# Martin Liu , 2015. #zanata # zhenglei , 2016. #zanata # Martin Bašti , 2017. #zanata # Pavel Vomacka , 2017. #zanata msgid "" msgstr "" "Project-Id-Version: freeipa 4.9.0.dev201908140712+gitc9938e3d8\n" "Report-Msgid-Bugs-To: https://pagure.io/freeipa/new_issue\n" "POT-Creation-Date: 2020-08-20 13:01+0300\n" "PO-Revision-Date: 2019-11-11 10:25+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Chinese (China)\n" "Language: zh_CN\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=1; plural=0\n" "X-Generator: Zanata 4.6.2\n" #, c-format msgid "Out of memory!\n" msgstr "内存不足!\n" #, c-format msgid "No permission to join this host to the IPA domain.\n" msgstr "没有权限将该主机加入到IPA域。\n" #, c-format msgid "No write permissions on keytab file '%s'\n" msgstr "在keytab文件%s中没有写权限\n" #, fuzzy, c-format #| msgid "Search for %1$s on rootdse failed with error %2$d\n" msgid "access() on %1$s failed: errno = %2$d\n" msgstr "在rootdse中查找%1$s失败,错误%2$d\n" #, c-format msgid "Out of memory!" msgstr "内存不足!" #, c-format msgid "Unable to enable SSL in LDAP\n" msgstr "在LDAP中不能启用SSL\n" #, fuzzy #| msgid "Simple bind failed\n" msgid "SASL Bind failed\n" msgstr "简单绑定失败\n" #, c-format msgid "Search for %1$s on rootdse failed with error %2$d\n" msgstr "在rootdse中查找%1$s失败,错误%2$d\n" #, c-format msgid "No values for %s" msgstr "%s没有值" #, c-format msgid "Search for IPA namingContext failed with error %d\n" msgstr "查找IPA名称上下文失败,错误%d\n" #, c-format msgid "IPA namingContext not found\n" msgstr "IPA名称上下文没有找到\n" #, c-format msgid "Unable to determine root DN of %s\n" msgstr "无法确定%s的根DN\n" #, c-format msgid "Enrollment failed. %s\n" msgstr "注册失败。%s\n" #, c-format msgid "principal not found in XML-RPC response\n" msgstr "在XML-RPC响应中找不到主体\n" #, c-format msgid "Host is already joined.\n" msgstr "主机已加入。\n" #, c-format msgid "curl_slist_append() failed for value: '%s'\n" msgstr "" #, c-format msgid "curl_easy_setopt() failed\n" msgstr "" #, c-format msgid "Expanding buffer in jsonrpc_handle_response failed" msgstr "" #, c-format msgid "curl_global_init() failed\n" msgstr "" #, c-format msgid "curl_easy_init() failed\n" msgstr "" #, fuzzy, c-format #| msgid "fork() failed\n" msgid "json_dumps() failed\n" msgstr "fork()失败\n" #, fuzzy, c-format #| msgid "Invalid JSON-RPC request: %(error)s" msgid "" "JSON-RPC request:\n" "%s\n" msgstr "无效的JSON-RPC请求: %(error)s" #, fuzzy, c-format #| msgid "Operation failed: %s\n" msgid "JSON-RPC call failed: %s\n" msgstr "操作失败:%s\n" #, c-format msgid "JSON-RPC call failed with status code: %li\n" msgstr "" #, c-format msgid "JSON-RPC call was unauthorized. Check your credentials.\n" msgstr "" #, fuzzy, c-format #| msgid "No response" msgid "" "JSON-RPC response:\n" "%s\n" msgstr "没有响应" #, c-format msgid "Extracting the error from the JSON-RPC response failed: %s\n" msgstr "" #, c-format msgid "Parsing JSON-RPC response failed: %s\n" msgstr "" #, c-format msgid "Parsing JSON-RPC response failed: no 'result' value found.\n" msgstr "" #, c-format msgid "Extracting the data from the JSON-RPC response failed: %s\n" msgstr "" #, fuzzy, c-format #| msgid "fork() failed\n" msgid "json_pack_ex() failed: %s\n" msgstr "fork()失败\n" #, c-format msgid "Unenrollment successful.\n" msgstr "取消注册成功。\n" #, c-format msgid "Unenrollment failed.\n" msgstr "取消注册失败。\n" #, c-format msgid "result not found in XML-RPC response\n" msgstr "在XML-RPC响应中找不到结果\n" #, c-format msgid "Unable to determine IPA server from %s\n" msgstr "无法从%s中确定IPA主机\n" #, c-format msgid "The hostname must be fully-qualified: %s\n" msgstr "主机名必须是完全限制的:%s\n" #, c-format msgid "The hostname must not be: %s\n" msgstr "主机名必须不能是:%s\n" #, c-format msgid "Unable to join host: Kerberos context initialization failed\n" msgstr "无法加入主机:Kerberos上下文初始化失败\n" #, c-format msgid "Unable to join host: Kerberos Credential Cache not found\n" msgstr "无法加入主机:找不到Kerberos凭证缓存\n" #, c-format msgid "" "Unable to join host: Kerberos User Principal not found and host password not " "provided.\n" msgstr "无法加入主机:找不到Kerberos用户主体并且没有提供主机密码。\n" #, c-format msgid "fork() failed\n" msgstr "fork()失败\n" #, c-format msgid "ipa-getkeytab not found\n" msgstr "ipa-getkeytab没有找到\n" #, c-format msgid "ipa-getkeytab has bad permissions?\n" msgstr "ipa-getkeytab没有权限?\n" #, c-format msgid "executing ipa-getkeytab failed, errno %d\n" msgstr "执行has bad permissions失败,错误码%d\n" #, c-format msgid "child exited with %d\n" msgstr "结果以%d退出\n" #, c-format msgid "Error resolving keytab: %s.\n" msgstr "解析keytab错误:%s。\n" #, c-format msgid "Error getting default Kerberos realm: %s.\n" msgstr "获取默认Kerberos域错误:%s。\n" #, c-format msgid "Error parsing \"%1$s\": %2$s.\n" msgstr "解析\"%1$s\":%2$s错误。\n" #, c-format msgid "Error obtaining initial credentials: %s.\n" msgstr "获取初始化证书错误:%s。\n" #, c-format msgid "Unable to generate Kerberos Credential Cache\n" msgstr "无法生成Kerberos凭证缓存\n" #, c-format msgid "Error storing creds in credential cache: %s.\n" msgstr "在凭证缓存中存储证书错误:%s。\n" msgid "Print the raw XML-RPC output in GSSAPI mode" msgstr "以GSSAPI模式打印原始的XML-RPC输出" msgid "Quiet mode. Only errors are displayed." msgstr "单用户模式。仅显示错误。" msgid "Unenroll this host from IPA server" msgstr "从IPA服务器中取消注册该主机" msgid "Hostname of this server" msgstr "该服务器的主机名" msgid "hostname" msgstr "主机名" msgid "IPA Server to use" msgstr "待使用的IPA服务器" msgid "Specifies where to store keytab information." msgstr "指定存储keytab信息的位置。" msgid "filename" msgstr "文件名" msgid "Force the host join. Rejoin even if already joined." msgstr "强制主机加入。即使已经加入了也重新加入。" msgid "LDAP password (if not using Kerberos)" msgstr "LDAP密码(如果没有使用Kerberos)" msgid "password" msgstr "密码" #, fuzzy #| msgid "LDAP password" msgid "LDAP basedn" msgstr "LDAP密码" msgid "basedn" msgstr "" #, c-format msgid "cannot open configuration file %s\n" msgstr "不能打开配置文件%s\n" #, c-format msgid "cannot stat() configuration file %s\n" msgstr "不能stat()配置文件%s\n" #, c-format msgid "out of memory\n" msgstr "内存不足\n" #, c-format msgid "read error\n" msgstr "读取错误\n" #, c-format msgid "Unable to parse principal name\n" msgstr "无法解析主体名\n" #, fuzzy, c-format #| msgid "Error parsing \"%1$s\": %2$s.\n" msgid "krb5_parse_name %1$d: %2$s\n" msgstr "解析\"%1$s\":%2$s错误。\n" #, c-format msgid "Removing principal %s\n" msgstr "删除主体%s\n" #, c-format msgid "Failed to open keytab\n" msgstr "打开keytab失败\n" #, c-format msgid "principal not found\n" msgstr "主体没有找到\n" #, c-format msgid "krb5_kt_get_entry %1$d: %2$s\n" msgstr "" #, c-format msgid "Unable to remove entry\n" msgstr "无法删除条目\n" #, c-format msgid "kvno %d\n" msgstr "" #, c-format msgid "krb5_kt_remove_entry %1$d: %2$s\n" msgstr "" #, c-format msgid "Unable to parse principal\n" msgstr "服务解析主体\n" #, c-format msgid "krb5_unparse_name %1$d: %2$s\n" msgstr "" #, c-format msgid "realm not found\n" msgstr "域找不到\n" msgid "Print debugging information" msgstr "打印调试信息" msgid "Debugging output" msgstr "调试输出" msgid "" "The principal to remove from the keytab (ex: ftp/ftp.example.com@EXAMPLE.COM)" msgstr "从keytab中待删除的主体(例如:ftp/ftp.example.com@EXAMPLE.COM)" msgid "Kerberos Service Principal Name" msgstr "Kerberos服务主体名" msgid "The keytab file to remove the principcal(s) from" msgstr "" msgid "Keytab File Name" msgstr "Keytab文件名" msgid "Remove all principals in this realm" msgstr "删除该域中的所有主体" msgid "Realm name" msgstr "域名" #, c-format msgid "Kerberos context initialization failed\n" msgstr "Kerberos文本初始化失败\n" #, c-format msgid "Failed to open keytab '%1$s': %2$s\n" msgstr "打开keytab'%1$s':%2$s失败\n" #, c-format msgid "Closing keytab failed\n" msgstr "关闭keytab失败\n" #, c-format msgid "krb5_kt_close %1$d: %2$s\n" msgstr "" #, c-format msgid "Kerberos context initialization failed: %1$s (%2$d)\n" msgstr "Kerberos文本初始化失败:%1$s (%2$d)\n" #, c-format msgid "Unable to parse principal: %1$s (%2$d)\n" msgstr "不能解析主体:%1$s (%2$d)\n" #, c-format msgid "No keys accepted by KDC\n" msgstr "没有KDC可接受的密钥\n" #, c-format msgid "Out of memory \n" msgstr "内存不足\n" #, c-format msgid "Unable to initialize ldap library!\n" msgstr "不能初始化ldap库!\n" msgid "Simple bind failed\n" msgstr "简单绑定失败\n" #, c-format msgid "Operation failed: %s\n" msgstr "操作失败:%s\n" #, c-format msgid "Failed to get result: %s\n" msgstr "获取结果失败:%s\n" #, c-format msgid "Timeout exceeded." msgstr "严重超时" #, c-format msgid "Failed to parse extended result: %s\n" msgstr "解析扩展结果失败:%s\n" #, c-format msgid "Failed to parse result: %s\n" msgstr "解析结果失败:%s\n" #, c-format msgid "Missing reply control list!\n" msgstr "缺少应答控制列表!\n" #, c-format msgid "Missing reply control!\n" msgstr "缺少应答控制!\n" #, c-format msgid "Out of Memory!\n" msgstr "内存不足!\n" #, c-format msgid "Failed to create control!\n" msgstr "创建控制失败!\n" #, c-format msgid "Failed to bind to server!\n" msgstr "绑定服务器失败!\n" #, c-format msgid "Failed to get keytab!\n" msgstr "获取keytab失败!\n" #, c-format msgid "ber_init() failed, Invalid control ?!\n" msgstr "ber_init()失败,无效的控制?!\n" #, c-format msgid "ber_scanf() failed, unable to find kvno ?!\n" msgstr "ber_scanf()失败,没有找到kvno?!\n" #, c-format msgid "Failed to retrieve encryption type type #%d\n" msgstr "检索加密类型#%d失败\n" #, c-format msgid "Failed to retrieve encryption type %1$s (#%2$d)\n" msgstr "检索加密类型%1$s (#%2$d)失败\n" #, c-format msgid "Failed to retrieve any keys" msgstr "未能检索任何密钥" msgid "Failed to decode control reply!\n" msgstr "解码控制应答失败!\n" #, fuzzy, c-format #| msgid "Passwords do not match!" msgid "Passwords do not match!\n" msgstr "密码不匹配!" #, c-format msgid "Failed to open config file %s\n" msgstr "打开配置文件%s失败\n" #, c-format msgid "Failed to parse config file %s\n" msgstr "解析配置文件%s失败\n" #, fuzzy #| msgid "Failed to open keytab\n" msgid "Failed to resolve symlink to keytab.\n" msgstr "打开keytab失败\n" msgid "keytab is a dangling symlink and owned by another user.\n" msgstr "" msgid "Print as little as possible" msgstr "打印尽可能少" msgid "Output only on errors" msgstr "仅输出错误" msgid "Contact this specific KDC Server" msgstr "无法连接指定的KDC服务器" msgid "Server Name" msgstr "服务器名" msgid "The principal to get a keytab for (ex: ftp/ftp.example.com@EXAMPLE.COM)" msgstr "为主体获取一个keytab(例如:ftp/ftp.example.com@EXAMPLE.COM)" msgid "" "The keytab file to append the new key to (will be created if it does not " "exist)." msgstr "" msgid "Encryption types to request" msgstr "加密类型要求" msgid "Comma separated encryption types list" msgstr "以逗号分隔的加密类型列表" msgid "Show the list of permitted encryption types and exit" msgstr "显示允许的加密类型列表并退出" msgid "Permitted Encryption Types" msgstr "允许的加密类型" msgid "Asks for a non-random password to use for the principal" msgstr "要求一个非随机密码用于主体" #, fuzzy #| msgid "LDAP URI" msgid "LDAP DN" msgstr "LDAP URI" msgid "DN to bind as if not using kerberos" msgstr "DN绑定好像没有使用kerberos" msgid "LDAP password" msgstr "LDAP密码" msgid "password to use if not using kerberos" msgstr "如果没有使用kerberos,则使用密码" #, fuzzy #| msgid "LDAP password" msgid "Prompt for LDAP password" msgstr "LDAP密码" #, fuzzy #| msgid "CA certificate" msgid "Path to the IPA CA certificate" msgstr "CA证书" #, fuzzy #| msgid "CA certificate" msgid "IPA CA certificate" msgstr "CA证书" msgid "LDAP uri to connect to. Mutually exclusive with --server" msgstr "" msgid "url" msgstr "" msgid "LDAP SASL bind mechanism if no bindd/bindpw" msgstr "" msgid "GSSAPI|EXTERNAL" msgstr "" msgid "Retrieve current keys without changing them" msgstr "检索当前密钥不去改变它们" #, c-format msgid "No system preferred enctypes ?!\n" msgstr "没有系统首选的加密类型?!\n" #, c-format msgid "Supported encryption types:\n" msgstr "支持的加密类型:\n" #, c-format msgid "Warning: failed to convert type (#%d)\n" msgstr "警告:转换类型失败(#%d)\n" #, c-format msgid "Bind password already provided (-w).\n" msgstr "" #, fuzzy #| msgid "LDAP password" msgid "Enter LDAP password" msgstr "LDAP密码" #, c-format msgid "Bind password required when using a bind DN (-w or -W).\n" msgstr "" #, c-format msgid "Cannot specify both SASL mechanism and bind DN simultaneously.\n" msgstr "" #, c-format msgid "Invalid SASL bind mechanism\n" msgstr "" #, fuzzy, c-format #| msgid "" #| "cannot specify full target filter and extra target filter simultaneously" msgid "Cannot specify server and LDAP uri simultaneously.\n" msgstr "不能同时指定完整的目标滤波器和额外的目标滤波器" #, c-format msgid "Server name not provided and unavailable\n" msgstr "服务器名没有提供或不可用\n" #, c-format msgid "Incompatible options provided (-r and -P)\n" msgstr "提供了不兼容的选项(-r和-P)\n" msgid "New Principal Password" msgstr "新的主体密码" msgid "Verify Principal Password" msgstr "验证主体密码" #, c-format msgid "" "Warning: salt types are not honored with randomized passwords (see opt. -P)\n" msgstr "警告:盐值类型没有授予随机密码(查看选项-P)\n" #, c-format msgid "Invalid Service Principal Name\n" msgstr "无效的服务主体名\n" #, c-format msgid "Kerberos Credential Cache not found. Do you have a Kerberos Ticket?\n" msgstr "没有找到Kerberos凭证缓存。你有Kerberos票据吗?\n" #, c-format msgid "" "Kerberos User Principal not found. Do you have a valid Credential Cache?\n" msgstr "没有找到Kerberos用户主体。你有有效的凭证缓存吗?\n" #, c-format msgid "Failed to open Keytab\n" msgstr "打开Keytab失败\n" #, c-format msgid "Retrying with pre-4.0 keytab retrieval method...\n" msgstr "用pre-4.0 keytab检索方法重试...\n" #, c-format msgid "Failed to create key material\n" msgstr "创建密钥材料失败\n" #, c-format msgid "Failed to get keytab\n" msgstr "获取keytab失败\n" #, c-format msgid "Failed to add key to the keytab\n" msgstr "向keytab中添加密钥失败\n" #, c-format msgid "Failed to close the keytab\n" msgstr "关闭keytab失败\n" #, c-format msgid "Keytab successfully retrieved and stored in: %s\n" msgstr "Keytab检索成功并将其存储在:%s\n" msgid "Failed to add" msgstr "添加失败" msgid "maps not connected to /etc/auto.master:" msgstr "映射未连接到/etc/auto.master:" msgid "Import automount files for a specific location." msgstr "在一特定位置导入自动挂载文件。" msgid "Master file" msgstr "主文件" msgid "Automount master file." msgstr "自动挂载主文件。" msgid "" "Continuous operation mode. Errors are reported but the process continues." msgstr "连续操作模式。报告错误但是这个过程仍在继续。" #, python-format msgid "File %(file)s not found" msgstr "没有找到文件 %(file)s " #, python-format msgid "key %(key)s already exists" msgstr "键 %(key)s 已存在" #, python-format msgid "map %(map)s already exists" msgstr "映射 %(map)s 已存在" msgid "Imported maps:" msgstr "已导入的映射:" #, python-format msgid "Added %(map)s" msgstr "已添加 %(map)s" msgid "Imported keys:" msgstr "已导入的键:" #, python-format msgid "Added %(src)s to %(dst)s" msgstr "已添加 %(src)s 到 %(dst)s" msgid "Ignored keys:" msgstr "已忽略的键:" #, python-format msgid "Ignored %(src)s to %(dst)s" msgstr "已忽略 %(src)s 到 %(dst)s" msgid "Duplicate maps skipped:" msgstr "已忽略重复的映射:" #, python-format msgid "Skipped %(map)s" msgstr "已忽略 %(map)s" msgid "Duplicate keys skipped:" msgstr "已忽略重复的键:" #, python-format msgid "Skipped %(key)s" msgstr "已忽略 %(key)s" msgid "Write certificate (chain if --chain used) to file" msgstr "" msgid "Path to NSS database" msgstr "" msgid "Path to NSS database to use for private key" msgstr "" #, fuzzy #| msgid "Vault private key" msgid "Path to private key file" msgstr "库私钥" #, fuzzy #| msgid "File containing the vault private key" msgid "Path to PEM file containing a private key" msgstr "文件包含库私钥" #, fuzzy #| msgid "File containing the old vault private key" msgid "File containing a password for the private key or database" msgstr "文件包含旧的库私钥" msgid "Name of CSR generation profile (if not the same as profile_id)" msgstr "" #, fuzzy #| msgid "Filename is empty" msgid "Generated CSR was empty" msgstr "文件名为空" msgid "Options 'database' and 'private_key' are not compatible with 'csr'" msgstr "" msgid "Unrevoked" msgstr "未撤销的" msgid "Error" msgstr "错误" msgid "Input filename" msgstr "输入文件名" msgid "File to load the certificate from." msgstr "从文件加载证书" msgid "cannot specify both raw certificate and file" msgstr "不能同时指定原始证书和文件" #, fuzzy #| msgid "Input filename" msgid "Input file" msgstr "输入文件名" #, fuzzy #| msgid "File to load the certificate from." msgid "File to load the certificate from" msgstr "从文件加载证书" #, python-format msgid "Profile configuration stored in file '%(file)s'" msgstr "配置储存在文件'%(file)s'中" msgid "" "\n" "Commands to build certificate requests automatically\n" msgstr "" #, fuzzy #| msgid "Check the status of a certificate signing request." msgid "Gather data for a certificate signing request." msgstr "检查证书签名请求的状态。" msgid "Principal" msgstr "主体" msgid "Principal for this certificate (e.g. HTTP/test.example.com)" msgstr "该证书的主体(例如:HTTP/test.example.com)" msgid "Profile ID" msgstr "配置文件ID" #, fuzzy #| msgid "Certificate Profile to use" msgid "CSR Generation Profile to use" msgstr "待使用的证书配置文件" #, fuzzy #| msgid "Public Key" msgid "Subject Public Key Info" msgstr "公钥" msgid "DER-encoded SubjectPublicKeyInfo structure" msgstr "" #, fuzzy #| msgid "Write profile configuration to file" msgid "Write CertificationRequestInfo to file" msgstr "将配置文件配置写进文件" msgid "Dictionary mapping variable name to value" msgstr "" #, fuzzy #| msgid "Certificate requested" msgid "CertificationRequestInfo structure" msgstr "证书请求" msgid "The principal for this request doesn't exist." msgstr "该请求的主题不存在。" #, python-format msgid "Certificate(s) stored in file '%(file)s'" msgstr "证书存储在文件'%(file)s'中" msgid "Servers details:" msgstr "服务器详细信息:" msgid "" "Migration mode is disabled.