msgstr "Нест кардан" - -#, fuzzy -#| msgid "ACIs" -msgid "ACI" -msgstr "ACIs" - -#, python-format -msgid "Added delegation \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Deleted delegation \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Modified delegation \"%(value)s\"" -msgstr "" - -#, python-format -msgid "%(count)d delegation matched" -msgid_plural "%(count)d delegations matched" -msgstr[0] "" - -msgid "" -"\n" -"Server configuration\n" -"\n" -"Manage the default values that IPA uses and some of its tuning parameters.\n" -"\n" -"NOTES:\n" -"\n" -"The password notification value (--pwdexpnotify) is stored here so it will\n" -"be replicated. It is not currently used to notify users in advance of an\n" -"expiring password.\n" -"\n" -"Some attributes are read-only, provided only for information purposes. " -"These\n" -"include:\n" -"\n" -"Certificate Subject base: the configured certificate subject base,\n" -" e.g. O=EXAMPLE.COM. This is configurable only at install time.\n" -"Password plug-in features: currently defines additional hashes that the\n" -" password will generate (there may be other conditions).\n" -"\n" -"When setting the order list for mapping SELinux users you may need to\n" -"quote the value so it isn't interpreted by the shell.\n" -"\n" -"The maximum length of a hostname in Linux is controlled by\n" -"MAXHOSTNAMELEN in the kernel and defaults to 64. Some other operating\n" -"systems, Solaris for example, allows hostnames up to 255 characters.\n" -"This option will allow flexibility in length but by default limiting\n" -"to the Linux maximum length.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Show basic server configuration:\n" -" ipa config-show\n" -"\n" -" Show all configuration options:\n" -" ipa config-show --all\n" -"\n" -" Change maximum username length to 99 characters:\n" -" ipa config-mod --maxusername=99\n" -"\n" -" Change maximum host name length to 255 characters:\n" -" ipa config-mod --maxhostname=255\n" -"\n" -" Increase default time and size limits for maximum IPA server search:\n" -" ipa config-mod --searchtimelimit=10 --searchrecordslimit=2000\n" -"\n" -" Set default user e-mail domain:\n" -" ipa config-mod --emaildomain=example.com\n" -"\n" -" Enable migration mode to make \"ipa migrate-ds\" command operational:\n" -" ipa config-mod --enable-migration=TRUE\n" -"\n" -" Define SELinux user map order:\n" -" ipa config-mod --ipaselinuxusermaporder='guest_u:s0$xguest_u:s0$user_u:s0-" -"s0:c0.c1023$staff_u:s0-s0:c0.c1023$unconfined_u:s0-s0:c0.c1023'\n" -msgstr "" - -msgid "must be at least 10" -msgstr "" - -#, fuzzy -#| msgid "Configuration" -msgid "configuration options" -msgstr "Ҷӯрсозӣ" - -msgid "Configuration" -msgstr "Ҷӯрсозӣ" - -msgid "Maximum hostname length" -msgstr "" - -msgid "IPA masters" -msgstr "" - -msgid "List of all IPA masters" -msgstr "" - -msgid "Hidden IPA masters" -msgstr "" - -msgid "List of all hidden IPA masters" -msgstr "" - -msgid "IPA master capable of PKINIT" -msgstr "" - -msgid "IPA master which can process PKINIT requests" -msgstr "" - -#, fuzzy -#| msgid "IPA Server" -msgid "IPA CA servers" -msgstr "Сервери IPA" - -msgid "IPA servers configured as certificate authority" -msgstr "" - -msgid "Hidden IPA CA servers" -msgstr "" - -msgid "Hidden IPA servers configured as certificate authority" -msgstr "" - -msgid "IPA CA renewal master" -msgstr "" - -msgid "Renewal master for IPA certificate authority" -msgstr "" - -#, fuzzy -#| msgid "IPA Server" -msgid "IPA KRA servers" -msgstr "Сервери IPA" - -msgid "IPA servers configured as key recovery agent" -msgstr "" - -msgid "Hidden IPA KRA servers" -msgstr "" - -msgid "Hidden IPA servers configured as key recovery agent" -msgstr "" - -#, fuzzy -#| msgid "IPA Server" -msgid "IPA DNS servers" -msgstr "Сервери IPA" - -msgid "IPA servers configured as domain name server" -msgstr "" - -#, fuzzy -#| msgid "IPA Server" -msgid "Hidden IPA DNS servers" -msgstr "Сервери IPA" - -msgid "Hidden IPA servers configured as domain name server" -msgstr "" - -msgid "IPA DNSSec key master" -msgstr "" - -msgid "DNSec key master" -msgstr "" - -msgid "Empty domain is not allowed" -msgstr "" - -#, python-format -msgid "Invalid domain name '%(domain)s': %(e)s" -msgstr "" - -#, python-format -msgid "Server has no information about domain '%(domain)s'" -msgstr "" - -#, python-format -msgid "Disabled domain '%(domain)s' is not allowed" -msgstr "" - -msgid "The group doesn't exist" -msgstr "" - -#, python-format -msgid "attribute \"%s\" not allowed" -msgstr "" - -msgid "May not be empty" -msgstr "" - -#, python-format -msgid "%(obj)s default attribute %(attr)s would not be allowed!" -msgstr "" - -msgid "A list of SELinux users delimited by $ expected" -msgstr "" - -#, python-format -msgid "SELinux user '%(user)s' is not valid: %(error)s" -msgstr "" - -msgid "SELinux user map default user not in order list" -msgstr "" - -#, python-brace-format -msgid "" -"Domain Level cannot be raised to {0}, existing replication conflicts have to " -"be resolved." -msgstr "" - -msgid "Server does not support domain level functionality" -msgstr "" - -msgid "Domain Level cannot be lowered." -msgstr "" - -#, python-brace-format -msgid "Domain Level cannot be raised to {0}, server {1} does not support it." -msgstr "" - -msgid "" -"\n" -"Groups of users\n" -"\n" -"Manage groups of users, groups, or services. By default, new groups are " -"POSIX\n" -"groups. You can add the --nonposix option to the group-add command to mark " -"a\n" -"new group as non-POSIX. You can use the --posix argument with the group-mod\n" -"command to convert a non-POSIX group into a POSIX group. POSIX groups cannot " -"be\n" -"converted to non-POSIX groups.\n" -"\n" -"Every group must have a description.\n" -"\n" -"POSIX groups must have a Group ID (GID) number. Changing a GID is\n" -"supported but can have an impact on your file permissions. It is not " -"necessary\n" -"to supply a GID when creating a group. IPA will generate one automatically\n" -"if it is not provided.\n" -"\n" -"Groups members can be users, other groups, and Kerberos services. In POSIX\n" -"environments only users will be visible as group members, but nested groups " -"and\n" -"groups of services can be used for IPA management purposes.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a new group:\n" -" ipa group-add --desc='local administrators' localadmins\n" -"\n" -" Add a new non-POSIX group:\n" -" ipa group-add --nonposix --desc='remote administrators' remoteadmins\n" -"\n" -" Convert a non-POSIX group to posix:\n" -" ipa group-mod --posix remoteadmins\n" -"\n" -" Add a new POSIX group with a specific Group ID number:\n" -" ipa group-add --gid=500 --desc='unix admins' unixadmins\n" -"\n" -" Add a new POSIX group and let IPA assign a Group ID number:\n" -" ipa group-add --desc='printer admins' printeradmins\n" -"\n" -" Remove a group:\n" -" ipa group-del unixadmins\n" -"\n" -" To add the \"remoteadmins\" group to the \"localadmins\" group:\n" -" ipa group-add-member --groups=remoteadmins localadmins\n" -"\n" -" Add multiple users to the \"localadmins\" group:\n" -" ipa group-add-member --users=test1 --users=test2 localadmins\n" -"\n" -" To add Kerberos services to the \"printer admins\" group:\n" -" ipa group-add-member --services=CUPS/some.host printeradmins\n" -"\n" -" Remove a user from the \"localadmins\" group:\n" -" ipa group-remove-member --users=test2 localadmins\n" -"\n" -" Display information about a named group.\n" -" ipa group-show localadmins\n" -"\n" -"Group membership managers are users or groups that can add members to a\n" -"group or remove members from a group.\n" -"\n" -" Allow user \"test2\" to add or remove members from group \"localadmins\":\n" -" ipa group-add-member-manager --users=test2 localadmins\n" -"\n" -" Revoke membership management rights for user \"test2\" from \"localadmins" -"\":\n" -" ipa group-remove-member-manager --users=test2 localadmins\n" -"\n" -"External group membership is designed to allow users from trusted domains\n" -"to be mapped to local POSIX groups in order to actually use IPA resources.\n" -"External members should be added to groups that specifically created as\n" -"external and non-POSIX. Such group later should be included into one of " -"POSIX\n" -"groups.\n" -"\n" -"An external group member is currently a Security Identifier (SID) as defined " -"by\n" -"the trusted domain. When adding external group members, it is possible to\n" -"specify them in either SID, or DOM\\name, or name@domain format. IPA will " -"attempt\n" -"to resolve passed name to SID with the use of Global Catalog of the trusted " -"domain.\n" -"\n" -"Example:\n" -"\n" -"1. Create group for the trusted domain admins' mapping and their local POSIX " -"group:\n" -"\n" -" ipa group-add --desc=' admins external map' ad_admins_external " -"--external\n" -" ipa group-add --desc=' admins' ad_admins\n" -"\n" -"2. Add security identifier of Domain Admins of the to the " -"ad_admins_external\n" -" group:\n" -"\n" -" ipa group-add-member ad_admins_external --external 'AD\\Domain Admins'\n" -"\n" -"3. Allow members of ad_admins_external group to be associated with ad_admins " -"POSIX group:\n" -"\n" -" ipa group-add-member ad_admins --groups ad_admins_external\n" -"\n" -"4. List members of external members of ad_admins_external group to see their " -"SIDs:\n" -"\n" -" ipa group-show ad_admins_external\n" -msgstr "" - -#, fuzzy -#| msgid "Groups" -msgid "groups" -msgstr "Гуруҳҳо" - -#, fuzzy -#| msgid "User group" -msgid "User Group" -msgstr "Гурӯҳи корбар" - -#, python-format -msgid "Added group \"%(value)s\"" -msgstr "" - -msgid "gid cannot be set for external group" -msgstr "" - -#, python-format -msgid "Deleted group \"%(value)s\"" -msgstr "" - -msgid "privileged group" -msgstr "" - -#, python-format -msgid "Modified group \"%(value)s\"" -msgstr "" - -#, python-format -msgid "%(count)d group matched" -msgid_plural "%(count)d groups matched" -msgstr[0] "" - -msgid "" -"Cannot perform external member validation without Samba 4 support installed. " -"Make sure you have installed server-trust-ad sub-package of IPA on the server" -msgstr "" - -msgid "" -"Cannot perform join operation without own domain configured. Make sure you " -"have run ipa-adtrust-install on the IPA server first" -msgstr "" - -#, python-format -msgid "Detached group \"%(value)s\" from user \"%(value)s\"" -msgstr "" - -msgid "not allowed to modify user entries" -msgstr "" - -msgid "not allowed to modify group entries" -msgstr "" - -msgid "Not a managed group" -msgstr "" - -msgid "Add users that can manage members of this group." -msgstr "" - -msgid "Remove users that can manage members of this group." -msgstr "" - -msgid "Could not read UPG Definition originfilter. Check your permissions." -msgstr "" - -#, python-format -msgid "Added user \"%(value)s\"" -msgstr "" - -msgid "Default group for new users not found" -msgstr "" - -msgid "Default group for new users is not POSIX" -msgstr "" - -#, python-format -msgid "Deleted user \"%(value)s\"" -msgstr "" - -#, python-format -msgid "%s: user is already preserved" -msgstr "" - -#, python-format -msgid "Modified user \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Undeleted user account \"%(value)s\"" -msgstr "" - -#, python-format -msgid "user \"%s\" is already active" -msgstr "" - -#, python-format -msgid "Staged user account \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Disabled user account \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Enabled user account \"%(value)s\"" -msgstr "" - -msgid "" -"\n" -" Unlock a user account\n" -"\n" -" An account may become locked if the password is entered incorrectly too\n" -" many times within a specific time period as controlled by password\n" -" policy. A locked account is a temporary condition and may be unlocked " -"by\n" -" an administrator." -msgstr "" - -#, python-format -msgid "Unlocked account \"%(value)s\"" -msgstr "" - -msgid "Failed logins" -msgstr "" - -msgid "Last successful authentication" -msgstr "" - -msgid "Last failed authentication" -msgstr "" - -msgid "Time now" -msgstr "" - -msgid "" -"\n" -" Lockout status of a user account\n" -"\n" -" An account may become locked if the password is entered incorrectly too\n" -" many times within a specific time period as controlled by password\n" -" policy. A locked account is a temporary condition and may be unlocked " -"by\n" -" an administrator.\n" -"\n" -" This connects to each IPA master and displays the lockout status on\n" -" each one.\n" -"\n" -" To determine whether an account is locked on a given server you need\n" -" to compare the number of failed logins and the time of the last " -"failure.\n" -" For an account to be locked it must exceed the maxfail failures within\n" -" the failinterval duration as specified in the password policy " -"associated\n" -" with the user.\n" -"\n" -" The failed login counter is modified only when a user attempts a log in\n" -" so it is possible that an account may appear locked but the last failed\n" -" login attempt is older than the lockouttime of the password policy. " -"This\n" -" means that the user may attempt a login again. " -msgstr "" - -#, python-format -msgid "%(host)s failed: %(error)s" -msgstr "" - -#, python-format -msgid "%(host)s failed" -msgstr "" - -#, python-format -msgid "Account disabled: %(disabled)s" -msgstr "" - -#, python-format -msgid "Added certificates to user \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Removed certificates from user \"%(value)s\"" -msgstr "" - -msgid "Add one or more certificate mappings to the user entry." -msgstr "" - -msgid "Remove one or more certificate mappings from the user entry." -msgstr "" - -msgid "Add new principal alias to the user entry" -msgstr "" - -#, python-format -msgid "Added new aliases to user \"%(value)s\"" -msgstr "" - -msgid "Remove principal alias from the user entry" -msgstr "" - -#, python-format -msgid "Removed aliases from user \"%(value)s\"" -msgstr "" - -msgid "" -"\n" -"Vaults\n" -msgstr "" - -msgid "" -"\n" -"Manage vaults.\n" -msgstr "" - -msgid "" -"\n" -"Vault is a secure place to store a secret. One vault can only\n" -"store one secret. When archiving a secret in a vault, the\n" -"existing secret (if any) is overwritten.\n" -msgstr "" - -msgid "" -"\n" -"Based on the ownership there are three vault categories:\n" -"* user/private vault\n" -"* service vault\n" -"* shared vault\n" -msgstr "" - -msgid "" -"\n" -"User vaults are vaults owned used by a particular user. Private\n" -"vaults are vaults owned the current user. Service vaults are\n" -"vaults owned by a service. Shared vaults are owned by the admin\n" -"but they can be used by other users or services.\n" -msgstr "" - -msgid "" -"\n" -"Based on the security mechanism there are three types of\n" -"vaults:\n" -"* standard vault\n" -"* symmetric vault\n" -"* asymmetric vault\n" -msgstr "" - -msgid "" -"\n" -"Standard vault uses a secure mechanism to transport and\n" -"store the secret. The secret can only be retrieved by users\n" -"that have access to the vault.\n" -msgstr "" - -msgid "" -"\n" -"Symmetric vault is similar to the standard vault, but it\n" -"pre-encrypts the secret using a password before transport.\n" -"The secret can only be retrieved using the same password.\n" -msgstr "" - -msgid "" -"\n" -"Asymmetric vault is similar to the standard vault, but it\n" -"pre-encrypts the secret using a public key before transport.\n" -"The secret can only be retrieved using the private key.\n" -msgstr "" - -msgid "" -"\n" -" List vaults:\n" -" ipa vault-find\n" -" [--user |--service |--shared]\n" -msgstr "" - -msgid "" -"\n" -" Add a standard vault:\n" -" ipa vault-add \n" -" [--user |--service |--shared]\n" -" --type standard\n" -msgstr "" - -msgid "" -"\n" -" Add a symmetric vault:\n" -" ipa vault-add \n" -" [--user |--service |--shared]\n" -" --type symmetric --password-file password.txt\n" -msgstr "" - -msgid "" -"\n" -" Add an asymmetric vault:\n" -" ipa vault-add \n" -" [--user |--service |--shared]\n" -" --type asymmetric --public-key-file public.pem\n" -msgstr "" - -msgid "" -"\n" -" Show a vault:\n" -" ipa vault-show \n" -" [--user |--service |--shared]\n" -msgstr "" - -msgid "" -"\n" -" Modify vault description:\n" -" ipa vault-mod \n" -" [--user |--service |--shared]\n" -" --desc \n" -msgstr "" - -msgid "" -"\n" -" Modify vault type:\n" -" ipa vault-mod \n" -" [--user |--service |--shared]\n" -" --type \n" -" [old password/private key]\n" -" [new password/public key]\n" -msgstr "" - -msgid "" -"\n" -" Modify symmetric vault password:\n" -" ipa vault-mod \n" -" [--user |--service |--shared]\n" -" --change-password\n" -" ipa vault-mod \n" -" [--user |--service |--shared]\n" -" --old-password \n" -" --new-password \n" -" ipa vault-mod \n" -" [--user |--service |--shared]\n" -" --old-password-file \n" -" --new-password-file \n" -msgstr "" - -msgid "" -"\n" -" Modify asymmetric vault keys:\n" -" ipa vault-mod \n" -" [--user |--service |--shared]\n" -" --private-key-file \n" -" --public-key-file \n" -msgstr "" - -msgid "" -"\n" -" Delete a vault:\n" -" ipa vault-del \n" -" [--user |--service |--shared]\n" -msgstr "" - -msgid "" -"\n" -" Display vault configuration:\n" -" ipa vaultconfig-show\n" -msgstr "" - -msgid "" -"\n" -" Archive data into standard vault:\n" -" ipa vault-archive \n" -" [--user |--service |--shared]\n" -" --in \n" -msgstr "" - -msgid "" -"\n" -" Archive data into symmetric vault:\n" -" ipa vault-archive \n" -" [--user |--service |--shared]\n" -" --in \n" -" --password-file password.txt\n" -msgstr "" - -msgid "" -"\n" -" Archive data into asymmetric vault:\n" -" ipa vault-archive \n" -" [--user |--service |--shared]\n" -" --in \n" -msgstr "" - -msgid "" -"\n" -" Retrieve data from standard vault:\n" -" ipa vault-retrieve \n" -" [--user |--service |--shared]\n" -" --out \n" -msgstr "" - -msgid "" -"\n" -" Retrieve data from symmetric vault:\n" -" ipa vault-retrieve \n" -" [--user |--service |--shared]\n" -" --out \n" -" --password-file password.txt\n" -msgstr "" - -msgid "" -"\n" -" Retrieve data from asymmetric vault:\n" -" ipa vault-retrieve \n" -" [--user |--service |--shared]\n" -" --out --private-key-file private.pem\n" -msgstr "" - -msgid "" -"\n" -" Add vault owners:\n" -" ipa vault-add-owner \n" -" [--user |--service |--shared]\n" -" [--users ] [--groups ] [--services ]\n" -msgstr "" - -msgid "" -"\n" -" Delete vault owners:\n" -" ipa vault-remove-owner \n" -" [--user |--service |--shared]\n" -" [--users ] [--groups ] [--services ]\n" -msgstr "" - -msgid "" -"\n" -" Add vault members:\n" -" ipa vault-add-member \n" -" [--user |--service |--shared]\n" -" [--users ] [--groups ] [--services ]\n" -msgstr "" - -msgid "" -"\n" -" Delete vault members:\n" -" ipa vault-remove-member \n" -" [--user |--service |--shared]\n" -" [--users ] [--groups ] [--services ]\n" -msgstr "" - -msgid "" -"\n" -" Vault Container object.\n" -" " -msgstr "" - -msgid "vaultcontainer" -msgstr "" - -msgid "vaultcontainers" -msgstr "" - -msgid "Vault Containers" -msgstr "" - -msgid "Vault Container" -msgstr "" - -msgid "Service, shared and user options cannot be specified simultaneously" -msgstr "" - -msgid "Host is not supported" -msgstr "" - -msgid "KRA service is not enabled" -msgstr "" - -msgid "Deleted vault container" -msgstr "" - -#, python-format -msgid "owner %s" -msgstr "" - -msgid "" -"\n" -" Vault object.\n" -" " -msgstr "" - -msgid "vault" -msgstr "" - -msgid "vaults" -msgstr "" - -msgid "Vaults" -msgstr "" - -msgid "Vault" -msgstr "" - -msgid "Service, shared, and user options cannot be specified simultaneously" -msgstr "" - -msgid "Add a vault." -msgstr "" - -#, python-format -msgid "Added vault \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Deleted vault \"%(value)s\"" -msgstr "" - -#, python-format -msgid "%(count)d vault matched" -msgid_plural "%(count)d vaults matched" -msgstr[0] "" - -msgid "" -"Service(s), shared, and user(s) options cannot be specified simultaneously" -msgstr "" - -#, python-format -msgid "Modified vault \"%(value)s\"" -msgstr "" - -#, fuzzy -#| msgid "Configuration" -msgid "Vault configuration" -msgstr "Ҷӯрсозӣ" - -msgid "IPA servers configured as key recovery agents" -msgstr "" - -#, python-format -msgid "Archived data into vault \"%(value)s\"" -msgstr "" - -msgid "Retrieve data from a vault." -msgstr "" - -#, python-format -msgid "Retrieved data from vault \"%(value)s\"" -msgstr "" - -msgid "No archived data." -msgstr "" - -msgid "Checks if any of the servers has the KRA service enabled" -msgstr "" - -msgid "" -"\n" -"Manage Certificate Authorities\n" -msgstr "" - -msgid "" -"\n" -"Subordinate Certificate Authorities (Sub-CAs) can be added for scoped " -"issuance\n" -"of X.509 certificates.\n" -msgstr "" - -msgid "" -"\n" -"CAs are enabled on creation, but their use is subject to CA ACLs unless the\n" -"operator has permission to bypass CA ACLs.\n" -msgstr "" - -msgid "" -"\n" -"All CAs except the 'IPA' CA can be disabled or re-enabled. Disabling a CA\n" -"prevents it from issuing certificates but does not affect the validity of " -"its\n" -"certificate.\n" -msgstr "" - -msgid "" -"\n" -"CAs (all except the 'IPA' CA) can be deleted. Deleting a CA causes its " -"signing\n" -"certificate to be revoked and its private key deleted.\n" -msgstr "" - -msgid "" -"\n" -" Create new CA, subordinate to the IPA CA (requires permission\n" -" \"System: Add CA\"):\n" -"\n" -" ipa ca-add puppet --desc \"Puppet\" \\\n" -" --subject \"CN=Puppet CA,O=EXAMPLE.COM\"\n" -msgstr "" - -msgid "" -"\n" -" Disable a CA (requires permission \"System: Modify CA\"):\n" -"\n" -" ipa ca-disable puppet\n" -msgstr "" - -msgid "" -"\n" -" Re-enable a CA (requires permission \"System: Modify CA\"):\n" -"\n" -" ipa ca-enable puppet\n" -msgstr "" - -msgid "" -"\n" -" Delete a CA (requires permission \"System: Delete CA\"; also requires\n" -" CA to be disabled first):\n" -"\n" -" ipa ca-del puppet\n" -msgstr "" - -msgid "Certificate Authority" -msgstr "" - -msgid "Certificate Authorities" -msgstr "" - -msgid "Name for referencing the CA" -msgstr "" - -msgid "Description of the purpose of the CA" -msgstr "" - -msgid "Authority ID" -msgstr "" - -msgid "Dogtag Authority ID" -msgstr "" - -#, fuzzy -#| msgid "Subject" -msgid "Subject DN" -msgstr "Мавзӯъ" - -msgid "Subject Distinguished Name" -msgstr "" - -#, fuzzy -#| msgid "Issuer" -msgid "Issuer DN" -msgstr "Диҳанда" - -msgid "Issuer Distinguished Name" -msgstr "" - -msgid "Base-64 encoded certificate." -msgstr "" - -msgid "Certificate chain" -msgstr "" - -msgid "X.509 certificate chain" -msgstr "" - -msgid "Search for CAs." -msgstr "" - -#, python-format -msgid "%(count)d CA matched" -msgid_plural "%(count)d CAs matched" -msgstr[0] "" - -msgid "Include certificate chain in output" -msgstr "" - -msgid "Display the properties of a CA." -msgstr "" - -msgid "Create a CA." -msgstr "" - -#, python-format -msgid "Created CA \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Insufficient 'add' privilege for entry '%s'." -msgstr "" - -#, python-format -msgid "Unrecognized attributes: %(attrs)s" -msgstr "" - -#, python-format -msgid "Subject DN is already used by CA '%s'" -msgstr "" - -msgid "Delete a CA (must be disabled first)." -msgstr "" - -#, python-format -msgid "Deleted CA \"%(value)s\"" -msgstr "" - -msgid "Insufficient privilege to delete a CA." -msgstr "" - -msgid "CA" -msgstr "" - -msgid "IPA CA cannot be deleted" -msgstr "" - -msgid "Must be disabled first" -msgstr "" - -#, fuzzy -#| msgid "Configuration" -msgid "Modify CA configuration." -msgstr "Ҷӯрсозӣ" - -#, python-format -msgid "Modified CA \"%(value)s\"" -msgstr "" - -msgid "Insufficient privilege to modify a CA." -msgstr "" - -msgid "Disable a CA." -msgstr "" - -#, python-format -msgid "Disabled CA \"%(value)s\"" -msgstr "" - -msgid "IPA CA cannot be disabled" -msgstr "" - -#, fuzzy -#| msgid "Enabled" -msgid "Enable a CA." -msgstr "Фаъолшуда" - -#, python-format -msgid "Enabled CA \"%(value)s\"" -msgstr "" - -msgid "Internationalization messages" -msgstr "" - -msgid "Your session has expired. Please log in again." -msgstr "" - -msgid "Apply" -msgstr "" - -msgid "Rebuild auto membership" -msgstr "" - -msgid "Are you sure you want to rebuild auto membership?" -msgstr "" - -msgid "Automember rebuild membership task completed" -msgstr "" - -msgid "Are you sure you want to proceed with the action?" -msgstr "" - -#, python-brace-format -msgid "Are you sure you want to delete ${object}?" -msgstr "" - -#, python-brace-format -msgid "Are you sure you want to disable ${object}?" -msgstr "" - -#, python-brace-format -msgid "Are you sure you want to enable ${object}?" -msgstr "" - -#, fuzzy -#| msgid "Location" -msgid "Actions" -msgstr "Макон" - -msgid "Add" -msgstr "Илова кардан" - -#, python-brace-format -msgid "${count} item(s) added" -msgstr "" - -msgid "Direct Membership" -msgstr "" - -#, python-brace-format -msgid "Filter available ${other_entity}" -msgstr "" - -msgid "Indirect Membership" -msgstr "" - -msgid "No entries." -msgstr "" - -#, python-brace-format -msgid "Showing ${start} to ${end} of ${total} entries." -msgstr "" - -msgid "Remove" -msgstr "" - -#, python-brace-format -msgid "${count} item(s) removed" -msgstr "" - -msgid "Show Results" -msgstr "" - -msgid "Authentication indicators" -msgstr "" - -msgid "Authentication indicator" -msgstr "" - -msgid "" -"

Implicit method (password) will be used if no method is chosen.

Password + Two-factor: LDAP and Kerberos allow " -"authentication with either one of the authentication types but Kerberos uses " -"pre-authentication method which requires to use armor ccache.

RADIUS with another type: Kerberos always use RADIUS, " -"but LDAP never does. LDAP only recognize the password and two-factor " -"authentication options.

" -msgstr "" - -msgid "Add Custom Authentication Indicator" -msgstr "" - -msgid "Two factor authentication (password + OTP)" -msgstr "" - -msgid "RADIUS" -msgstr "" - -msgid "Hardened Password (by SPAKE or FAST)" -msgstr "" - -msgid "Disable per-user override" -msgstr "" - -msgid "" -"

Per-user setting, overwrites the global setting if any option is checked." -"

Password + Two-factor: LDAP and Kerberos allow " -"authentication with either one of the authentication types but Kerberos uses " -"pre-authentication method which requires to use armor ccache.

RADIUS with another type: Kerberos always use RADIUS, " -"but LDAP never does. LDAP only recognize the password and two-factor " -"authentication options.

" -msgstr "" - -msgid "About" -msgstr "" - -msgid "Activate" -msgstr "" - -msgid "Add and Add Another" -msgstr "" - -msgid "Add and Close" -msgstr "" - -msgid "Add and Edit" -msgstr "" - -msgid "Add Many" -msgstr "" - -msgid "Back" -msgstr "" - -msgid "Cancel" -msgstr "Бекор кардан" - -msgid "Clear" -msgstr "" - -msgid "Clear all fields on the page." -msgstr "" - -msgid "Close" -msgstr "Пӯшидан" - -#, fuzzy -#| msgid "Available" -msgid "Disable" -msgstr "Дастрас" - -msgid "Download" -msgstr "" - -msgid "Download certificate as PEM formatted file." -msgstr "" - -msgid "Edit" -msgstr "" - -#, fuzzy -#| msgid "Enabled" -msgid "Enable" -msgstr "Фаъолшуда" - -msgid "Find" -msgstr "Ёфтан" - -msgid "Get" -msgstr "Гирифтан" - -msgid "Hide" -msgstr "" - -msgid "Issue" -msgstr "Барориш" - -msgid "Match" -msgstr "" - -msgid "Match users according to certificate." -msgstr "" - -msgid "Migrate" -msgstr "" - -msgid "OK" -msgstr "Хуб" - -msgid "Refresh" -msgstr "" - -msgid "Reload current settings from the server." -msgstr "" - -msgid "Delete" -msgstr "Нест кардан" - -msgid "Remove hold" -msgstr "" - -msgid "Reset" -msgstr "Бозсозӣ" - -#, fuzzy -#| msgid "New Password" -msgid "Reset Password" -msgstr "Пароли нав" - -msgid "Reset Password and Log in" -msgstr "" - -msgid "Restore" -msgstr "Барқароркунӣ" - -msgid "Retry" -msgstr "Кӯшиш" - -msgid "Revert" -msgstr "" - -msgid "Revoke" -msgstr "" - -msgid "Save" -msgstr "" - -#, fuzzy -#| msgid "Get" -msgid "Set" -msgstr "Гирифтан" - -msgid "Show" -msgstr "" - -msgid "Stage" -msgstr "" - -msgid "Update" -msgstr "Ҷадидсозӣ" - -msgid "View" -msgstr "Намоиш" - -#, fuzzy -#| msgid "Configuration" -msgid "Customization" -msgstr "Ҷӯрсозӣ" - -msgid "Pagination Size" -msgstr "" - -msgid "Collapse All" -msgstr "" - -msgid "Expand All" -msgstr "" - -msgid "General" -msgstr "Умумӣ" - -#, fuzzy -#| msgid "Settings" -msgid "Identity Settings" -msgstr "Танзимотҳо" - -#, fuzzy -#| msgid "Settings" -msgid "Record Settings" -msgstr "Танзимотҳо" - -#, python-brace-format -msgid "${entity} ${primary_key} Settings" -msgstr "" - -msgid "Back to Top" -msgstr "" - -#, python-brace-format -msgid "${entity} ${primary_key} updated" -msgstr "" - -#, python-brace-format -msgid "${entity} successfully added" -msgstr "" - -msgid "Add custom value" -msgstr "" - -msgid "Available" -msgstr "Дастрас" - -msgid "Some operations failed." -msgstr "" - -msgid "Operations Error" -msgstr "" - -#, fuzzy -#| msgid "Configuration" -msgid "Confirmation" -msgstr "Ҷӯрсозӣ" - -msgid "Custom value" -msgstr "" - -msgid "This page has unsaved changes. Please save or revert." -msgstr "" - -msgid "Unsaved Changes" -msgstr "" - -#, python-brace-format -msgid "Edit ${entity}" -msgstr "" - -msgid "Hide details" -msgstr "" - -#, python-brace-format -msgid "${product}, version: ${version}" -msgstr "" - -msgid "Prospective" -msgstr "" - -#, fuzzy -#| msgid "description" -msgid "Redirection" -msgstr "шарҳ" - -msgid "Select entries to be removed." -msgstr "" - -msgid "Result" -msgstr "" - -msgid "Show details" -msgstr "" - -msgid "Success" -msgstr "" - -msgid "Validation error" -msgstr "" - -msgid "Input form contains invalid or missing values." -msgstr "" - -msgid "Please try the following options:" -msgstr "" - -msgid "If the problem persists please contact the system administrator." -msgstr "" - -msgid "Refresh the page." -msgstr "" - -msgid "Reload the browser." -msgstr "" - -msgid "Return to the main page and retry the operation" -msgstr "" - -#, python-brace-format -msgid "An error has occurred (${error})" -msgstr "" - -#, fuzzy -#| msgid "Error" -msgid "HTTP Error" -msgstr "Хатогӣ" - -msgid "Internal Error" -msgstr "" - -#, fuzzy -#| msgid "Error" -msgid "IPA Error" -msgstr "Хатогӣ" - -msgid "No response" -msgstr "" - -msgid "Unknown Error" -msgstr "" - -msgid "URL" -msgstr "" - -#, python-brace-format -msgid "${primary_key} is managed by:" -msgstr "" - -#, python-brace-format -msgid "${primary_key} members:" -msgstr "" - -#, python-brace-format -msgid "${primary_key} is a member of:" -msgstr "" - -#, python-brace-format -msgid "${primary_key} member managers:" -msgstr "" - -msgid "Settings" -msgstr "Танзимотҳо" - -msgid "Search" -msgstr "Ҷустуҷӯ" - -msgid "False" -msgstr "" - -#, python-brace-format -msgid "Allow user groups to create keytab of '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Allow user groups to retrieve keytab of '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Allow host groups to create keytab of '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Allow host groups to retrieve keytab of '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Allow hosts to create keytab of '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Allow hosts to retrieve keytab of '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Allow users to create keytab of '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Allow users to retrieve keytab of '${primary_key}'" -msgstr "" - -msgid "Allowed to create keytab" -msgstr "" - -msgid "Allowed to retrieve keytab" -msgstr "" - -#, python-brace-format -msgid "Disallow user groups to create keytab of '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Disallow user groups to retrieve keytab of '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Disallow host groups to create keytab of '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Disallow host groups to retrieve keytab of '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Disallow hosts to create keytab of '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Disallow hosts to retrieve keytab of '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Disallow users to create keytab of '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Disallow users to retrieve keytab of '${primary_key}'" -msgstr "" - -msgid "Add Kerberos Principal Alias" -msgstr "" - -msgid "New kerberos principal alias" -msgstr "" - -msgid "Remove Kerberos Alias" -msgstr "" - -#, python-brace-format -msgid "Do you want to remove kerberos alias ${alias}?" -msgstr "" - -msgid "Inherited from server configuration" -msgstr "" - -msgid "MS-PAC" -msgstr "" - -msgid "Override inherited settings" -msgstr "" - -msgid "PAD" -msgstr "" - -msgid "Authenticating" -msgstr "" - -msgid "Authentication with personal certificate failed" -msgstr "" - -msgid "" -" To log in with certificate, please make sure you have valid personal certificate. " -msgstr "" - -msgid "Continue to next page" -msgstr "" - -msgid "" -" To log in with username and " -"password, enter them in the corresponding fields, then click 'Log " -"in'." -msgstr "" - -msgid "Login failed due to an unknown reason" -msgstr "" - -msgid "Logged In As" -msgstr "" - -msgid "Authentication with Kerberos failed" -msgstr "" - -#, python-brace-format -msgid "" -" To log in with Kerberos, please make sure you have valid tickets (obtainable via kinit) and " -"configured the " -"browser correctly, then click 'Log in'." -msgstr "" - -msgid "Loading" -msgstr "" - -msgid "Kerberos Principal you entered is expired" -msgstr "" - -msgid "Loading data" -msgstr "" - -msgid "Log in" -msgstr "" - -msgid "Log In Using Certificate" -msgstr "" - -msgid "Log in using personal certificate" -msgstr "" - -msgid "Log out" -msgstr "" - -msgid "Log out error" -msgstr "" - -msgid "Password or Password+One-Time Password" -msgstr "" - -#, python-brace-format -msgid "You will be redirected in ${count}s" -msgstr "" - -msgid "Sync OTP Token" -msgstr "" - -msgid "Synchronizing" -msgstr "" - -msgid "The user account you entered is locked" -msgstr "" - -msgid "number of passwords" -msgstr "" - -msgid "seconds" -msgstr "" - -#, fuzzy -#| msgid "Configuration" -msgid "Migrating" -msgstr "Ҷӯрсозӣ" - -msgid "There was a problem with your request. Please, try again later." -msgstr "" - -msgid "Password migration was not successful" -msgstr "" - -msgid "" -"

Password Migration

If you have been sent here by your " -"administrator, your personal information is being migrated to a new identity " -"management solution (IPA).

Please, enter your credentials in the form " -"to complete the process. Upon successful login your kerberos account will be " -"activated.