\n" "Use 'ipa config-mod --enable-migration=TRUE' to enable it." msgstr "" "迁移模式是禁用的。\n" "使用'ipa config-mod --enable-migration=TRUE'来启用它。" msgid "" "Passwords have been migrated in pre-hashed format.\n" "IPA is unable to generate Kerberos keys unless provided\n" "with clear text passwords. All migrated users need to\n" "login at https://your.domain/ipa/migration/ before they\n" "can use their Kerberos accounts." msgstr "" "密码已迁移成pre-hashed格式。IPA不能生成Kerberos密钥,除非提供明文密码。所有移" "植过的用户在能使用他们的Kerberos账号之前需要登录https://your.domain/ipa/" "migration/。" msgid "python-yubico is not installed." msgstr "" msgid "" "\n" "YubiKey Tokens\n" msgstr "" "\n" "YubiKey令牌\n" msgid "" "\n" "Manage YubiKey tokens.\n" msgstr "" "\n" "管理YubiKey令牌。\n" msgid "" "\n" "This code is an extension to the otptoken plugin and provides support for\n" "reading/writing YubiKey tokens directly.\n" msgstr "" "\n" "这段代码是otp令牌插件的一个扩展,并对读/写YubiKey令牌提供直接的支持。\n" msgid "" "\n" "EXAMPLES:\n" msgstr "" "\n" "例如:\n" msgid "" "\n" " Add a new token:\n" " ipa otptoken-add-yubikey --owner=jdoe --desc=\"My YubiKey\"\n" msgstr "" "\n" " 增加一个新的令牌:\n" " ipa otptoken-add-yubikey --owner=jdoe --desc=\"My YubiKey\"\n" msgid "Add a new YubiKey OTP token." msgstr "增加一个新的YubiKey OTP令牌。" msgid "YubiKey slot" msgstr "YubiKey槽" msgid "No free YubiKey slot!" msgstr "没有空闲的YubiKey槽!" #, python-format msgid "Removing %(servers)s from replication topology, please wait..." msgstr "从复制拓扑中移除%(servers)s,请稍后..." #, python-format msgid "Enabled Sudo Rule \"%s\"" msgstr "启用Sudo规则\"%s\"" #, python-format msgid "Disabled Sudo Rule \"%s\"" msgstr "禁用Sudo规则\"%s\"" #, python-format msgid "Added option \"%(option)s\" to Sudo Rule \"%(rule)s\"" msgstr "已添加\"%(option)s\"到Sudo规则\"%(rule)s\"" #, python-format msgid "Removed option \"%(option)s\" from Sudo Rule \"%(rule)s\"" msgstr "已从Sudo规则\"%(rule)s\"中移除\"%(option)s\"" #, python-format msgid "Replication topology of suffix \"%(suffix)s\" is in order." msgstr "复制拓扑的后缀\"%(suffix)s\"是按序的。" #, python-format msgid "Replication topology of suffix \"%(suffix)s\" contains errors." msgstr "复制拓扑的后缀\"%(suffix)s\"包含错误。" msgid "Topology is disconnected" msgstr "拓扑已断开连接" #, python-format msgid "Server %(srv)s can't contact servers: %(replicas)s" msgstr "服务器%(srv)s不能连接服务器: %(replicas)s" msgid "Recommended maximum number of agreements per replica exceeded" msgstr "" #, fuzzy #| msgid "Maximum number of entries returned" msgid "Maximum number of agreements per replica" msgstr "返回的最大条目数" #, python-format msgid "Server \"%(srv)s\" has %(n)d agreements with servers:" msgstr "" msgid "Delete a user, keeping the entry available for future use" msgstr "删除一个用户,让这个用户可供将来使用" msgid "Delete a user" msgstr "删除一个用户" #, fuzzy #| msgid "users and hosts cannot both be set" msgid "preserve and no-preserve cannot be both set" msgstr "用户和主机不能被同时设置" #, fuzzy #| msgid "System DNS records updated" msgid "Split DNS record to parts" msgstr "系统DNS记录已更新" msgid "Please choose a type of DNS resource record to be added" msgstr "请选择一个待添加的DNS资源记录类型" #, python-format msgid "The most common types for this type of zone are: %s\n" msgstr "这种区域的最常见类型是: %s\n" msgid "DNS resource record type" msgstr "DNS资源记录类型" #, python-format msgid "Invalid or unsupported type. Allowed values are: %s" msgstr "无效的或者不支持的类型。允许的值是:%s" msgid "No option to modify specific record provided." msgstr "没有提供选项来修改具体的记录。" msgid "Current DNS record contents:\n" msgstr "目前的DNS记录内容:\n" #, python-format msgid "Modify %(name)s '%(value)s'?" msgstr "修改 %(name)s '%(value)s'?" #, python-format msgid "" "%(count)d %(type)s record skipped. Only one value per DNS record type can be " "modified at one time." msgid_plural "" "%(count)d %(type)s records skipped. Only one value per DNS record type can " "be modified at one time." msgstr[0] "%(count)d %(type)s记录已忽略。每个DNS记录类型一次只能修改一个值。" msgid "" "Neither --del-all nor options to delete a specific record provided.\n" "Command help may be consulted for all supported record types." msgstr "" "没有提供--del-all或者选项来删除一个特定的记录。\n" "可以使用命令帮助来查询所有支持的记录类型。" msgid "No option to delete specific record provided." msgstr "没有提供选项来删除具体的记录。" msgid "Delete all?" msgstr "全部删除?" #, python-format msgid "Delete %(name)s '%(value)s'?" msgstr "删除%(name)s '%(value)s'?" msgid "Server will check DNS forwarder(s)." msgstr "服务器将检查DNS转发器。" msgid "This may take some time, please wait ..." msgstr "这可能需要一些时间,请稍等..." #, fuzzy #| msgid "DNS forward zone" msgid "DNS forwarder" msgstr "DNS正向区域" #, fuzzy #| msgid "System DNS records updated" msgid "file to store DNS records in nsupdate format" msgstr "系统DNS记录已更新" msgid "" "Unable to display QR code using the configured output encoding. Please use " "the token URI to configure your OTP device" msgstr "使用输出编码配置无法显示二维码。请使用令牌URI来配置你的OTP设备" msgid "" "QR code width is greater than that of the output tty. Please resize your " "terminal." msgstr "二维码的宽度大于tty的输出。请调整你的终端。" msgid "Synchronize an OTP token." msgstr "同步一个OTP令牌。" msgid "User ID" msgstr "用户ID" msgid "Password" msgstr "密码" msgid "First Code" msgstr "第一个码" msgid "Second Code" msgstr "第二个码" msgid "Token ID" msgstr "令牌ID" #, python-format msgid "Cannot read file '%(filename)s': %(exc)s" msgstr "不能读取文件'%(filename)s': %(exc)s" #, python-format msgid "Cannot decode file '%(filename)s': %(exc)s" msgstr "不能解码文件'%(filename)s': %(exc)s" msgid "Invalid credentials" msgstr "无效的证书" msgid "Create a new vault." msgstr "创建一个新库。" msgid "Vault password" msgstr "库密码" msgid "File containing the vault password" msgstr "文件包含库密码" msgid "File containing the vault public key" msgstr "文件包含库公钥" msgid "Password can be specified only for symmetric vault" msgstr "" msgid "Public key can be specified only for asymmetric vault" msgstr "" msgid "Password specified multiple times" msgstr "多次指定密码" msgid "Public key specified multiple times" msgstr "多次指定公钥" msgid "Missing vault public key" msgstr "缺少库公钥" #, python-format msgid "Invalid or unsupported vault public key: %s" msgstr "无效的或不支持的库公钥:%s" msgid "Modify a vault." msgstr "修改一个库。" msgid "Change password" msgstr "改变密码" msgid "Old vault password" msgstr "旧的库密码" msgid "File containing the old vault password" msgstr "文件包含旧的库密码" msgid "New vault password" msgstr "新的库密码" msgid "File containing the new vault password" msgstr "文件包含新的库密码" msgid "Old vault private key" msgstr "旧的库私钥" msgid "File containing the old vault private key" msgstr "文件包含旧的库私钥" msgid "File containing the new vault public key" msgstr "文件包含新的库公钥" msgid "New public key specified multiple times" msgstr "多次指定新公钥" msgid "Missing new vault public key" msgstr "缺少新的库公钥" msgid "Archive data into a vault." msgstr "数据归档到库。" msgid "Binary data to archive" msgstr "" #, fuzzy #| msgid "File containing the vault private key" msgid "File containing data to archive" msgstr "文件包含库私钥" msgid "Override existing password" msgstr "覆盖已存在的密码" msgid "Input data specified multiple times" msgstr "多次指定输入数据" #, python-format msgid "" "Size of data exceeds the limit. Current vault data size limit is %(limit)d B" msgstr "数据大小超出限制。目前库数据大小限制为 %(limit)d B" msgid "Invalid vault type" msgstr "无效的库类型" msgid "Retrieve a data from a vault." msgstr "从库中检索一个数据。" msgid "File to store retrieved data" msgstr "文件存储检索数据" msgid "Vault private key" msgstr "库私钥" msgid "File containing the vault private key" msgstr "文件包含库私钥" msgid "Data" msgstr "数据" msgid "Private key specified multiple times" msgstr "多次指定私钥" msgid "Missing vault private key" msgstr "缺少库私钥" msgid "" "\n" "Directory Server Access Control Instructions (ACIs)\n" "\n" "ACIs are used to allow or deny access to information. This module is\n" "currently designed to allow, not deny, access.\n" "\n" "The aci commands are designed to grant permissions that allow updating\n" "existing entries or adding or deleting new ones. The goal of the ACIs\n" "that ship with IPA is to provide a set of low-level permissions that\n" "grant access to special groups called taskgroups. These low-level\n" "permissions can be combined into roles that grant broader access. These\n" "roles are another type of group, roles.\n" "\n" "For example, if you have taskgroups that allow adding and modifying users " "you\n" "could create a role, useradmin. You would assign users to the useradmin\n" "role to allow them to do the operations defined by the taskgroups.\n" "\n" "You can create ACIs that delegate permission so users in group A can write\n" "attributes on group B.\n" "\n" "The type option is a map that applies to all entries in the users, groups " "or\n" "host location. It is primarily designed to be used when granting add\n" "permissions (to write new entries).\n" "\n" "An ACI consists of three parts:\n" "1. target\n" "2. permissions\n" "3. bind rules\n" "\n" "The target is a set of rules that define which LDAP objects are being\n" "targeted. This can include a list of attributes, an area of that LDAP\n" "tree or an LDAP filter.\n" "\n" "The targets include:\n" "- attrs: list of attributes affected\n" "- type: an object type (user, group, host, service, etc)\n" "- memberof: members of a group\n" "- targetgroup: grant access to modify a specific group. This is primarily\n" " designed to enable users to add or remove members of a specific group.\n" "- filter: A legal LDAP filter used to narrow the scope of the target.\n" "- subtree: Used to apply a rule across an entire set of objects. For " "example,\n" " to allow adding users you need to grant \"add\" permission to the subtree\n" " ldap://uid=*,cn=users,cn=accounts,dc=example,dc=com. The subtree option\n" " is a fail-safe for objects that may not be covered by the type option.\n" "\n" "The permissions define what the ACI is allowed to do, and are one or\n" "more of:\n" "1. write - write one or more attributes\n" "2. read - read one or more attributes\n" "3. add - add a new entry to the tree\n" "4. delete - delete an existing entry\n" "5. all - all permissions are granted\n" "\n" "Note the distinction between attributes and entries. The permissions are\n" "independent, so being able to add a user does not mean that the user will\n" "be editable.\n" "\n" "The bind rule defines who this ACI grants permissions to. The LDAP server\n" "allows this to be any valid LDAP entry but we encourage the use of\n" "taskgroups so that the rights can be easily shared through roles.\n" "\n" "For a more thorough description of access controls see\n" "http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Managing_Access_Control." "html\n" "\n" "EXAMPLES:\n" "\n" "NOTE: ACIs are now added via the permission plugin. These examples are to\n" "demonstrate how the various options work but this is done via the " "permission\n" "command-line now (see last example).\n" "\n" " Add an ACI so that the group \"secretaries\" can update the address on any " "user:\n" " ipa group-add --desc=\"Office secretaries\" secretaries\n" " ipa aci-add --attrs=streetAddress --memberof=ipausers --group=secretaries " "--permissions=write --prefix=none \"Secretaries write addresses\"\n" "\n" " Show the new ACI:\n" " ipa aci-show --prefix=none \"Secretaries write addresses\"\n" "\n" " Add an ACI that allows members of the \"addusers\" permission to add new " "users:\n" " ipa aci-add --type=user --permission=addusers --permissions=add --" "prefix=none \"Add new users\"\n" "\n" " Add an ACI that allows members of the editors manage members of the admins " "group:\n" " ipa aci-add --permissions=write --attrs=member --targetgroup=admins --" "group=editors --prefix=none \"Editors manage admins\"\n" "\n" " Add an ACI that allows members of the admins group to manage the street and " "zip code of those in the editors group:\n" " ipa aci-add --permissions=write --memberof=editors --group=admins --" "attrs=street --attrs=postalcode --prefix=none \"admins edit the address of " "editors\"\n" "\n" " Add an ACI that allows the admins group manage the street and zipcode of " "those who work for the boss:\n" " ipa aci-add --permissions=write --group=admins --attrs=street --" "attrs=postalcode --filter=\"(manager=uid=boss,cn=users,cn=accounts," "dc=example,dc=com)\" --prefix=none \"Edit the address of those who work for " "the boss\"\n" "\n" " Add an entirely new kind of record to IPA that isn't covered by any of the " "--type options, creating a permission:\n" " ipa permission-add --permissions=add --subtree=\"cn=*,cn=orange," "cn=accounts,dc=example,dc=com\" --desc=\"Add Orange Entries\" add_orange\n" "\n" "\n" "The show command shows the raw 389-ds ACI.\n" "\n" "IMPORTANT: When modifying the target attributes of an existing ACI you\n" "must include all existing attributes as well. When doing an aci-mod the\n" "targetattr REPLACES the current attributes, it does not add to them.\n" msgstr "" msgid "ACI name" msgstr "ACI名称" msgid "Permission" msgstr "权限" msgid "Permission ACI grants access to" msgstr "ACI授予访问的权限" msgid "User group" msgstr "用户组" msgid "User group ACI grants access to" msgstr "ACI授予访问的用户组" msgid "Permissions" msgstr "权限" msgid "Permissions to grant(read, write, add, delete, all)" msgstr "授予权限(读,写,添加,删除,全部)" #, fuzzy #| msgid "Attributes to which the permission applies." msgid "Attributes to which the permission applies" msgstr "权限应用属性。" msgid "Attributes" msgstr "属性" msgid "Type" msgstr "类型" msgid "type of IPA object (user, group, host, hostgroup, service, netgroup)" msgstr "IPA对象类型(用户,用户组,主机,主机组,服务,网络组)" msgid "Member of" msgstr "隶属于" msgid "Member of a group" msgstr "组成员" msgid "Filter" msgstr "过滤" msgid "Legal LDAP filter (e.g. ou=Engineering)" msgstr "合法的LDAP过滤(例如:ou=Engineering)" msgid "Subtree" msgstr "子树" msgid "Subtree to apply ACI to" msgstr "" msgid "Target group" msgstr "目标组" #, fuzzy #| msgid "User group to apply permissions to" msgid "Group to apply ACI to" msgstr "待应用权限的用户组" msgid "Target your own entry (self)" msgstr "设定你自己的条目" msgid "Apply ACI to your own entry (self)" msgstr "应用ACI到你自己的条目" msgid "Create new ACI." msgstr "创建新的ACI。" msgid "ACI prefix" msgstr "ACI前缀" msgid "" "Prefix used to distinguish ACI types (permission, delegation, selfservice, " "none)" msgstr "前缀用来区分ACI类型(权限,授权,自助,无)" msgid "Test the ACI syntax but don't write anything" msgstr "测试ACI语法但不写任何东西" msgid "" "Retrieve and print all attributes from the server. Affects command output." msgstr "从服务器检索和打印所有属性。影响命令输出。" msgid "Print entries as stored on the server. Only affects output format." msgstr "打印存储在服务器上的条目。仅影响输出格式。" msgid "User-friendly description of action performed" msgstr "方便用户的执行操作描述" msgid "The primary_key value of the entry, e.g. 'jdoe' for a user" msgstr "" msgid "Delete ACI." msgstr "删除ACI。" msgid "True means the operation was successful" msgstr "正确的表示操作成功" msgid "" "\n" "Search for ACIs.\n" "\n" " Returns a list of ACIs\n" "\n" " EXAMPLES:\n" "\n" " To find all ACIs that apply directly to members of the group ipausers:\n" " ipa aci-find --memberof=ipausers\n" "\n" " To find all ACIs that grant add access:\n" " ipa aci-find --permissions=add\n" "\n" " Note that the find command only looks for the given text in the set of\n" " ACIs, it does not evaluate the ACIs to see if something would apply.\n" " For example, searching on memberof=ipausers will find all ACIs that\n" " have ipausers as a memberof. There may be other ACIs that apply to\n" " members of that group indirectly.\n" " " msgstr "" msgid "A string searched in all relevant object attributes" msgstr "在所有相关对象中搜索字符串" msgid "Primary key only" msgstr "主键唯一" msgid "Results should contain primary key attribute only (\"name\")" msgstr "结果应该只包括主键属性(\"name\")" msgid "Number of entries returned" msgstr "返回的条目数" msgid "True if not all results were returned" msgstr "如果不是所有结果都返回了,那么为真" msgid "Modify ACI." msgstr "修改ACI。" msgid "Rename an ACI." msgstr "重命名一个ACI。" msgid "New ACI name" msgstr "新的ACI名" msgid "Display a single ACI given an ACI name." msgstr "给出一个ACI名显示一个单一的ACI。" msgid "Location of the ACI" msgstr "ACI的位置" msgid "" "\n" "Automount\n" "\n" "Stores automount(8) configuration for autofs(8) in IPA.\n" "\n" "The base of an automount configuration is the configuration file auto." "master.\n" "This is also the base location in IPA. Multiple auto.master configurations\n" "can be stored in separate locations. A location is implementation-specific\n" "with the default being a location named 'default'. For example, you can " "have\n" "locations by geographic region, by floor, by type, etc.\n" "\n" "Automount has three basic object types: locations, maps and keys.\n" "\n" "A location defines a set of maps anchored in auto.master. This allows you\n" "to store multiple automount configurations. A location in itself isn't\n" "very interesting, it is just a point to start a new automount map.\n" "\n" "A map is roughly equivalent to a discrete automount file and provides\n" "storage for keys.\n" "\n" "A key is a mount point associated with a map.\n" "\n" "When a new location is created, two maps are automatically created for\n" "it: auto.master and auto.direct. auto.master is the root map for all\n" "automount maps for the location. auto.direct is the default map for\n" "direct mounts and is mounted on /-.\n" "\n" "An automount map may contain a submount key. This key defines a mount\n" "location within the map that references another map. This can be done\n" "either using automountmap-add-indirect --parentmap or manually\n" "with automountkey-add and setting info to \"-type=autofs :\".\n" "\n" "EXAMPLES:\n" "\n" "Locations:\n" "\n" " Create a named location, \"Baltimore\":\n" " ipa automountlocation-add baltimore\n" "\n" " Display the new location:\n" " ipa automountlocation-show baltimore\n" "\n" " Find available locations:\n" " ipa automountlocation-find\n" "\n" " Remove a named automount location:\n" " ipa automountlocation-del baltimore\n" "\n" " Show what the automount maps would look like if they were in the " "filesystem:\n" " ipa automountlocation-tofiles baltimore\n" "\n" " Import an existing configuration into a location:\n" " ipa automountlocation-import baltimore /etc/auto.master\n" "\n" " The import will fail if any duplicate entries are found. For\n" " continuous operation where errors are ignored, use the --continue\n" " option.\n" "\n" "Maps:\n" "\n" " Create a new map, \"auto.share\":\n" " ipa automountmap-add baltimore auto.share\n" "\n" " Display the new map:\n" " ipa automountmap-show baltimore auto.share\n" "\n" " Find maps in the location baltimore:\n" " ipa automountmap-find baltimore\n" "\n" " Create an indirect map with auto.share as a submount:\n" " ipa automountmap-add-indirect baltimore --parentmap=auto.share --" "mount=sub auto.man\n" "\n" " This is equivalent to:\n" "\n" " ipa automountmap-add-indirect baltimore --mount=/man auto.man\n" " ipa automountkey-add baltimore auto.man --key=sub --info=\"-" "fstype=autofs ldap:auto.share\"\n" "\n" " Remove the auto.share map:\n" " ipa automountmap-del baltimore auto.share\n" "\n" "Keys:\n" "\n" " Create a new key for the auto.share map in location baltimore. This ties\n" " the map we previously created to auto.master:\n" " ipa automountkey-add baltimore auto.master --key=/share --info=auto." "share\n" "\n" " Create a new key for our auto.share map, an NFS mount for man pages:\n" " ipa automountkey-add baltimore auto.share --key=man --info=\"-ro,soft," "rsize=8192,wsize=8192 ipa.example.com:/shared/man\"\n" "\n" " Find all keys for the auto.share map:\n" " ipa automountkey-find baltimore auto.share\n" "\n" " Find all direct automount keys:\n" " ipa automountkey-find baltimore --key=/-\n" "\n" " Remove the man key from the auto.share map:\n" " ipa automountkey-del baltimore auto.share --key=man\n" msgstr "" msgid "Key" msgstr "键" msgid "Automount key name." msgstr "自动挂载键名。" msgid "Mount information" msgstr "挂载信息" msgid "description" msgstr "描述" msgid "Location" msgstr "位置" msgid "Automount location name." msgstr "自动挂载位置名。" msgid "Map" msgstr "映射" msgid "Automount map name." msgstr "自动挂载映射名。" msgid "Description" msgstr "描述" msgid "Create a new automount key." msgstr "创建一个新的自动挂载键。" msgid "" "Set an attribute to a name/value pair. Format is attr=value.\n" "For multi-valued attributes, the command replaces the values already present." msgstr "" "一个属性设置为一个名称/值对。格式是属性=值。对于多值属性,命令替换已存在的" "值。" msgid "" "Add an attribute/value pair. Format is attr=value. The attribute\n" "must be part of the schema." msgstr "添加一个属性/值对。格式是属性=值。属性必须时模式的一部分。" msgid "Delete an automount key." msgstr "删除一个自动挂载键。" msgid "Continuous mode: Don't stop on errors." msgstr "连续模式:有错误不停止。" msgid "List of deletions that failed" msgstr "删除失败的列表" msgid "Search for an automount key." msgstr "查找一个自动挂载键。" msgid "Time Limit" msgstr "时间限制" #, fuzzy #| msgid "Time limit of search in seconds (0 is unlimited)" msgid "Time limit of search in seconds" msgstr "时间限制在几秒钟内的搜索(0代表无限制)" msgid "Size Limit" msgstr "大小限制" msgid "Maximum number of entries returned" msgstr "返回的最大条目数" msgid "Modify an automount key." msgstr "修改一个自动挂载键。" msgid "" "Delete an attribute/value pair. The option will be evaluated\n" "last, after all sets and adds." msgstr "" msgid "Rights" msgstr "权限" msgid "" "Display the access rights of this entry (requires --all). See ipa man page " "for details." msgstr "显示该条目的访问权限(需要--all)。更详细的信息请查看ipa帮助页。" msgid "New mount information" msgstr "新的挂载信息" msgid "Rename" msgstr "重命名" msgid "Rename the automount key object" msgstr "重命名自动挂载键对象" msgid "Display an automount key." msgstr "显示一个自动挂载键。" msgid "Create a new automount location." msgstr "创建一个新的自动挂载位置。" msgid "Delete an automount location." msgstr "删除一个自动挂载位置。" msgid "Search for an automount location." msgstr "查找一个自动挂载位置。" msgid "Results should contain primary key attribute only (\"location\")" msgstr "结果应该只包括主键属性(\"location\")" msgid "Display an automount location." msgstr "显示一个自动挂载位置。" msgid "Generate automount files for a specific location." msgstr "在一特定位置生成自动挂载文件。" msgid "Create a new automount map." msgstr "创建一个新的自动挂载映射。" msgid "Create a new indirect mount point." msgstr "创建一个新的间接挂载点。" msgid "Mount point" msgstr "挂载点" msgid "Parent map" msgstr "父映射" msgid "Name of parent automount map (default: auto.master)." msgstr "父自动挂载映射名(默认:auto.master)。" msgid "Delete an automount map." msgstr "删除一个自动挂载映射。" msgid "Search for an automount map." msgstr "查找一个自动挂载映射。" msgid "Results should contain primary key attribute only (\"map\")" msgstr "结果应该只包括主键属性(\"map\")" msgid "Modify an automount map." msgstr "修改一个自动挂载映射。" msgid "Display an automount map." msgstr "显示一个自动挂载映射。" msgid "" "\n" "Plugin to make multiple ipa calls via one remote procedure call\n" "\n" "To run this code in the lite-server\n" "\n" "curl -H \"Content-Type:application/json\" -H \"Accept:application/" "json\" -H \"Accept-Language:en\" --negotiate -u : --cacert /" "etc/ipa/ca.crt -d @batch_request.json -X POST http://" "localhost:8888/ipa/json\n" "\n" "where the contents of the file batch_request.json follow the below example\n" "\n" "{\"method\":\"batch\",\"params\":[[\n" " {\"method\":\"group_find\",\"params\":[[],{}]},\n" " {\"method\":\"user_find\",\"params\":[[],{\"whoami\":\"true\",\"all" "\":\"true\"}]},\n" " {\"method\":\"user_show\",\"params\":[[\"admin\"],{\"all\":true}]}\n" " ],{}],\"id\":1}\n" "\n" "The format of the response is nested the same way. At the top you will see\n" " \"error\": null,\n" " \"id\": 1,\n" " \"result\": {\n" " \"count\": 3,\n" " \"results\": [\n" "\n" "\n" "And then a nested response for each IPA command method sent in the request\n" msgstr "" msgid "Nested Methods to execute" msgstr "以嵌套的方法来执行" msgid "" "\n" "Server configuration\n" "\n" "Manage the default values that IPA uses and some of its tuning parameters.\n" "\n" "NOTES:\n" "\n" "The password notification value (--pwdexpnotify) is stored here so it will\n" "be replicated. It is not currently used to notify users in advance of an\n" "expiring password.\n" "\n" "Some attributes are read-only, provided only for information purposes. " "These\n" "include:\n" "\n" "Certificate Subject base: the configured certificate subject base,\n" " e.g. O=EXAMPLE.COM. This is configurable only at install time.\n" "Password plug-in features: currently defines additional hashes that the\n" " password will generate (there may be other conditions).\n" "\n" "When setting the order list for mapping SELinux users you may need to\n" "quote the value so it isn't interpreted by the shell.\n" "\n" "EXAMPLES:\n" "\n" " Show basic server configuration:\n" " ipa config-show\n" "\n" " Show all configuration options:\n" " ipa config-show --all\n" "\n" " Change maximum username length to 99 characters:\n" " ipa config-mod --maxusername=99\n" "\n" " Increase default time and size limits for maximum IPA server search:\n" " ipa config-mod --searchtimelimit=10 --searchrecordslimit=2000\n" "\n" " Set default user e-mail domain:\n" " ipa config-mod --emaildomain=example.com\n" "\n" " Enable migration mode to make \"ipa migrate-ds\" command operational:\n" " ipa config-mod --enable-migration=TRUE\n" "\n" " Define SELinux user map order:\n" " ipa config-mod --ipaselinuxusermaporder='guest_u:s0$xguest_u:s0$user_u:s0-" "s0:c0.c1023$staff_u:s0-s0:c0.c1023$unconfined_u:s0-s0:c0.c1023'\n" msgstr "" msgid "Maximum username length" msgstr "最大用户名长度" msgid "Home directory base" msgstr "主目录" msgid "Default location of home directories" msgstr "主目录的默认位置" msgid "Default shell" msgstr "默认shell" msgid "Default shell for new users" msgstr "新用户默认shell" msgid "Default users group" msgstr "默认用户组" msgid "Default group for new users" msgstr "新用户默认组" msgid "Default e-mail domain" msgstr "默认的电子邮件域" msgid "Search time limit" msgstr "搜索时间限制" msgid "" "Maximum amount of time (seconds) for a search (> 0, or -1 for unlimited)" msgstr "最大的时间(秒)搜索(>0,或-1表示无限制)" msgid "Search size limit" msgstr "搜索大小限制" msgid "Maximum number of records to search (-1 is unlimited)" msgstr "最大数量的搜索记录(-1表示无限制)" msgid "User search fields" msgstr "用户搜索字段" #, fuzzy #| msgid "" #| "Comma-separated list of objectclasses used to search for user entries in " #| "DS" msgid "A comma-separated list of fields to search in when searching for users" msgstr "在DS中用于查找用户条目以逗号分隔的对象类" msgid "Group search fields" msgstr "组搜索域" #, fuzzy #| msgid "" #| "Comma-separated list of objectclasses used to search for group entries in " #| "DS" msgid "A comma-separated list of fields to search in when searching for groups" msgstr "在DS中用于查找用户组条目以逗号分隔的对象类" msgid "Enable migration mode" msgstr "启用迁移模式" #, fuzzy #| msgid "Certificate requested" msgid "Certificate Subject base" msgstr "证书请求" msgid "Base for certificate subjects (OU=Test,O=Example)" msgstr "" msgid "Default group objectclasses" msgstr "默认组对象类" msgid "Default group objectclasses (comma-separated list)" msgstr "默认组对象类(以逗号分割)" msgid "Default user objectclasses" msgstr "默认用户对象类" msgid "Default user objectclasses (comma-separated list)" msgstr "默认用户对象类(以逗号分割)" msgid "Password Expiration Notification (days)" msgstr "密码过期通知(天)" msgid "Number of days's notice of impending password expiration" msgstr "密码即将过期通知天数" msgid "Password plugin features" msgstr "密码插件功能" msgid "Extra hashes to generate in password plug-in" msgstr "" msgid "SELinux user map order" msgstr "SELinux 用户映射订单" msgid "Order in increasing priority of SELinux users, delimited by $" msgstr "按SELinux用户优先级递增顺序排列,以$分割" msgid "Default SELinux user" msgstr "默认的SELinux用户" msgid "Default SELinux user when no match is found in SELinux map rule" msgstr "当在SELinux映射规则中找不到匹配项时使用默认SELinux用户" msgid "Default PAC types" msgstr "默认PAC类型" msgid "Default types of PAC supported for services" msgstr "默认PAC支持服务的类型" msgid "Default user authentication types" msgstr "默认用户认证类型" msgid "Default types of supported user authentication" msgstr "默认支持用户认证的类型" msgid "Modify configuration options." msgstr "修改配置选项" msgid "Show the current configuration." msgstr "显示当前配置。" msgid "" "\n" "Group to Group Delegation\n" "\n" "A permission enables fine-grained delegation of permissions. Access Control\n" "Rules, or instructions (ACIs), grant permission to permissions to perform\n" "given tasks such as adding a user, modifying a group, etc.\n" "\n" "Group to Group Delegations grants the members of one group to update a set\n" "of attributes of members of another group.\n" "\n" "EXAMPLES:\n" "\n" " Add a delegation rule to allow managers to edit employee's addresses:\n" " ipa delegation-add --attrs=street --group=managers --" "membergroup=employees \"managers edit employees' street\"\n" "\n" " When managing the list of attributes you need to include all attributes\n" " in the list, including existing ones. Add postalCode to the list:\n" " ipa delegation-mod --attrs=street --attrs=postalCode --group=managers --" "membergroup=employees \"managers edit employees' street\"\n" "\n" " Display our updated rule:\n" " ipa delegation-show \"managers edit employees' street\"\n" "\n" " Delete a rule:\n" " ipa delegation-del \"managers edit employees' street\"\n" msgstr "" msgid "Delegation name" msgstr "授权名" msgid "Permissions to grant (read, write). Default is write." msgstr "委托权限(读,写)。默认是写。" #, fuzzy #| msgid "Attributes to which the permission applies." msgid "Attributes to which the delegation applies" msgstr "权限应用属性。" #, fuzzy #| msgid "Member service groups" msgid "Member user group" msgstr "成员服务组" #, fuzzy #| msgid "User group to apply permissions to" msgid "User group to apply delegation to" msgstr "待应用权限的用户组" msgid "Add a new delegation." msgstr "添加一个新的授权。" msgid "Delete a delegation." msgstr "删除一个授权。" msgid "Search for delegations." msgstr "查找授权。" msgid "Modify a delegation." msgstr "修改一个授权。" msgid "Display information about a delegation." msgstr "显示一个授权信息。" msgid "" "\n" "Domain Name System (DNS)\n" "\n" "Manage DNS zone and resource records.