" -msgstr "" - -msgid "The password or username you entered is incorrect" -msgstr "" - -msgid "Password migration was successful" -msgstr "" - -msgid "Attribute" -msgstr "Аттрибут" - -msgid "Add delegation" -msgstr "" - -msgid "Remove delegations" -msgstr "" - -#, fuzzy -#| msgid "Permission" -msgid "Add permission" -msgstr "Иҷозат" - -#, python-brace-format -msgid "Add privileges into permission '${primary_key}'" -msgstr "" - -#, fuzzy -#| msgid "Permissions" -msgid "Remove permissions" -msgstr "Иҷозатҳо" - -#, python-brace-format -msgid "Remove privileges from permission '${primary_key}'" -msgstr "" - -msgid "Add privilege" -msgstr "" - -#, python-brace-format -msgid "Add privilege '${primary_key}' into permissions" -msgstr "" - -#, python-brace-format -msgid "Add roles into privilege '${primary_key}'" -msgstr "" - -msgid "Remove privileges" -msgstr "" - -#, python-brace-format -msgid "Remove privilege '${primary_key}' from permissions" -msgstr "" - -#, python-brace-format -msgid "Remove roles from privilege '${primary_key}'" -msgstr "" - -#, fuzzy -#| msgid "Settings" -msgid "Role Settings" -msgstr "Танзимотҳо" - -msgid "Add role" -msgstr "" - -#, python-brace-format -msgid "Add user groups into role '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add hosts into role '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add host groups into role '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add role '${primary_key}' into privileges" -msgstr "" - -#, python-brace-format -msgid "Add services into role '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add users into role '${primary_key}'" -msgstr "" - -msgid "Remove roles" -msgstr "" - -#, python-brace-format -msgid "Remove role '${primary_key}' from privileges" -msgstr "" - -#, python-brace-format -msgid "Remove user groups from role '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove hosts from role '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove host groups from role '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove services from role '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove users from role '${primary_key}'" -msgstr "" - -msgid "Add self service permission" -msgstr "" - -msgid "Remove self service permissions" -msgstr "" - -msgid "Add rule" -msgstr "" - -#, python-brace-format -msgid "Add inclusive condition into '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add exclusive condition into '${primary_key}'" -msgstr "" - -msgid "Are you sure you want to change default group?" -msgstr "" - -msgid "Default host group" -msgstr "" - -#, fuzzy -#| msgid "User group" -msgid "Default user group" -msgstr "Гурӯҳи корбар" - -msgid "Exclusive" -msgstr "" - -#, fuzzy -#| msgid "Permission" -msgid "Expression" -msgstr "Иҷозат" - -msgid "Host group rule" -msgstr "" - -msgid "Host group rules" -msgstr "" - -msgid "Inclusive" -msgstr "" - -msgid "Remove auto membership rules" -msgstr "" - -#, python-brace-format -msgid "Remove exclusive conditions from rule '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove inclusive conditions from rule '${primary_key}'" -msgstr "" - -#, fuzzy -#| msgid "User group" -msgid "User group rule" -msgstr "Гурӯҳи корбар" - -#, fuzzy -#| msgid "User group" -msgid "User group rules" -msgstr "Гурӯҳи корбар" - -msgid "Add automount key" -msgstr "" - -msgid "Remove automount keys" -msgstr "" - -msgid "Add automount location" -msgstr "" - -msgid "Automount Location Settings" -msgstr "" - -msgid "Remove automount locations" -msgstr "" - -msgid "Add automount map" -msgstr "" - -#, fuzzy -#| msgid "Type" -msgid "Map Type" -msgstr "Намуд" - -msgid "Direct" -msgstr "" - -msgid "Indirect" -msgstr "" - -msgid "Remove automount maps" -msgstr "" - -msgid "Add certificate authority" -msgstr "" - -msgid "Remove certificate authorities" -msgstr "" - -msgid "Add CA ACL" -msgstr "" - -#, python-brace-format -msgid "Add Certificate Authorities into CA ACL '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add user groups into CA ACL '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add host groups into CA ACL '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add hosts into CA ACL '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add certificate profiles into CA ACL '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add services into CA ACL '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add users into CA ACL '${primary_key}'" -msgstr "" - -#, fuzzy -#| msgid "Allow" -msgid "All" -msgstr "Иҷозат додан" - -msgid "Any CA" -msgstr "" - -msgid "Any Host" -msgstr "" - -#, fuzzy -#| msgid "Service" -msgid "Any Service" -msgstr "Хидмат" - -msgid "Any Profile" -msgstr "" - -msgid "Anyone" -msgstr "" - -msgid "Rule status" -msgstr "" - -msgid "If no CAs are specified, requests to the default CA are allowed." -msgstr "" - -msgid "Remove CA ACLs" -msgstr "" - -#, python-brace-format -msgid "Remove Certificate Authorities from CA ACL '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove user groups from CA ACL '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove host groups from CA ACL '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove hosts from CA ACL '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove certificate profiles from CA ACL '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove services from CA ACL '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove users from CA ACL '${primary_key}'" -msgstr "" - -msgid "Specified CAs" -msgstr "" - -msgid "Specified Hosts and Groups" -msgstr "" - -msgid "Specified Profiles" -msgstr "" - -msgid "Specified Services and Groups" -msgstr "" - -msgid "Specified Users and Groups" -msgstr "" - -msgid "Permitted to have certificates issued" -msgstr "" - -msgid "Remove certificate profiles" -msgstr "" - -msgid "AA Compromise" -msgstr "" - -#, fuzzy -#| msgid "Principal" -msgid "Add principal" -msgstr "Асосӣ" - -msgid "Affiliation Changed" -msgstr "" - -msgid "CA Compromise" -msgstr "" - -msgid "Certificates" -msgstr "" - -msgid "Certificate Hold" -msgstr "" - -msgid "Cessation of Operation" -msgstr "" - -#, fuzzy -#| msgid "Host Name" -msgid "Common Name" -msgstr "Номи мизбон" - -msgid "the certificate with serial number " -msgstr "" - -msgid "Expires On" -msgstr "" - -#, fuzzy -#| msgid "Issued To" -msgid "Issued on from" -msgstr "Додашудааст ба:" - -#, fuzzy -#| msgid "Issued To" -msgid "Issued on to" -msgstr "Додашудааст ба:" - -#, fuzzy -#| msgid "Serial number" -msgid "Maximum serial number" -msgstr "Рақами силсилавӣ" - -#, fuzzy -#| msgid "Serial number" -msgid "Minimum serial number" -msgstr "Рақами силсилавӣ" - -msgid "Revoked on from" -msgstr "" - -msgid "Revoked on to" -msgstr "" - -msgid "Valid not after from" -msgstr "" - -msgid "Valid not after to" -msgstr "" - -msgid "Valid not before from" -msgstr "" - -msgid "Valid not before to" -msgstr "" - -msgid "Fingerprints" -msgstr "" - -msgid "Get Certificate" -msgstr "" - -msgid "Certificate Hold Removed" -msgstr "" - -#, python-brace-format -msgid "Issue new certificate for host '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Issue new certificate for service '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Issue new certificate for user '${primary_key}'" -msgstr "" - -msgid "Issue new certificate" -msgstr "" - -msgid "Issued By" -msgstr "Додааст:" - -#, fuzzy -#| msgid "Issued By" -msgid "Issued On" -msgstr "Додааст:" - -msgid "Issued To" -msgstr "Додашудааст ба:" - -msgid "Key Compromise" -msgstr "" - -msgid "No Valid Certificate" -msgstr "" - -msgid "New Certificate" -msgstr "" - -msgid "Certificate in base64 or PEM format" -msgstr "" - -msgid "Note" -msgstr "Эзоҳ" - -msgid "Organization" -msgstr "Ташкилот" - -#, fuzzy -#| msgid "Organization" -msgid "Organizational Unit" -msgstr "Ташкилот" - -#, python-brace-format -msgid "${count} certificate(s) present" -msgstr "" - -msgid "Privilege Withdrawn" -msgstr "" - -msgid "Reason for Revocation" -msgstr "" - -msgid "Remove certificate hold" -msgstr "" - -msgid "Do you want to remove the certificate hold?" -msgstr "" - -msgid "Remove from CRL" -msgstr "" - -#, python-brace-format -msgid "" -"
  1. Create a certificate database or use an existing one. To create a " -"new database:
    # certutil -N -d <database path>
    2. " -"
  2. Create a CSR with subject CN=<${cn_name}>,O=<realm>, for example:
    # certutil -R -d <database path> -a -g " -"<key size> -s 'CN=${cn},O=${realm}'${san}
  3. Copy and " -"paste the CSR (from -----BEGIN NEW CERTIFICATE REQUEST----- to " -"-----END NEW CERTIFICATE REQUEST-----) into the text area below:
" -msgstr "" - -#, python-brace-format -msgid " -8 '${cn}'" -msgstr "" - -msgid "Certificate requested" -msgstr "" - -msgid "Revoke certificate" -msgstr "" - -msgid "" -"Do you want to revoke this certificate? Select a reason from the pull-down " -"list." -msgstr "" - -msgid "Certificate Revoked" -msgstr "" - -msgid "REVOKED" -msgstr "" - -msgid "SHA1 Fingerprint" -msgstr "" - -msgid "SHA256 Fingerprint" -msgstr "" - -msgid "Status" -msgstr "Ҳолат" - -msgid "Superseded" -msgstr "" - -msgid "Unspecified" -msgstr "" - -msgid "Valid Certificate Present" -msgstr "" - -msgid "Valid from" -msgstr "" - -#, fuzzy -#| msgid "Validity" -msgid "Valid to" -msgstr "Саҳеҳият" - -msgid "Validity" -msgstr "Саҳеҳият" - -#, python-brace-format -msgid "Certificate for ${entity} ${primary_key}" -msgstr "" - -msgid "View Certificate" -msgstr "" - -msgid "Certificate Data" -msgstr "" - -msgid "Certificate For Match" -msgstr "" - -msgid "Certificate Mapping Match" -msgstr "" - -msgid "Matched Users" -msgstr "" - -#, fuzzy -#| msgid "User name" -msgid "User Login" -msgstr "Номи корбар" - -msgid "Add certificate identity mapping rule" -msgstr "" - -msgid "Add certificate mapping data" -msgstr "" - -msgid "Certificate mapping data" -msgstr "" - -#, fuzzy -#| msgid "Configuration" -msgid "Configuration string" -msgstr "Ҷӯрсозӣ" - -#, python-brace-format -msgid "Do you want to remove certificate mapping data ${data}?" -msgstr "" - -msgid "Remove certificate mapping data" -msgstr "" - -msgid "Issuer and subject" -msgstr "" - -msgid "Remove certificate identity mapping rules" -msgstr "" - -#, fuzzy -#| msgid "Groups" -msgid "Group Options" -msgstr "Гуруҳҳо" - -#, fuzzy -#| msgid "Search" -msgid "Search Options" -msgstr "Ҷустуҷӯ" - -msgid "SELinux Options" -msgstr "" - -msgid "Server Options" -msgstr "" - -#, fuzzy -#| msgid "Service" -msgid "Service Options" -msgstr "Хидмат" - -#, fuzzy -#| msgid "Description" -msgid "User Options" -msgstr "Шарҳ" - -msgid "Forward first" -msgstr "" - -msgid "Forwarding disabled" -msgstr "" - -msgid "Forward only" -msgstr "" - -msgid "Options" -msgstr "" - -msgid "Update System DNS Records" -msgstr "" - -msgid "Do you want to update system DNS records?" -msgstr "" - -msgid "System DNS records updated" -msgstr "" - -msgid "Add DNS forward zone" -msgstr "" - -msgid "Remove DNS forward zones" -msgstr "" - -msgid "Add DNS resource record" -msgstr "" - -msgid "DNS record was deleted because it contained no data." -msgstr "" - -msgid "Other Record Types" -msgstr "" - -msgid "Address not valid, can't redirect" -msgstr "" - -msgid "Create dns record" -msgstr "" - -msgid "Creating record." -msgstr "" - -msgid "Record creation failed." -msgstr "" - -msgid "Checking if record exists." -msgstr "" - -msgid "Record not found." -msgstr "" - -msgid "Redirection to PTR record" -msgstr "" - -#, python-brace-format -msgid "Zone found: ${zone}" -msgstr "" - -msgid "Target reverse zone not found." -msgstr "" - -msgid "Fetching DNS zones." -msgstr "" - -msgid "An error occurred while fetching dns zones." -msgstr "" - -msgid "You will be redirected to DNS Zone." -msgstr "" - -msgid "Remove DNS resource records" -msgstr "" - -msgid "Standard Record Types" -msgstr "" - -msgid "Records for DNS Zone" -msgstr "" - -msgid "Record Type" -msgstr "" - -msgid "Add DNS zone" -msgstr "" - -#, python-brace-format -msgid "Are you sure you want to add permission for DNS Zone ${object}?" -msgstr "" - -#, fuzzy -#| msgid "Settings" -msgid "DNS Zone Settings" -msgstr "Танзимотҳо" - -msgid "Remove DNS zones" -msgstr "" - -#, fuzzy -#| msgid "Permission" -msgid "Remove Permission" -msgstr "Иҷозат" - -#, python-brace-format -msgid "Are you sure you want to remove permission for DNS Zone ${object}?" -msgstr "" - -msgid "Skip DNS check" -msgstr "" - -msgid "Skip overlap check" -msgstr "" - -msgid "Do you want to check if new authoritative nameserver address is in DNS" -msgstr "" - -msgid "Authoritative nameserver change" -msgstr "" - -msgid "Level" -msgstr "" - -msgid "Set Domain Level" -msgstr "" - -#, fuzzy -#| msgid "User group" -msgid "Add user group" -msgstr "Гурӯҳи корбар" - -#, python-brace-format -msgid "Add user groups into user group '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add user group '${primary_key}' into user groups" -msgstr "" - -#, python-brace-format -msgid "Add user group '${primary_key}' into HBAC rules" -msgstr "" - -#, python-brace-format -msgid "Add user group '${primary_key}' into netgroups" -msgstr "" - -#, python-brace-format -msgid "Add user group '${primary_key}' into roles" -msgstr "" - -#, python-brace-format -msgid "Add user group '${primary_key}' into sudo rules" -msgstr "" - -#, python-brace-format -msgid "Add services into user group '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add users into user group '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add groups as member managers for user group '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove groups from member managers for user group '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add users as member managers for user group '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove users from member managers for user group '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add user ID override into user group '${primary_key}'" -msgstr "" - -#, fuzzy -#| msgid "Settings" -msgid "Group Settings" -msgstr "Танзимотҳо" - -msgid "External" -msgstr "" - -msgid "Groups" -msgstr "Гуруҳҳо" - -msgid "Group categories" -msgstr "" - -msgid "Change to external group" -msgstr "" - -msgid "Change to POSIX group" -msgstr "" - -msgid "Non-POSIX" -msgstr "" - -msgid "POSIX" -msgstr "" - -#, fuzzy -#| msgid "User group" -msgid "Remove user groups" -msgstr "Гурӯҳи корбар" - -#, python-brace-format -msgid "Remove user group '${primary_key}' from user groups" -msgstr "" - -#, python-brace-format -msgid "Remove user group '${primary_key}' from netgroups" -msgstr "" - -#, python-brace-format -msgid "Remove user group '${primary_key}' from roles" -msgstr "" - -#, python-brace-format -msgid "Remove user group '${primary_key}' from HBAC rules" -msgstr "" - -#, python-brace-format -msgid "Remove user group '${primary_key}' from sudo rules" -msgstr "" - -#, python-brace-format -msgid "Remove user groups from user group '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove services from user group '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove users from user group '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove user ID overrides from user group '${primary_key}'" -msgstr "" - -#, fuzzy -#| msgid "Group" -msgid "Group Type" -msgstr "Гурӯҳ" - -msgid "Add HBAC rule" -msgstr "" - -#, python-brace-format -msgid "Add user groups into HBAC rule '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add host groups into HBAC rule '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add hosts into HBAC rule '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add HBAC service groups into HBAC rule '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add HBAC services into HBAC rule '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add users into HBAC rule '${primary_key}'" -msgstr "" - -msgid "Accessing" -msgstr "" - -msgid "Remove HBAC rules" -msgstr "" - -#, python-brace-format -msgid "Remove user groups from HBAC rule '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove host groups from HBAC rule '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove hosts from HBAC rule '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove HBAC service groups from HBAC rule '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove HBAC services from HBAC rule '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove users from HBAC rule '${primary_key}'" -msgstr "" - -#, fuzzy -#| msgid "Service" -msgid "Via Service" -msgstr "Хидмат" - -msgid "Who" -msgstr "" - -msgid "Add HBAC service" -msgstr "" - -#, python-brace-format -msgid "Add HBAC service '${primary_key}' into HBAC service groups" -msgstr "" - -msgid "Remove HBAC services" -msgstr "" - -#, python-brace-format -msgid "Remove HBAC service '${primary_key}' from HBAC service groups" -msgstr "" - -msgid "Add HBAC service group" -msgstr "" - -#, python-brace-format -msgid "Add HBAC services into HBAC service group '${primary_key}'" -msgstr "" - -msgid "Remove HBAC service groups" -msgstr "" - -#, python-brace-format -msgid "Remove HBAC services from HBAC service group '${primary_key}'" -msgstr "" - -msgid "Access Denied" -msgstr "" - -msgid "Access Granted" -msgstr "" - -msgid "Include Disabled" -msgstr "" - -#, fuzzy -#| msgid "Enabled" -msgid "Include Enabled" -msgstr "Фаъолшуда" - -msgid "HBAC Test" -msgstr "" - -msgid "Matched" -msgstr "" - -msgid "Missing values: " -msgstr "" - -msgid "New Test" -msgstr "" - -msgid "Rules" -msgstr "" - -msgid "Run Test" -msgstr "" - -#, python-brace-format -msgid "Specify external ${entity}" -msgstr "" - -msgid "Unmatched" -msgstr "" - -msgid "Add host" -msgstr "" - -#, python-brace-format -msgid "Add hosts managing host '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add host '${primary_key}' into host groups" -msgstr "" - -#, python-brace-format -msgid "Add host '${primary_key}' into HBAC rules" -msgstr "" - -#, python-brace-format -msgid "Add host '${primary_key}' into netgroups" -msgstr "" - -#, python-brace-format -msgid "Add host '${primary_key}' into roles" -msgstr "" - -#, python-brace-format -msgid "Add host '${primary_key}' into sudo rules" -msgstr "" - -msgid "Host Certificate" -msgstr "" - -msgid "Host Name" -msgstr "Номи мизбон" - -msgid "Delete Key, Unprovision" -msgstr "" - -#, fuzzy -#| msgid "Settings" -msgid "Host Settings" -msgstr "Танзимотҳо" - -msgid "Enrolled" -msgstr "" - -msgid "Enrollment" -msgstr "" - -msgid "Fully Qualified Host Name" -msgstr "" - -#, fuzzy -#| msgid "General" -msgid "Generate OTP" -msgstr "Умумӣ" - -#, fuzzy -#| msgid "General" -msgid "Generated OTP" -msgstr "Умумӣ" - -msgid "Kerberos Key" -msgstr "" - -msgid "Kerberos Key Not Present" -msgstr "" - -msgid "Kerberos Key Present, Host Provisioned" -msgstr "" - -#, fuzzy -#| msgid "Password" -msgid "One-Time Password" -msgstr "Парол" - -#, fuzzy -#| msgid "Password" -msgid "One-Time Password Not Present" -msgstr "Парол" - -#, fuzzy -#| msgid "Password" -msgid "One-Time Password Present" -msgstr "Парол" - -#, fuzzy -#| msgid "Reset" -msgid "Reset OTP" -msgstr "Бозсозӣ" - -#, fuzzy -#| msgid "New Password" -msgid "Reset One-Time Password" -msgstr "Пароли нав" - -msgid "Set OTP" -msgstr "" - -msgid "OTP set" -msgstr "" - -#, fuzzy -#| msgid "New Password" -msgid "Set One-Time Password" -msgstr "Пароли нав" - -msgid "Remove hosts" -msgstr "" - -#, python-brace-format -msgid "Remove hosts managing host '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove host '${primary_key}' from host groups" -msgstr "" - -#, python-brace-format -msgid "Remove host '${primary_key}' from netgroups" -msgstr "" - -#, python-brace-format -msgid "Remove host '${primary_key}' from roles" -msgstr "" - -#, python-brace-format -msgid "Remove host '${primary_key}' from HBAC rules" -msgstr "" - -#, python-brace-format -msgid "Remove host '${primary_key}' from sudo rules" -msgstr "" - -msgid "Unprovision" -msgstr "" - -msgid "Are you sure you want to unprovision this host?" -msgstr "" - -msgid "Unprovisioning host" -msgstr "" - -msgid "Host unprovisioned" -msgstr "" - -msgid "Add host group" -msgstr "" - -#, python-brace-format -msgid "Add hosts into host group '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add host groups into host group '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add host group '${primary_key}' into host groups" -msgstr "" - -#, python-brace-format -msgid "Add host group '${primary_key}' into HBAC rules" -msgstr "" - -#, python-brace-format -msgid "Add host group '${primary_key}' into netgroups" -msgstr "" - -#, python-brace-format -msgid "Add host group '${primary_key}' into sudo rules" -msgstr "" - -#, python-brace-format -msgid "Add groups as member managers for host group '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove groups from member managers for host group '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add users as member managers for host group '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove users from member managers for host group '${primary_key}'" -msgstr "" - -msgid "Host Group Settings" -msgstr "" - -msgid "Remove host groups" -msgstr "" - -#, python-brace-format -msgid "Remove host group '${primary_key}' from host groups" -msgstr "" - -#, python-brace-format -msgid "Remove host group '${primary_key}' from netgroups" -msgstr "" - -#, python-brace-format -msgid "Remove host group '${primary_key}' from HBAC rules" -msgstr "" - -#, python-brace-format -msgid "Remove host group '${primary_key}' from sudo rules" -msgstr "" - -#, python-brace-format -msgid "Remove hosts from host group '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove host groups from host group '${primary_key}'" -msgstr "" - -msgid "User to override" -msgstr "" - -msgid "" -"Enter trusted or IPA user login. Note: search doesn't list users from " -"trusted domains." -msgstr "" - -msgid "Enter trusted user login." -msgstr "" - -msgid "Profile" -msgstr "" - -msgid "Group to override" -msgstr "" - -msgid "" -"Enter trusted or IPA group name. Note: search doesn't list groups from " -"trusted domains." -msgstr "" - -msgid "Enter trusted group name." -msgstr "" - -msgid "Add ID view" -msgstr "" - -msgid "Add group ID override" -msgstr "" - -msgid "Add user ID override" -msgstr "" - -#, python-brace-format -msgid "${primary_key} applies to:" -msgstr "" - -msgid "Applied to hosts" -msgstr "" - -msgid "Apply to host groups" -msgstr "" - -#, python-brace-format -msgid "Apply ID view '${primary_key}' on hosts of host groups" -msgstr "" - -msgid "Apply to hosts" -msgstr "" - -#, python-brace-format -msgid "Apply ID view '${primary_key}' on hosts" -msgstr "" - -#, python-brace-format -msgid "${primary_key} overrides:" -msgstr "" - -msgid "Remove ID views" -msgstr "" - -msgid "Remove user ID overrides" -msgstr "" - -msgid "Remove group ID overrides" -msgstr "" - -msgid "Un-apply from host groups" -msgstr "" - -msgid "Un-apply ID Views from hosts of hostgroups" -msgstr "" - -msgid "Un-apply" -msgstr "" - -msgid "Un-apply from hosts" -msgstr "" - -msgid "Un-apply ID Views from hosts" -msgstr "" - -msgid "Are you sure you want to un-apply ID view from selected entries?" -msgstr "" - -#, python-brace-format -msgid "Un-apply ID view '${primary_key}' from hosts" -msgstr "" - -msgid "Add netgroup" -msgstr "" - -#, python-brace-format -msgid "Add netgroup '${primary_key}' into netgroups" -msgstr "" - -#, python-brace-format -msgid "Add netgroups into netgroup '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add user groups into netgroup '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add hosts into netgroup '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add host groups into netgroup '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add users into netgroup '${primary_key}'" -msgstr "" - -#, fuzzy -#| msgid "Settings" -msgid "Netgroup Settings" -msgstr "Танзимотҳо" - -msgid "Remove netgroups" -msgstr "" - -#, python-brace-format -msgid "Remove netgroup '${primary_key}' from netgroups" -msgstr "" - -#, python-brace-format -msgid "Remove user groups from netgroup '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove hosts from netgroup '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove host groups from netgroup '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove netgroups from netgroup '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove users from netgroup '${primary_key}'" -msgstr "" - -msgid "Add OTP token" -msgstr "" - -#, python-brace-format -msgid "Add users managing OTP token '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "" -"You can use FreeOTP as a software " -"OTP token application." -msgstr "" - -#, fuzzy -#| msgid "Configuration" -msgid "Configure your token" -msgstr "Ҷӯрсозӣ" - -msgid "" -"Configure your token by scanning the QR code below. Click on the QR code if " -"you see this on the device you want to configure." -msgstr "" - -#, fuzzy -#| msgid "Settings" -msgid "OTP Token Settings" -msgstr "Танзимотҳо" - -msgid "Disable token" -msgstr "" - -#, fuzzy -#| msgid "Enabled" -msgid "Enable token" -msgstr "Фаъолшуда" - -msgid "Remove OTP tokens" -msgstr "" - -#, python-brace-format -msgid "Remove users managing OTP token '${primary_key}'" -msgstr "" - -msgid "Show QR code" -msgstr "" - -#, fuzzy -#| msgid "Configuration" -msgid "Show configuration uri" -msgstr "Ҷӯрсозӣ" - -msgid "Counter-based (HOTP)" -msgstr "" - -msgid "Time-based (TOTP)" -msgstr "" - -#, fuzzy -#| msgid "Attribute" -msgid "Add Custom Attribute" -msgstr "Аттрибут" - -#, fuzzy -#| msgid "Permissions" -msgid "Permission settings" -msgstr "Иҷозатҳо" - -#, fuzzy -#| msgid "Attribute" -msgid "Attribute breakdown" -msgstr "Аттрибут" - -#, fuzzy -#| msgid "Settings" -msgid "Privilege Settings" -msgstr "Танзимотҳо" - -msgid "Public key:" -msgstr "" - -msgid "Set public key" -msgstr "" - -msgid "Show/Set key" -msgstr "" - -msgid "Modified: key not set" -msgstr "" - -msgid "Modified" -msgstr "" - -msgid "New: key not set" -msgstr "" - -msgid "New: key set" -msgstr "" - -#, fuzzy -#| msgid "LDAP password" -msgid "Add password policy" -msgstr "Пароли LDAP" - -msgid "Remove password policies" -msgstr "" - -msgid "Add ID range" -msgstr "" - -#, fuzzy -#| msgid "Settings" -msgid "Range Settings" -msgstr "Танзимотҳо" - -msgid "Base ID" -msgstr "" - -msgid "Primary RID base" -msgstr "" - -msgid "Range size" -msgstr "" - -msgid "Domain SID" -msgstr "" - -msgid "Secondary RID base" -msgstr "" - -msgid "Remove ID ranges" -msgstr "" - -msgid "Active Directory domain" -msgstr "" - -msgid "Active Directory domain with POSIX attributes" -msgstr "" - -msgid "Detect" -msgstr "" - -#, fuzzy -#| msgid "Location" -msgid "Local domain" -msgstr "Макон" - -msgid "IPA trust" -msgstr "" - -msgid "Active Directory winsync" -msgstr "" - -msgid "Add RADIUS server" -msgstr "" - -msgid "RADIUS Proxy Server Settings" -msgstr "" - -msgid "Remove RADIUS servers" -msgstr "" - -msgid "Check DNS" -msgstr "" - -msgid "Do you also want to perform DNS check?" -msgstr "" - -#, fuzzy -#| msgid "Update" -msgid "Force Update" -msgstr "Ҷадидсозӣ" - -msgid "Add SELinux user map" -msgstr "" - -#, python-brace-format -msgid "Add user groups into SELinux user map '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add host groups into SELinux user map '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add hosts into SELinux user map '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add users into SELinux user map '${primary_key}'" -msgstr "" - -msgid "Remove selinux user maps" -msgstr "" - -#, python-brace-format -msgid "Remove user groups from SELinux user map '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove host groups from SELinux user map '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove hosts from SELinux user map '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove users from SELinux user map '${primary_key}'" -msgstr "" - -#, fuzzy -#| msgid "Server Name" -msgid "Server Roles" -msgstr "Номи сервер" - -#, fuzzy -#| msgid "Server Name" -msgid "Server Role" -msgstr "Номи сервер" - -msgid "Warning: Consider service replication" -msgstr "" - -msgid "" -"It is strongly recommended to keep the following services installed on more " -"than one server:" -msgstr "" - -#, fuzzy -#| msgid "Delete" -msgid "Delete Server" -msgstr "Нест кардан" - -msgid "" -"Deleting a server removes it permanently from the topology. Note that this " -"is a non-reversible action." -msgstr "" - -#, fuzzy -#| msgid "Service" -msgid "Add service" -msgstr "Хидмат" - -#, python-brace-format -msgid "Add hosts managing service '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add service '${primary_key}' into roles" -msgstr "" - -msgid "Service Certificate" -msgstr "" - -#, fuzzy -#| msgid "Settings" -msgid "Service Settings" -msgstr "Танзимотҳо" - -#, fuzzy -#| msgid "Permission" -msgid "Provisioning" -msgstr "Иҷозат" - -msgid "Remove services" -msgstr "" - -#, python-brace-format -msgid "Remove service '${primary_key}' from roles" -msgstr "" - -#, python-brace-format -msgid "Remove hosts managing service '${primary_key}'" -msgstr "" - -msgid "Are you sure you want to unprovision this service?" -msgstr "" - -msgid "Unprovisioning service" -msgstr "" - -msgid "Service unprovisioned" -msgstr "" - -msgid "Kerberos Key Present, Service Provisioned" -msgstr "" - -msgid "SSH public keys" -msgstr "" - -msgid "SSH public key:" -msgstr "" - -msgid "Set SSH key" -msgstr "" - -msgid "Are you sure you want to activate selected users?" -msgstr "" - -#, python-brace-format -msgid "Are you sure you want to activate ${object}?" -msgstr "" - -#, python-brace-format -msgid "${count} user(s) activated" -msgstr "" - -msgid "Add stage user" -msgstr "" - -msgid "Stage users" -msgstr "" - -msgid "Preserved users" -msgstr "" - -msgid "Remove preserved users" -msgstr "" - -msgid "Remove stage users" -msgstr "" - -msgid "Are you sure you want to stage selected users?" -msgstr "" - -#, python-brace-format -msgid "${count} users(s) staged" -msgstr "" - -#, python-brace-format -msgid "Are you sure you want to stage ${object}?" -msgstr "" - -msgid "Are you sure you want to restore selected users?" -msgstr "" - -#, python-brace-format -msgid "Are you sure you want to restore ${object}?" -msgstr "" - -#, python-brace-format -msgid "${count} user(s) restored" -msgstr "" - -msgid "User categories" -msgstr "" - -msgid "Add sudo command" -msgstr "" - -#, python-brace-format -msgid "Add sudo command '${primary_key}' into sudo command groups" -msgstr "" - -msgid "Remove sudo commands" -msgstr "" - -#, python-brace-format -msgid "Remove sudo command '${primary_key}' from sudo command groups" -msgstr "" - -msgid "Add sudo command group" -msgstr "" - -#, python-brace-format -msgid "Add sudo commands into sudo command group '${primary_key}'" -msgstr "" - -msgid "Remove sudo command groups" -msgstr "" - -#, python-brace-format -msgid "Remove sudo commands from sudo command group '${primary_key}'" -msgstr "" - -msgid "Add sudo rule" -msgstr "" - -msgid "Add sudo option" -msgstr "" - -#, python-brace-format -msgid "Add allow sudo commands into sudo rule '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add allow sudo command groups into sudo rule '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add deny sudo commands into sudo rule '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add deny sudo command groups into sudo rule '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add user groups into sudo rule '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add host groups into sudo rule '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add hosts into sudo rule '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add RunAs users into sudo rule '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add RunAs user groups into sudo rule '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add RunAs groups into sudo rule '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add users into sudo rule '${primary_key}'" -msgstr "" - -msgid "Allow" -msgstr "Иҷозат додан" - -#, fuzzy -#| msgid "Commands" -msgid "Any Command" -msgstr "Фармонҳо" - -#, fuzzy -#| msgid "Group" -msgid "Any Group" -msgstr "Гурӯҳ" - -#, fuzzy -#| msgid "Commands" -msgid "Run Commands" -msgstr "Фармонҳо" - -msgid "Deny" -msgstr "" - -msgid "Access this host" -msgstr "" - -msgid "Option added" -msgstr "" - -#, python-brace-format -msgid "${count} option(s) removed" -msgstr "" - -msgid "Remove sudo rules" -msgstr "" - -#, python-brace-format -msgid "Remove allow sudo commands from sudo rule '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove allow sudo command groups from sudo rule '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove deny sudo commands from sudo rule '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove deny sudo command groups from sudo rule '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove user groups from sudo rule '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove host groups from sudo rule '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove hosts from sudo rule '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove RunAs users from sudo rule '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove RunAs user groups from sudo rule '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove RunAs groups from sudo rule '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove users from sudo rule '${primary_key}'" -msgstr "" - -msgid "As Whom" -msgstr "" - -msgid "Specified Commands and Groups" -msgstr "" - -msgid "Specified Groups" -msgstr "" - -msgid "Remove sudo options" -msgstr "" - -msgid "Autogenerated" -msgstr "" - -msgid "Segment details" -msgstr "" - -#, fuzzy -#| msgid "Configuration" -msgid "Replication configuration" -msgstr "Ҷӯрсозӣ" - -#, python-brace-format -msgid "Managed topology requires minimal domain level ${domainlevel}" -msgstr "" - -msgid "Add IPA location" -msgstr "" - -#, python-brace-format -msgid "Add IPA server into IPA location '${primary_key}'" -msgstr "" - -msgid "Remove IPA locations" -msgstr "" - -#, python-brace-format -msgid "Remove IPA servers from IPA location '${primary_key}'" -msgstr "" - -msgid "Add topology segment" -msgstr "" - -msgid "Remove topology segments" -msgstr "" - -msgid "Account" -msgstr "" - -msgid "Add trust" -msgstr "" - -msgid "Administrative account" -msgstr "" - -msgid "SID blocklists" -msgstr "" - -#, fuzzy -#| msgid "Settings" -msgid "Trust Settings" -msgstr "Танзимотҳо" - -msgid "Establish using" -msgstr "" - -msgid "Fetch domains" -msgstr "" - -#, fuzzy -#| msgid "LDAP password" -msgid "Pre-shared password" -msgstr "Пароли LDAP" - -msgid "Remove trusts" -msgstr "" - -msgid "Remove domains" -msgstr "" - -msgid "Trust direction" -msgstr "" - -msgid "Trust status" -msgstr "" - -msgid "Trust type" -msgstr "" - -msgid "Alternative UPN suffixes" -msgstr "" - -msgid "User attributes for SMB services" -msgstr "" - -msgid "Path to a script executed on a Windows system at logon" -msgstr "" - -msgid "Path to a user profile, in UNC format \\\\server\\share\\" -msgstr "" - -msgid "Path to a user home directory, in UNC format" -msgstr "" - -msgid "Drive to mount a home directory" -msgstr "" - -#, fuzzy -#| msgid "Settings" -msgid "Account Settings" -msgstr "Танзимотҳо" - -#, fuzzy -#| msgid "Status" -msgid "Account Status" -msgstr "Ҳолат" - -msgid "Active users" -msgstr "" - -msgid "Add user" -msgstr "" - -#, python-brace-format -msgid "Add user '${primary_key}' into user groups" -msgstr "" - -#, python-brace-format -msgid "Add user '${primary_key}' into HBAC rules" -msgstr "" - -#, python-brace-format -msgid "Add user '${primary_key}' into netgroups" -msgstr "" - -#, python-brace-format -msgid "Add user '${primary_key}' into roles" -msgstr "" - -#, python-brace-format -msgid "Add user '${primary_key}' into sudo rules" -msgstr "" - -#, fuzzy -#| msgid "Settings" -msgid "Contact Settings" -msgstr "Танзимотҳо" - -#, fuzzy -#| msgid "Delete" -msgid "Delete mode" -msgstr "Нест кардан" - -msgid "Employee Information" -msgstr "" - -msgid "Error changing account status" -msgstr "" - -msgid "Password expiration" -msgstr "" - -msgid "Mailing Address" -msgstr "" - -msgid "Misc. Information" -msgstr "" - -#, fuzzy -#| msgid "Delete" -msgid "delete" -msgstr "Нест кардан" - -msgid "preserve" -msgstr "" - -msgid "No private group" -msgstr "" - -msgid "Remove users" -msgstr "" - -#, python-brace-format -msgid "Remove user '${primary_key}' from user groups" -msgstr "" - -#, python-brace-format -msgid "Remove user '${primary_key}' from netgroups" -msgstr "" - -#, python-brace-format -msgid "Remove user '${primary_key}' from roles" -msgstr "" - -#, python-brace-format -msgid "Remove user '${primary_key}' from HBAC rules" -msgstr "" - -#, python-brace-format -msgid "Remove user '${primary_key}' from sudo rules" -msgstr "" - -#, python-brace-format -msgid "" -"Are you sure you want to ${action} the user?
The change will take effect " -"immediately." -msgstr "" - -#, python-brace-format -msgid "Click to ${action}" -msgstr "" - -msgid "Unlock" -msgstr "" - -#, python-brace-format -msgid "Are you sure you want to unlock user ${object}?" -msgstr "" - -msgid "Add vault" -msgstr "" - -#, python-brace-format -msgid "Add user groups into members of vault '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add services into members of vault '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add users into members of vault '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add user groups into owners of vault '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add services into owners of vault '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Add users into owners of vault '${primary_key}'" -msgstr "" - -msgid "" -"Secrets can be added/retrieved to vault only by using vault-archive and " -"vault-retrieve from CLI." -msgstr "" - -msgid "" -"Content of 'standard' vaults can be seen by users with higher privileges " -"(admins)." -msgstr "" - -msgid "Asymmetric" -msgstr "" - -msgid "Vaults Config" -msgstr "" - -msgid "Members" -msgstr "" - -msgid "My User Vaults" -msgstr "" - -msgid "Owners" -msgstr "" - -msgid "Remove vaults" -msgstr "" - -#, python-brace-format -msgid "Remove user groups from members of vault '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove services from members of vault '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove users from members of vault '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove user groups from owners of vault '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove services from owners of vault '${primary_key}'" -msgstr "" - -#, python-brace-format -msgid "Remove users from owners of vault '${primary_key}'" -msgstr "" - -#, fuzzy -#| msgid "Service" -msgid "Service Vaults" -msgstr "Хидмат" - -msgid "Shared" -msgstr "" - -msgid "Shared Vaults" -msgstr "" - -msgid "Standard" -msgstr "" - -msgid "Symmetric" -msgstr "" - -msgid "Vault Type" -msgstr "" - -msgid "" -"Only standard vaults can be created in WebUI, use CLI for other types of " -"vaults." -msgstr "" - -#, fuzzy -#| msgid "User name" -msgid "User Vaults" -msgstr "Номи корбар" - -msgid "Current password is required" -msgstr "" - -#, python-brace-format -msgid "Your password expires in ${days} days." -msgstr "" - -#, fuzzy -#| msgid "First name" -msgid "First OTP" -msgstr "Ном" - -#, fuzzy -#| msgid "New Password" -msgid "New password is required" -msgstr "Пароли нав" - -msgid "" -" OTP (One-Time Password):Generate new OTP code for each OTP field." -msgstr "" - -msgid "" -" OTP (One-Time Password):Leave blank if you are not using OTP tokensfor authentication." -msgstr "" - -msgid "Token synchronization failed" -msgstr "" - -msgid "The username, password or token codes are not correct" -msgstr "" - -msgid "Token was synchronized" -msgstr "" - -msgid "Password change complete" -msgstr "" - -msgid "Your password has expired. Please enter a new password." -msgstr "" - -#, fuzzy -#| msgid "Passwords do not match" -msgid "Passwords must match" -msgstr "Паролҳо номувофиқанд" - -msgid "Password reset was not successful." -msgstr "" - -msgid "Reset your password." -msgstr "" - -msgid "Second OTP" -msgstr "" - -#, fuzzy -#| msgid "New Password" -msgid "Verify Password" -msgstr "Пароли нав" - -msgid "Are you sure you want to delete selected entries?" -msgstr "" - -#, python-brace-format -msgid "${count} item(s) deleted" -msgstr "" - -msgid "Are you sure you want to disable selected entries?" -msgstr "" - -#, python-brace-format -msgid "${count} item(s) disabled" -msgstr "" - -msgid "Are you sure you want to enable selected entries?" -msgstr "" - -#, python-brace-format -msgid "${count} item(s) enabled" -msgstr "" - -msgid "Some entries were not deleted" -msgstr "" - -msgid "Quick Links" -msgstr "" - -msgid "Select All" -msgstr "Интихоби ҳама" - -#, python-brace-format -msgid "" -"Query returned more results than the configured size limit. Displaying the " -"first ${counter} results." -msgstr "" - -#, fuzzy -#| msgid "Select All" -msgid "Unselect All" -msgstr "Интихоби ҳама" - -msgid "" -"