\n" "\n" "SUPPORTED ZONE TYPES\n" "\n" " * Master zone (dnszone-*), contains authoritative data.\n" " * Forward zone (dnsforwardzone-*), forwards queries to configured " "forwarders\n" " (a set of DNS servers).\n" "\n" "USING STRUCTURED PER-TYPE OPTIONS\n" "\n" "There are many structured DNS RR types where DNS data stored in LDAP server\n" "is not just a scalar value, for example an IP address or a domain name, but\n" "a data structure which may be often complex. A good example is a LOC record\n" "[RFC1876] which consists of many mandatory and optional parts (degrees,\n" "minutes, seconds of latitude and longitude, altitude or precision).\n" "\n" "It may be difficult to manipulate such DNS records without making a mistake\n" "and entering an invalid value. DNS module provides an abstraction over " "these\n" "raw records and allows to manipulate each RR type with specific options. " "For\n" "each supported RR type, DNS module provides a standard option to manipulate\n" "a raw records with format ---rec, e.g. --mx-rec, and special " "options\n" "for every part of the RR structure with format ---, e.g.\n" "--mx-preference and --mx-exchanger.\n" "\n" "When adding a record, either RR specific options or standard option for a " "raw\n" "value can be used, they just should not be combined in one add operation. " "When\n" "modifying an existing entry, new RR specific options can be used to change\n" "one part of a DNS record, where the standard option for raw value is used\n" "to specify the modified value. The following example demonstrates\n" "a modification of MX record preference from 0 to 1 in a record without\n" "modifying the exchanger:\n" "ipa dnsrecord-mod --mx-rec=\"0 mx.example.com.\" --mx-preference=1\n" "\n" "\n" "EXAMPLES:\n" "\n" " Add new zone:\n" " ipa dnszone-add example.com --admin-email=admin@example.com\n" "\n" " Add system permission that can be used for per-zone privilege delegation:\n" " ipa dnszone-add-permission example.com\n" "\n" " Modify the zone to allow dynamic updates for hosts own records in realm " "EXAMPLE.COM:\n" " ipa dnszone-mod example.com --dynamic-update=TRUE\n" "\n" " This is the equivalent of:\n" " ipa dnszone-mod example.com --dynamic-update=TRUE --update-policy=" "\"grant EXAMPLE.COM krb5-self * A; grant EXAMPLE.COM krb5-self * AAAA; grant " "EXAMPLE.COM krb5-self * SSHFP;\"\n" "\n" " Modify the zone to allow zone transfers for local network only:\n" " ipa dnszone-mod example.com --allow-transfer=192.0.2.0/24\n" "\n" " Add new reverse zone specified by network IP address:\n" " ipa dnszone-add --name-from-ip=192.0.2.0/24\n" "\n" " Add second nameserver for example.com:\n" " ipa dnsrecord-add example.com @ --ns-rec=nameserver2.example.com\n" "\n" " Add a mail server for example.com:\n" " ipa dnsrecord-add example.com @ --mx-rec=\"10 mail1\"\n" "\n" " Add another record using MX record specific options:\n" " ipa dnsrecord-add example.com @ --mx-preference=20 --mx-exchanger=mail2\n" "\n" " Add another record using interactive mode (started when dnsrecord-add, " "dnsrecord-mod,\n" " or dnsrecord-del are executed with no options):\n" " ipa dnsrecord-add example.com @\n" " Please choose a type of DNS resource record to be added\n" " The most common types for this type of zone are: NS, MX, LOC\n" "\n" " DNS resource record type: MX\n" " MX Preference: 30\n" " MX Exchanger: mail3\n" " Record name: example.com\n" " MX record: 10 mail1, 20 mail2, 30 mail3\n" " NS record: nameserver.example.com., nameserver2.example.com.\n" "\n" " Delete previously added nameserver from example.com:\n" " ipa dnsrecord-del example.com @ --ns-rec=nameserver2.example.com.\n" "\n" " Add LOC record for example.com:\n" " ipa dnsrecord-add example.com @ --loc-rec=\"49 11 42.4 N 16 36 29.6 E " "227.64m\"\n" "\n" " Add new A record for www.example.com. Create a reverse record in " "appropriate\n" " reverse zone as well. In this case a PTR record \"2\" pointing to www." "example.com\n" " will be created in zone 2.0.192.in-addr.arpa.\n" " ipa dnsrecord-add example.com www --a-rec=192.0.2.2 --a-create-reverse\n" "\n" " Add new PTR record for www.example.com\n" " ipa dnsrecord-add 2.0.192.in-addr.arpa. 2 --ptr-rec=www.example.com.\n" "\n" " Add new SRV records for LDAP servers. Three quarters of the requests\n" " should go to fast.example.com, one quarter to slow.example.com. If neither\n" " is available, switch to backup.example.com.\n" " ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"0 3 389 fast.example." "com\"\n" " ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"0 1 389 slow.example." "com\"\n" " ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"1 1 389 backup." "example.com\"\n" "\n" " The interactive mode can be used for easy modification:\n" " ipa dnsrecord-mod example.com _ldap._tcp\n" " No option to modify specific record provided.\n" " Current DNS record contents:\n" "\n" " SRV record: 0 3 389 fast.example.com, 0 1 389 slow.example.com, 1 1 389 " "backup.example.com\n" "\n" " Modify SRV record '0 3 389 fast.example.com'? Yes/No (default No):\n" " Modify SRV record '0 1 389 slow.example.com'? Yes/No (default No): y\n" " SRV Priority [0]: (keep the default value)\n" " SRV Weight [1]: 2 (modified value)\n" " SRV Port [389]: (keep the default value)\n" " SRV Target [slow.example.com]: (keep the default value)\n" " 1 SRV record skipped. Only one value per DNS record type can be modified " "at one time.\n" " Record name: _ldap._tcp\n" " SRV record: 0 3 389 fast.example.com, 1 1 389 backup.example.com, 0 2 " "389 slow.example.com\n" "\n" " After this modification, three fifths of the requests should go to\n" " fast.example.com and two fifths to slow.example.com.\n" "\n" " An example of the interactive mode for dnsrecord-del command:\n" " ipa dnsrecord-del example.com www\n" " No option to delete specific record provided.\n" " Delete all? Yes/No (default No): (do not delete all records)\n" " Current DNS record contents:\n" "\n" " A record: 192.0.2.2, 192.0.2.3\n" "\n" " Delete A record '192.0.2.2'? Yes/No (default No):\n" " Delete A record '192.0.2.3'? Yes/No (default No): y\n" " Record name: www\n" " A record: 192.0.2.2 (A record 192.0.2.3 has been " "deleted)\n" "\n" " Show zone example.com:\n" " ipa dnszone-show example.com\n" "\n" " Find zone with \"example\" in its domain name:\n" " ipa dnszone-find example\n" "\n" " Find records for resources with \"www\" in their name in zone example.com:\n" " ipa dnsrecord-find example.com www\n" "\n" " Find A records with value 192.0.2.2 in zone example.com\n" " ipa dnsrecord-find example.com --a-rec=192.0.2.2\n" "\n" " Show records for resource www in zone example.com\n" " ipa dnsrecord-show example.com www\n" "\n" " Delegate zone sub.example to another nameserver:\n" " ipa dnsrecord-add example.com ns.sub --a-rec=203.0.113.1\n" " ipa dnsrecord-add example.com sub --ns-rec=ns.sub.example.com.\n" "\n" " Delete zone example.com with all resource records:\n" " ipa dnszone-del example.com\n" "\n" " If a global forwarder is configured, all queries for which this server is " "not\n" " authoritative (e.g. sub.example.com) will be routed to the global " "forwarder.\n" " Global forwarding configuration can be overridden per-zone.\n" "\n" " Semantics of forwarding in IPA matches BIND semantics and depends on the " "type\n" " of zone:\n" " * Master zone: local BIND replies authoritatively to queries for data in\n" " the given zone (including authoritative NXDOMAIN answers) and forwarding\n" " affects only queries for names below zone cuts (NS records) of locally\n" " served zones.\n" "\n" " * Forward zone: forward zone contains no authoritative data. BIND " "forwards\n" " queries, which cannot be answered from its local cache, to configured\n" " forwarders.\n" "\n" " Semantics of the --forward-policy option:\n" " * none - disable forwarding for the given zone.\n" " * first - forward all queries to configured forwarders. If they fail,\n" " do resolution using DNS root servers.\n" " * only - forward all queries to configured forwarders and if they fail,\n" " return failure.\n" "\n" " Disable global forwarding for given sub-tree:\n" " ipa dnszone-mod example.com --forward-policy=none\n" "\n" " This configuration forwards all queries for names outside the example.com\n" " sub-tree to global forwarders. Normal recursive resolution process is used\n" " for names inside the example.com sub-tree (i.e. NS records are followed " "etc.).\n" "\n" " Forward all requests for the zone external.example.com to another " "forwarder\n" " using a \"first\" policy (it will send the queries to the selected " "forwarder\n" " and if not answered it will use global root servers):\n" " ipa dnsforwardzone-add external.example.com --forward-" "policy=first --forwarder=203.0.113.1\n" "\n" " Change forward-policy for external.example.com:\n" " ipa dnsforwardzone-mod external.example.com --forward-policy=only\n" "\n" " Show forward zone external.example.com:\n" " ipa dnsforwardzone-show external.example.com\n" "\n" " List all forward zones:\n" " ipa dnsforwardzone-find\n" "\n" " Delete forward zone external.example.com:\n" " ipa dnsforwardzone-del external.example.com\n" "\n" " Resolve a host name to see if it exists (will add default IPA domain\n" " if one is not included):\n" " ipa dns-resolve www.example.com\n" " ipa dns-resolve www\n" "\n" "\n" "GLOBAL DNS CONFIGURATION\n" "\n" "DNS configuration passed to command line install script is stored in a " "local\n" "configuration file on each IPA server where DNS service is configured. " "These\n" "local settings can be overridden with a common configuration stored in LDAP\n" "server:\n" "\n" " Show global DNS configuration:\n" " ipa dnsconfig-show\n" "\n" " Modify global DNS configuration and set a list of global forwarders:\n" " ipa dnsconfig-mod --forwarder=203.0.113.113\n" msgstr "" msgid "Global forwarders" msgstr "全局转发器" msgid "" "Global forwarders. A custom port can be specified for each forwarder using a " "standard format \"IP_ADDRESS port PORT\"" msgstr "" "全局转发器。使用标准格式\"IP_ADDRESS port PORT\"为每个转发器指定一个自定义端" "口" msgid "Forward policy" msgstr "转发器策略" msgid "" "Global forwarding policy. Set to \"none\" to disable any configured global " "forwarders." msgstr "全局转发器策略。通过设置\"none\"来禁用全局转发器的所有配置。" msgid "Allow PTR sync" msgstr "允许PTR同步" msgid "Allow synchronization of forward (A, AAAA) and reverse (PTR) records" msgstr "允许同步正向(A,AAAA)和反向(PTR)记录" msgid "Zone refresh interval" msgstr "区域刷新间隔" msgid "Zone name" msgstr "区域名" msgid "Zone name (FQDN)" msgstr "区域名(FQDN)" msgid "Reverse zone IP network" msgstr "反向区域IP网络" msgid "IP network to create reverse zone name from" msgstr "IP网络创建反向区域名" msgid "Active zone" msgstr "活跃区" msgid "Is zone active?" msgstr "区域活跃吗?" msgid "Zone forwarders" msgstr "区域转发器" msgid "" "Per-zone forwarders. A custom port can be specified for each forwarder using " "a standard format \"IP_ADDRESS port PORT\"" msgstr "" "Per-zone转发器。使用标准格式\"IP_ADDRESS port PORT\"为每个转发器指定一个自定" "义端口" #, fuzzy #| msgid "" #| "Per-server conditional forwarding policy. Set to \"none\" to disable " #| "forwarding to global forwarder for this zone. In that case, conditional " #| "zone forwarders are disregarded." msgid "" "Per-zone conditional forwarding policy. Set to \"none\" to disable " "forwarding to global forwarder for this zone. In that case, conditional zone " "forwarders are disregarded." msgstr "" "Per-server有条件的转发器策略。设置为\"none\"来禁止该区域转发至全局转发器。那" "样的话,有条件的区域转发器被忽视了。" msgid "Record name" msgstr "记录名" msgid "Time to live" msgstr "存活时间" msgid "Records" msgstr "记录" msgid "Record type" msgstr "记录类型" msgid "Record data" msgstr "记录数据" msgid "A record" msgstr "一条记录" msgid "Raw A records" msgstr "原始的记录" msgid "A IP Address" msgstr "IP地址" msgid "IP Address" msgstr "IP 地址" #, fuzzy #| msgid "Create reverse" msgid "A Create reverse" msgstr "创建反向" msgid "Create reverse record for this IP Address" msgstr "为该IP地址创建反向记录" msgid "AAAA record" msgstr "AAAA记录" msgid "Raw AAAA records" msgstr "原始的AAAA记录" msgid "AAAA IP Address" msgstr "AAAA IP地址" #, fuzzy #| msgid "Create reverse" msgid "AAAA Create reverse" msgstr "创建反向" msgid "A6 record" msgstr "A6记录" msgid "Raw A6 records" msgstr "原始的A6记录" msgid "A6 Record data" msgstr "A6记录数据" msgid "AFSDB record" msgstr "AFSDB记录" msgid "Raw AFSDB records" msgstr "原始的AFSDB记录" msgid "AFSDB Subtype" msgstr "AFSDB子类型" msgid "Subtype" msgstr "子类型" msgid "AFSDB Hostname" msgstr "AFSDB主机名" msgid "Hostname" msgstr "主机名" msgid "APL record" msgstr "APL记录" msgid "Raw APL records" msgstr "原始的APL记录" msgid "CERT record" msgstr "CERT记录" msgid "Raw CERT records" msgstr "原始的CERT记录" msgid "CERT Certificate Type" msgstr "CERT证书类型" msgid "Certificate Type" msgstr "证书类型" msgid "CERT Key Tag" msgstr "CERT键标记" msgid "Key Tag" msgstr "键标记" msgid "CERT Algorithm" msgstr "CERT算法" msgid "Algorithm" msgstr "算法" msgid "CERT Certificate/CRL" msgstr "CERT证书/CRL" msgid "Certificate/CRL" msgstr "证书/CRL" msgid "CNAME record" msgstr "CNAME记录" msgid "Raw CNAME records" msgstr "原始的CNAME记录" msgid "CNAME Hostname" msgstr "CNAME主机名" msgid "A hostname which this alias hostname points to" msgstr "一个别名主机名指向主机名" msgid "DHCID record" msgstr "DHCID记录" msgid "Raw DHCID records" msgstr "原始的DHCID记录" msgid "DLV record" msgstr "DLV记录" msgid "Raw DLV records" msgstr "原始的DLV记录" msgid "DLV Key Tag" msgstr "DLV键标记" msgid "DLV Algorithm" msgstr "DLV算法" msgid "DLV Digest Type" msgstr "DLV摘要类型" msgid "Digest Type" msgstr "摘要类型" msgid "DLV Digest" msgstr "DLV摘要" msgid "Digest" msgstr "摘要" msgid "DNAME record" msgstr "DNAME记录" msgid "Raw DNAME records" msgstr "原始的DNAME记录" msgid "DNAME Target" msgstr "DNAME目标" msgid "Target" msgstr "目标" msgid "DNSKEY record" msgstr "DNSKEY记录" msgid "Raw DNSKEY records" msgstr "原始的DNSKEY记录" msgid "DS record" msgstr "DS记录" msgid "Raw DS records" msgstr "原始的DS记录" msgid "DS Key Tag" msgstr "DS键标记" msgid "DS Algorithm" msgstr "DS算法" msgid "DS Digest Type" msgstr "DS摘要类型" msgid "DS Digest" msgstr "DS摘要" msgid "HIP record" msgstr "HIP记录" msgid "Raw HIP records" msgstr "原始的HIP记录" msgid "IPSECKEY record" msgstr "IPSECKEY记录" msgid "Raw IPSECKEY records" msgstr "原始的IPSECKEY记录" msgid "KEY record" msgstr "KEY记录" msgid "Raw KEY records" msgstr "原始的KEY记录" msgid "KX record" msgstr "KX记录" msgid "Raw KX records" msgstr "原始的KX记录" msgid "KX Preference" msgstr "KX优先权" msgid "Preference given to this exchanger. Lower values are more preferred" msgstr "该交换器的优先级。