Browser Kerberos Setup

\n" -"\n" -msgstr "" - -msgid "" -"

Firefox

\n" -"\n" -"

\n" -" You can configure Firefox to use Kerberos for Single Sign-on. " -"The following instructions will guide you in configuring your web browser to " -"send your Kerberos credentials to the appropriate Key Distribution Center " -"which enables Single Sign-on.\n" -"

\n" -"\n" -msgstr "" - -msgid "" -"
    \n" -"
  1. \n" -"

    \n" -"Import " -"Certificate Authority certificate\n" -"

    \n" -"

    \n" -" Make sure you select all three checkboxes.\n" -"

    \n" -"
    2. \n" -"
  2. \n" -" In the address bar of Firefox, type about:config to display the list of current configuration options.\n" -"
    3. \n" -"
  3. \n" -" In the Filter field, type negotiate to restrict " -"the list of options.\n" -"
    4. \n" -"
  4. \n" -" Double-click the network.negotiate-auth.trusted-uris entry to display the Enter string value dialog box.\n" -"
    5. \n" -"
  5. \n" -" Enter the name of the domain against which you want to " -"authenticate, for example, .example.com.\n" -"
    6. \n" -"
  6. Return to Web UI
    7. \n" -"
\n" -"\n" -msgstr "" - -msgid "" -"

Chrome

\n" -"\n" -"

\n" -" You can configure Chrome to use Kerberos for Single Sign-on. The " -"following instructions will guide you in configuring your web browser to " -"send your Kerberos credentials to the appropriate Key Distribution Center " -"which enables Single Sign-on.\n" -"

\n" -"\n" -msgstr "" - -msgid "" -"

Import CA Certificate

\n" -"
    \n" -"
  1. \n" -" Download the CA certificate. " -"Alternatively, if the host is also an IdM client, you can find the " -"certificate in /etc/ipa/ca.crt.\n" -"
    2. \n" -"
  2. \n" -" Click the menu button with the Customize and control " -"Google Chrome tooltip, which is by default in the top right-hand corner " -"of Chrome, and click Settings.\n" -"
    3. \n" -"
  3. \n" -" Click Show advanced settings to display more " -"options, and then click the Manage certificates button located " -"under the HTTPS/SSL heading.\n" -"
    4. \n" -"
  4. \n" -" In the Authorities tab, click the Import " -"button at the bottom.\n" -"
    5. \n" -"
  5. Select the CA certificate file that you downloaded in the first step.\n" -"
\n" -"\n" -msgstr "" - -msgid "" -"

\n" -" Enable SPNEGO (Simple and Protected GSSAPI Negotiation " -"Mechanism) to Use Kerberos Authentication\n" -" in Chrome\n" -"

\n" -"
    \n" -"
  1. \n" -" Make sure you have the necessary directory created by " -"running:\n" -"
    \n" -" [root@client]# mkdir -p /etc/opt/chrome/policies/" -"managed/\n" -"
    \n" -"
    2. \n" -"
  2. \n" -" Create a new /etc/opt/chrome/policies/managed/mydomain." -"json file with write privileges limited to the system administrator " -"or root, and include the following line:\n" -"
    \n" -" { \"AuthServerWhitelist\": \"*.example.com\" }\n" -"
    \n" -"
    \n" -" You can do this by running:\n" -"
    \n" -"
    \n" -" [root@server]# echo '{ \"AuthServerWhitelist\": \"*.example.com\" }' > /etc/opt/chrome/policies/" -"managed/mydomain.json\n" -"
    \n" -"
    3. \n" -"
\n" -"
    \n" -"

    \n" -"Note: If using Chromium, use /etc/chromium/policies/" -"managed/ instead of /etc/opt/chrome/policies/managed/ " -"for the two SPNEGO Chrome configuration steps above.\n" -"

    \n" -"
\n" -"\n" -msgstr "" - -msgid "" -"

Internet Explorer

\n" -"

WARNING: Internet Explorer is no longer a supported " -"browser.

\n" -"

\n" -" Once you are able to log into the workstation with your kerberos " -"key you are now able to use that ticket in Internet Explorer.\n" -"

\n" -"

\n" -msgstr "" - -msgid "" -"Log into the Windows machine using an account of your Kerberos realm " -"(administrative domain)\n" -"

\n" -"

\n" -"In Internet Explorer, click Tools, and then click Internet Options.\n" -"

\n" -"
\n" -"
    \n" -"
  1. Click the Security tab
    2. \n" -"
  2. Click Local intranet
    3. \n" -"
  3. Click Sites
    4. \n" -"
  4. Click Advanced
    5. \n" -"
  5. Add your domain to the list
    6. \n" -"
\n" -"
    \n" -"
  1. Click the Security tab
    2. \n" -"
  2. Click Local intranet
    3. \n" -"
  3. Click Custom Level
    4. \n" -"
  4. Select Automatic logon only in Intranet zone
    5. \n" -"
\n" -"\n" -"
    \n" -"
  1. Visit a kerberized web site using IE (You must use the fully-qualified " -"Domain Name in the URL)
    2. \n" -"
  2. You are all set.
    3. \n" -"
\n" -"
\n" -"\n" -msgstr "" - -msgid "Working" -msgstr "" - -msgid "Audit" -msgstr "Назорат" - -msgid "Authentication" -msgstr "" - -msgid "Automember" -msgstr "" - -msgid "Automount" -msgstr "" - -msgid "DNS" -msgstr "" - -msgid "Host-Based Access Control" -msgstr "" - -msgid "Identity" -msgstr "" - -#, fuzzy -#| msgid "Service" -msgid "Network Services" -msgstr "Хидмат" - -msgid "Policy" -msgstr "Сиёсат" - -msgid "Role-Based Access Control" -msgstr "" - -msgid "Sudo" -msgstr "Sudo" - -msgid "Topology" -msgstr "" - -msgid "Trusts" -msgstr "" - -msgid "True" -msgstr "" - -msgid "" -"

Unable to verify your Kerberos credentials

\n" -"

\n" -" Please make sure that you have valid Kerberos tickets " -"(obtainable via kinit), and that you have configured your " -"browser correctly.\n" -"

\n" -"\n" -"

Browser configuration

\n" -"\n" -"
\n" -"

\n" -" If this is your first time, please configure your browser.\n" -"

\n" -"
\n" -msgstr "" - -msgid "API Browser" -msgstr "" - -#, fuzzy -#| msgid "First name" -msgid "First" -msgstr "Ном" - -#, fuzzy -#| msgid "Last name" -msgid "Last" -msgstr "Насаб" - -msgid "Next" -msgstr "" - -msgid "Page" -msgstr "" - -msgid "Prev" -msgstr "" - -msgid "Undo" -msgstr "" - -msgid "Undo this change." -msgstr "" - -msgid "Undo All" -msgstr "" - -msgid "Undo all changes in this field." -msgstr "" - -msgid "Text does not match field pattern" -msgstr "" - -msgid "Must be an UTC date/time value (e.g., \"2014-01-20 17:58:01Z\")" -msgstr "" - -msgid "Must be a decimal number" -msgstr "" - -#, fuzzy -#| msgid "read error\n" -msgid "Format error" -msgstr "хатогии хониш\n" - -msgid "Must be an integer" -msgstr "" - -msgid "Not a valid IP address" -msgstr "" - -msgid "Not a valid IPv4 address" -msgstr "" - -msgid "Not a valid IPv6 address" -msgstr "" - -#, python-brace-format -msgid "Maximum value is ${value}" -msgstr "" - -#, python-brace-format -msgid "Minimum value is ${value}" -msgstr "" - -msgid "Not a valid network address (examples: 2001:db8::/64, 192.0.2.0/24)" -msgstr "" - -#, fuzzy -#| msgid "read error\n" -msgid "Parse error" -msgstr "хатогии хониш\n" - -msgid "Must be a positive number" -msgstr "" - -#, python-brace-format -msgid "'${port}' is not a valid port" -msgstr "" - -msgid "Required field" -msgstr "" - -msgid "Unsupported value" -msgstr "" - -msgid "pyhbac is not installed." -msgstr "" - -msgid "" -"\n" -"Simulate use of Host-based access controls\n" -"\n" -"HBAC rules control who can access what services on what hosts.\n" -"You can use HBAC to control which users or groups can access a service,\n" -"or group of services, on a target host.\n" -"\n" -"Since applying HBAC rules implies use of a production environment,\n" -"this plugin aims to provide simulation of HBAC rules evaluation without\n" -"having access to the production environment.\n" -"\n" -" Test user coming to a service on a named host against\n" -" existing enabled rules.\n" -"\n" -" ipa hbactest --user= --host= --service=\n" -" [--rules=rules-list] [--nodetail] [--enabled] [--disabled]\n" -" [--sizelimit= ]\n" -"\n" -" --user, --host, and --service are mandatory, others are optional.\n" -"\n" -" If --rules is specified simulate enabling of the specified rules and test\n" -" the login of the user using only these rules.\n" -"\n" -" If --enabled is specified, all enabled HBAC rules will be added to " -"simulation\n" -"\n" -" If --disabled is specified, all disabled HBAC rules will be added to " -"simulation\n" -"\n" -" If --nodetail is specified, do not return information about rules matched/" -"not matched.\n" -"\n" -" If both --rules and --enabled are specified, apply simulation to --rules " -"_and_\n" -" all IPA enabled rules.\n" -"\n" -" If no --rules specified, simulation is run against all IPA enabled rules.\n" -" By default there is a IPA-wide limit to number of entries fetched, you can " -"change it\n" -" with --sizelimit option.\n" -"\n" -"EXAMPLES:\n" -"\n" -" 1. Use all enabled HBAC rules in IPA database to simulate:\n" -" $ ipa hbactest --user=a1a --host=bar --service=sshd\n" -" --------------------\n" -" Access granted: True\n" -" --------------------\n" -" Not matched rules: my-second-rule\n" -" Not matched rules: my-third-rule\n" -" Not matched rules: myrule\n" -" Matched rules: allow_all\n" -"\n" -" 2. Disable detailed summary of how rules were applied:\n" -" $ ipa hbactest --user=a1a --host=bar --service=sshd --nodetail\n" -" --------------------\n" -" Access granted: True\n" -" --------------------\n" -"\n" -" 3. Test explicitly specified HBAC rules:\n" -" $ ipa hbactest --user=a1a --host=bar --service=sshd \\\\\n" -" --rules=myrule --rules=my-second-rule\n" -" ---------------------\n" -" Access granted: False\n" -" ---------------------\n" -" Not matched rules: my-second-rule\n" -" Not matched rules: myrule\n" -"\n" -" 4. Use all enabled HBAC rules in IPA database + explicitly specified " -"rules:\n" -" $ ipa hbactest --user=a1a --host=bar --service=sshd \\\\\n" -" --rules=myrule --rules=my-second-rule --enabled\n" -" --------------------\n" -" Access granted: True\n" -" --------------------\n" -" Not matched rules: my-second-rule\n" -" Not matched rules: my-third-rule\n" -" Not matched rules: myrule\n" -" Matched rules: allow_all\n" -"\n" -" 5. Test all disabled HBAC rules in IPA database:\n" -" $ ipa hbactest --user=a1a --host=bar --service=sshd --disabled\n" -" ---------------------\n" -" Access granted: False\n" -" ---------------------\n" -" Not matched rules: new-rule\n" -"\n" -" 6. Test all disabled HBAC rules in IPA database + explicitly specified " -"rules:\n" -" $ ipa hbactest --user=a1a --host=bar --service=sshd \\\\\n" -" --rules=myrule --rules=my-second-rule --disabled\n" -" ---------------------\n" -" Access granted: False\n" -" ---------------------\n" -" Not matched rules: my-second-rule\n" -" Not matched rules: my-third-rule\n" -" Not matched rules: myrule\n" -"\n" -" 7. Test all (enabled and disabled) HBAC rules in IPA database:\n" -" $ ipa hbactest --user=a1a --host=bar --service=sshd \\\\\n" -" --enabled --disabled\n" -" --------------------\n" -" Access granted: True\n" -" --------------------\n" -" Not matched rules: my-second-rule\n" -" Not matched rules: my-third-rule\n" -" Not matched rules: myrule\n" -" Not matched rules: new-rule\n" -" Matched rules: allow_all\n" -"\n" -"\n" -"HBACTEST AND TRUSTED DOMAINS\n" -"\n" -"When an external trusted domain is configured in IPA, HBAC rules are also " -"applied\n" -"on users accessing IPA resources from the trusted domain. Trusted domain " -"users and\n" -"groups (and their SIDs) can be then assigned to external groups which can " -"be\n" -"members of POSIX groups in IPA which can be used in HBAC rules and thus " -"allowing\n" -"access to resources protected by the HBAC system.\n" -"\n" -"hbactest plugin is capable of testing access for both local IPA users and " -"users\n" -"from the trusted domains, either by a fully qualified user name or by user " -"SID.\n" -"Such user names need to have a trusted domain specified as a short name\n" -"(DOMAIN\\Administrator) or with a user principal name (UPN), " -"Administrator@ad.test.\n" -"\n" -"Please note that hbactest executed with a trusted domain user as --user " -"parameter\n" -"can be only run by members of \"trust admins\" group.\n" -"\n" -"EXAMPLES:\n" -"\n" -" 1. Test if a user from a trusted domain specified by its shortname " -"matches any\n" -" rule:\n" -"\n" -" $ ipa hbactest --user 'DOMAIN\\Administrator' --host `hostname` --" -"service sshd\n" -" --------------------\n" -" Access granted: True\n" -" --------------------\n" -" Matched rules: allow_all\n" -" Matched rules: can_login\n" -"\n" -" 2. Test if a user from a trusted domain specified by its domain name " -"matches\n" -" any rule:\n" -"\n" -" $ ipa hbactest --user 'Administrator@domain.com' --host `hostname` --" -"service sshd\n" -" --------------------\n" -" Access granted: True\n" -" --------------------\n" -" Matched rules: allow_all\n" -" Matched rules: can_login\n" -"\n" -" 3. Test if a user from a trusted domain specified by its SID matches any " -"rule:\n" -"\n" -" $ ipa hbactest --user S-1-5-21-3035198329-144811719-1378114514-500 \\\\\n" -" --host `hostname` --service sshd\n" -" --------------------\n" -" Access granted: True\n" -" --------------------\n" -" Matched rules: allow_all\n" -" Matched rules: can_login\n" -"\n" -" 4. Test if other user from a trusted domain specified by its SID matches " -"any rule:\n" -"\n" -" $ ipa hbactest --user S-1-5-21-3035198329-144811719-1378114514-1203 \\" -"\\\n" -" --host `hostname` --service sshd\n" -" --------------------\n" -" Access granted: True\n" -" --------------------\n" -" Matched rules: allow_all\n" -" Not matched rules: can_login\n" -"\n" -" 5. Test if other user from a trusted domain specified by its shortname " -"matches\n" -" any rule:\n" -"\n" -" $ ipa hbactest --user 'DOMAIN\\Otheruser' --host `hostname` --service " -"sshd\n" -" --------------------\n" -" Access granted: True\n" -" --------------------\n" -" Matched rules: allow_all\n" -" Not matched rules: can_login\n" -msgstr "" - -msgid "Unresolved rules in --rules" -msgstr "" - -msgid "" -"Cannot search in trusted domains without own domain configured. Make sure " -"you have run ipa-adtrust-install on the IPA server first" -msgstr "" - -#, python-format -msgid "Access granted: %s" -msgstr "" - -msgid "" -"\n" -"OTP Tokens\n" -msgstr "" - -msgid "" -"\n" -"Manage OTP tokens.\n" -msgstr "" - -msgid "" -"\n" -"IPA supports the use of OTP tokens for multi-factor authentication. This\n" -"code enables the management of OTP tokens.\n" -msgstr "" - -msgid "" -"\n" -" Add a new token:\n" -" ipa otptoken-add --type=totp --owner=jdoe --desc=\"My soft token\"\n" -msgstr "" - -msgid "" -"\n" -" Examine the token:\n" -" ipa otptoken-show a93db710-a31a-4639-8647-f15b2c70b78a\n" -msgstr "" - -msgid "" -"\n" -" Change the vendor:\n" -" ipa otptoken-mod a93db710-a31a-4639-8647-f15b2c70b78a --vendor=\"Red Hat" -"\"\n" -msgstr "" - -msgid "" -"\n" -" Delete a token:\n" -" ipa otptoken-del a93db710-a31a-4639-8647-f15b2c70b78a\n" -msgstr "" - -msgid "OTP token" -msgstr "" - -msgid "OTP tokens" -msgstr "" - -msgid "OTP Tokens" -msgstr "" - -msgid "OTP Token" -msgstr "" - -msgid "URI" -msgstr "" - -#, python-format -msgid "Added OTP token \"%(value)s\"" -msgstr "" - -msgid "cannot be empty" -msgstr "" - -#, python-format -msgid "Deleted OTP token \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Modified OTP token \"%(value)s\"" -msgstr "" - -#, python-format -msgid "%(count)d OTP token matched" -msgid_plural "%(count)d OTP tokens matched" -msgstr[0] "" - -#, fuzzy -#| msgid "Permissions" -msgid "" -"\n" -"Permissions\n" -msgstr "Иҷозатҳо" - -msgid "" -"\n" -"A permission enables fine-grained delegation of rights. A permission is\n" -"a human-readable wrapper around a 389-ds Access Control Rule,\n" -"or instruction (ACI).\n" -"A permission grants the right to perform a specific task such as adding a\n" -"user, modifying a group, etc.\n" -msgstr "" - -msgid "" -"\n" -"A permission may not contain other permissions.\n" -msgstr "" - -msgid "" -"\n" -"* A permission grants access to read, write, add, delete, read, search,\n" -" or compare.\n" -"* A privilege combines similar permissions (for example all the permissions\n" -" needed to add a user).\n" -"* A role grants a set of privileges to users, groups, hosts or hostgroups.\n" -msgstr "" - -msgid "" -"\n" -"A permission is made up of a number of different parts:\n" -"\n" -"1. The name of the permission.\n" -"2. The target of the permission.\n" -"3. The rights granted by the permission.\n" -msgstr "" - -msgid "" -"\n" -"Rights define what operations are allowed, and may be one or more\n" -"of the following:\n" -"1. write - write one or more attributes\n" -"2. read - read one or more attributes\n" -"3. search - search on one or more attributes\n" -"4. compare - compare one or more attributes\n" -"5. add - add a new entry to the tree\n" -"6. delete - delete an existing entry\n" -"7. all - all permissions are granted\n" -msgstr "" - -msgid "" -"\n" -"Note the distinction between attributes and entries. The permissions are\n" -"independent, so being able to add a user does not mean that the user will\n" -"be editable.\n" -msgstr "" - -msgid "" -"\n" -"There are a number of allowed targets:\n" -"1. subtree: a DN; the permission applies to the subtree under this DN\n" -"2. target filter: an LDAP filter\n" -"3. target: DN with possible wildcards, specifies entries permission applies " -"to\n" -msgstr "" - -msgid "" -"\n" -"Additionally, there are the following convenience options.\n" -"Setting one of these options will set the corresponding attribute(s).\n" -"1. type: a type of object (user, group, etc); sets subtree and target " -"filter.\n" -"2. memberof: apply to members of a group; sets target filter\n" -"3. targetgroup: grant access to modify a specific group (such as granting\n" -" the rights to manage group membership); sets target.\n" -msgstr "" - -#, fuzzy -#| msgid "Permissions" -msgid "" -"\n" -"Managed permissions\n" -msgstr "Иҷозатҳо" - -msgid "" -"\n" -"Permissions that come with IPA by default can be so-called \"managed\"\n" -"permissions. These have a default set of attributes they apply to,\n" -"but the administrator can add/remove individual attributes to/from the set.\n" -msgstr "" - -msgid "" -"\n" -"Deleting or renaming a managed permission, as well as changing its target,\n" -"is not allowed.\n" -msgstr "" - -msgid "" -"\n" -" Add a permission that grants the creation of users:\n" -" ipa permission-add --type=user --permissions=add \"Add Users\"\n" -msgstr "" - -msgid "" -"\n" -" Add a permission that grants the ability to manage group membership:\n" -" ipa permission-add --attrs=member --permissions=write --type=group " -"\"Manage Group Members\"\n" -msgstr "" - -msgid "must be enclosed in parentheses" -msgstr "" - -#, python-format -msgid "\"%s\" is not an object type" -msgstr "" - -#, python-format -msgid "\"%s\" is not a valid permission type" -msgstr "" - -#, python-format -msgid "Deprecated; use %s" -msgstr "" - -#, python-format -msgid "Permission with unknown flag %s may not be modified or removed" -msgstr "" - -msgid "A SYSTEM permission may not be modified or removed" -msgstr "" - -#, fuzzy, python-format -#| msgid "File %(file)s not found" -msgid "Entry %s not found" -msgstr "Файли %(file)s пайдо нашуд." - -#, python-format -msgid "The ACI for permission %(name)s was not found in %(dn)s " -msgstr "" - -msgid "" -"cannot specify full target filter and extra target filter simultaneously" -msgstr "" - -#, python-format -msgid "option was renamed; use %s" -msgstr "" - -#, python-format -msgid "Cannot use %(old_name)s with %(new_name)s" -msgstr "" - -#, python-format -msgid "%s: group not found" -msgstr "" - -msgid "target and targetgroup are mutually exclusive" -msgstr "" - -msgid "subtree and type are mutually exclusive" -msgstr "" - -msgid "Bad search filter" -msgstr "" - -#, python-format -msgid "Entry %s does not exist" -msgstr "" - -msgid "" -"there must be at least one target entry specifier (e.g. target, " -"targetfilter, attrs)" -msgstr "" - -#, python-format -msgid "Added permission \"%(value)s\"" -msgstr "" - -msgid "attrs and included attributes are mutually exclusive" -msgstr "" - -#, python-format -msgid "Cannot store permission ACI to %s" -msgstr "" - -#, python-format -msgid "Deleted permission \"%(value)s\"" -msgstr "" - -msgid "cannot delete managed permissions" -msgstr "" - -#, python-format -msgid "ACI of permission %s was not found" -msgstr "" - -#, python-format -msgid "Modified permission \"%(value)s\"" -msgstr "" - -msgid "cannot rename managed permissions" -msgstr "" - -msgid "not modifiable on managed permissions" -msgstr "" - -msgid "only available on managed permissions" -msgstr "" - -msgid "attrs and included/excluded attributes are mutually exclusive" -msgstr "" - -msgid "cannot set bindtype for a permission that is assigned to a privilege" -msgstr "" - -#, python-format -msgid "%(count)d permission matched" -msgid_plural "%(count)d permissions matched" -msgstr[0] "" - -#, fuzzy -#| msgid "IPA Server" -msgid "" -"\n" -"IPA servers\n" -msgstr "Сервери IPA" - -msgid "" -"\n" -"Get information about installed IPA servers.\n" -msgstr "" - -msgid "" -"\n" -" Find all servers:\n" -" ipa server-find\n" -msgstr "" - -msgid "" -"\n" -" Show specific server:\n" -" ipa server-show ipa.example.com\n" -msgstr "" - -#, fuzzy -#| msgid "IPA Server" -msgid "server" -msgstr "Сервери IPA" - -msgid "servers" -msgstr "" - -#, fuzzy -#| msgid "IPA Server" -msgid "IPA Servers" -msgstr "Сервери IPA" - -#, fuzzy -#| msgid "Server Name" -msgid "Server location" -msgstr "Номи сервер" - -#, fuzzy -#| msgid "Service" -msgid "Service weight" -msgstr "Хидмат" - -msgid "Weight for server services" -msgstr "" - -msgid "Service relative weight" -msgstr "" - -msgid "Relative weight for server services (counts per location)" -msgstr "" - -msgid "Enabled server roles" -msgstr "" - -msgid "List of enabled roles" -msgstr "" - -msgid "Modify information about an IPA server." -msgstr "" - -#, python-format -msgid "Modified IPA server \"%(value)s\"" -msgstr "" - -#, python-format -msgid "%(count)d IPA server matched" -msgid_plural "%(count)d IPA servers matched" -msgstr[0] "" - -#, python-format -msgid "Deleted IPA server \"%(value)s\"" -msgstr "" - -msgid "Ignore topology errors" -msgstr "" - -msgid "Ignore topology connectivity problems after removal" -msgstr "" - -msgid "Ignore check for last remaining CA or DNS server" -msgstr "" - -msgid "Skip a check whether the last CA master or DNS server is removed" -msgstr "" - -msgid "Force server removal" -msgstr "" - -msgid "Force server removal even if it does not exist" -msgstr "" - -msgid "" -"Replica is active DNSSEC key master. Uninstall could break your DNS system. " -"Please disable or replace DNSSEC key master first." -msgstr "" - -msgid "Deleting this server will leave your installation without a DNS." -msgstr "" - -msgid "" -"Deleting this server is not allowed as it would leave your installation " -"without a KRA." -msgstr "" - -msgid "" -"Deleting this server is not allowed as it would leave your installation " -"without a CA." -msgstr "" - -msgid "Ignoring these warnings and proceeding with removal" -msgstr "" - -#, python-format -msgid "" -"Failed to clean memberPrincipal %(principal)s from s4u2proxy entry %(dn)s: " -"%(err)s" -msgstr "" - -#, python-format -msgid "Failed to clean up DNA hostname entries for %(master)s: %(err)s" -msgstr "" - -#, python-format -msgid "Failed to remove server %(master)s from server list: %(err)s" -msgstr "" - -#, python-format -msgid "Failed to clean up Custodia keys for %(master)s: %(err)s" -msgstr "" - -#, python-format -msgid "Failed to cleanup server principals/keys: %(err)s" -msgstr "" - -#, python-format -msgid "Failed to cleanup %(hostname)s DNS entries: %(err)s" -msgstr "" - -msgid "You may need to manually remove them from the tree" -msgstr "" - -#, python-format -msgid "Forcing removal of %(hostname)s" -msgstr "" - -msgid "Ignoring topology connectivity errors." -msgstr "" - -msgid "Server has already been deleted" -msgstr "" - -msgid "Agreements deleted" -msgstr "" - -msgid "Following segments were not deleted:" -msgstr "" - -#, python-format -msgid "must be \"%s\"" -msgstr "" - -msgid "not allowed to perform server connection check" -msgstr "" - -msgid "Set enabled/hidden state of a server." -msgstr "" - -#, fuzzy -#| msgid "Status" -msgid "State" -msgstr "Ҳолат" - -#, fuzzy -#| msgid "Server Name" -msgid "Server state" -msgstr "Номи сервер" - -#, python-format -msgid "Changed server state of \"%(value)s\"." -msgstr "" - -msgid "Cannot hide CA renewal master." -msgstr "" - -msgid "Cannot hide DNSSec key master." -msgstr "" - -#, python-format -msgid "Cannot hide last enabled %(name)s server." -msgstr "" - -msgid "self service permission" -msgstr "" - -msgid "self service permissions" -msgstr "" - -#, fuzzy -#| msgid "Permissions" -msgid "Self Service Permissions" -msgstr "Иҷозатҳо" - -#, fuzzy -#| msgid "Permission" -msgid "Self Service Permission" -msgstr "Иҷозат" - -#, python-format -msgid "Added selfservice \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Deleted selfservice \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Modified selfservice \"%(value)s\"" -msgstr "" - -#, python-format -msgid "%(count)d selfservice matched" -msgid_plural "%(count)d selfservices matched" -msgstr[0] "" - -#, fuzzy -#| msgid "IPA Server" -msgid "" -"\n" -"IPA server roles\n" -msgstr "Сервери IPA" - -msgid "" -"\n" -"Get status of roles (DNS server, CA, etc.) provided by IPA masters.\n" -msgstr "" - -msgid "" -"\n" -"The status of a role is either enabled, configured, or absent.\n" -msgstr "" - -msgid "" -"\n" -" Show status of 'DNS server' role on a server:\n" -" ipa server-role-show ipa.example.com \"DNS server\"\n" -msgstr "" - -msgid "" -"\n" -" Show status of all roles containing 'AD' on a server:\n" -" ipa server-role-find --server ipa.example.com --role=\"AD trust " -"controller\"\n" -msgstr "" - -msgid "" -"\n" -" Show status of all configured roles on a server:\n" -" ipa server-role-find ipa.example.com\n" -msgstr "" - -msgid "" -"\n" -" Show implicit IPA master role:\n" -" ipa server-role-find --include-master\n" -msgstr "" - -#, fuzzy -#| msgid "Server Name" -msgid "server role" -msgstr "Номи сервер" - -#, fuzzy -#| msgid "Server Name" -msgid "server roles" -msgstr "Номи сервер" - -#, fuzzy -#| msgid "IPA Server" -msgid "IPA Server Roles" -msgstr "Сервери IPA" - -#, fuzzy -#| msgid "IPA Server" -msgid "IPA Server Role" -msgstr "Сервери IPA" - -#, fuzzy -#| msgid "IPA Server" -msgid "IPA server role name" -msgstr "Сервери IPA" - -msgid "Role status" -msgstr "" - -msgid "Status of the role" -msgstr "" - -msgid "Show role status on a server" -msgstr "" - -msgid "Find a server role on a server(s)" -msgstr "" - -#, python-format -msgid "%(count)s server role matched" -msgid_plural "%(count)s server roles matched" -msgstr[0] "" - -msgid "Include IPA master entries" -msgstr "" - -msgid "IPA role name" -msgstr "" - -msgid "" -"\n" -"Cross-realm trusts\n" -"\n" -"Manage trust relationship between IPA and Active Directory domains.\n" -"\n" -"In order to allow users from a remote domain to access resources in IPA " -"domain,\n" -"trust relationship needs to be established. Currently IPA supports only " -"trusts\n" -"between IPA and Active Directory domains under control of Windows Server " -"2008\n" -"or later, with functional level 2008 or later.\n" -"\n" -"Please note that DNS on both IPA and Active Directory domain sides should " -"be\n" -"configured properly to discover each other. Trust relationship relies on\n" -"ability to discover special resources in the other domain via DNS records.\n" -"\n" -"Examples:\n" -"\n" -"1. Establish cross-realm trust with Active Directory using AD administrator\n" -" credentials:\n" -"\n" -" ipa trust-add --type=ad --admin --password\n" -"\n" -"2. List all existing trust relationships:\n" -"\n" -" ipa trust-find\n" -"\n" -"3. Show details of the specific trust relationship:\n" -"\n" -" ipa trust-show \n" -"\n" -"4. Delete existing trust relationship:\n" -"\n" -" ipa trust-del \n" -"\n" -"Once trust relationship is established, remote users will need to be mapped\n" -"to local POSIX groups in order to actually use IPA resources. The mapping\n" -"should be done via use of external membership of non-POSIX group and then\n" -"this group should be included into one of local POSIX groups.\n" -"\n" -"Example:\n" -"\n" -"1. Create group for the trusted domain admins' mapping and their local " -"POSIX\n" -"group:\n" -"\n" -" ipa group-add --desc=' admins external map' " -"ad_admins_external --external\n" -" ipa group-add --desc=' admins' ad_admins\n" -"\n" -"2. Add security identifier of Domain Admins of the to the\n" -" ad_admins_external group:\n" -"\n" -" ipa group-add-member ad_admins_external --external 'AD\\Domain Admins'\n" -"\n" -"3. Allow members of ad_admins_external group to be associated with\n" -" ad_admins POSIX group:\n" -"\n" -" ipa group-add-member ad_admins --groups ad_admins_external\n" -"\n" -"4. List members of external members of ad_admins_external group to see\n" -" their SIDs:\n" -"\n" -" ipa group-show ad_admins_external\n" -"\n" -"\n" -"GLOBAL TRUST CONFIGURATION\n" -"\n" -"When IPA AD trust subpackage is installed and ipa-adtrust-install is run, a\n" -"local domain configuration (SID, GUID, NetBIOS name) is generated. These\n" -"identifiers are then used when communicating with a trusted domain of the\n" -"particular type.\n" -"\n" -"1. Show global trust configuration for Active Directory type of trusts:\n" -"\n" -" ipa trustconfig-show --type ad\n" -"\n" -"2. Modify global configuration for all trusts of Active Directory type and " -"set\n" -" a different fallback primary group (fallback primary group GID is used as " -"a\n" -" primary user GID if user authenticating to IPA domain does not have any\n" -" other primary GID already set):\n" -"\n" -" ipa trustconfig-mod --type ad --fallback-primary-group \"another AD group" -"\"\n" -"\n" -"3. Change primary fallback group back to default hidden group (any group " -"with\n" -" posixGroup object class is allowed):\n" -"\n" -" ipa trustconfig-mod --type ad --fallback-primary-group \"Default SMB Group" -"\"\n" -msgstr "" - -#, python-format -msgid "" -" Alternatively, following servers are capable of running this command: " -"%(masters)s" -msgstr "" - -msgid "AD Trust setup" -msgstr "" - -msgid "" -"Cannot perform the selected command without Samba 4 support installed. Make " -"sure you have installed server-trust-ad sub-package of IPA." -msgstr "" - -msgid "" -"Cannot perform the selected command without Samba 4 instance configured on " -"this machine. Make sure you have run ipa-adtrust-install on this server." -msgstr "" - -msgid "" -"Fetching domains from trusted forest failed. See details in the error_log" -msgstr "" - -msgid "trust" -msgstr "" - -msgid "trusts" -msgstr "" - -msgid "Trust" -msgstr "" - -msgid "SID blocklist incoming" -msgstr "" - -msgid "SID blocklist outgoing" -msgstr "" - -msgid "UPN suffixes" -msgstr "" - -#, python-brace-format -msgid "invalid SID: {SID}" -msgstr "" - -msgid "" -"\n" -"Add new trust to use.