值越低优先级越高" msgid "KX Exchanger" msgstr "KX交换器" msgid "A host willing to act as a key exchanger" msgstr "主机愿意充当关键交换器" msgid "LOC record" msgstr "LOC记录" msgid "Raw LOC records" msgstr "原始的LOC记录" #, fuzzy #| msgid "LOC Direction Latitude" msgid "LOC Degrees Latitude" msgstr "LOC纬度方向" #, fuzzy #| msgid "Direction Latitude" msgid "Degrees Latitude" msgstr "纬度方向" msgid "LOC Minutes Latitude" msgstr "LOC分钟纬度" msgid "Minutes Latitude" msgstr "分钟纬度" msgid "LOC Seconds Latitude" msgstr "LOC秒纬度" msgid "Seconds Latitude" msgstr "秒纬度" msgid "LOC Direction Latitude" msgstr "LOC纬度方向" msgid "Direction Latitude" msgstr "纬度方向" #, fuzzy #| msgid "LOC Direction Longitude" msgid "LOC Degrees Longitude" msgstr "LOC经度方向" #, fuzzy #| msgid "Direction Longitude" msgid "Degrees Longitude" msgstr "经度方向" msgid "LOC Minutes Longitude" msgstr "LOC分钟经度" msgid "Minutes Longitude" msgstr "分钟经度" msgid "LOC Seconds Longitude" msgstr "LOC秒经度" msgid "Seconds Longitude" msgstr "秒经度" msgid "LOC Direction Longitude" msgstr "LOC经度方向" msgid "Direction Longitude" msgstr "经度方向" msgid "LOC Altitude" msgstr "LOC高度" msgid "Altitude" msgstr "高度" msgid "LOC Size" msgstr "LOC大小" msgid "Size" msgstr "大小" msgid "LOC Horizontal Precision" msgstr "LOC水平精度" msgid "Horizontal Precision" msgstr "水平精度" msgid "LOC Vertical Precision" msgstr "LOC垂直精度" msgid "Vertical Precision" msgstr "垂直精度" msgid "MX record" msgstr "MX记录" msgid "Raw MX records" msgstr "原始的MX记录" msgid "MX Preference" msgstr "MX优先权" msgid "MX Exchanger" msgstr "MX交换器" msgid "A host willing to act as a mail exchanger" msgstr "主机愿意充当邮件交换器" msgid "NAPTR record" msgstr "NAPTR记录" msgid "Raw NAPTR records" msgstr "原始的NAPTR记录" msgid "NAPTR Order" msgstr "NAPTR规则" msgid "Order" msgstr "规则" msgid "NAPTR Preference" msgstr "NAPTR优先权" msgid "Preference" msgstr "优先权" msgid "NAPTR Flags" msgstr "NAPTR标记" msgid "Flags" msgstr "标记" msgid "NAPTR Service" msgstr "NAPTR服务" msgid "Service" msgstr "服务" msgid "NAPTR Regular Expression" msgstr "NAPTR正则表达式" msgid "Regular Expression" msgstr "正则表达式" msgid "NAPTR Replacement" msgstr "NAPTR替换" msgid "Replacement" msgstr "替换" msgid "NS record" msgstr "NS记录" msgid "Raw NS records" msgstr "原始的NS记录" msgid "NS Hostname" msgstr "NS主机名" msgid "NSEC record" msgstr "NSEC记录" msgid "Raw NSEC records" msgstr "原始的NSEC记录" msgid "NSEC3 record" msgstr "NSEC3记录" msgid "Raw NSEC3 records" msgstr "原始的NSEC3记录" msgid "PTR record" msgstr "PTR记录" msgid "Raw PTR records" msgstr "原始的PTR记录" msgid "PTR Hostname" msgstr "PTR主机名" msgid "The hostname this reverse record points to" msgstr "反向记录指向的主机名" msgid "RRSIG record" msgstr "RRSIG记录" msgid "Raw RRSIG records" msgstr "原始的RRSIG记录" msgid "RP record" msgstr "RP记录" msgid "Raw RP records" msgstr "原始的RP记录" msgid "SIG record" msgstr "SIG记录" msgid "Raw SIG records" msgstr "原始的SIG记录" msgid "SPF record" msgstr "SPF记录" msgid "Raw SPF records" msgstr "原始的SPF记录" msgid "SRV record" msgstr "SRV记录" msgid "Raw SRV records" msgstr "原始的SRV记录" msgid "SRV Priority" msgstr "SRV优先级" msgid "Priority" msgstr "优先级" msgid "SRV Weight" msgstr "SRV重量" msgid "Weight" msgstr "重量" msgid "SRV Port" msgstr "SRV端口" msgid "Port" msgstr "端口" msgid "SRV Target" msgstr "SRV目标" msgid "" "The domain name of the target host or '.' if the service is decidedly not " "available at this domain" msgstr "目标主机的域名或是'.'如果服务在该域中明显不存在" msgid "SSHFP record" msgstr "SSHFP记录" msgid "Raw SSHFP records" msgstr "原始的SSHFP记录" msgid "SSHFP Algorithm" msgstr "SSHFP算法" msgid "SSHFP Fingerprint Type" msgstr "SSHFP指纹类型" msgid "Fingerprint Type" msgstr "指纹类型" msgid "SSHFP Fingerprint" msgstr "SSHFP指纹" msgid "Fingerprint" msgstr "指纹" msgid "TA record" msgstr "TA记录" msgid "Raw TA records" msgstr "原始的TA记录" msgid "TLSA record" msgstr "TLSA记录" msgid "Raw TLSA records" msgstr "原始的TLSA记录" msgid "TLSA Certificate Usage" msgstr "TLSA证书用途" msgid "Certificate Usage" msgstr "证书用途" msgid "TLSA Selector" msgstr "TLSA选择器" msgid "Selector" msgstr "选择器" msgid "TLSA Matching Type" msgstr "TLSA匹配类型" msgid "Matching Type" msgstr "匹配类型" msgid "TLSA Certificate Association Data" msgstr "TLSA证书关联数据" msgid "Certificate Association Data" msgstr "证书关联数据" msgid "TKEY record" msgstr "TKEY记录" msgid "Raw TKEY records" msgstr "原始的TKEY记录" msgid "TSIG record" msgstr "TSIG记录" msgid "Raw TSIG records" msgstr "原始的TSIG记录" msgid "TXT record" msgstr "TXT记录" msgid "Raw TXT records" msgstr "原始的TXT记录" msgid "TXT Text Data" msgstr "TXT文本数据" msgid "Text Data" msgstr "文本数据" msgid "Authoritative nameserver" msgstr "权威的命名服务器" msgid "Authoritative nameserver domain name" msgstr "权威的命名服务器域名" msgid "Administrator e-mail address" msgstr "管理员电子邮件地址" msgid "SOA serial" msgstr "SOA序列" msgid "SOA record serial number" msgstr "SOA记录编号" msgid "SOA refresh" msgstr "SOA刷新" msgid "SOA record refresh time" msgstr "SOA记录刷新时间" msgid "SOA retry" msgstr "SOA重试" msgid "SOA record retry time" msgstr "SOA记录重试时间" msgid "SOA expire" msgstr "SOA到期" msgid "SOA record expire time" msgstr "SOA记录到期时间" msgid "SOA minimum" msgstr "SOA最低值" msgid "How long should negative responses be cached" msgstr "负面响应应该被缓存多久" msgid "Time to live for records at zone apex" msgstr "区域定点记录的生成时间" msgid "BIND update policy" msgstr "BIND更新策略" msgid "Dynamic update" msgstr "动态更新" msgid "Allow dynamic updates." msgstr "允许动态更新" msgid "Allow query" msgstr "允许查询" msgid "" "Semicolon separated list of IP addresses or networks which are allowed to " "issue queries" msgstr "分号分割的IP地址或网络列表允许被查询" msgid "Allow transfer" msgstr "允许传输" msgid "" "Semicolon separated list of IP addresses or networks which are allowed to " "transfer the zone" msgstr "分号分割的IP地址或网络列表允许被传输" msgid "" "Allow synchronization of forward (A, AAAA) and reverse (PTR) records in the " "zone" msgstr "允许在区域中同步正向(A,AAAA)和反向(PTR)记录" msgid "Allow in-line DNSSEC signing" msgstr "允许嵌套DNSSEC签名" msgid "Allow inline DNSSEC signing of records in the zone" msgstr "允许在区域中嵌套DNSSEC记录签名" msgid "NSEC3PARAM record" msgstr "NSEC3PARAM记录" msgid "" "NSEC3PARAM record for zone in format: hash_algorithm flags iterations salt" msgstr "NSEC3PARAM区记录格式:散列算法 标记 迭代 盐值" msgid "Checks if any of the servers has the DNS service enabled." msgstr "检查是否有任何服务器启用了DNS服务。" msgid "Resolve a host name in DNS." msgstr "在DNS中解析主机名。" msgid "Modify global DNS configuration." msgstr "修改全局DNS配置。" msgid "Show the current global DNS configuration." msgstr "显示当前全局DNS配置。" msgid "Create new DNS forward zone." msgstr "创建新的DNS正向区。" msgid "Add a permission for per-forward zone access delegation." msgstr "为每个正向区访问授权添加一个权限。" msgid "Permission value" msgstr "权限值" msgid "Delete DNS forward zone." msgstr "删除DNS正向区。" msgid "Disable DNS Forward Zone." msgstr "禁用DNS正向区。" msgid "Enable DNS Forward Zone." msgstr "启用DNS正向区。" msgid "Search for DNS forward zones." msgstr "查找DNS正向区。" msgid "Modify DNS forward zone." msgstr "修改DNS正向区。" msgid "Remove a permission for per-forward zone access delegation." msgstr "为每个正向区访问授权移除一个权限。" msgid "Display information about a DNS forward zone." msgstr "显示DNS正向区信息。" msgid "Add new DNS resource record." msgstr "添加新的DNS资源记录。" msgid "Force" msgstr "强制" msgid "force NS record creation even if its hostname is not in DNS" msgstr "即使NS记录不在DNS中,也强制创建它。" msgid "Structured" msgstr "有条理的" msgid "Parse all raw DNS records and return them in a structured way" msgstr "解析所有的原始DNS记录并以有条理的方式返回它们" msgid "Delete DNS resource record." msgstr "删除DNS资源记录。" msgid "Delete all associated records" msgstr "删除所有相关记录" msgid "Delete DNS record entry." msgstr "删除DNS记录条目。" msgid "Search for DNS resources." msgstr "查找DNS资源。" msgid "Modify a DNS resource record." msgstr "修改DNS资源记录。" msgid "Rename the DNS resource record object" msgstr "重命名DNS资源记录对象" msgid "Display DNS resource." msgstr "显示DNS资源。" msgid "Create new DNS zone (SOA record)." msgstr "创建新的DNS区域(SOA记录)。" msgid "Force DNS zone creation even if nameserver is not resolvable." msgstr "即使命名服务器无法解析,也强制创建DNS区域。" msgid "Add a permission for per-zone access delegation." msgstr "为每个区访问授权添加一个权限。" msgid "Delete DNS zone (SOA record)." msgstr "删除DNS区域(SOA记录)。" msgid "Disable DNS Zone." msgstr "禁用DNS区域。" msgid "Enable DNS Zone." msgstr "启用DNS区域。" msgid "Search for DNS zones (SOA records)." msgstr "查找DNS区域(SOA记录)。" msgid "Forward zones only" msgstr "仅正向区域" msgid "Search for forward zones only" msgstr "仅查找正向区域" msgid "Modify DNS zone (SOA record)." msgstr "修改DNS区域(SOA记录)。" msgid "Force nameserver change even if nameserver not in DNS" msgstr "即使命名服务器不在DNS中,也强制改变它" msgid "Remove a permission for per-zone access delegation." msgstr "为每个区访问授权移除一个权限。" msgid "Display information about a DNS zone (SOA record)." msgstr "显示DNS区域(SOA记录)信息。" msgid "" "\n" "Host-based access control\n" "\n" "Control who can access what services on what hosts. You\n" "can use HBAC to control which users or groups can\n" "access a service, or group of services, on a target host.\n" "\n" "You can also specify a category of users and target hosts.\n" "This is currently limited to \"all\", but might be expanded in the\n" "future.\n" "\n" "Target hosts in HBAC rules must be hosts managed by IPA.\n" "\n" "The available services and groups of services are controlled by the\n" "hbacsvc and hbacsvcgroup plug-ins respectively.\n" "\n" "EXAMPLES:\n" "\n" " Create a rule, \"test1\", that grants all users access to the host \"server" "\" from\n" " anywhere:\n" " ipa hbacrule-add --usercat=all test1\n" " ipa hbacrule-add-host --hosts=server.example.com test1\n" "\n" " Display the properties of a named HBAC rule:\n" " ipa hbacrule-show test1\n" "\n" " Create a rule for a specific service. This lets the user john access\n" " the sshd service on any machine from any machine:\n" " ipa hbacrule-add --hostcat=all john_sshd\n" " ipa hbacrule-add-user --users=john john_sshd\n" " ipa hbacrule-add-service --hbacsvcs=sshd john_sshd\n" "\n" " Create a rule for a new service group. This lets the user john access\n" " the FTP service on any machine from any machine:\n" " ipa hbacsvcgroup-add ftpers\n" " ipa hbacsvc-add sftp\n" " ipa hbacsvcgroup-add-member --hbacsvcs=ftp --hbacsvcs=sftp ftpers\n" " ipa hbacrule-add --hostcat=all john_ftp\n" " ipa hbacrule-add-user --users=john john_ftp\n" " ipa hbacrule-add-service --hbacsvcgroups=ftpers john_ftp\n" "\n" " Disable a named HBAC rule:\n" " ipa hbacrule-disable test1\n" "\n" " Remove a named HBAC rule:\n" " ipa hbacrule-del allow_server\n" msgstr "" msgid "Rule name" msgstr "规则名" msgid "Rule type" msgstr "规则类型" msgid "Rule type (allow)" msgstr "规则类型(允许)" msgid "User category" msgstr "用户类别" msgid "User category the rule applies to" msgstr "规则应用的用户类别" msgid "Host category" msgstr "主机类别" msgid "Host category the rule applies to" msgstr "规则应用的主机类别" msgid "Service category" msgstr "服务类别" msgid "Service category the rule applies to" msgstr "规则应用的服务类别" msgid "Enabled" msgstr "启用" msgid "Users" msgstr "用户" msgid "User Groups" msgstr "用户组" msgid "Hosts" msgstr "主机" msgid "Host Groups" msgstr "主机组" msgid "Services" msgstr "服务" msgid "Service Groups" msgstr "服务组" msgid "External host" msgstr "外部主机" msgid "Create a new HBAC rule." msgstr "创建一个新HBAC规则。" msgid "Suppress processing of membership attributes." msgstr "抑制成员属性的处理。" msgid "Add target hosts and hostgroups to an HBAC rule." msgstr "在一个HBAC规则中添加目标主机和主机组。" msgid "member host" msgstr "成员主机" msgid "hosts to add" msgstr "待添加主机" msgid "member host group" msgstr "成员主机组" msgid "host groups to add" msgstr "待添加主机组" msgid "Members that could not be added" msgstr "不能被添加的成员" msgid "Number of members added" msgstr "已添加的成员数" msgid "Add services to an HBAC rule." msgstr "在HBAC规则中添加服务" msgid "member HBAC service" msgstr "成员HBAC服务" msgid "HBAC services to add" msgstr "待添加的HBAC服务" msgid "member HBAC service group" msgstr "成员HBAC服务组" msgid "HBAC service groups to add" msgstr "待添加的HBAC服务组" msgid "Add users and groups to an HBAC rule." msgstr "在一个HBAC规则中添加用户和用户组。" msgid "member user" msgstr "成员用户" msgid "users to add" msgstr "待添加用户" msgid "member group" msgstr "成员组" msgid "groups to add" msgstr "待添加用户组" msgid "Delete an HBAC rule." msgstr "删除一个HBAC规则。" msgid "Disable an HBAC rule." msgstr "禁用一个HBAC规则。" msgid "Enable an HBAC rule." msgstr "启用一个HBAC规则。" msgid "Search for HBAC rules." msgstr "查找HBAC规则。" msgid "Modify an HBAC rule." msgstr "修改一个HBAC规则。" msgid "Remove target hosts and hostgroups from an HBAC rule." msgstr "从一个HBAC规则中移除目标主机和主机组。" msgid "hosts to remove" msgstr "待移除的主机" msgid "host groups to remove" msgstr "待移除的主机组" msgid "Members that could not be removed" msgstr "不能被移除的成员" msgid "Number of members removed" msgstr "已移除成员数" msgid "Remove service and service groups from an HBAC rule." msgstr "从一个HBAC规则中移除服务和服务组。" msgid "HBAC services to remove" msgstr "待移除的HBAC服务" msgid "HBAC service groups to remove" msgstr "待移除的HBAC服务组" msgid "Remove users and groups from an HBAC rule." msgstr "从一个HBAC规则中移除用户和用户组。" msgid "users to remove" msgstr "待移除的用户" msgid "groups to remove" msgstr "待移除的用户组" msgid "Display the properties of an HBAC rule." msgstr "显示一个HBAC规则的属性。" msgid "" "\n" "HBAC Services\n" "\n" "The PAM services that HBAC can control access to. The name used here\n" "must match the service name that PAM is evaluating.\n" "\n" "EXAMPLES:\n" "\n" " Add a new HBAC service:\n" " ipa hbacsvc-add tftp\n" "\n" " Modify an existing HBAC service:\n" " ipa hbacsvc-mod --desc=\"TFTP service\" tftp\n" "\n" " Search for HBAC services. This example will return two results, the FTP\n" " service and the newly-added tftp service:\n" " ipa hbacsvc-find ftp\n" "\n" " Delete an HBAC service:\n" " ipa hbacsvc-del tftp\n" msgstr "" msgid "Service name" msgstr "服务名" msgid "HBAC service" msgstr "HBAC服务" msgid "HBAC service description" msgstr "HBAC服务描述" msgid "Member of HBAC service groups" msgstr "HBAC服务组成员" msgid "Add a new HBAC service." msgstr "添加一个新的HBAC服务。" msgid "Delete an existing HBAC service." msgstr "删除一个存在的HBAC服务。" msgid "Search for HBAC services." msgstr "查找HBAC服务。" msgid "Results should contain primary key attribute only (\"service\")" msgstr "结果应该只包括主键属性(\"service\")" msgid "Modify an HBAC service." msgstr "修改一个HBAC服务。" msgid "Display information about an HBAC service." msgstr "显示一个HBAC服务信息。" msgid "" "\n" "HBAC Service Groups\n" "\n" "HBAC service groups can contain any number of individual services,\n" "or \"members\". Every group must have a description.\n" "\n" "EXAMPLES:\n" "\n" " Add a new HBAC service group:\n" " ipa hbacsvcgroup-add --desc=\"login services\" login\n" "\n" " Add members to an HBAC service group:\n" " ipa hbacsvcgroup-add-member --hbacsvcs=sshd --hbacsvcs=login login\n" "\n" " Display information about a named group:\n" " ipa hbacsvcgroup-show login\n" "\n" " Delete an HBAC service group:\n" " ipa hbacsvcgroup-del login\n" msgstr "" msgid "Service group name" msgstr "服务组名称" msgid "HBAC service group description" msgstr "HBAC服务组描述" msgid "Member HBAC service" msgstr "成员HBAC服务" msgid "Add a new HBAC service group." msgstr "添加一个新的HBAC服务组。" msgid "Add members to an HBAC service group." msgstr "在一个HBAC服务组中添加成员。" msgid "Delete an HBAC service group." msgstr "删除一个HBAC服务组。" msgid "Search for an HBAC service group." msgstr "查找一个HBAC服务组。" msgid "Modify an HBAC service group." msgstr "修改一个HBAC服务组。" msgid "Remove members from an HBAC service group." msgstr "从一个HBAC服务组中移除成员。" msgid "Display information about an HBAC service group." msgstr "显示一个HBAC服务组信息。" msgid "" "\n" "Hosts/Machines\n" "\n" "A host represents a machine. It can be used in a number of contexts:\n" "- service entries are associated with a host\n" "- a host stores the host/ service principal\n" "- a host can be used in Host-based Access Control (HBAC) rules\n" "- every enrolled client generates a host entry\n" "\n" "ENROLLMENT:\n" "\n" "There are three enrollment scenarios when enrolling a new client:\n" "\n" "1. You are enrolling as a full administrator. The host entry may exist\n" " or not. A full administrator is a member of the hostadmin role\n" " or the admins group.\n" "2. You are enrolling as a limited administrator. The host must already\n" " exist. A limited administrator is a member a role with the\n" " Host Enrollment privilege.\n" "3. The host has been created with a one-time password.\n" "\n" "RE-ENROLLMENT:\n" "\n" "Host that has been enrolled at some point, and lost its configuration (e.g. " "VM\n" "destroyed) can be re-enrolled.\n" "\n" "For more information, consult the manual pages for ipa-client-install.\n" "\n" "A host can optionally store information such as where it is located,\n" "the OS that it runs, etc.