\n" -"\n" -"This command establishes trust relationship to another domain\n" -"which becomes 'trusted'. As result, users of the trusted domain\n" -"may access resources of this domain.\n" -"\n" -"Only trusts to Active Directory domains are supported right now.\n" -"\n" -"The command can be safely run multiple times against the same domain,\n" -"this will cause change to trust relationship credentials on both\n" -"sides.\n" -"\n" -"Note that if the command was previously run with a specific range type,\n" -"or with automatic detection of the range type, and you want to configure a\n" -"different range type, you may need to delete first the ID range using\n" -"ipa idrange-del before retrying the command with the desired range type.\n" -" " -msgstr "" - -msgid "Type of trusted domain ID range, one of allowed values" -msgstr "" - -msgid "External trust" -msgstr "" - -msgid "" -"Establish external trust to a domain in another forest. The trust is not " -"transitive beyond the domain." -msgstr "" - -#, python-format -msgid "Added Active Directory trust for realm \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Re-established trust to domain \"%(value)s\"" -msgstr "" - -msgid "missing base_id" -msgstr "" - -msgid "pysss_murmur is not available on the server and no base-id is given." -msgstr "" - -msgid "trust type" -msgstr "" - -msgid "only \"ad\" is supported" -msgstr "" - -msgid "domain" -msgstr "" - -msgid "" -"Cannot establish a trust to AD deployed in the same domain as IPA. Such " -"setup is not supported." -msgstr "" - -msgid "Realm-domain mismatch" -msgstr "" - -msgid "" -"To establish trust with Active Directory, the domain name and the realm name " -"of the IPA server must match" -msgstr "" - -#, python-format -msgid "" -"Trusted domain %(domain)s is included among IPA realm domains. It needs to " -"be removed prior to establishing the trust. See the \"ipa realmdomains-mod --" -"del-domain\" command." -msgstr "" - -msgid "Trusted domain and administrator account use different realms" -msgstr "" - -msgid "Realm administrator password should be specified" -msgstr "" - -msgid "id range type" -msgstr "" - -msgid "" -"Only the ipa-ad-trust and ipa-ad-trust-posix are allowed values for --range-" -"type when adding an AD trust." -msgstr "" - -msgid "id range" -msgstr "" - -msgid "" -"An id range already exists for this trust. You should either delete the old " -"range, or exclude --base-id/--range-size options from the command." -msgstr "" - -msgid "range exists" -msgstr "" - -msgid "" -"ID range with the same name but different domain SID already exists. The ID " -"range for the new trusted domain must be created manually." -msgstr "" - -msgid "range type change" -msgstr "" - -msgid "" -"ID range for the trusted domain already exists, but it has a different type. " -"Please remove the old range manually, or do not enforce type via --range-" -"type option." -msgstr "" - -#, python-brace-format -msgid "Unable to resolve domain controller for {domain} domain. " -msgstr "" - -msgid "" -"Forward policy is defined for it in IPA DNS, perhaps forwarder points to " -"incorrect host?" -msgstr "" - -#, python-brace-format -msgid "" -"IPA manages DNS, please verify your DNS configuration and make sure that " -"service records of the '{domain}' domain can be resolved. Examples how to " -"configure DNS with CLI commands or the Web UI can be found in the " -"documentation. " -msgstr "" - -#, python-brace-format -msgid "" -"Since IPA does not manage DNS records, ensure DNS is configured to resolve " -"'{domain}' domain from IPA hosts and back." -msgstr "" - -msgid "Unable to verify write permissions to the AD" -msgstr "" - -msgid "Not enough arguments specified to perform trust setup" -msgstr "" - -#, python-format -msgid "Deleted trust \"%(value)s\"" -msgstr "" - -msgid "" -"\n" -" Modify a trust (for future use).\n" -"\n" -" Currently only the default option to modify the LDAP attributes is\n" -" available. More specific options will be added in coming releases.\n" -" " -msgstr "" - -#, python-format -msgid "Modified trust \"%(value)s\" (change will be effective in 60 seconds)" -msgstr "" - -#, python-format -msgid "%(count)d trust matched" -msgid_plural "%(count)d trusts matched" -msgstr[0] "" - -#, fuzzy -#| msgid "Configuration" -msgid "trust configuration" -msgstr "Ҷӯрсозӣ" - -#, fuzzy -#| msgid "Configuration" -msgid "Global Trust Configuration" -msgstr "Ҷӯрсозӣ" - -msgid "IPA AD trust agents" -msgstr "" - -msgid "IPA servers configured as AD trust agents" -msgstr "" - -msgid "IPA AD trust controllers" -msgstr "" - -msgid "IPA servers configured as AD trust controllers" -msgstr "" - -msgid "unsupported trust type" -msgstr "" - -#, python-format -msgid "Modified \"%(value)s\" trust configuration" -msgstr "" - -msgid "SID" -msgstr "" - -msgid "sidgen_was_run" -msgstr "" - -msgid "" -"This command relies on the existence of the \"editors\" group, but this " -"group was not found." -msgstr "" - -msgid "trust domain" -msgstr "" - -msgid "trust domains" -msgstr "" - -msgid "Trusted domains" -msgstr "" - -msgid "Trusted domain" -msgstr "" - -msgid "Domain enabled" -msgstr "" - -#, python-format -msgid "Removed information about the trusted domain \"%(value)s\"" -msgstr "" - -msgid "" -"cannot delete root domain of the trust, use trust-del to delete the trust " -"itself" -msgstr "" - -msgid "" -"List of trust domains successfully refreshed. Use trustdomain-find command " -"to list them." -msgstr "" - -msgid "Configure this server as a trust agent." -msgstr "" - -msgid "Enable support for trusted domains for old clients" -msgstr "" - -msgid "not allowed to remotely add agent" -msgstr "" - -#, python-format -msgid "Enabled trust domain \"%(value)s\"" -msgstr "" - -msgid "Root domain of the trust is always enabled for the existing trust" -msgstr "" - -#, python-format -msgid "Disabled trust domain \"%(value)s\"" -msgstr "" - -msgid "" -"cannot disable root domain of the trust, use trust-del to delete the trust " -"itself" -msgstr "" - -msgid "A list of ACI values" -msgstr "" - -msgid "type, filter, subtree and targetgroup are mutually exclusive" -msgstr "" - -#, fuzzy -#| msgid "ACI prefix" -msgid "ACI prefix is required" -msgstr "Префикси ACI" - -msgid "" -"at least one of: type, filter, subtree, targetgroup, attrs or memberof are " -"required" -msgstr "" - -msgid "filter and memberof are mutually exclusive" -msgstr "" - -msgid "group, permission and self are mutually exclusive" -msgstr "" - -msgid "One of group, permission or self is required" -msgstr "" - -#, python-format -msgid "Group '%s' does not exist" -msgstr "" - -msgid "empty filter" -msgstr "" - -#, python-format -msgid "Syntax Error: %(error)s" -msgstr "Хатогии синтаксисӣ: %(error)s" - -#, python-format -msgid "invalid DN (%s)" -msgstr "" - -#, python-format -msgid "ACI with name \"%s\" not found" -msgstr "" - -msgid "ACI object." -msgstr "" - -msgid "ACIs" -msgstr "ACIs" - -#, python-format -msgid "Created ACI \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Deleted ACI \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Modified ACI \"%(value)s\"" -msgstr "" - -#, python-format -msgid "%(count)d ACI matched" -msgid_plural "%(count)d ACIs matched" -msgstr[0] "" - -#, python-format -msgid "Renamed ACI to \"%(value)s\"" -msgstr "" - -msgid "" -"\n" -"Plugin to make multiple ipa calls via one remote procedure call\n" -"\n" -"To run this code in the lite-server\n" -"\n" -"curl -H \"Content-Type:application/json\" -H \"Accept:application/" -"json\" -H \"Accept-Language:en\" --negotiate -u : --cacert /" -"etc/ipa/ca.crt -d @batch_request.json -X POST http://" -"localhost:8888/ipa/json\n" -"\n" -"where the contents of the file batch_request.json follow the below example\n" -"\n" -"{\"method\":\"batch\",\"params\":[[\n" -" {\"method\":\"group_find\",\"params\":[[],{}]},\n" -" {\"method\":\"user_find\",\"params\":[[],{\"whoami\":\"true\",\"all" -"\":\"true\"}]},\n" -" {\"method\":\"user_show\",\"params\":[[\"admin\"],{\"all\":true}]}\n" -" ],{}],\"id\":1}\n" -"\n" -"The format of the response is nested the same way. At the top you will see\n" -" \"error\": null,\n" -" \"id\": 1,\n" -" \"result\": {\n" -" \"count\": 3,\n" -" \"results\": [\n" -"\n" -"\n" -"And then a nested response for each IPA command method sent in the request\n" -"\n" -msgstr "" - -msgid "Make multiple ipa calls via one remote procedure call" -msgstr "" - -msgid "must contain a tuple (list, dict)" -msgstr "" - -msgid "" -"\n" -"Certificate Identity Mapping\n" -msgstr "" - -msgid "" -"\n" -"Manage Certificate Identity Mapping configuration and rules.\n" -msgstr "" - -msgid "" -"\n" -"IPA supports the use of certificates for authentication. Certificates can\n" -"either be stored in the user entry (full certificate in the usercertificate\n" -"attribute), or simply linked to the user entry through a mapping.\n" -"This code enables the management of the rules allowing to link a\n" -"certificate to a user entry.\n" -msgstr "" - -msgid "" -"\n" -" Display the Certificate Identity Mapping global configuration:\n" -" ipa certmapconfig-show\n" -msgstr "" - -msgid "" -"\n" -" Modify Certificate Identity Mapping global configuration:\n" -" ipa certmapconfig-mod --promptusername=TRUE\n" -msgstr "" - -msgid "" -"\n" -" Create a new Certificate Identity Mapping Rule:\n" -" ipa certmaprule-add rule1 --desc=\"Link certificate with subject and " -"issuer\"\n" -msgstr "" - -msgid "" -"\n" -" Modify a Certificate Identity Mapping Rule:\n" -" ipa certmaprule-mod rule1 --maprule=\"\"\n" -msgstr "" - -msgid "" -"\n" -" Disable a Certificate Identity Mapping Rule:\n" -" ipa certmaprule-disable rule1\n" -msgstr "" - -msgid "" -"\n" -" Enable a Certificate Identity Mapping Rule:\n" -" ipa certmaprule-enable rule1\n" -msgstr "" - -msgid "" -"\n" -" Display information about a Certificate Identity Mapping Rule:\n" -" ipa certmaprule-show rule1\n" -msgstr "" - -msgid "" -"\n" -" Find all Certificate Identity Mapping Rules with the specified domain:\n" -" ipa certmaprule-find --domain example.com\n" -msgstr "" - -msgid "" -"\n" -" Delete a Certificate Identity Mapping Rule:\n" -" ipa certmaprule-del rule1\n" -msgstr "" - -#, python-format -msgid "" -"The domain(s) \"%s\" cannot be used to apply altSecurityIdentities check." -msgstr "" - -msgid "" -"The mapping rule with altSecurityIdentities should be applied to a trusted " -"Active Directory domain but no domain was associated with the rule." -msgstr "" - -#, python-format -msgid "The domain %s is neither IPA domain nor a trusteddomain." -msgstr "" - -msgid "Certificate Identity Mapping configuration options" -msgstr "" - -msgid "Certificate Identity Mapping Global Configuration" -msgstr "" - -msgid "Prompt for the username" -msgstr "" - -msgid "" -"Prompt for the username when multiple identities are mapped to a certificate" -msgstr "" - -msgid "Modify Certificate Identity Mapping configuration." -msgstr "" - -msgid "Show the current Certificate Identity Mapping configuration." -msgstr "" - -msgid "Certificate Identity Mapping Rules" -msgstr "" - -msgid "Certificate Identity Mapping Rule" -msgstr "" - -msgid "Certificate Identity Mapping Rule name" -msgstr "" - -msgid "Certificate Identity Mapping Rule description" -msgstr "" - -msgid "Mapping rule" -msgstr "" - -msgid "Rule used to map the certificate with a user entry" -msgstr "" - -msgid "Matching rule" -msgstr "" - -msgid "Rule used to check if a certificate can be used for authentication" -msgstr "" - -msgid "Domain where the user entry will be searched" -msgstr "" - -msgid "Priority of the rule (higher number means lower priority" -msgstr "" - -msgid "Create a new Certificate Identity Mapping Rule." -msgstr "" - -#, python-format -msgid "Added Certificate Identity Mapping Rule \"%(value)s\"" -msgstr "" - -msgid "Modify a Certificate Identity Mapping Rule." -msgstr "" - -#, python-format -msgid "Modified Certificate Identity Mapping Rule \"%(value)s\"" -msgstr "" - -msgid "Search for Certificate Identity Mapping Rules." -msgstr "" - -#, python-format -msgid "%(count)d Certificate Identity Mapping Rule matched" -msgid_plural "%(count)d Certificate Identity Mapping Rules matched" -msgstr[0] "" - -msgid "Display information about a Certificate Identity Mapping Rule." -msgstr "" - -msgid "Delete a Certificate Identity Mapping Rule." -msgstr "" - -#, python-format -msgid "Deleted Certificate Identity Mapping Rule \"%(value)s\"" -msgstr "" - -msgid "Enable a Certificate Identity Mapping Rule." -msgstr "" - -#, python-format -msgid "Enabled Certificate Identity Mapping Rule \"%(value)s\"" -msgstr "" - -msgid "Disable a Certificate Identity Mapping Rule." -msgstr "" - -#, python-format -msgid "Disabled Certificate Identity Mapping Rule \"%(value)s\"" -msgstr "" - -msgid "Failed to connect to sssd over SystemBus. See details in the error_log" -msgstr "" - -msgid "Failed to find users over SystemBus. See details in the error_log" -msgstr "" - -#, fuzzy -#| msgid "User name" -msgid "User logins" -msgstr "Номи корбар" - -msgid "" -"\n" -" Search for users matching the provided certificate.\n" -"\n" -" This command relies on SSSD to retrieve the list of matching users and\n" -" may return cached data. For more information on purging SSSD cache,\n" -" please refer to sss_cache documentation.\n" -" " -msgstr "" - -#, python-format -msgid "%(count)s user matched" -msgid_plural "%(count)s users matched" -msgstr[0] "" - -msgid "" -"\n" -"Manage Certificate Profiles\n" -"\n" -"Certificate Profiles are used by Certificate Authority (CA) in the signing " -"of\n" -"certificates to determine if a Certificate Signing Request (CSR) is " -"acceptable,\n" -"and if so what features and extensions will be present on the certificate.\n" -"\n" -"The Certificate Profile format is the property-list format understood by " -"the\n" -"Dogtag or Red Hat Certificate System CA.\n" -"\n" -"PROFILE ID SYNTAX:\n" -"\n" -"A Profile ID is a string without spaces or punctuation starting with a " -"letter\n" -"and followed by a sequence of letters, digits or underscore (\"_\").\n" -"\n" -"EXAMPLES:\n" -"\n" -" Import a profile that will not store issued certificates:\n" -" ipa certprofile-import ShortLivedUserCert \\\n" -" --file UserCert.profile --desc \"User Certificates\" \\\n" -" --store=false\n" -"\n" -" Delete a certificate profile:\n" -" ipa certprofile-del ShortLivedUserCert\n" -"\n" -" Show information about a profile:\n" -" ipa certprofile-show ShortLivedUserCert\n" -"\n" -" Save profile configuration to a file:\n" -" ipa certprofile-show caIPAserviceCert --out caIPAserviceCert.cfg\n" -"\n" -" Search for profiles that do not store certificates:\n" -" ipa certprofile-find --store=false\n" -"\n" -"PROFILE CONFIGURATION FORMAT:\n" -"\n" -"The profile configuration format is the raw property-list format\n" -"used by Dogtag Certificate System. The XML format is not supported.\n" -"\n" -"The following restrictions apply to profiles managed by FreeIPA:\n" -"\n" -"- When importing a profile the \"profileId\" field, if present, must\n" -" match the ID given on the command line.\n" -"\n" -"- The \"classId\" field must be set to \"caEnrollImpl\"\n" -"\n" -"- The \"auth.instance_id\" field must be set to \"raCertAuth\"\n" -"\n" -"- The \"certReqInputImpl\" input class and \"certOutputImpl\" output\n" -" class must be used.\n" -"\n" -msgstr "" - -msgid "CA is not configured" -msgstr "" - -msgid "invalid Profile ID" -msgstr "" - -msgid "Certificate Profile" -msgstr "" - -msgid "Certificate Profiles" -msgstr "" - -#, fuzzy -#| msgid "Configuration" -msgid "Profile configuration" -msgstr "Ҷӯрсозӣ" - -#, python-format -msgid "%(count)d profile matched" -msgid_plural "%(count)d profiles matched" -msgstr[0] "" - -#, python-format -msgid "Imported profile \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Profile data specifies profileId multiple times: %(values)s" -msgstr "" - -#, python-format -msgid "Profile ID '%(cli_value)s' does not match profile data '%(file_value)s'" -msgstr "" - -#, python-format -msgid "Deleted profile \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Predefined profile '%(profile_id)s' cannot be deleted" -msgstr "" - -#, python-format -msgid "Modified Certificate Profile \"%(value)s\"" -msgstr "" - -msgid "Certificate profiles cannot be renamed" -msgstr "" - -msgid "Insufficient privilege to modify a certificate profile." -msgstr "" - -msgid "" -"\n" -"Domain Name System (DNS)\n" -msgstr "" - -msgid "" -"\n" -"Manage DNS zone and resource records.\n" -msgstr "" - -msgid "" -"\n" -"SUPPORTED ZONE TYPES\n" -"\n" -" * Master zone (dnszone-*), contains authoritative data.\n" -" * Forward zone (dnsforwardzone-*), forwards queries to configured " -"forwarders\n" -" (a set of DNS servers).\n" -msgstr "" - -msgid "" -"\n" -"USING STRUCTURED PER-TYPE OPTIONS\n" -msgstr "" - -msgid "" -"\n" -"There are many structured DNS RR types where DNS data stored in LDAP server\n" -"is not just a scalar value, for example an IP address or a domain name, but\n" -"a data structure which may be often complex. A good example is a LOC record\n" -"[RFC1876] which consists of many mandatory and optional parts (degrees,\n" -"minutes, seconds of latitude and longitude, altitude or precision).\n" -msgstr "" - -msgid "" -"\n" -"It may be difficult to manipulate such DNS records without making a mistake\n" -"and entering an invalid value. DNS module provides an abstraction over " -"these\n" -"raw records and allows to manipulate each RR type with specific options. " -"For\n" -"each supported RR type, DNS module provides a standard option to manipulate\n" -"a raw records with format ---rec, e.g. --mx-rec, and special " -"options\n" -"for every part of the RR structure with format ---, e.g.\n" -"--mx-preference and --mx-exchanger.\n" -msgstr "" - -msgid "" -"\n" -"When adding a record, either RR specific options or standard option for a " -"raw\n" -"value can be used, they just should not be combined in one add operation. " -"When\n" -"modifying an existing entry, new RR specific options can be used to change\n" -"one part of a DNS record, where the standard option for raw value is used\n" -"to specify the modified value. The following example demonstrates\n" -"a modification of MX record preference from 0 to 1 in a record without\n" -"modifying the exchanger:\n" -"ipa dnsrecord-mod --mx-rec=\"0 mx.example.com.\" --mx-preference=1\n" -msgstr "" - -msgid "" -"\n" -"\n" -"EXAMPLES:\n" -msgstr "" - -msgid "" -"\n" -" Add new zone:\n" -" ipa dnszone-add example.com --admin-email=admin@example.com\n" -msgstr "" - -msgid "" -"\n" -" Add system permission that can be used for per-zone privilege delegation:\n" -" ipa dnszone-add-permission example.com\n" -msgstr "" - -msgid "" -"\n" -" Modify the zone to allow dynamic updates for hosts own records in realm " -"EXAMPLE.COM:\n" -" ipa dnszone-mod example.com --dynamic-update=TRUE\n" -msgstr "" - -msgid "" -"\n" -" This is the equivalent of:\n" -" ipa dnszone-mod example.com --dynamic-update=TRUE \\\n" -" --update-policy=\"grant EXAMPLE.COM krb5-self * A; grant EXAMPLE.COM " -"krb5-self * AAAA; grant EXAMPLE.COM krb5-self * SSHFP;\"\n" -msgstr "" - -msgid "" -"\n" -" Modify the zone to allow zone transfers for local network only:\n" -" ipa dnszone-mod example.com --allow-transfer=192.0.2.0/24\n" -msgstr "" - -msgid "" -"\n" -" Add new reverse zone specified by network IP address:\n" -" ipa dnszone-add --name-from-ip=192.0.2.0/24\n" -msgstr "" - -msgid "" -"\n" -" Add second nameserver for example.com:\n" -" ipa dnsrecord-add example.com @ --ns-rec=nameserver2.example.com\n" -msgstr "" - -msgid "" -"\n" -" Add a mail server for example.com:\n" -" ipa dnsrecord-add example.com @ --mx-rec=\"10 mail1\"\n" -msgstr "" - -msgid "" -"\n" -" Add another record using MX record specific options:\n" -" ipa dnsrecord-add example.com @ --mx-preference=20 --mx-exchanger=mail2\n" -msgstr "" - -msgid "" -"\n" -" Add another record using interactive mode (started when dnsrecord-add, " -"dnsrecord-mod,\n" -" or dnsrecord-del are executed with no options):\n" -" ipa dnsrecord-add example.com @\n" -" Please choose a type of DNS resource record to be added\n" -" The most common types for this type of zone are: NS, MX, LOC\n" -"\n" -" DNS resource record type: MX\n" -" MX Preference: 30\n" -" MX Exchanger: mail3\n" -" Record name: example.com\n" -" MX record: 10 mail1, 20 mail2, 30 mail3\n" -" NS record: nameserver.example.com., nameserver2.example.com.\n" -msgstr "" - -msgid "" -"\n" -" Delete previously added nameserver from example.com:\n" -" ipa dnsrecord-del example.com @ --ns-rec=nameserver2.example.com.\n" -msgstr "" - -msgid "" -"\n" -" Add LOC record for example.com:\n" -" ipa dnsrecord-add example.com @ --loc-rec=\"49 11 42.4 N 16 36 29.6 E " -"227.64m\"\n" -msgstr "" - -msgid "" -"\n" -" Add new A record for www.example.com. Create a reverse record in " -"appropriate\n" -" reverse zone as well. In this case a PTR record \"2\" pointing to www." -"example.com\n" -" will be created in zone 2.0.192.in-addr.arpa.\n" -" ipa dnsrecord-add example.com www --a-rec=192.0.2.2 --a-create-reverse\n" -msgstr "" - -msgid "" -"\n" -" Add new PTR record for www.example.com\n" -" ipa dnsrecord-add 2.0.192.in-addr.arpa. 2 --ptr-rec=www.example.com.\n" -msgstr "" - -msgid "" -"\n" -" Add new SRV records for LDAP servers. Three quarters of the requests\n" -" should go to fast.example.com, one quarter to slow.example.com. If neither\n" -" is available, switch to backup.example.com.\n" -" ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"0 3 389 fast.example." -"com\"\n" -" ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"0 1 389 slow.example." -"com\"\n" -" ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"1 1 389 backup." -"example.com\"\n" -msgstr "" - -msgid "" -"\n" -" The interactive mode can be used for easy modification:\n" -" ipa dnsrecord-mod example.com _ldap._tcp\n" -" No option to modify specific record provided.\n" -" Current DNS record contents:\n" -"\n" -" SRV record: 0 3 389 fast.example.com, 0 1 389 slow.example.com, 1 1 389 " -"backup.example.com\n" -"\n" -" Modify SRV record '0 3 389 fast.example.com'? Yes/No (default No):\n" -" Modify SRV record '0 1 389 slow.example.com'? Yes/No (default No): y\n" -" SRV Priority [0]: (keep the default value)\n" -" SRV Weight [1]: 2 (modified value)\n" -" SRV Port [389]: (keep the default value)\n" -" SRV Target [slow.example.com]: (keep the default value)\n" -" 1 SRV record skipped. Only one value per DNS record type can be modified " -"at one time.\n" -" Record name: _ldap._tcp\n" -" SRV record: 0 3 389 fast.example.com, 1 1 389 backup.example.com, 0 2 " -"389 slow.example.com\n" -msgstr "" - -msgid "" -"\n" -" After this modification, three fifths of the requests should go to\n" -" fast.example.com and two fifths to slow.example.com.\n" -msgstr "" - -msgid "" -"\n" -" An example of the interactive mode for dnsrecord-del command:\n" -" ipa dnsrecord-del example.com www\n" -" No option to delete specific record provided.\n" -" Delete all? Yes/No (default No): (do not delete all records)\n" -" Current DNS record contents:\n" -"\n" -" A record: 192.0.2.2, 192.0.2.3\n" -"\n" -" Delete A record '192.0.2.2'? Yes/No (default No):\n" -" Delete A record '192.0.2.3'? Yes/No (default No): y\n" -" Record name: www\n" -" A record: 192.0.2.2 (A record 192.0.2.3 has been " -"deleted)\n" -msgstr "" - -msgid "" -"\n" -" Show zone example.com:\n" -" ipa dnszone-show example.com\n" -msgstr "" - -msgid "" -"\n" -" Find zone with \"example\" in its domain name:\n" -" ipa dnszone-find example\n" -msgstr "" - -msgid "" -"\n" -" Find records for resources with \"www\" in their name in zone example.com:\n" -" ipa dnsrecord-find example.com www\n" -msgstr "" - -msgid "" -"\n" -" Find A records with value 192.0.2.2 in zone example.com\n" -" ipa dnsrecord-find example.com --a-rec=192.0.2.2\n" -msgstr "" - -msgid "" -"\n" -" Show records for resource www in zone example.com\n" -" ipa dnsrecord-show example.com www\n" -msgstr "" - -msgid "" -"\n" -" Delegate zone sub.example to another nameserver:\n" -" ipa dnsrecord-add example.com ns.sub --a-rec=203.0.113.1\n" -" ipa dnsrecord-add example.com sub --ns-rec=ns.sub.example.com.\n" -msgstr "" - -msgid "" -"\n" -" Delete zone example.com with all resource records:\n" -" ipa dnszone-del example.com\n" -msgstr "" - -msgid "" -"\n" -" If a global forwarder is configured, all queries for which this server is " -"not\n" -" authoritative (e.g. sub.example.com) will be routed to the global " -"forwarder.\n" -" Global forwarding configuration can be overridden per-zone.\n" -msgstr "" - -msgid "" -"\n" -" Semantics of forwarding in IPA matches BIND semantics and depends on the " -"type\n" -" of zone:\n" -" * Master zone: local BIND replies authoritatively to queries for data in\n" -" the given zone (including authoritative NXDOMAIN answers) and forwarding\n" -" affects only queries for names below zone cuts (NS records) of locally\n" -" served zones.\n" -"\n" -" * Forward zone: forward zone contains no authoritative data. BIND " -"forwards\n" -" queries, which cannot be answered from its local cache, to configured\n" -" forwarders.\n" -msgstr "" - -msgid "" -"\n" -" Semantics of the --forward-policy option:\n" -" * none - disable forwarding for the given zone.\n" -" * first - forward all queries to configured forwarders. If they fail,\n" -" do resolution using DNS root servers.\n" -" * only - forward all queries to configured forwarders and if they fail,\n" -" return failure.\n" -msgstr "" - -msgid "" -"\n" -" Disable global forwarding for given sub-tree:\n" -" ipa dnszone-mod example.com --forward-policy=none\n" -msgstr "" - -msgid "" -"\n" -" This configuration forwards all queries for names outside the example.com\n" -" sub-tree to global forwarders. Normal recursive resolution process is used\n" -" for names inside the example.com sub-tree (i.e. NS records are followed " -"etc.).\n" -msgstr "" - -msgid "" -"\n" -" Forward all requests for the zone external.example.com to another " -"forwarder\n" -" using a \"first\" policy (it will send the queries to the selected " -"forwarder\n" -" and if not answered it will use global root servers):\n" -" ipa dnsforwardzone-add external.example.com --forward-policy=first \\\n" -" --forwarder=203.0.113.1\n" -msgstr "" - -msgid "" -"\n" -" Change forward-policy for external.example.com:\n" -" ipa dnsforwardzone-mod external.example.com --forward-policy=only\n" -msgstr "" - -msgid "" -"\n" -" Show forward zone external.example.com:\n" -" ipa dnsforwardzone-show external.example.com\n" -msgstr "" - -msgid "" -"\n" -" List all forward zones:\n" -" ipa dnsforwardzone-find\n" -msgstr "" - -msgid "" -"\n" -" Delete forward zone external.example.com:\n" -" ipa dnsforwardzone-del external.example.com\n" -msgstr "" - -msgid "" -"\n" -" Resolve a host name to see if it exists (will add default IPA domain\n" -" if one is not included):\n" -" ipa dns-resolve www.example.com\n" -" ipa dns-resolve www\n" -msgstr "" - -msgid "" -"\n" -"\n" -"GLOBAL DNS CONFIGURATION\n" -msgstr "" - -msgid "" -"\n" -"DNS configuration passed to command line install script is stored in a " -"local\n" -"configuration file on each IPA server where DNS service is configured. " -"These\n" -"local settings can be overridden with a common configuration stored in LDAP\n" -"server:\n" -msgstr "" - -msgid "" -"\n" -" Show global DNS configuration:\n" -" ipa dnsconfig-show\n" -msgstr "" - -msgid "" -"\n" -" Modify global DNS configuration and set a list of global forwarders:\n" -" ipa dnsconfig-mod --forwarder=203.0.113.113\n" -msgstr "" - -msgid "invalid IP network format" -msgstr "" - -msgid "each ACL element must be terminated with a semicolon" -msgstr "" - -msgid "invalid address format" -msgstr "" - -msgid "" -"expected format: <0-255> <0-255> <0-65535> even-" -"length_hexadecimal_digits_or_hyphen" -msgstr "" - -msgid "algorithm value: allowed interval 0-255" -msgstr "" - -msgid "flags value: allowed interval 0-255" -msgstr "" - -msgid "iterations value: allowed interval 0-65535" -msgstr "" - -#, python-format -msgid "salt value: %(err)s" -msgstr "" - -msgid "invalid domain-name: not fully qualified" -msgstr "" - -msgid "should not be a wildcard domain name (RFC 4592 section 4)" -msgstr "" - -#, python-format -msgid "" -"All nameservers failed to answer the query for DNS reverse zone %(revdns)s" -msgstr "" - -#, python-format -msgid "" -"DNS reverse zone %(revzone)s for IP address %(addr)s is not managed by this " -"server" -msgstr "" - -#, fuzzy, python-format -#| msgid "File %(file)s not found" -msgid "DNS zone %(zone)s not found" -msgstr "Файли %(file)s пайдо нашуд." - -#, python-format -msgid "IP address %(ip)s is already assigned in domain %(domain)s." -msgstr "" - -#, python-format -msgid "" -"Reverse record for IP address %(ip)s already exists in reverse zone %(zone)s." -msgstr "" - -#, python-format -msgid "%s record" -msgstr "" - -#, python-format -msgid "Raw %s records" -msgstr "" - -#, python-format -msgid "%s Record" -msgstr "" - -#, python-format -msgid "(see RFC %s for details)" -msgstr "" - -#, python-format -msgid "'%s' is a required part of DNS record" -msgstr "" - -msgid "Invalid number of parts!" -msgstr "" - -#, python-format -msgid "DNS RR type \"%s\" is not supported by bind-dyndb-ldap plugin" -msgstr "" - -#, python-format -msgid "format must be specified as \"%(format)s\" %(rfcs)s" -msgstr "" - -msgid "Create reverse" -msgstr "" - -#, python-format -msgid "Cannot create reverse record for \"%(value)s\": %(exc)s" -msgstr "" - -msgid "Exchanger" -msgstr "" - -msgid "" -"format must be specified as\n" -" \"d1 [m1 [s1]] {\"N\"|\"S\"} d2 [m2 [s2]] {\"E\"|\"W\"} alt[\"m\"] " -"[siz[\"m\"] [hp[\"m\"] [vp[\"m\"]]]]\"\n" -" where:\n" -" d1: [0 .. 90] (degrees latitude)\n" -" d2: [0 .. 180] (degrees longitude)\n" -" m1, m2: [0 .. 59] (minutes latitude/longitude)\n" -" s1, s2: [0 .. 59.999] (seconds latitude/longitude)\n" -" alt: [-100000.00 .. 42849672.95] BY .01 (altitude in meters)\n" -" siz, hp, vp: [0 .. 90000000.00] (size/precision in meters)\n" -" See RFC 1876 for details" -msgstr "" - -#, python-format -msgid "'%(required)s' must not be empty when '%(name)s' is set" -msgstr "" - -msgid "flags must be one of \"S\", \"A\", \"U\", or \"P\"" -msgstr "" - -msgid "Priority (order)" -msgstr "" - -msgid "" -"Lower number means higher priority. Clients will attempt to contact the " -"server with the lowest-numbered priority they can reach." -msgstr "" - -msgid "Relative weight for entries with the same priority." -msgstr "" - -msgid "the value does not follow \"YYYYMMDDHHMMSS\" time format" -msgstr "" - -msgid "" -"Lower number means higher priority. Clients will attempt to contact the URI " -"with the lowest-numbered priority they can reach." -msgstr "" - -msgid "Target Uniform Resource Identifier" -msgstr "" - -msgid "Target Uniform Resource Identifier according to RFC 3986" -msgstr "" - -#, python-format -msgid "Nameserver '%(host)s' does not have a corresponding A/AAAA record" -msgstr "" - -#, fuzzy -#| msgid "Permission" -msgid "Managedby permission" -msgstr "Иҷозат" - -msgid "Only one zone type is allowed per zone name" -msgstr "" - -#, python-format -msgid "Added system permission \"%(value)s\"" -msgstr "" - -#, python-format -msgid "permission \"%(value)s\" already exists" -msgstr "" - -#, python-format -msgid "Removed system permission \"%(value)s\"" -msgstr "" - -msgid "DNS zone" -msgstr "" - -msgid "DNS zones" -msgstr "" - -msgid "DNS Zones" -msgstr "" - -msgid "DNS Zone" -msgstr "" - -msgid "Default time to live" -msgstr "" - -msgid "Time to live for records without explicit TTL definition" -msgstr "" - -msgid "setting Authoritative nameserver" -msgstr "" - -msgid "It is used only for setting the SOA MNAME attribute." -msgstr "" - -msgid "NS record(s) can be edited in zone apex - '@'. " -msgstr "" - -#, fuzzy -#| msgid "IPA Server" -msgid "" -msgstr "Сервери IPA" - -msgid "Nameserver for reverse zone cannot be a relative DNS name" -msgstr "" - -#, python-format -msgid "Deleted DNS zone \"%(value)s\"" -msgstr "" - -msgid "is required" -msgstr "" - -#, python-format -msgid "Disabled DNS zone \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Enabled DNS zone \"%(value)s\"" -msgstr "" - -msgid "DNS resource record" -msgstr "" - -msgid "DNS resource records" -msgstr "" - -msgid "DNS Resource Records" -msgstr "" - -msgid "DNS Resource Record" -msgstr "" - -msgid "DS record must not be in zone apex (RFC 4035 section 2.4)" -msgstr "" - -msgid "" -"out-of-zone data: record name must be a subdomain of the zone or a relative " -"name" -msgstr "" - -#, python-format -msgid "" -"owner of %(types)s records should not be a wildcard domain name (RFC 4592 " -"section 4)" -msgstr "" - -#, python-format -msgid "" -"Reverse zone for PTR record should be a sub-zone of one the following fully " -"qualified domains: %s" -msgstr "" - -#, python-format -msgid "" -"Reverse zone %(name)s requires exactly %(count)d IP address components, " -"%(user_count)d given" -msgstr "" - -msgid "only master zones can contain records" -msgstr "" - -msgid "only one CNAME record is allowed per name (RFC 2136, section 1.1.5)" -msgstr "" - -msgid "" -"CNAME record is not allowed to coexist with any other record (RFC 1034, " -"section 3.6.2)" -msgstr "" - -msgid "only one DNAME record is allowed per name (RFC 6672, section 2.4)" -msgstr "" - -#, python-format -msgid "" -"NS record is not allowed to coexist with an %(type)s record except when " -"located in a zone root record (RFC 2181, section 6.1)" -msgstr "" - -msgid "" -"DS record requires to coexist with an NS record (RFC 4592 section 4.6, RFC " -"4035 section 2.4)" -msgstr "" - -#, python-format -msgid "Raw value of a DNS record was already set by \"%(name)s\" option" -msgstr "" - -msgid "DNS zone root record cannot be renamed" -msgstr "" - -msgid "DNS records can be only updated one at a time" -msgstr "" - -#, python-format -msgid "Deleted record \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Zone record '%s' cannot be deleted" -msgstr "" - -#, python-format -msgid "Found '%(value)s'" -msgstr "" - -#, fuzzy, python-format -#| msgid "File %(file)s not found" -msgid "Host '%(host)s' not found" -msgstr "Файли %(file)s пайдо нашуд." - -#, fuzzy -#| msgid "Configuration" -msgid "DNS configuration options" -msgstr "Ҷӯрсозӣ" - -#, fuzzy -#| msgid "Configuration" -msgid "DNS Global Configuration" -msgstr "Ҷӯрсозӣ" - -#, fuzzy -#| msgid "IPA Server" -msgid "IPA DNS version" -msgstr "Сервери IPA" - -msgid "List of IPA masters configured as DNS servers" -msgstr "" - -msgid "IPA server configured as DNSSec key master" -msgstr "" - -msgid "Global DNS configuration is empty" -msgstr "" - -msgid "DNS forward zone" -msgstr "" - -msgid "DNS forward zones" -msgstr "" - -msgid "DNS Forward Zones" -msgstr "" - -msgid "DNS Forward Zone" -msgstr "" - -msgid "Please specify forwarders." -msgstr "" - -#, python-format -msgid "Deleted DNS forward zone \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Disabled DNS forward zone \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Enabled DNS forward zone \"%(value)s\"" -msgstr "" - -#, fuzzy -#| msgid "IPA Server" -msgid "IPA DNS records" -msgstr "Сервери IPA" - -msgid "IPA location records" -msgstr "" - -msgid "Update location and IPA server DNS records" -msgstr "" - -msgid "Result of the command" -msgstr "" - -msgid "Dry run" -msgstr "" - -msgid "Do not update records only return expected records" -msgstr "" - -#, fuzzy, python-brace-format -#| msgid "File %(file)s not found" -msgid "{role}: role not found" -msgstr "Файли %(file)s пайдо нашуд." - -#, python-brace-format -msgid "{attr}: no such attribute" -msgstr "" - -msgid "" -"\n" -"Topology\n" -"\n" -"Management of a replication topology at domain level 1.\n" -msgstr "" - -msgid "" -"\n" -"IPA server's data is stored in LDAP server in two suffixes:\n" -"* domain suffix, e.g., 'dc=example,dc=com', contains all domain related " -"data\n" -"* ca suffix, 'o=ipaca', is present only on server with CA installed. It\n" -" contains data for Certificate Server component\n" -msgstr "" - -msgid "" -"\n" -"Data stored on IPA servers is replicated to other IPA servers. The way it " -"is\n" -"replicated is defined by replication agreements. Replication agreements " -"needs\n" -"to be set for both suffixes separately. On domain level 0 they are managed\n" -"using ipa-replica-manage and ipa-csreplica-manage tools. With domain level " -"1\n" -"they are managed centrally using `ipa topology*` commands.\n" -msgstr "" - -msgid "" -"\n" -"Agreements are represented by topology segments. By default topology " -"segment\n" -"represents 2 replication agreements - one for each direction, e.g., A to B " -"and\n" -"B to A. Creation of unidirectional segments is not allowed.\n" -msgstr "" - -msgid "" -"\n" -"To verify that no server is disconnected in the topology of the given " -"suffix,\n" -"use:\n" -" ipa topologysuffix-verify $suffix\n" -msgstr "" - -msgid "" -"\n" -"\n" -"Examples:\n" -" Find all IPA servers:\n" -" ipa server-find\n" -msgstr "" - -msgid "" -"\n" -" Find all suffixes:\n" -" ipa topologysuffix-find\n" -msgstr "" - -msgid "" -"\n" -" Add topology segment to 'domain' suffix:\n" -" ipa topologysegment-add domain --left IPA_SERVER_A --right IPA_SERVER_B\n" -msgstr "" - -msgid "" -"\n" -" Add topology segment to 'ca' suffix:\n" -" ipa topologysegment-add ca --left IPA_SERVER_A --right IPA_SERVER_B\n" -msgstr "" - -msgid "" -"\n" -" List all topology segments in 'domain' suffix:\n" -" ipa topologysegment-find domain\n" -msgstr "" - -msgid "" -"\n" -" List all topology segments in 'ca' suffix:\n" -" ipa topologysegment-find ca\n" -msgstr "" - -msgid "" -"\n" -" Delete topology segment in 'domain' suffix:\n" -" ipa topologysegment-del domain segment_name\n" -msgstr "" - -msgid "" -"\n" -" Delete topology segment in 'ca' suffix:\n" -" ipa topologysegment-del ca segment_name\n" -msgstr "" - -msgid "" -"\n" -" Verify topology of 'domain' suffix:\n" -" ipa topologysuffix-verify domain\n" -msgstr "" - -msgid "" -"\n" -" Verify topology of 'ca' suffix:\n" -" ipa topologysuffix-verify ca\n" -msgstr "" - -#, python-brace-format -msgid "Topology management requires minimum domain level {0} " -msgstr "" - -msgid "segment" -msgstr "" - -msgid "segments" -msgstr "" - -msgid "Topology Segments" -msgstr "" - -msgid "Topology Segment" -msgstr "" - -#, python-format -msgid "left node is not a topology node: %(leftnode)s" -msgstr "" - -#, python-format -msgid "right node is not a topology node: %(rightnode)s" -msgstr "" - -msgid "left node and right node must not be the same" -msgstr "" - -#, python-brace-format -msgid "left node ({host}) does not support suffix '{suff}'" -msgstr "" - -#, python-brace-format -msgid "right node ({host}) does not support suffix '{suff}'" -msgstr "" - -#, python-format -msgid "%(count)d segment matched" -msgid_plural "%(count)d segments matched" -msgstr[0] "" - -#, python-format -msgid "Added segment \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Deleted segment \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Modified segment \"%(value)s\"" -msgstr "" - -#, python-format -msgid "%(value)s" -msgstr "" - -msgid "left or right node has to be specified" -msgstr "" - -msgid "only one node can be specified" -msgstr "" - -#, python-format -msgid "Replication refresh for segment: \"%(pkey)s\" requested." -msgstr "" - -#, python-format -msgid "Stopping of replication refresh for segment: \"%(pkey)s\" requested." -msgstr "" - -msgid "suffixes" -msgstr "" - -msgid "Topology suffixes" -msgstr "" - -msgid "Topology suffix" -msgstr "" - -#, python-format -msgid "%(count)d topology suffix matched" -msgid_plural "%(count)d topology suffixes matched" -msgstr[0] "" - -#, python-format -msgid "Deleted topology suffix \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Added topology suffix \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Modified topology suffix \"%(value)s\"" -msgstr "" - -msgid "" -"\n" -"Verify replication topology for suffix.\n" -"\n" -"Checks done:\n" -" 1. check if a topology is not disconnected. In other words if there are\n" -" replication paths between all servers.\n" -" 2. check if servers don't have more than the recommended number of\n" -" replication agreements\n" -msgstr "" - -msgid "" -"\n" -"IPA certificate operations\n" -msgstr "" - -msgid "" -"\n" -"Implements a set of commands for managing server SSL certificates.\n" -msgstr "" - -msgid "" -"\n" -"Certificate requests exist in the form of a Certificate Signing Request " -"(CSR)\n" -"in PEM format.\n" -msgstr "" - -msgid "" -"\n" -"The dogtag CA uses just the CN value of the CSR and forces the rest of the\n" -"subject to values configured in the server.\n" -msgstr "" - -msgid "" -"\n" -"A certificate is stored with a service principal and a service principal\n" -"needs a host.\n" -msgstr "" - -msgid "" -"\n" -"In order to request a certificate:\n" -msgstr "" - -msgid "" -"\n" -"* The host must exist\n" -"* The service must exist (or you use the --add option to automatically add " -"it)\n" -msgstr "" - -msgid "" -"\n" -"SEARCHING:\n" -msgstr "" - -msgid "" -"\n" -"Certificates may be searched on by certificate subject, serial number,\n" -"revocation reason, validity dates and the issued date.\n" -msgstr "" - -msgid "" -"\n" -"When searching on dates the _from date does a >= search and the _to date\n" -"does a <= search. When combined these are done as an AND.\n" -msgstr "" - -msgid "" -"\n" -"Dates are treated as GMT to match the dates in the certificates.\n" -msgstr "" - -msgid "" -"\n" -"The date format is YYYY-mm-dd.\n" -msgstr "" - -msgid "" -"\n" -" Request a new certificate and add the principal:\n" -" ipa cert-request --add --principal=HTTP/lion.example.com example.csr\n" -msgstr "" - -msgid "" -"\n" -" Retrieve an existing certificate:\n" -" ipa cert-show 1032\n" -msgstr "" - -msgid "" -"\n" -" Revoke a certificate (see RFC 5280 for reason details):\n" -" ipa cert-revoke --revocation-reason=6 1032\n" -msgstr "" - -msgid "" -"\n" -" Remove a certificate from revocation hold status:\n" -" ipa cert-remove-hold 1032\n" -msgstr "" - -msgid "" -"\n" -" Check the status of a signing request:\n" -" ipa cert-status 10\n" -msgstr "" - -msgid "" -"\n" -" Search for certificates by hostname:\n" -" ipa cert-find --subject=ipaserver.example.com\n" -msgstr "" - -msgid "" -"\n" -" Search for revoked certificates by reason:\n" -" ipa cert-find --revocation-reason=5\n" -msgstr "" - -msgid "" -"\n" -" Search for certificates based on issuance date\n" -" ipa cert-find --issuedon-from=2013-02-01 --issuedon-to=2013-02-07\n" -msgstr "" - -msgid "" -"\n" -" Search for certificates owned by a specific user:\n" -" ipa cert-find --user=user\n" -msgstr "" - -msgid "" -"\n" -" Examine a certificate:\n" -" ipa cert-find --file=cert.pem --all\n" -msgstr "" - -msgid "" -"\n" -" Verify that a certificate is owned by a specific user:\n" -" ipa cert-find --file=cert.pem --user=user\n" -msgstr "" - -msgid "" -"\n" -"IPA currently immediately issues (or declines) all certificate requests so\n" -"the status of a request is not normally useful. This is for future use\n" -"or the case where a CA does not immediately issue a certificate.\n" -msgstr "" - -msgid "" -"\n" -"The following revocation reasons are supported:\n" -"\n" -msgstr "" - -msgid " * 0 - unspecified\n" -msgstr "" - -msgid " * 1 - keyCompromise\n" -msgstr "" - -msgid " * 2 - cACompromise\n" -msgstr "" - -msgid " * 3 - affiliationChanged\n" -msgstr "" - -msgid " * 4 - superseded\n" -msgstr "" - -msgid " * 5 - cessationOfOperation\n" -msgstr "" - -msgid " * 6 - certificateHold\n" -msgstr "" - -msgid " * 8 - removeFromCRL\n" -msgstr "" - -msgid " * 9 - privilegeWithdrawn\n" -msgstr "" - -msgid " * 10 - aACompromise\n" -msgstr "" - -msgid "" -"\n" -"Note that reason code 7 is not used. See RFC 5280 for more details:\n" -msgstr "" - -msgid "" -"\n" -"http://www.ietf.org/rfc/rfc5280.txt\n" -"\n" -msgstr "" - -#, python-format -msgid "" -"Principal '%(principal)s' is not permitted to use CA '%(ca)s' with profile " -"'%(profile_id)s' for certificate issuance." -msgstr "" - -msgid "enabledService/configuredService not in ipaConfigString kdc entry" -msgstr "" - -#, python-format -msgid "Host '%(hostname)s' is not an active KDC" -msgstr "" - -msgid "Issuing CA" -msgstr "" - -msgid "Name of issuing CA" -msgstr "" - -msgid "Subject email address" -msgstr "" - -#, fuzzy -#| msgid "Subject" -msgid "Subject DNS name" -msgstr "Мавзӯъ" - -msgid "Subject X.400 address" -msgstr "" - -msgid "Subject directory name" -msgstr "" - -msgid "Subject EDI Party name" -msgstr "" - -#, fuzzy -#| msgid "Subject" -msgid "Subject URI" -msgstr "Мавзӯъ" - -msgid "Subject IP Address" -msgstr "" - -#, fuzzy -#| msgid "Subject" -msgid "Subject OID" -msgstr "Мавзӯъ" - -#, fuzzy -#| msgid "Subject" -msgid "Subject UPN" -msgstr "Мавзӯъ" - -msgid "Subject Kerberos principal name" -msgstr "" - -#, fuzzy -#| msgid "Server Name" -msgid "Subject Other Name" -msgstr "Номи сервер" - -#, fuzzy -#| msgid "Serial number" -msgid "Serial number (hex)" -msgstr "Рақами силсилавӣ" - -msgid "Request status" -msgstr "" - -msgid "" -"automatically add the principal if it doesn't exist (service principals only)" -msgstr "" - -#, python-format -msgid "krbtgt certs can use only the %s profile" -msgstr "" - -msgid "No Common Name was found in subject of request." -msgstr "" - -#, python-format -msgid "" -"hostname in subject of request '%(cn)s' does not match name or aliases of " -"principal '%(principal)s'" -msgstr "" - -#, python-format -msgid "" -"hostname in subject of request '%(cn)s' does not match principal hostname " -"'%(hostname)s'" -msgstr "" - -msgid "DN commonName does not match user's login" -msgstr "" - -msgid "DN emailAddress does not match any of user's email addresses" -msgstr "" - -#, python-format -msgid "" -"Insufficient 'write' privilege to the 'userCertificate' attribute of entry " -"'%s'." -msgstr "" - -#, python-format -msgid "subject alt name type %s is forbidden for user principals" -msgstr "" - -#, python-format -msgid "" -"The service principal for subject alt name %s in certificate request does " -"not exist" -msgstr "" - -#, python-format -msgid "" -"Insufficient privilege to create a certificate with subject alt name '%s'." -msgstr "" - -#, python-format -msgid "Principal '%s' in subject alt name does not match requested principal" -msgstr "" - -msgid "RFC822Name does not match any of user's email addresses" -msgstr "" - -#, python-format -msgid "subject alt name type %s is forbidden for non-user principals" -msgstr "" - -#, python-format -msgid "Subject alt name type %s is forbidden" -msgstr "" - -#, python-format -msgid "CA '%s' is disabled" -msgstr "" - -msgid "'add' option" -msgstr "" - -#, python-format -msgid "IP address in subjectAltName (%s) unreachable from DNS names" -msgstr "" - -#, python-format -msgid "IP address in subjectAltName (%s) does not have PTR record" -msgstr "" - -#, python-format -msgid "PTR record for SAN IP (%s) does not match A/AAAA records" -msgstr "" - -msgid "Revoked" -msgstr "" - -msgid "" -"Reason for revoking the certificate (0-10). Type \"ipa help cert\" for " -"revocation reason details. " -msgstr "" - -#, python-format -msgid "Owner %s" -msgstr "" - -#, python-format -msgid "" -"Certificate with serial number %(serial)s issued by CA '%(ca)s' not found" -msgstr "" - -msgid "7 is not a valid revocation reason" -msgstr "" - -msgid "Results should contain primary key attribute only (\"certificate\")" -msgstr "" - -#, python-format -msgid "%(count)d certificate matched" -msgid_plural "%(count)d certificates matched" -msgstr[0] "" - -#, python-format -msgid "Search for certificates with these owner %s." -msgstr "" - -#, python-format -msgid "Search for certificates without these owner %s." -msgstr "" - -msgid "" -"\n" -"Auto Membership Rule.\n" -msgstr "" - -msgid "" -"\n" -"Bring clarity to the membership of hosts and users by configuring inclusive\n" -"or exclusive regex patterns, you can automatically assign a new entries " -"into\n" -"a group or hostgroup based upon attribute information.\n" -msgstr "" - -msgid "" -"\n" -"A rule is directly associated with a group by name, so you cannot create\n" -"a rule without an accompanying group or hostgroup.\n" -msgstr "" - -msgid "" -"\n" -"A condition is a regular expression used by 389-ds to match a new incoming\n" -"entry with an automember rule. If it matches an inclusive rule then the\n" -"entry is added to the appropriate group or hostgroup.\n" -msgstr "" - -msgid "" -"\n" -"A default group or hostgroup could be specified for entries that do not\n" -"match any rule. In case of user entries this group will be a fallback group\n" -"because all users are by default members of group specified in IPA config.\n" -msgstr "" - -msgid "" -"\n" -"The automember-rebuild command can be used to retroactively run automember " -"rules\n" -"against existing entries, thus rebuilding their membership.