\n" "\n" "EXAMPLES:\n" "\n" " Add a new host:\n" " ipa host-add --location=\"3rd floor lab\" --locality=Dallas test.example." "com\n" "\n" " Delete a host:\n" " ipa host-del test.example.com\n" "\n" " Add a new host with a one-time password:\n" " ipa host-add --os='Fedora 12' --password=Secret123 test.example.com\n" "\n" " Add a new host with a random one-time password:\n" " ipa host-add --os='Fedora 12' --random test.example.com\n" "\n" " Modify information about a host:\n" " ipa host-mod --os='Fedora 12' test.example.com\n" "\n" " Remove SSH public keys of a host and update DNS to reflect this change:\n" " ipa host-mod --sshpubkey= --updatedns test.example.com\n" "\n" " Disable the host Kerberos key, SSL certificate and all of its services:\n" " ipa host-disable test.example.com\n" "\n" " Add a host that can manage this host's keytab and certificate:\n" " ipa host-add-managedby --hosts=test2 test\n" "\n" " Allow user to create a keytab:\n" " ipa host-allow-create-keytab test2 --users=tuser1\n" msgstr "" msgid "Host name" msgstr "主机名" msgid "A description of this host" msgstr "该主机的描述" msgid "Locality" msgstr "位置" msgid "Host locality (e.g. \"Baltimore, MD\")" msgstr "主机地点(如\"Baltimore, MD\")" msgid "Host location (e.g. \"Lab 2\")" msgstr "主机位置(如\"Lab 2\")" msgid "Platform" msgstr "平台" msgid "Host hardware platform (e.g. \"Lenovo T61\")" msgstr "主机硬件平台 (e.g. \"Lenovo T61\")" msgid "Operating system" msgstr "操作系统" msgid "Host operating system and version (e.g. \"Fedora 9\")" msgstr "主机操作系统及版本(e.g. \"Fedora 9\")" msgid "User password" msgstr "用户密码" msgid "Password used in bulk enrollment" msgstr "密码用于批量注册" msgid "Generate a random password to be used in bulk enrollment" msgstr "生成一个随机密码用于批量注册" msgid "Random password" msgstr "随机密码" msgid "Certificate" msgstr "证书" msgid "Base-64 encoded server certificate" msgstr "Base-64 编码格式的服务器证书" msgid "Principal name" msgstr "主机名" msgid "MAC address" msgstr "MAC地址" msgid "Hardware MAC address(es) on this host" msgstr "主机硬件MAC地址" msgid "SSH public key" msgstr "SSH公钥" msgid "Class" msgstr "类" msgid "" "Host category (semantics placed on this attribute are for local " "interpretation)" msgstr "主机类别(该属性的语义是就近解读)" msgid "Assigned ID View" msgstr "已分配的ID视图" msgid "Requires pre-authentication" msgstr "需要预认证" msgid "Pre-authentication is required for the service" msgstr "服务需要预认证" msgid "Trusted for delegation" msgstr "允许授权" msgid "Client credentials may be delegated to the service" msgstr "客户端证书可以授权给服务" msgid "Member of host-groups" msgstr "主机组成员" msgid "Roles" msgstr "角色" msgid "Member of netgroups" msgstr "网络组成员" msgid "Member of Sudo rule" msgstr "Sudo规则的成员" msgid "Member of HBAC rule" msgstr "HBAC规则的成员" msgid "Indirect Member of netgroup" msgstr "间接网络组成员" msgid "Indirect Member of host-group" msgstr "间接主机组成员" msgid "Indirect Member of role" msgstr "间接角色成员" msgid "Indirect Member of Sudo rule" msgstr "间接Sudo规则成员" msgid "Indirect Member of HBAC rule" msgstr "间接HBAC规则成员" msgid "Keytab" msgstr "" #, fuzzy #| msgid "Manager" msgid "Managed by" msgstr "管理者" msgid "Managing" msgstr "管理" msgid "Users allowed to retrieve keytab" msgstr "允许检索keytab的用户" msgid "Groups allowed to retrieve keytab" msgstr "允许检索keytab的用户组" msgid "Hosts allowed to retrieve keytab" msgstr "允许检索keytab的主机" msgid "Host Groups allowed to retrieve keytab" msgstr "允许检索keytab的主机组" msgid "Users allowed to create keytab" msgstr "允许创建keytab的用户" msgid "Groups allowed to create keytab" msgstr "允许创建keytab的用户组" msgid "Hosts allowed to create keytab" msgstr "允许创建keytab的主机" msgid "Host Groups allowed to create keytab" msgstr "允许创建keytab的主机组" msgid "Add a new host." msgstr "添加一个新主机。" #, fuzzy #| msgid "force principal name even if not in DNS" msgid "force host name even if not in DNS" msgstr "即使主体名在DNS中不存在,也强制添加它" msgid "skip reverse DNS detection" msgstr "忽略反向DNS检测" msgid "Add the host to DNS with this IP address" msgstr "用该IP地址将主机添加到DNS中" msgid "Add hosts that can manage this host." msgstr "添加可以管理该主机的主机。" msgid "" "Allow users, groups, hosts or host groups to create a keytab of this host." msgstr "允许用户,用户组,主机或主机组来创建该主机的keytab。" msgid "" "Allow users, groups, hosts or host groups to retrieve a keytab of this host." msgstr "允许用户,用户组,主机或主机组来检索该主机的keytab。" msgid "Delete a host." msgstr "删除一个主机。" msgid "Remove entries from DNS" msgstr "从DNS中移除条目" msgid "Disable the Kerberos key, SSL certificate and all services of a host." msgstr "禁用该主机的Kerberos密钥,SSL证书和所有的服务。" msgid "" "Disallow users, groups, hosts or host groups to create a keytab of this host." msgstr "不允许用户,用户组,主机或主机组来创建该主机的keytab。" msgid "" "Disallow users, groups, hosts or host groups to retrieve a keytab of this " "host." msgstr "不允许用户,用户组,主机或主机组来检索该主机的keytab。" msgid "Search for hosts." msgstr "查找主机。" msgid "Results should contain primary key attribute only (\"hostname\")" msgstr "结果应该只包括主键属性(\"hostname\")" msgid "host group" msgstr "主机组" msgid "Search for hosts with these member of host groups." msgstr "查找包含这些主机组成员的主机。" msgid "Search for hosts without these member of host groups." msgstr "查找不包含这些主机组成员的主机。" msgid "netgroup" msgstr "网络组" msgid "Search for hosts with these member of netgroups." msgstr "查找包含这些网络组成员的主机。" msgid "Search for hosts without these member of netgroups." msgstr "查找不包含这些网络组成员的主机。" msgid "role" msgstr "角色" msgid "Search for hosts with these member of roles." msgstr "查找包含这些角色成员的主机。" msgid "Search for hosts without these member of roles." msgstr "查找不包含这些角色成员的主机。" msgid "HBAC rule" msgstr "HBAC规则" msgid "Search for hosts with these member of HBAC rules." msgstr "查找包含这些HBAC规则成员的主机。" msgid "Search for hosts without these member of HBAC rules." msgstr "查找不包含这些HBAC规则成员的主机。" msgid "sudo rule" msgstr "sudo规则" msgid "Search for hosts with these member of sudo rules." msgstr "查找包含这些sudo规则成员的主机。" msgid "Search for hosts without these member of sudo rules." msgstr "查找不包含这些sudo规则成员的主机。" msgid "user" msgstr "用户" msgid "Search for hosts with these enrolled by users." msgstr "查找包含用户注册的主机。" msgid "Search for hosts without these enrolled by users." msgstr "查找不包含用户注册的主机。" msgid "host" msgstr "主机" msgid "Search for hosts with these managed by hosts." msgstr "查找由该主机管理的主机。" msgid "Search for hosts without these managed by hosts." msgstr "查找不由该主机管理的主机。" msgid "Search for hosts with these managing hosts." msgstr "查找管理该主机的主机。" msgid "Search for hosts without these managing hosts." msgstr "查找不管理该主机的主机。" msgid "Modify information about a host." msgstr "修改主机信息" msgid "Kerberos principal name for this host" msgstr "该主机的Kerberos主体名" msgid "Update DNS entries" msgstr "更新DNS条目" msgid "Remove hosts that can manage this host." msgstr "移除可以管理该主机的主机。" msgid "Display information about a host." msgstr "显示一个主机信息。" msgid "file to store certificate in" msgstr "存储证书文件" msgid "" "\n" "Groups of hosts.\n" "\n" "Manage groups of hosts. This is useful for applying access control to a\n" "number of hosts by using Host-based Access Control.\n" "\n" "EXAMPLES:\n" "\n" " Add a new host group:\n" " ipa hostgroup-add --desc=\"Baltimore hosts\" baltimore\n" "\n" " Add another new host group:\n" " ipa hostgroup-add --desc=\"Maryland hosts\" maryland\n" "\n" " Add members to the hostgroup (using Bash brace expansion):\n" " ipa hostgroup-add-member --hosts={box1,box2,box3} baltimore\n" "\n" " Add a hostgroup as a member of another hostgroup:\n" " ipa hostgroup-add-member --hostgroups=baltimore maryland\n" "\n" " Remove a host from the hostgroup:\n" " ipa hostgroup-remove-member --hosts=box2 baltimore\n" "\n" " Display a host group:\n" " ipa hostgroup-show baltimore\n" "\n" " Delete a hostgroup:\n" " ipa hostgroup-del baltimore\n" msgstr "" msgid "Host-group" msgstr "主机组" msgid "Name of host-group" msgstr "主机组名称" msgid "A description of this host-group" msgstr "该主机组的描述" msgid "Member hosts" msgstr "成员主机" msgid "Member host-groups" msgstr "主机组成员" msgid "Indirect Member hosts" msgstr "间接成员主机" msgid "Indirect Member host-groups" msgstr "间接成员主机组" msgid "Add a new hostgroup." msgstr "添加一个新的主机组。" msgid "Add members to a hostgroup." msgstr "向一个主机组添加成员。" msgid "Delete a hostgroup." msgstr "删除一个主机组。" msgid "Search for hostgroups." msgstr "查找主机组。" msgid "Results should contain primary key attribute only (\"hostgroup-name\")" msgstr "结果应该只包括主键属性(\"hostgroup-name\")" msgid "Search for host groups with these member hosts." msgstr "查找包含这些成员主机的主机组。" msgid "Search for host groups without these member hosts." msgstr "查找不包含这些成员主机的主机组。" msgid "Search for host groups with these member host groups." msgstr "查找包含这些成员主机组的主机组。" msgid "Search for host groups without these member host groups." msgstr "查找不包含这些成员主机组的主机组。" msgid "Search for host groups with these member of host groups." msgstr "查找包含这些主机组成员的主机组。" msgid "Search for host groups without these member of host groups." msgstr "查找不包含这些主机组成员的主机组。" msgid "Search for host groups with these member of netgroups." msgstr "查找包含这些网络组成员的主机组。" msgid "Search for host groups without these member of netgroups." msgstr "查找不包含这些网络组成员的主机组。" msgid "Search for host groups with these member of HBAC rules." msgstr "查找包含这些HBAC规则成员的主机组。" msgid "Search for host groups without these member of HBAC rules." msgstr "查找不包含这些HBAC规则成员的主机组。" msgid "Search for host groups with these member of sudo rules." msgstr "查找包含这些sudo规则成员的主机组。" msgid "Search for host groups without these member of sudo rules." msgstr "查找不包含这些sudo规则成员的主机组。" msgid "Modify a hostgroup." msgstr "修改一个主机组。" msgid "Remove members from a hostgroup." msgstr "从一个主机组中移除成员。" msgid "Display information about a hostgroup." msgstr "显示一个主机组信息。" msgid "" "\n" "ID Views\n" "\n" "Manage ID Views\n" "\n" "IPA allows to override certain properties of users and groups per each " "host.\n" "This functionality is primarily used to allow migration from older systems " "or\n" "other Identity Management solutions.\n" msgstr "" #, fuzzy #| msgid "User to override" msgid "Anchor to override" msgstr "待覆盖用户" msgid "Group name" msgstr "组名" msgid "GID" msgstr "GID" msgid "Group ID Number" msgstr "组ID号码" msgid "User login" msgstr "用户登录名" msgid "UID" msgstr "UID" msgid "User ID Number" msgstr "用户ID号码" #, fuzzy #| msgid "GECOS field" msgid "GECOS" msgstr "GECOS字段" msgid "Home directory" msgstr "主目录" msgid "Login shell" msgstr "登录shell" msgid "ID View Name" msgstr "ID视图名称" msgid "Add a new Group ID override." msgstr "添加一个新的组ID覆盖。" msgid "Delete an Group ID override." msgstr "删除一个组ID覆盖。" msgid "Search for an Group ID override." msgstr "查找一个组ID覆盖。" msgid "Results should contain primary key attribute only (\"anchor\")" msgstr "结果应该只包括主键属性(\"anchor\")" msgid "Modify an Group ID override." msgstr "修改一个组ID覆盖。" msgid "Rename the Group ID override object" msgstr "重命名组ID覆盖对象" msgid "Display information about an Group ID override." msgstr "显示一个组ID覆盖信息。" msgid "Add a new User ID override." msgstr "添加一个新的用户ID覆盖。" msgid "Delete an User ID override." msgstr "删除一个用户ID覆盖。" msgid "Search for an User ID override." msgstr "查找一个用户ID覆盖。" msgid "Modify an User ID override." msgstr "修改一个用户ID覆盖。" msgid "Rename the User ID override object" msgstr "重命名用户ID覆盖对象" msgid "Display information about an User ID override." msgstr "显示一个用户ID覆盖信息。" msgid "Add a new ID View." msgstr "添加一个新的ID视图。" msgid "" "Applies ID View to specified hosts or current members of specified " "hostgroups. If any other ID View is applied to the host, it is overriden." msgstr "" "应用ID视图到指定的主机或指定主机组的当前成员。如果该主机已有其他ID视图,则覆" "盖它。" msgid "hosts" msgstr "主机" msgid "Hosts to apply the ID View to" msgstr "主机应用ID视图" msgid "hostgroups" msgstr "主机组" msgid "" "Hostgroups to whose hosts apply the ID View to. Please note that view is not " "applied automatically to any hosts added to the hostgroup after running the " "idview-apply command." msgstr "" "主机组的主机应用ID视图。请注意运行命令idview-apply后,视图并不会自动应用到主" "机组中的主机中去。" msgid "Hosts that this ID View was applied to." msgstr "应用过该ID视图的主机。" msgid "Hosts or hostgroups that this ID View could not be applied to." msgstr "不能应用该ID视图的主机或主机组。" msgid "Number of hosts the ID View was applied to:" msgstr "应用过该ID视图的主机数量:" msgid "Delete an ID View." msgstr "删除一个ID视图。" msgid "Search for an ID View." msgstr "查找一个ID视图。" msgid "Modify an ID View." msgstr "修改一个ID视图。" msgid "Rename the ID View object" msgstr "重命名ID视图对象" msgid "Display information about an ID View." msgstr "显示一个ID视图信息。" msgid "Enumerate all the hosts the view applies to." msgstr "列举应用视图的所有主机。" msgid "" "Clears ID View from specified hosts or current members of specified " "hostgroups." msgstr "从指定主机或指定主机组的当前成员中清除ID视图。" #, fuzzy #| msgid "Hosts to apply the ID View to" msgid "Hosts to clear (any) ID View from." msgstr "主机应用ID视图" #, fuzzy #| msgid "" #| "Hostgroups to whose hosts apply the ID View to. Please note that view is " #| "not applied automatically to any hosts added to the hostgroup after " #| "running the idview-apply command." msgid "" "Hostgroups whose hosts should have ID Views cleared. Note that view is not " "cleared automatically from any host added to the hostgroup after running " "idview-unapply command." msgstr "" "主机组的主机应用ID视图。请注意运行命令idview-apply后,视图并不会自动应用到主" "机组中的主机中去。" #, fuzzy #| msgid "Hosts that this ID View was applied to." msgid "Hosts that ID View was cleared from." msgstr "应用过该ID视图的主机。" msgid "Hosts or hostgroups that ID View could not be cleared from." msgstr "ID视图不能被清除的主机或主机组。" msgid "Number of hosts that had a ID View was unset:" msgstr "有ID视图未被设置的主机数量:" msgid "" "\n" "Plugins not accessible directly through the CLI, commands used internally\n" msgstr "" "\n" "通过CLI不能直接访问插件,需要使用内部命令\n" msgid "Dict of I18N messages" msgstr "国际化消息字典" msgid "Export plugin meta-data for the webUI." msgstr "webUI中导出插件元数据。" msgid "Name of object to export" msgstr "导出对象的名称" msgid "Name of method to export" msgstr "导出方法的名称" msgid "Name of command to export" msgstr "导出命令的名称" msgid "Dict of JSON encoded IPA Objects" msgstr "JSON编码IPA对象字典" msgid "Dict of JSON encoded IPA Methods" msgstr "JSON编码IPA方法字典" msgid "Dict of JSON encoded IPA Commands" msgstr "JSON编码IPA命令字典" msgid "" "\n" "Joining an IPA domain\n" msgstr "" "\n" "加入一个IPA域\n" msgid "Join an IPA domain" msgstr "加入一个IPA域" #, fuzzy #| msgid "The hostname must not be: %s\n" msgid "The hostname to register as" msgstr "主机名必须不能是:%s\n" msgid "The IPA realm" msgstr "IPA域" msgid "Hardware platform of the host (e.g. Lenovo T61)" msgstr "主机硬件平台(例如:联想T61)" msgid "Operating System and version of the host (e.g. Fedora 9)" msgstr "主机操作系统版本(例如:Fedora 9)" msgid "" "\n" "Kerberos ticket policy\n" "\n" "There is a single Kerberos ticket policy. This policy defines the\n" "maximum ticket lifetime and the maximum renewal age, the period during\n" "which the ticket is renewable.\n" "\n" "You can also create a per-user ticket policy by specifying the user login.\n" "\n" "For changes to the global policy to take effect, restarting the KDC service\n" "is required, which can be achieved using:\n" "\n" "service krb5kdc restart\n" "\n" "Changes to per-user policies take effect immediately for newly requested\n" "tickets (e.g. when the user next runs kinit).\n" "\n" "EXAMPLES:\n" "\n" " Display the current Kerberos ticket policy:\n" " ipa krbtpolicy-show\n" "\n" " Reset the policy to the default:\n" " ipa krbtpolicy-reset\n" "\n" " Modify the policy to 8 hours max life, 1-day max renewal:\n" " ipa krbtpolicy-mod --maxlife=28800 --maxrenew=86400\n" "\n" " Display effective Kerberos ticket policy for user 'admin':\n" " ipa krbtpolicy-show admin\n" "\n" " Reset per-user policy for user 'admin':\n" " ipa krbtpolicy-reset admin\n" "\n" " Modify per-user policy for user 'admin':\n" " ipa krbtpolicy-mod admin --maxlife=3600\n" msgstr "" msgid "User name" msgstr "用户名" msgid "Manage ticket policy for specific user" msgstr "管理指定用户的票据策略" msgid "Max life" msgstr "最长存活期" msgid "Maximum ticket life (seconds)" msgstr "票据最长存活期(秒)" msgid "Max renew" msgstr "" #, fuzzy #| msgid "Maximum ticket life (seconds)" msgid "Maximum renewable age (seconds)" msgstr "票据最长存活期(秒)" msgid "Modify Kerberos ticket policy." msgstr "修改Kerberos票据策略。" msgid "Reset Kerberos ticket policy to the default values." msgstr "重置Kerberos票据策略为默认值。" msgid "Display the current Kerberos ticket policy." msgstr "显示当前Kerberos票据策略。" msgid "" "\n" "Migration to IPA\n" "\n" "Migrate users and groups from an LDAP server to IPA.