\n" -msgstr "" - -msgid "" -"\n" -" Add the initial group or hostgroup:\n" -" ipa hostgroup-add --desc=\"Web Servers\" webservers\n" -" ipa group-add --desc=\"Developers\" devel\n" -msgstr "" - -msgid "" -"\n" -" Add the initial rule:\n" -" ipa automember-add --type=hostgroup webservers\n" -" ipa automember-add --type=group devel\n" -msgstr "" - -msgid "" -"\n" -" Add a condition to the rule:\n" -" ipa automember-add-condition --key=fqdn --type=hostgroup --inclusive-" -"regex=^web[1-9]+\\.example\\.com webservers\n" -" ipa automember-add-condition --key=manager --type=group --inclusive-" -"regex=^uid=mscott devel\n" -msgstr "" - -msgid "" -"\n" -" Add an exclusive condition to the rule to prevent auto assignment:\n" -" ipa automember-add-condition --key=fqdn --type=hostgroup --exclusive-" -"regex=^web5\\.example\\.com webservers\n" -msgstr "" - -msgid "" -"\n" -" Add a host:\n" -" ipa host-add web1.example.com\n" -msgstr "" - -msgid "" -"\n" -" Add a user:\n" -" ipa user-add --first=Tim --last=User --password tuser1 --manager=mscott\n" -msgstr "" - -msgid "" -"\n" -" Verify automembership:\n" -" ipa hostgroup-show webservers\n" -" Host-group: webservers\n" -" Description: Web Servers\n" -" Member hosts: web1.example.com\n" -"\n" -" ipa group-show devel\n" -" Group name: devel\n" -" Description: Developers\n" -" GID: 1004200000\n" -" Member users: tuser\n" -msgstr "" - -msgid "" -"\n" -" Remove a condition from the rule:\n" -" ipa automember-remove-condition --key=fqdn --type=hostgroup --inclusive-" -"regex=^web[1-9]+\\.example\\.com webservers\n" -msgstr "" - -msgid "" -"\n" -" Modify the automember rule:\n" -" ipa automember-mod\n" -msgstr "" - -msgid "" -"\n" -" Set the default (fallback) target group:\n" -" ipa automember-default-group-set --default-group=webservers --" -"type=hostgroup\n" -" ipa automember-default-group-set --default-group=ipausers --type=group\n" -msgstr "" - -msgid "" -"\n" -" Remove the default (fallback) target group:\n" -" ipa automember-default-group-remove --type=hostgroup\n" -" ipa automember-default-group-remove --type=group\n" -msgstr "" - -msgid "" -"\n" -" Show the default (fallback) target group:\n" -" ipa automember-default-group-show --type=hostgroup\n" -" ipa automember-default-group-show --type=group\n" -msgstr "" - -msgid "" -"\n" -" Find all of the automember rules:\n" -" ipa automember-find\n" -msgstr "" - -msgid "" -"\n" -" Find all of the orphan automember rules:\n" -" ipa automember-find-orphans --type=hostgroup\n" -" Find all of the orphan automember rules and remove them:\n" -" ipa automember-find-orphans --type=hostgroup --remove\n" -msgstr "" - -msgid "" -"\n" -" Display a automember rule:\n" -" ipa automember-show --type=hostgroup webservers\n" -" ipa automember-show --type=group devel\n" -msgstr "" - -msgid "" -"\n" -" Delete an automember rule:\n" -" ipa automember-del --type=hostgroup webservers\n" -" ipa automember-del --type=group devel\n" -msgstr "" - -msgid "" -"\n" -" Rebuild membership for all users:\n" -" ipa automember-rebuild --type=group\n" -msgstr "" - -msgid "" -"\n" -" Rebuild membership for all hosts:\n" -" ipa automember-rebuild --type=hostgroup\n" -msgstr "" - -msgid "" -"\n" -" Rebuild membership for specified users:\n" -" ipa automember-rebuild --users=tuser1 --users=tuser2\n" -msgstr "" - -msgid "" -"\n" -" Rebuild membership for specified hosts:\n" -" ipa automember-rebuild --hosts=web1.example.com --hosts=web2.example." -"com\n" -msgstr "" - -msgid "Auto Membership Rule" -msgstr "" - -#, fuzzy, python-format -#| msgid "File %(file)s not found" -msgid "%(otype)s \"%(oname)s\" not found" -msgstr "Файли %(file)s пайдо нашуд." - -#, python-format -msgid "%s is not a valid attribute." -msgstr "" - -msgid "" -"\n" -" Add an automember rule.\n" -" " -msgstr "" - -#, python-format -msgid "Added automember rule \"%(value)s\"" -msgstr "" - -msgid "Auto Membership is not configured" -msgstr "" - -msgid "" -"\n" -" Add conditions to an automember rule.\n" -" " -msgstr "" - -#, python-format -msgid "Added condition(s) to \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Auto member rule: %s not found!" -msgstr "" - -msgid "" -"\n" -" Override this so we can add completed and failed to the return " -"result.\n" -" " -msgstr "" - -msgid "" -"\n" -" Remove conditions from an automember rule.\n" -" " -msgstr "" - -#, python-format -msgid "Removed condition(s) from \"%(value)s\"" -msgstr "" - -msgid "" -"\n" -" Override this so we can set completed and failed.\n" -" " -msgstr "" - -msgid "" -"\n" -" Modify an automember rule.\n" -" " -msgstr "" - -#, python-format -msgid "Modified automember rule \"%(value)s\"" -msgstr "" - -msgid "" -"\n" -" Delete an automember rule.\n" -" " -msgstr "" - -#, python-format -msgid "Deleted automember rule \"%(value)s\"" -msgstr "" - -msgid "" -"\n" -" Search for automember rules.\n" -" " -msgstr "" - -#, python-format -msgid "%(count)d rules matched" -msgid_plural "%(count)d rules matched" -msgstr[0] "" - -msgid "" -"\n" -" Display information about an automember rule.\n" -" " -msgstr "" - -msgid "" -"\n" -" Set default (fallback) group for all unmatched entries.\n" -" " -msgstr "" - -#, python-format -msgid "Set default (fallback) group for automember \"%(value)s\"" -msgstr "" - -msgid "" -"\n" -" Remove default (fallback) group for all unmatched entries.\n" -" " -msgstr "" - #, python-format -msgid "Removed default (fallback) group for automember \"%(value)s\"" -msgstr "" - -msgid "No default (fallback) group set" -msgstr "" +msgid "%(info)s" +msgstr "%(info)s" -msgid "" -"\n" -" Display information about the default (fallback) automember groups.\n" -" " -msgstr "" +msgid "ACI name" +msgstr "Номи ACI" -msgid "Task DN" -msgstr "" +msgid "ACI prefix" +msgstr "Префикси ACI" -msgid "DN of the started task" -msgstr "" +msgid "ACIs" +msgstr "ACIs" -msgid "at least one of options: type, users, hosts must be specified" -msgstr "" +msgid "Add" +msgstr "Илова кардан" -msgid "users and hosts cannot both be set" -msgstr "" +msgid "Allow" +msgstr "Иҷозат додан" -msgid "hosts cannot be set when type is 'group'" -msgstr "" +msgid "Already registered" +msgstr "Ааллакай қайд карда шуд" -msgid "users cannot be set when type is 'hostgroup'" -msgstr "" +msgid "Attribute" +msgstr "Аттрибут" -msgid "Automember rebuild membership task started" -msgstr "" +msgid "Attributes" +msgstr "Аттрибутҳо" -#, python-format -msgid "Task DN = '%s'" -msgstr "" +msgid "Audit" +msgstr "Назорат" -msgid "" -"\n" -" Search for orphan automember rules. The command might need to be run as\n" -" a privileged user user to get all orphan rules.\n" -" " -msgstr "" +msgid "Available" +msgstr "Дастрас" -msgid "Remove orphan automember rules" -msgstr "" +msgid "Cancel" +msgstr "Бекор кардан" -msgid "Member service groups" -msgstr "" +msgid "City" +msgstr "Шаҳр" -msgid "Member HBAC service groups" -msgstr "" +msgid "Class" +msgstr "Синф" -msgid "Member ID user overrides" -msgstr "" +msgid "Close" +msgstr "Пӯшидан" -msgid "Indirect Member ID user overrides" -msgstr "" +msgid "Commands" +msgstr "Фармонҳо" -msgid "Indirect Member permissions" -msgstr "" +msgid "Configuration" +msgstr "Ҷӯрсозӣ" -msgid "Indirect Member HBAC service" -msgstr "" +msgid "Data" +msgstr "Маълумот" -msgid "Indirect Member HBAC service group" -msgstr "" +msgid "Delete" +msgstr "Нест кардан" -msgid "Invalid format. Should be name=value" -msgstr "" +msgid "Delete all?" +msgstr "Ҳамаро нест мекунед?" -msgid "An IPA master host cannot be deleted or disabled" -msgstr "" +msgid "Description" +msgstr "Шарҳ" -#, fuzzy -#| msgid "Entry" -msgid "entry" -msgstr "Вуруд" +msgid "Display name" +msgstr "Номи намоишӣ" -msgid "entries" -msgstr "" +msgid "Enabled" +msgstr "Фаъолшуда" msgid "Entry" -msgstr "Вуруд" - -#, python-format -msgid "container entry (%(container)s) not found" -msgstr "" - -#, fuzzy, python-format -#| msgid "File %(file)s not found" -msgid "%(parent)s: %(oname)s not found" -msgstr "Файли %(file)s пайдо нашуд." - -#, python-format -msgid "%(oname)s with name \"%(pkey)s\" already exists" -msgstr "" - -#, python-format -msgid "attribute \"%(attribute)s\" not allowed" -msgstr "" - -#, python-format -msgid "these attributes are not allowed: %(attrs)s" -msgstr "" - -msgid "attribute is not configurable" -msgstr "" - -msgid "No such attribute on this entry" -msgstr "" - -#, python-format -msgid "Rename the %(ldap_obj_name)s object" -msgstr "" - -msgid "the entry was deleted while being modified" -msgstr "" - -#, python-format -msgid "%s" -msgstr "" - -#, python-format -msgid "%s to add" -msgstr "" - -#, python-format -msgid "%s to remove" -msgstr "" - -#, python-format -msgid "" -"Search for %(searched_object)s with these %(relationship)s %(ldap_object)s." -msgstr "" - -#, python-format -msgid "" -"Search for %(searched_object)s without these %(relationship)s " -"%(ldap_object)s." -msgstr "" - -#, python-format -msgid "added attribute value to entry %(value)s" -msgstr "" - -#, python-format -msgid "removed attribute values from entry %(value)s" -msgstr "" - -msgid "one or more values to remove" -msgstr "" - -msgid "" -"\n" -"Baseuser\n" -"\n" -"This contains common definitions for user/stageuser\n" -msgstr "" - -msgid "must be TRUE or FALSE" -msgstr "" - -msgid "" -"Object class ipaNTUserAttrs is missing, user entry cannot have SMB " -"attributes." -msgstr "" - -msgid "User password expiration" -msgstr "" - -msgid "SMB logon script path" -msgstr "" - -msgid "SMB profile path" -msgstr "" - -msgid "SMB Home Directory" -msgstr "" - -msgid "SMB Home Directory Drive" -msgstr "" - -#, python-format -msgid "invalid e-mail format: %(email)s" -msgstr "" - -#, fuzzy, python-format -#| msgid "File %(file)s not found" -msgid "manager %(manager)s not found" -msgstr "Файли %(file)s пайдо нашуд." - -msgid "Issuer of the certificate" -msgstr "" - -msgid "Subject of the certificate" -msgstr "" - -msgid "cannot have an empty subject" -msgstr "" - -msgid "cannot specify both subject/issuer and certificate" -msgstr "" - -msgid "cannot specify both subject/issuer and ipacertmapdata" -msgstr "" - -#, python-format -msgid "Added certificate mappings to user \"%(value)s\"" -msgstr "" - -#, python-format -msgid "Removed certificate mappings from user \"%(value)s\"" -msgstr "" - -msgid "" -"\n" -"Groups of hosts.\n" -"\n" -"Manage groups of hosts. This is useful for applying access control to a\n" -"number of hosts by using Host-based Access Control.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a new host group:\n" -" ipa hostgroup-add --desc=\"Baltimore hosts\" baltimore\n" -"\n" -" Add another new host group:\n" -" ipa hostgroup-add --desc=\"Maryland hosts\" maryland\n" -"\n" -" Add members to the hostgroup (using Bash brace expansion):\n" -" ipa hostgroup-add-member --hosts={box1,box2,box3} baltimore\n" -"\n" -" Add a hostgroup as a member of another hostgroup:\n" -" ipa hostgroup-add-member --hostgroups=baltimore maryland\n" -"\n" -" Remove a host from the hostgroup:\n" -" ipa hostgroup-remove-member --hosts=box2 baltimore\n" -"\n" -" Display a host group:\n" -" ipa hostgroup-show baltimore\n" -"\n" -" Add a member manager:\n" -" ipa hostgroup-add-member-manager --users=user1 baltimore\n" -"\n" -" Remove a member manager\n" -" ipa hostgroup-remove-member-manager --users=user1 baltimore\n" -"\n" -" Delete a hostgroup:\n" -" ipa hostgroup-del baltimore\n" -msgstr "" - -#, fuzzy -#| msgid "User group" -msgid "host groups" -msgstr "Гурӯҳи корбар" - -#, fuzzy -#| msgid "Group" -msgid "Host Group" -msgstr "Гурӯҳ" - -#, python-format -msgid "Added hostgroup \"%(value)s\"" -msgstr "" - -#, python-format -msgid "" -"netgroup with name \"%s\" already exists. Hostgroups and netgroups share a " -"common namespace" -msgstr "" - -#, python-format -msgid "Deleted hostgroup \"%(value)s\"" -msgstr "" - -#, fuzzy -#| msgid "User group" -msgid "hostgroup" -msgstr "Гурӯҳи корбар" - -msgid "privileged hostgroup" -msgstr "" - -#, python-format -msgid "Modified hostgroup \"%(value)s\"" -msgstr "" - -#, python-format -msgid "%(count)d hostgroup matched" -msgid_plural "%(count)d hostgroups matched" -msgstr[0] "" - -msgid "Add users that can manage members of this hostgroup." -msgstr "" - -msgid "Remove users that can manage members of this hostgroup." -msgstr "" - -msgid "" -"\n" -"Migration to IPA\n" -"\n" -"Migrate users and groups from an LDAP server to IPA.\n" -"\n" -"This performs an LDAP query against the remote server searching for\n" -"users and groups in a container. In order to migrate passwords you need\n" -"to bind as a user that can read the userPassword attribute on the remote\n" -"server. This is generally restricted to high-level admins such as\n" -"cn=Directory Manager in 389-ds (this is the default bind user).\n" -"\n" -"The default user container is ou=People.\n" -"\n" -"The default group container is ou=Groups.\n" -"\n" -"Users and groups that already exist on the IPA server are skipped.\n" -"\n" -"Two LDAP schemas define how group members are stored: RFC2307 and\n" -"RFC2307bis. RFC2307bis uses member and uniquemember to specify group\n" -"members, RFC2307 uses memberUid. The default schema is RFC2307bis.\n" -"\n" -"The schema compat feature allows IPA to reformat data for systems that\n" -"do not support RFC2307bis. It is recommended that this feature is disabled\n" -"during migration to reduce system overhead. It can be re-enabled after\n" -"migration. To migrate with it enabled use the \"--with-compat\" option.\n" -"\n" -"Migrated users do not have Kerberos credentials, they have only their\n" -"LDAP password. To complete the migration process, users need to go\n" -"to http://ipa.example.com/ipa/migration and authenticate using their\n" -"LDAP password in order to generate their Kerberos credentials.\n" -"\n" -"Migration is disabled by default. Use the command ipa config-mod to\n" -"enable it:\n" -"\n" -" ipa config-mod --enable-migration=TRUE\n" -"\n" -"If a base DN is not provided with --basedn then IPA will use either\n" -"the value of defaultNamingContext if it is set or the first value\n" -"in namingContexts set in the root of the remote LDAP server.\n" -"\n" -"Users are added as members to the default user group. This can be a\n" -"time-intensive task so during migration this is done in a batch\n" -"mode for every 100 users. As a result there will be a window in which\n" -"users will be added to IPA but will not be members of the default\n" -"user group.\n" -"\n" -"EXAMPLES:\n" -"\n" -" The simplest migration, accepting all defaults:\n" -" ipa migrate-ds ldap://ds.example.com:389\n" -"\n" -" Specify the user and group container. This can be used to migrate user\n" -" and group data from an IPA v1 server:\n" -" ipa migrate-ds --user-container='cn=users,cn=accounts' \\\n" -" --group-container='cn=groups,cn=accounts' \\\n" -" ldap://ds.example.com:389\n" -"\n" -" Since IPA v2 server already contain predefined groups that may collide " -"with\n" -" groups in migrated (IPA v1) server (for example admins, ipausers), users\n" -" having colliding group as their primary group may happen to belong to\n" -" an unknown group on new IPA v2 server.\n" -" Use --group-overwrite-gid option to overwrite GID of already existing " -"groups\n" -" to prevent this issue:\n" -" ipa migrate-ds --group-overwrite-gid \\\n" -" --user-container='cn=users,cn=accounts' \\\n" -" --group-container='cn=groups,cn=accounts' \\\n" -" ldap://ds.example.com:389\n" -"\n" -" Migrated users or groups may have object class and accompanied attributes\n" -" unknown to the IPA v2 server. These object classes and attributes may be\n" -" left out of the migration process:\n" -" ipa migrate-ds --user-container='cn=users,cn=accounts' \\\n" -" --group-container='cn=groups,cn=accounts' \\\n" -" --user-ignore-objectclass=radiusprofile \\\n" -" --user-ignore-attribute=radiusgroupname \\\n" -" ldap://ds.example.com:389\n" -"\n" -"LOGGING\n" -"\n" -"Migration will log warnings and errors to the Apache error log. This\n" -"file should be evaluated post-migration to correct or investigate any\n" -"issues that were discovered.\n" -"\n" -"For every 100 users migrated an info-level message will be displayed to\n" -"give the current progress and duration to make it possible to track\n" -"the progress of migration.\n" -"\n" -"If the log level is debug, either by setting debug = True in\n" -"/etc/ipa/default.conf or /etc/ipa/server.conf, then an entry will be " -"printed\n" -"for each user added plus a summary when the default user group is\n" -"updated.\n" -msgstr "" - -#, python-format -msgid "" -"Kerberos principal %s already exists. Use 'ipa user-mod' to set it manually." -msgstr "" - -#, python-format -msgid "" -"Unable to determine if Kerberos principal %s already exists. Use 'ipa user-" -"mod' to set it manually." -msgstr "" - -msgid "" -"Failed to add user to the default group. Use 'ipa group-add-member' to add " -"manually." -msgstr "" - -msgid "Migration of LDAP search reference is not supported." -msgstr "" - -msgid "Malformed DN" -msgstr "" - -#, python-format -msgid "%(user)s is not a POSIX user" -msgstr "" - -msgid "" -". Check GID of the existing group. Use --group-overwrite-gid option to " -"overwrite the GID" -msgstr "" - -msgid "Invalid LDAP URI." -msgstr "" - -#, python-format -msgid "%s to exclude from migration" -msgstr "" - -msgid "" -"search results for objects to be migrated\n" -"have been truncated by the server;\n" -"migration process might be incomplete\n" -msgstr "" - -#, python-format -msgid "" -"%(container)s LDAP search did not return any result (search base: " -"%(search_base)s, objectclass: %(objectclass)s)" -msgstr "" - -msgid "Failed to authenticate to CA REST API" -msgstr "" - -msgid "REST API is not logged in." -msgstr "" - -#, python-format -msgid "Non-2xx response from CA REST API: %(status)d. %(explanation)s" -msgstr "" - -msgid "Unable to communicate with CMS" -msgstr "" - -msgid "Response from CA was not valid JSON" -msgstr "" - -msgid "" -"\n" -"Classes to manage trust joins using DCE-RPC calls\n" -"\n" -"The code in this module relies heavily on samba4-python package\n" -"and Samba4 python bindings.\n" -msgstr "" - -msgid "CIFS server denied your credentials" -msgstr "" - -msgid "communication with CIFS server was unsuccessful" -msgstr "" - -msgid "AD domain controller" -msgstr "" - -msgid "unsupported functional level" -msgstr "" - -msgid "" -"AD domain controller complains about communication sequence. It may mean " -"unsynchronized time on both sides, for example" -msgstr "" - -msgid "Cannot find specified domain or server name" -msgstr "" +msgstr "Вуруд" -msgid "" -"AD DC was unable to reach any IPA domain controller. Most likely it is a DNS " -"or firewall issue" -msgstr "" +msgid "Error" +msgstr "Хатогӣ" -msgid "At least the domain or IP address should be specified" -msgstr "" +msgid "Fax Number" +msgstr "Рақами факс" #, python-format -msgid "" -"CIFS server communication error: code \"%(num)s\", message \"%(message)s" -"\" (both may be \"None\")" -msgstr "" +msgid "File %(file)s not found" +msgstr "Файли %(file)s пайдо нашуд." -msgid "no trusted domain is configured" -msgstr "" +msgid "Filter" +msgstr "Полоишгар" -msgid "domain is not configured" -msgstr "" +msgid "Find" +msgstr "Ёфтан" -msgid "SID is not valid" -msgstr "" +msgid "First name" +msgstr "Ном" -msgid "SID does not match exactlywith any trusted domain's SID" -msgstr "" +msgid "Force" +msgstr "Маҷбурӣ" -msgid "SID does not match any trusted domain" -msgstr "" +msgid "General" +msgstr "Умумӣ" -msgid "Trust setup" -msgstr "" +msgid "Get" +msgstr "Гирифтан" -msgid "Our domain is not configured" -msgstr "" +msgid "Group" +msgstr "Гурӯҳ" -msgid "No trusted domain is not configured" -msgstr "" +msgid "Groups" +msgstr "Гуруҳҳо" -msgid "trusted domain object" -msgstr "" +msgid "Host Name" +msgstr "Номи мизбон" -msgid "domain is not trusted" -msgstr "" +msgid "Host name" +msgstr "Номи мизбон" -msgid "no trusted domain matched the specified flat name" -msgstr "" +msgid "Hostname" +msgstr "Номи мизбон" -msgid "trusted domain object not found" -msgstr "" +msgid "IPA Server" +msgstr "Сервери IPA" -msgid "Object does not belong to a trusted domain" -msgstr "" +msgid "Initials" +msgstr "Ному насаб" -msgid "SSSD was unable to resolve the object to a valid SID" -msgstr "" +msgid "Issue" +msgstr "Барориш" -msgid "Ambiguous search, user domain was not specified" -msgstr "" +msgid "Issued By" +msgstr "Додааст:" -msgid "Trusted domain did not return a unique object" -msgstr "" +msgid "Issued To" +msgstr "Додашудааст ба:" -msgid "Trusted domain did not return a valid SID for the object" -msgstr "" +msgid "Issuer" +msgstr "Диҳанда" -msgid "trusted domain user not found" -msgstr "" +msgid "Job Title" +msgstr "Вазифа" -msgid "Cannot retrieve trusted domain GC list" -msgstr "" +msgid "Key" +msgstr "Тугма" -msgid "CIFS credentials object" -msgstr "" +msgid "LDAP DN" +msgstr "LDAP DN" -#, python-format -msgid "CIFS server %(host)s denied your credentials" -msgstr "" +msgid "LDAP password" +msgstr "Пароли LDAP" -#, python-format -msgid "Cannot establish LSA connection to %(host)s. Is CIFS server running?" -msgstr "" +msgid "Last name" +msgstr "Насаб" -#, python-format -msgid "" -"the IPA server and the remote domain cannot share the same NetBIOS name: %s" -msgstr "" +msgid "Location" +msgstr "Макон" -#, python-brace-format -msgid "" -"There is already a trust to {ipa_domain} with unsupported type {trust_type}. " -"Please remove it manually on AD DC side." -msgstr "" +msgid "Manager" +msgstr "Диспетчер" -#, python-format -msgid "" -"IPA master denied trust validation requests from AD DC %(count)d times. Most " -"likely AD DC contacted a replica that has no trust information replicated " -"yet. Additionally, please check that AD DNS is able to resolve %(records)s " -"SRV records to the correct IPA server." -msgstr "" +msgid "New Password" +msgstr "Пароли нав" -#, fuzzy -#| msgid "Initials" -msgid "Credentials" -msgstr "Ному насаб" +msgid "Note" +msgstr "Эзоҳ" -msgid "Missing credentials for cross-forest communication" -msgstr "" +msgid "OK" +msgstr "Хуб" -msgid "Trusting forest" -msgstr "" +msgid "Organization" +msgstr "Ташкилот" -msgid "Trusted forest" -msgstr "" +#, c-format +msgid "Out of Memory!\n" +msgstr "Берун аз хотира!\n" -msgid "Established and verified" -msgstr "" +msgid "Out of memory\n" +msgstr "Берун аз хотира \n" -msgid "Waiting for confirmation by remote side" -msgstr "" +#, c-format +msgid "Out of memory \n" +msgstr "Берун аз хотира \n" -msgid "Unknown" -msgstr "" +#, c-format +msgid "Out of memory!" +msgstr "Берун аз хотира!" -msgid "Non-Active Directory domain" -msgstr "" +#, c-format +msgid "Out of memory!\n" +msgstr "Берун аз хотира!\n" -msgid "RFC4120-compliant Kerberos realm" -msgstr "" +msgid "Out of memory!?\n" +msgstr "Аз хотира берун шуд!?\n" -msgid "" -"Non-transitive external trust to a domain in another Active Directory forest" -msgstr "" +msgid "Password" +msgstr "Парол" -msgid "Non-transitive external trust to an RFC4120-compliant Kerberos realm" -msgstr "" +msgid "Passwords do not match" +msgstr "Паролҳо номувофиқанд" -#, python-format -msgid "" -"\n" -"Replication topology in suffix '%(suffix)s' is disconnected:\n" -"%(errors)s" -msgstr "" +msgid "Passwords do not match!" +msgstr "Паролҳо номувофиқанд!" -#, python-format -msgid "" -"\n" -"Removal of '%(hostname)s' leads to disconnected topology in suffix " -"'%(suffix)s':\n" -"%(errors)s" -msgstr "" +msgid "Permission" +msgstr "Иҷозат" -#, python-format -msgid "Topology does not allow server %(server)s to replicate with servers:" -msgstr "" +msgid "Permissions" +msgstr "Иҷозатҳо" -msgid "Request must be a dict" -msgstr "" +msgid "Policy" +msgstr "Сиёсат" -msgid "Request is missing \"method\"" -msgstr "" +msgid "Principal" +msgstr "Асосӣ" -msgid "Request is missing \"params\"" -msgstr "" +msgid "Rename" +msgstr "Азнавномгузорӣ" -msgid "params must be a list" -msgstr "" +msgid "Reset" +msgstr "Бозсозӣ" -msgid "params must contain [args, options]" -msgstr "" +msgid "Restore" +msgstr "Барқароркунӣ" -msgid "params[0] (aka args) must be a list" -msgstr "" +msgid "Retry" +msgstr "Кӯшиш" -msgid "params[1] (aka options) must be a dict" -msgstr "" +msgid "Search" +msgstr "Ҷустуҷӯ" -#, python-format -msgid "all masters must have %(role)s role enabled" -msgstr "" +msgid "Select All" +msgstr "Интихоби ҳама" -#, python-format -msgid "must have %(role)s role enabled" -msgstr "" +msgid "Serial Number" +msgstr "Рақами силсилавӣ" -msgid "must be enabled only on a single master" -msgstr "" +msgid "Serial number" +msgstr "Рақами силсилавӣ" -#, python-format -msgid "must equal %r" -msgstr "" +msgid "Server Name" +msgstr "Номи сервер" -msgid "Hello world" -msgstr "" +msgid "Service" +msgstr "Хидмат" -#, python-format -msgid "%s: RADIUS proxy server not found" -msgstr "" +msgid "Settings" +msgstr "Танзимотҳо" -#, python-format -msgid "RADIUS proxy server with name \"%s\" already exists" -msgstr "" +msgid "Status" +msgstr "Ҳолат" -msgid "must be at least 1" -msgstr "" +msgid "Subject" +msgstr "Мавзӯъ" -msgid "Out of memory\n" -msgstr "Берун аз хотира \n" +msgid "Sudo" +msgstr "Sudo" -msgid "Warning unrecognized encryption type.\n" -msgstr "" +#, python-format +msgid "Syntax Error: %(error)s" +msgstr "Хатогии синтаксисӣ: %(error)s" -msgid "Warning unrecognized salt type.\n" -msgstr "" +msgid "Target" +msgstr "Мақсад" -msgid "Out of memory!?\n" -msgstr "Аз хотира берун шуд!?\n" +msgid "Type" +msgstr "Намуд" -msgid "Enctype comparison failed!\n" -msgstr "" +msgid "Update" +msgstr "Ҷадидсозӣ" -#, fuzzy -#| msgid "Passwords do not match!" -msgid "Password is too long!\n" -msgstr "Паролҳо номувофиқанд!" +msgid "User" +msgstr "Корбар" -msgid "Failed to create random key!\n" -msgstr "" +msgid "User group" +msgstr "Гурӯҳи корбар" -msgid "Failed to create key!\n" -msgstr "" +msgid "User name" +msgstr "Номи корбар" -msgid "Bad or unsupported salt type.\n" -msgstr "" +msgid "Username" +msgstr "Номи корбар" -#, c-format -msgid "Unable to initialize connection to ldap server %1$s: %2$s\n" -msgstr "" +msgid "Validity" +msgstr "Саҳеҳият" -msgid "Unable to set LDAP_OPT_PROTOCOL_VERSION\n" -msgstr "" +msgid "View" +msgstr "Намоиш" -msgid "Unable to set LDAP_OPT_X_SASL_NOCANON\n" -msgstr "" +msgid "ZIP" +msgstr "Рамзи ZIP" -msgid "Unable to set LDAP_OPT_X_TLS_CACERTFILE\n" -msgstr "" +msgid "description" +msgstr "шарҳ" -msgid "Unable to set LDAP_OPT_X_TLS_REQUIRE_CERT\n" -msgstr "" +msgid "filename" +msgstr "номи файл" -msgid "Unable to set LDAP_OPT_X_TLS_PROTOCOL_MIN\n" -msgstr "" +msgid "hostname" +msgstr "номи мизбон" -msgid "" -"Unable to create new TLS context (OpenSSL failed to initialize or to load " -"certificates)\n" -msgstr "" +#, c-format +msgid "out of memory\n" +msgstr "берун аз хотира\n" -msgid "Unable to initialize STARTTLS session\n" -msgstr "" +msgid "password" +msgstr "парол" -#, fuzzy -#~| msgid "Delete all?" -#~ msgid "Delete a CA." -#~ msgstr "Ҳамаро нест мекунед?" +#, c-format +msgid "read error\n" +msgstr "хатогии хониш\n"