\n" "\n" "This performs an LDAP query against the remote server searching for\n" "users and groups in a container. In order to migrate passwords you need\n" "to bind as a user that can read the userPassword attribute on the remote\n" "server. This is generally restricted to high-level admins such as\n" "cn=Directory Manager in 389-ds (this is the default bind user).\n" "\n" "The default user container is ou=People.\n" "\n" "The default group container is ou=Groups.\n" "\n" "Users and groups that already exist on the IPA server are skipped.\n" "\n" "Two LDAP schemas define how group members are stored: RFC2307 and\n" "RFC2307bis. RFC2307bis uses member and uniquemember to specify group\n" "members, RFC2307 uses memberUid. The default schema is RFC2307bis.\n" "\n" "The schema compat feature allows IPA to reformat data for systems that\n" "do not support RFC2307bis. It is recommended that this feature is disabled\n" "during migration to reduce system overhead. It can be re-enabled after\n" "migration. To migrate with it enabled use the \"--with-compat\" option.\n" "\n" "Migrated users do not have Kerberos credentials, they have only their\n" "LDAP password. To complete the migration process, users need to go\n" "to http://ipa.example.com/ipa/migration and authenticate using their\n" "LDAP password in order to generate their Kerberos credentials.\n" "\n" "Migration is disabled by default. Use the command ipa config-mod to\n" "enable it:\n" "\n" " ipa config-mod --enable-migration=TRUE\n" "\n" "If a base DN is not provided with --basedn then IPA will use either\n" "the value of defaultNamingContext if it is set or the first value\n" "in namingContexts set in the root of the remote LDAP server.\n" "\n" "Users are added as members to the default user group. This can be a\n" "time-intensive task so during migration this is done in a batch\n" "mode for every 100 users. As a result there will be a window in which\n" "users will be added to IPA but will not be members of the default\n" "user group.\n" "\n" "EXAMPLES:\n" "\n" " The simplest migration, accepting all defaults:\n" " ipa migrate-ds ldap://ds.example.com:389\n" "\n" " Specify the user and group container. This can be used to migrate user\n" " and group data from an IPA v1 server:\n" " ipa migrate-ds --user-container='cn=users,cn=accounts' --group-" "container='cn=groups,cn=accounts' ldap://ds.example.com:389\n" "\n" " Since IPA v2 server already contain predefined groups that may collide " "with\n" " groups in migrated (IPA v1) server (for example admins, ipausers), users\n" " having colliding group as their primary group may happen to belong to\n" " an unknown group on new IPA v2 server.\n" " Use --group-overwrite-gid option to overwrite GID of already existing " "groups\n" " to prevent this issue:\n" " ipa migrate-ds --group-overwrite-gid --user-container='cn=users," "cn=accounts' --group-container='cn=groups,cn=accounts' " "ldap://ds.example.com:389\n" "\n" " Migrated users or groups may have object class and accompanied attributes\n" " unknown to the IPA v2 server. These object classes and attributes may be\n" " left out of the migration process:\n" " ipa migrate-ds --user-container='cn=users,cn=accounts' --group-" "container='cn=groups,cn=accounts' --user-ignore-" "objectclass=radiusprofile --user-ignore-" "attribute=radiusgroupname ldap://ds.example.com:389\n" "\n" "LOGGING\n" "\n" "Migration will log warnings and errors to the Apache error log. This\n" "file should be evaluated post-migration to correct or investigate any\n" "issues that were discovered.\n" "\n" "For every 100 users migrated an info-level message will be displayed to\n" "give the current progress and duration to make it possible to track\n" "the progress of migration.\n" "\n" "If the log level is debug, either by setting debug = True in\n" "/etc/ipa/default.conf or /etc/ipa/server.conf, then an entry will be " "printed\n" "for each user added plus a summary when the default user group is\n" "updated.\n" msgstr "" msgid "Migrate users and groups from DS to IPA." msgstr "将DS中的用户和用户组移植到IPA。" msgid "LDAP URI" msgstr "LDAP URI" msgid "LDAP URI of DS server to migrate from" msgstr "" msgid "bind password" msgstr "绑定密码" msgid "Bind DN" msgstr "绑定DN" msgid "User container" msgstr "用户容器" msgid "DN of container for users in DS relative to base DN" msgstr "在DS中与基类DN相关的用户容器DN" msgid "Group container" msgstr "组容器" msgid "DN of container for groups in DS relative to base DN" msgstr "在DS中与基类DN相关的用户组容器DN" msgid "User object class" msgstr "用户对象类" msgid "Objectclasses used to search for user entries in DS" msgstr "在DS中用于查找用户条目的对象类" msgid "Group object class" msgstr "组对象类" msgid "Objectclasses used to search for group entries in DS" msgstr "在DS中用户查找用户组条目的对象类" msgid "Ignore user object class" msgstr "忽略用户对象类" msgid "Objectclasses to be ignored for user entries in DS" msgstr "在DS中被用户条目所忽略的对象类" msgid "Ignore user attribute" msgstr "忽略用户属性" msgid "Attributes to be ignored for user entries in DS" msgstr "在DS中被用户条目所忽略的属性" msgid "Ignore group object class" msgstr "忽略组对象类" msgid "Objectclasses to be ignored for group entries in DS" msgstr "在DS中被用户组条目所忽略的对象类" msgid "Ignore group attribute" msgstr "忽略组属性" msgid "Attributes to be ignored for group entries in DS" msgstr "在DS中被用户组条目所忽略的属性" msgid "Overwrite GID" msgstr "覆盖GID" msgid "" "When migrating a group already existing in IPA domain overwrite the group " "GID and report as success" msgstr "当移植一个在IPA域中已存在的组时覆盖组GID并报告成功" msgid "LDAP schema" msgstr "LDAP模式" msgid "" "The schema used on the LDAP server. Supported values are RFC2307 and " "RFC2307bis. The default is RFC2307bis" msgstr "" "用在LDAP服务器上的模式。支持值是RFC2307和RFC2307bis。默认值时RFC2307bis" msgid "Continue" msgstr "连续" msgid "" "Continuous operation mode. Errors are reported but the process continues" msgstr "连续操作模式。报告错误但这个过程仍在继续" msgid "Base DN" msgstr "基DN" msgid "Base DN on remote LDAP server" msgstr "远程LDAP服务器上的基DN" msgid "Ignore compat plugin" msgstr "忽略兼容插件" msgid "Allows migration despite the usage of compat plugin" msgstr "即使使用兼容插件也允许迁移" msgid "CA certificate" msgstr "CA证书" msgid "Load CA certificate of LDAP server from FILE" msgstr "从文件加载LDAP服务器的CA证书" #, fuzzy #| msgid "%s to exclude from migration" msgid "groups to exclude from migration" msgstr "不移植%s" #, fuzzy #| msgid "%s to exclude from migration" msgid "users to exclude from migration" msgstr "不移植%s" msgid "Lists of objects migrated; categorized by type." msgstr "对象移植列表;按类型分类。" msgid "Lists of objects that could not be migrated; categorized by type." msgstr "不能移植的对象列表;按类型分类。" msgid "False if migration mode was disabled." msgstr "如果移植模式是禁用的,则错误" msgid "False if migration fails because the compatibility plug-in is enabled." msgstr "如果移植失败是因为启用了兼容插件,则错误" msgid "" "\n" "Misc plug-ins\n" msgstr "" "\n" "Misc插件\n" msgid "Show environment variables." msgstr "显示环境变量。" msgid "Forward to server instead of running locally" msgstr "转发到服务器而不是在本地运行" msgid "" "retrieve and print all attributes from the server. Affects command output." msgstr "从服务器检索和打印所有属性。影响命令输出。" msgid "Total number of variables env (>= count)" msgstr "env变量总数(>= count)" msgid "Number of variables returned (<= total)" msgstr "返回变量数(<= total)" msgid "Show all loaded plugins." msgstr "显示所有加载的插件。" msgid "Dictionary mapping plugin names to bases" msgstr "" msgid "Number of plugins loaded" msgstr "已加载插件数" msgid "" "\n" "Netgroups\n" "\n" "A netgroup is a group used for permission checking. It can contain both\n" "user and host values.\n" "\n" "EXAMPLES:\n" "\n" " Add a new netgroup:\n" " ipa netgroup-add --desc=\"NFS admins\" admins\n" "\n" " Add members to the netgroup:\n" " ipa netgroup-add-member --users=tuser1 --users=tuser2 admins\n" "\n" " Remove a member from the netgroup:\n" " ipa netgroup-remove-member --users=tuser2 admins\n" "\n" " Display information about a netgroup:\n" " ipa netgroup-show admins\n" "\n" " Delete a netgroup:\n" " ipa netgroup-del admins\n" msgstr "" msgid "Netgroup name" msgstr "网络组名称" msgid "Netgroup description" msgstr "网络组描述" msgid "NIS domain name" msgstr "NIS域名" msgid "IPA unique ID" msgstr "IPA唯一ID" msgid "Member netgroups" msgstr "成员网络组" msgid "Indirect Member netgroups" msgstr "间接成员网络组" msgid "Member User" msgstr "成员用户" msgid "Member Group" msgstr "成员组" msgid "Member Host" msgstr "成员主机" msgid "Member Hostgroup" msgstr "成员主机组" msgid "Add a new netgroup." msgstr "添加一个新的网络组。" msgid "Add members to a netgroup." msgstr "向一个网络组添加成员。" msgid "member netgroup" msgstr "成员网络组" msgid "netgroups to add" msgstr "待添加的网络组" msgid "Delete a netgroup." msgstr "删除一个网络组。" msgid "Search for a netgroup." msgstr "查找一个网络组。" msgid "search for managed groups" msgstr "查找管理组" msgid "Search for netgroups with these member netgroups." msgstr "查找包含这些成员网络组的网络组。" msgid "Search for netgroups without these member netgroups." msgstr "查找不包含这些成员网络组的网络组。" msgid "Search for netgroups with these member users." msgstr "查找包含这些成员用户的网络组。" msgid "Search for netgroups without these member users." msgstr "查找不包含这些成员用户的网络组。" msgid "group" msgstr "组" msgid "Search for netgroups with these member groups." msgstr "查找包含这些成员用户组的网络组。" msgid "Search for netgroups without these member groups." msgstr "查找不包含这些成员用户组的网络组。" msgid "Search for netgroups with these member hosts." msgstr "查找包含这些成员主机的网络组。" msgid "Search for netgroups without these member hosts." msgstr "查找不包含这些成员主机的网络组。" msgid "Search for netgroups with these member host groups." msgstr "查找包含这些成员主机组的网络组。" msgid "Search for netgroups without these member host groups." msgstr "查找不包含这些成员主机组的网络组。" msgid "Search for netgroups with these member of netgroups." msgstr "查找包含这些网络组成员的网络组。" msgid "Search for netgroups without these member of netgroups." msgstr "查找不包含这些网络组成员的网络组。" msgid "Modify a netgroup." msgstr "修改一个网络组。" msgid "Remove members from a netgroup." msgstr "从一个网络组中移除成员。" msgid "netgroups to remove" msgstr "待移除的网络组" msgid "Display information about a netgroup." msgstr "显示一个网络组信息。" msgid "" "\n" "OTP configuration\n" "\n" "Manage the default values that IPA uses for OTP tokens.\n" "\n" "EXAMPLES:\n" "\n" " Show basic OTP configuration:\n" " ipa otpconfig-show\n" "\n" " Show all OTP configuration options:\n" " ipa otpconfig-show --all\n" "\n" " Change maximum TOTP authentication window to 10 minutes:\n" " ipa otpconfig-mod --totp-auth-window=600\n" "\n" " Change maximum TOTP synchronization window to 12 hours:\n" " ipa otpconfig-mod --totp-sync-window=43200\n" "\n" " Change maximum HOTP authentication window to 5:\n" " ipa hotpconfig-mod --hotp-auth-window=5\n" "\n" " Change maximum HOTP synchronization window to 50:\n" " ipa hotpconfig-mod --hotp-sync-window=50\n" msgstr "" msgid "TOTP authentication Window" msgstr "TOTP认证窗口" msgid "TOTP authentication time variance (seconds)" msgstr "TOTP认证时间差异(秒)" msgid "TOTP Synchronization Window" msgstr "TOTP同步窗口" msgid "TOTP synchronization time variance (seconds)" msgstr "TOTP同步时间差异(秒)" msgid "HOTP Authentication Window" msgstr "HOTP认证窗口" #, fuzzy #| msgid "TOTP authentication Window" msgid "HOTP authentication skip-ahead" msgstr "TOTP认证窗口" msgid "HOTP Synchronization Window" msgstr "HOTP同步窗口" #, fuzzy #| msgid "HOTP Synchronization Window" msgid "HOTP synchronization skip-ahead" msgstr "HOTP同步窗口" msgid "Modify OTP configuration options." msgstr "修改OTP配置选项。" msgid "Show the current OTP configuration." msgstr "显示当前OTP配置。" msgid "" "\n" "OTP Tokens\n" "\n" "Manage OTP tokens.\n" "\n" "IPA supports the use of OTP tokens for multi-factor authentication. This\n" "code enables the management of OTP tokens.\n" "\n" "EXAMPLES:\n" "\n" " Add a new token:\n" " ipa otptoken-add --type=totp --owner=jdoe --desc=\"My soft token\"\n" "\n" " Examine the token:\n" " ipa otptoken-show a93db710-a31a-4639-8647-f15b2c70b78a\n" "\n" " Change the vendor:\n" " ipa otptoken-mod a93db710-a31a-4639-8647-f15b2c70b78a --vendor=\"Red Hat" "\"\n" "\n" " Delete a token:\n" " ipa otptoken-del a93db710-a31a-4639-8647-f15b2c70b78a\n" msgstr "" msgid "Unique ID" msgstr "唯一ID" msgid "Type of the token" msgstr "令牌类型" msgid "Token description (informational only)" msgstr "令牌描述(只是信息)" msgid "Owner" msgstr "所有者" msgid "Assigned user of the token (default: self)" msgstr "分配用户令牌(默认:自己)" msgid "Manager" msgstr "管理者" msgid "Assigned manager of the token (default: self)" msgstr "分配管理者令牌(默认:自己)" msgid "Disabled" msgstr "禁用" msgid "Mark the token as disabled (default: false)" msgstr "令牌标记为禁用(默认:错误的)" msgid "Validity start" msgstr "有效期开始于" msgid "First date/time the token can be used" msgstr "令牌被第一次使用" msgid "Validity end" msgstr "有效期结束于" msgid "Last date/time the token can be used" msgstr "令牌被最后一次使用" msgid "Vendor" msgstr "供应商" msgid "Token vendor name (informational only)" msgstr "令牌供应商名称(只是信息)" msgid "Model" msgstr "模式" msgid "Token model (informational only)" msgstr "令牌模式(只是信息)" msgid "Serial" msgstr "序列号" msgid "Token serial (informational only)" msgstr "令牌序列号(只是信息)" msgid "Token secret (Base32; default: random)" msgstr "令牌密码(Base32;默认:随机)" msgid "Token hash algorithm" msgstr "令牌散列算法" msgid "Digits" msgstr "数字" msgid "Number of digits each token code will have" msgstr "每个令牌码拥有的数字个数" msgid "Clock offset" msgstr "时钟偏移量" msgid "TOTP token / FreeIPA server time difference" msgstr "TOTP令牌/FreeIPA服务器时差" msgid "Clock interval" msgstr "时间间隔" msgid "Length of TOTP token code validity" msgstr "TOTP令牌码有效长度" msgid "Counter" msgstr "计数器" msgid "Initial counter for the HOTP token" msgstr "HOTP令牌初始计数器" msgid "Add a new OTP token." msgstr "添加一个新的OTP令牌。" msgid "(deprecated)" msgstr "(弃用)" msgid "Do not display QR code" msgstr "不显示二维码" msgid "Add users that can manage this token." msgstr "添加可以管理该令牌的用户" msgid "Delete an OTP token." msgstr "删除一个OTP令牌。" msgid "Search for OTP token." msgstr "查找OTP令牌。" msgid "Results should contain primary key attribute only (\"id\")" msgstr "结果应该只包括主键属性(\"id\")" msgid "Modify a OTP token." msgstr "修改一个OTP令牌。" msgid "Rename the OTP token object" msgstr "重命名OTP令牌对象" msgid "Display information about an OTP token." msgstr "显示一个OTP令牌信息。" #, fuzzy #| msgid "" #| "\n" #| "This code is an extension to the otptoken plugin and provides support " #| "for\n" #| "reading/writing YubiKey tokens directly.\n" msgid "" "\n" "YubiKey Tokens\n" "\n" "Manage YubiKey tokens.\n" "\n" "This code is an extension to the otptoken plugin and provides support for\n" "reading/writing YubiKey tokens directly.\n" "\n" "EXAMPLES:\n" "\n" " Add a new token:\n" " ipa otptoken-add-yubikey --owner=jdoe --desc=\"My YubiKey\"\n" msgstr "" "\n" "这段代码是otp令牌插件的一个扩展,并对读/写YubiKey令牌提供直接的支持。\n" msgid "" "\n" "Set a user's password\n" "\n" "If someone other than a user changes that user's password (e.g., Helpdesk\n" "resets it) then the password will need to be changed the first time it\n" "is used. This is so the end-user is the only one who knows the password.\n" "\n" "The IPA password policy controls how often a password may be changed,\n" "what strength requirements exist, and the length of the password history.\n" "\n" "EXAMPLES:\n" "\n" " To reset your own password:\n" " ipa passwd\n" "\n" " To change another user's password:\n" " ipa passwd tuser1\n" msgstr "" msgid "Set a user's password." msgstr "设置一个用户的密码。" msgid "New Password" msgstr "新密码" msgid "Current Password" msgstr "当前密码" msgid "OTP" msgstr "OTP" msgid "One Time Password" msgstr "一次性密码" msgid "" "\n" "Permissions\n" "\n" "A permission enables fine-grained delegation of rights. A permission is\n" "a human-readable wrapper around a 389-ds Access Control Rule,\n" "or instruction (ACI).\n" "A permission grants the right to perform a specific task such as adding a\n" "user, modifying a group, etc.\n" "\n" "A permission may not contain other permissions.\n" "\n" "* A permission grants access to read, write, add, delete, read, search,\n" " or compare.\n" "* A privilege combines similar permissions (for example all the permissions\n" " needed to add a user).\n" "* A role grants a set of privileges to users, groups, hosts or hostgroups.\n" "\n" "A permission is made up of a number of different parts:\n" "\n" "1. The name of the permission.\n" "2. The target of the permission.\n" "3. The rights granted by the permission.\n" "\n" "Rights define what operations are allowed, and may be one or more\n" "of the following:\n" "1. write - write one or more attributes\n" "2. read - read one or more attributes\n" "3. search - search on one or more attributes\n" "4. compare - compare one or more attributes\n" "5. add - add a new entry to the tree\n" "6. delete - delete an existing entry\n" "7. all - all permissions are granted\n" "\n" "Note the distinction between attributes and entries. The permissions are\n" "independent, so being able to add a user does not mean that the user will\n" "be editable.\n" "\n" "There are a number of allowed targets:\n" "1. subtree: a DN; the permission applies to the subtree under this DN\n" "2. target filter: an LDAP filter\n" "3. target: DN with possible wildcards, specifies entries permission applies " "to\n" "\n" "Additionally, there are the following convenience options.\n" "Setting one of these options will set the corresponding attribute(s).\n" "1. type: a type of object (user, group, etc); sets subtree and target " "filter.\n" "2. memberof: apply to members of a group; sets target filter\n" "3. targetgroup: grant access to modify a specific group (such as granting\n" " the rights to manage group membership); sets target.\n" "\n" "Managed permissions\n" "\n" "Permissions that come with IPA by default can be so-called \"managed\"\n" "permissions. These have a default set of attributes they apply to,\n" "but the administrator can add/remove individual attributes to/from the set.\n" "\n" "Deleting or renaming a managed permission, as well as changing its target,\n" "is not allowed.\n" "\n" "EXAMPLES:\n" "\n" " Add a permission that grants the creation of users:\n" " ipa permission-add --type=user --permissions=add \"Add Users\"\n" "\n" " Add a permission that grants the ability to manage group membership:\n" " ipa permission-add --attrs=member --permissions=write --type=group " "\"Manage Group Members\"\n" msgstr "" msgid "Permission name" msgstr "权限名称" msgid "Granted rights" msgstr "授予权限" msgid "Rights to grant (read, search, compare, write, add, delete, all)" msgstr "授予权限(读,查找,比较,写,添加,删除,全部)" msgid "Effective attributes" msgstr "有效属性" msgid "All attributes to which the permission applies" msgstr "权限可以应用所有属性" msgid "Included attributes" msgstr "包含的属性" msgid "User-specified attributes to which the permission applies" msgstr "权限可以应用用户指定属性" msgid "Excluded attributes" msgstr "排除的属性" msgid "" "User-specified attributes to which the permission explicitly does not apply" msgstr "权限明确不能应用到用户指定的属性" msgid "Default attributes" msgstr "默认属性" msgid "Attributes to which the permission applies by default" msgstr "权限默认应用的属性" msgid "Bind rule type" msgstr "绑定规则类型" #, fuzzy #| msgid "User group to apply permissions to" msgid "Subtree to apply permissions to" msgstr "待应用权限的用户组" msgid "Extra target filter" msgstr "额外的目标过滤器" msgid "Raw target filter" msgstr "原始的目标过滤器" msgid "All target filters, including those implied by type and memberof" msgstr "" msgid "Target DN" msgstr "目标DN" msgid "" "Optional DN to apply the permission to (must be in the subtree, but may not " "yet exist)" msgstr "" msgid "Member of group" msgstr "组成员" msgid "Target members of a group (sets memberOf targetfilter)" msgstr "组目标成员(设置隶属于目标过滤器)" #, fuzzy #| msgid "User group to apply permissions to" msgid "User group to apply permissions to (sets target)" msgstr "待应用权限的用户组" msgid "Type of IPA object (sets subtree and objectClass targetfilter)" msgstr "IPA目标类型(设置子树和对象类目标过滤器)" msgid "Deprecated; use extratargetfilter" msgstr "过时的;使用额外的目标过滤器" #, fuzzy #| msgid "Deprecated; use extratargetfilter" msgid "Deprecated; use ipapermlocation" msgstr "过时的;使用额外的目标过滤器" #, fuzzy #| msgid "Deprecated; use %s" msgid "Deprecated; use ipapermright" msgstr "已弃用;使用%s" msgid "Granted to Privilege" msgstr "授于特权" msgid "Indirect Member of roles" msgstr "间接角色成员" msgid "Add a new permission." msgstr "添加一个新的权限。" msgid "Add members to a permission." msgstr "将成员添加到权限。" msgid "member privilege" msgstr "成员特权" msgid "privileges to add" msgstr "待添加的特权" msgid "Add a system permission without an ACI (internal command)" msgstr "添加一个没有ACI的系统权限(内部命令)" msgid "Permission flags" msgstr "权限标记" msgid "Delete a permission." msgstr "删除一个权限。" msgid "force delete of SYSTEM permissions" msgstr "强制删除系统权限" msgid "Search for permissions." msgstr "查找权限。" msgid "Modify a permission." msgstr "修改一个权限。" msgid "Rename the permission object" msgstr "重命名权限对象" msgid "Remove members from a permission." msgstr "从一个权限中移除成员。" msgid "privileges to remove" msgstr "待移除的特权" msgid "Display information about a permission." msgstr "显示一个权限信息。" msgid "" "\n" "Ping the remote IPA server to ensure it is running.\n" "\n" "The ping command sends an echo request to an IPA server. The server\n" "returns its version information. This is used by an IPA client\n" "to confirm that the server is available and accepting requests.\n" "\n" "The server from xmlrpc_uri in /etc/ipa/default.conf is contacted first.\n" "If it does not respond then the client will contact any servers defined\n" "by ldap SRV records in DNS.\n" "\n" "EXAMPLES:\n" "\n" " Ping an IPA server:\n" " ipa ping\n" " ------------------------------------------\n" " IPA server version 2.1.9. API version 2.20\n" " ------------------------------------------\n" "\n" " Ping an IPA server verbosely:\n" " ipa -v ping\n" " ipa: INFO: trying https://ipa.example.com/ipa/xml\n" " ipa: INFO: Forwarding 'ping' to server 'https://ipa.example.com/ipa/xml'\n" " -----------------------------------------------------\n" " IPA server version 2.1.9. API version 2.20\n" " -----------------------------------------------------\n" msgstr "" msgid "Ping a remote server." msgstr "Ping一台远程服务器。" msgid "" "\n" "Kerberos pkinit options\n" "\n" "Enable or disable anonymous pkinit using the principal\n" "WELLKNOWN/ANONYMOUS@REALM. The server must have been installed with\n" "pkinit support.\n" "\n" "EXAMPLES:\n" "\n" " Enable anonymous pkinit:\n" " ipa pkinit-anonymous enable\n" "\n" " Disable anonymous pkinit:\n" " ipa pkinit-anonymous disable\n" "\n" "For more information on anonymous pkinit see:\n" "\n" "http://k5wiki.kerberos.org/wiki/Projects/Anonymous_pkinit\n" msgstr "" msgid "Enable or Disable Anonymous PKINIT." msgstr "启用或禁用匿名PKINIT。" msgid "" "\n" "Privileges\n" "\n" "A privilege combines permissions into a logical task. A permission provides\n" "the rights to do a single task. There are some IPA operations that require\n" "multiple permissions to succeed. A privilege is where permissions are\n" "combined in order to perform a specific task.\n" "\n" "For example, adding a user requires the following permissions:\n" " * Creating a new user entry\n" " * Resetting a user password\n" " * Adding the new user to the default IPA users group\n" "\n" "Combining these three low-level tasks into a higher level task in the\n" "form of a privilege named \"Add User\" makes it easier to manage Roles.\n" "\n" "A privilege may not contain other privileges.\n" "\n" "See role and permission for additional information.\n" msgstr "" msgid "Privilege name" msgstr "特权名" msgid "Privilege description" msgstr "特权描述" msgid "Granting privilege to roles" msgstr "给角色授予特权" msgid "Add a new privilege." msgstr "添加一个新的特权。" msgid "Add members to a privilege." msgstr "向一个特权中添加成员。" msgid "member role" msgstr "成员角色" msgid "roles to add" msgstr "待添加角色" msgid "Add permissions to a privilege." msgstr "向一个特权中添加权限。" msgid "permission" msgstr "权限" msgid "permissions" msgstr "权限" msgid "Number of permissions added" msgstr "已添加权限数" msgid "Delete a privilege." msgstr "删除一个特权。" msgid "Search for privileges." msgstr "查找特权。" msgid "Modify a privilege." msgstr "修改一个特权。" msgid "Rename the privilege object" msgstr "重命名特权对象" msgid "Remove members from a privilege" msgstr "从特权中移除成员" msgid "roles to remove" msgstr "待移除角色" msgid "Remove permissions from a privilege." msgstr "从特权中移除权限。" msgid "Number of permissions removed" msgstr "已移除权限数" msgid "Display information about a privilege." msgstr "显示一个特权信息。" msgid "" "\n" "Password policy\n" "\n" "A password policy sets limitations on IPA passwords, including maximum\n" "lifetime, minimum lifetime, the number of passwords to save in\n" "history, the number of character classes required (for stronger passwords)\n" "and the minimum password length.\n" "\n" "By default there is a single, global policy for all users. You can also\n" "create a password policy to apply to a group. Each user is only subject\n" "to one password policy, either the group policy or the global policy. A\n" "group policy stands alone; it is not a super-set of the global policy plus\n" "custom settings.\n" "\n" "Each group password policy requires a unique priority setting. If a user\n" "is in multiple groups that have password policies, this priority determines\n" "which password policy is applied. A lower value indicates a higher priority\n" "policy.\n" "\n" "Group password policies are automatically removed when the groups they\n" "are associated with are removed.\n" "\n" "EXAMPLES:\n" "\n" " Modify the global policy:\n" " ipa pwpolicy-mod --minlength=10\n" "\n" " Add a new group password policy:\n" " ipa pwpolicy-add --maxlife=90 --minlife=1 --history=10 --minclasses=3 --" "minlength=8 --priority=10 localadmins\n" "\n" " Display the global password policy:\n" " ipa pwpolicy-show\n" "\n" " Display a group password policy:\n" " ipa pwpolicy-show localadmins\n" "\n" " Display the policy that would be applied to a given user:\n" " ipa pwpolicy-show --user=tuser1\n" "\n" " Modify a group password policy:\n" " ipa pwpolicy-mod --minclasses=2 localadmins\n" msgstr "" msgid "Group" msgstr "组" msgid "Manage password policy for specific group" msgstr "管理指定组的密码策略" msgid "Max lifetime (days)" msgstr "最大生存期(天)" msgid "Maximum password lifetime (in days)" msgstr "最大密码生存期(天)" msgid "Min lifetime (hours)" msgstr "最小生存期(小时)" msgid "Minimum password lifetime (in hours)" msgstr "最小密码生存期(小时)" msgid "History size" msgstr "历史大小" msgid "Password history size" msgstr "密码历史大小" msgid "Character classes" msgstr "字符类" msgid "Minimum number of character classes" msgstr "最小字符类数量" msgid "Min length" msgstr "最小长度" msgid "Minimum length of password" msgstr "最短密码长度" msgid "Priority of the policy (higher number means lower priority" msgstr "策略优先级(数字越大意味着优先级越低" msgid "Max failures" msgstr "最大失败次数" msgid "Consecutive failures before lockout" msgstr "连续失败后锁定" msgid "Failure reset interval" msgstr "失败重置时间间隔" msgid "Period after which failure count will be reset (seconds)" msgstr "一段时间后失败次数将被重置(秒)" msgid "Lockout duration" msgstr "锁定时间" msgid "Period for which lockout is enforced (seconds)" msgstr "锁定持续时间(秒)" msgid "Results should contain primary key attribute only (\"cn\")" msgstr "结果应该只包括主键属性(\"cn\")" msgid "Add a new group password policy." msgstr "添加一个新的组密码策略。" msgid "Delete a group password policy." msgstr "删除一个组密码策略。" msgid "Search for group password policies." msgstr "查找组密码策略。" msgid "Results should contain primary key attribute only (\"group\")" msgstr "结果应该只包括主键属性(\"group\")" msgid "Modify a group password policy." msgstr "修改一个组密码策略。" msgid "Display information about password policy." msgstr "显示密码策略信息。" msgid "User" msgstr "用户" msgid "Display effective policy for a specific user" msgstr "显示一个指定用户的有效策略" msgid "" "\n" "RADIUS Proxy Servers\n" "\n" "Manage RADIUS Proxy Servers.\n" "\n" "IPA supports the use of an external RADIUS proxy server for krb5 OTP\n" "authentications. This permits a great deal of flexibility when\n" "integrating with third-party authentication services.\n" "\n" "EXAMPLES:\n" "\n" " Add a new server:\n" " ipa radiusproxy-add MyRADIUS --server=radius.example.com:1812\n" "\n" " Find all servers whose entries include the string \"example.com\":\n" " ipa radiusproxy-find example.com\n" "\n" " Examine the configuration:\n" " ipa radiusproxy-show MyRADIUS\n" "\n" " Change the secret:\n" " ipa radiusproxy-mod MyRADIUS --secret\n" "\n" " Delete a configuration:\n" " ipa radiusproxy-del MyRADIUS\n" msgstr "" msgid "RADIUS proxy server name" msgstr "RADIUS代理服务器名称" msgid "A description of this RADIUS proxy server" msgstr "该RADIUS代理服务器的描述" msgid "Server" msgstr "服务器" msgid "The hostname or IP (with or without port)" msgstr "主机名或IP(有或没有端口)" msgid "Secret" msgstr "密码" msgid "The secret used to encrypt data" msgstr "密码用于数据加密" msgid "Timeout" msgstr "超时" msgid "The total timeout across all retries (in seconds)" msgstr "所有重试总超时(秒)" msgid "Retries" msgstr "重试" msgid "The number of times to retry authentication" msgstr "重试认证的次数" msgid "User attribute" msgstr "用户属性" msgid "The username attribute on the user object" msgstr "用户对象的用户名属性" msgid "Add a new RADIUS proxy server." msgstr "添加一个新的RADIUS代理服务器。" msgid "Delete a RADIUS proxy server." msgstr "删除一个RADIUS代理服务器。" msgid "Search for RADIUS proxy servers." msgstr "查找RADIUS代理服务器。" msgid "Modify a RADIUS proxy server." msgstr "修改一个RADIUS代理服务器。" msgid "Rename the RADIUS proxy server object" msgstr "重命名RADIUS代理服务器对象" msgid "Display information about a RADIUS proxy server." msgstr "显示一个RADIUS代理服务器信息。" msgid "" "\n" "Realm domains\n" "\n" "Manage the list of domains associated with IPA realm.\n" "\n" "EXAMPLES:\n" "\n" " Display the current list of realm domains:\n" " ipa realmdomains-show\n" "\n" " Replace the list of realm domains:\n" " ipa realmdomains-mod --domain=example.com\n" " ipa realmdomains-mod --domain={example1.com,example2.com,example3.com}\n" "\n" " Add a domain to the list of realm domains:\n" " ipa realmdomains-mod --add-domain=newdomain.com\n" "\n" " Delete a domain from the list of realm domains:\n" " ipa realmdomains-mod --del-domain=olddomain.com\n" msgstr "" msgid "Domain" msgstr "域" msgid "Add domain" msgstr "添加域" msgid "Delete domain" msgstr "删除域" msgid "Modify realm domains." msgstr "修改realm域。" msgid "Force adding domain even if not in DNS" msgstr "即使域在DNS中不存在,也强制添加它" msgid "Display the list of realm domains." msgstr "显示realm域列表。" msgid "" "\n" "Roles\n" "\n" "A role is used for fine-grained delegation. A permission grants the ability\n" "to perform given low-level tasks (add a user, modify a group, etc.). A\n" "privilege combines one or more permissions into a higher-level abstraction\n" "such as useradmin. A useradmin would be able to add, delete and modify " "users.\n" "\n" "Privileges are assigned to Roles.\n" "\n" "Users, groups, hosts and hostgroups may be members of a Role.\n" "\n" "Roles can not contain other roles.\n" "\n" "EXAMPLES:\n" "\n" " Add a new role:\n" " ipa role-add --desc=\"Junior-level admin\" junioradmin\n" "\n" " Add some privileges to this role:\n" " ipa role-add-privilege --privileges=addusers junioradmin\n" " ipa role-add-privilege --privileges=change_password junioradmin\n" " ipa role-add-privilege --privileges=add_user_to_default_group " "junioradmin\n" "\n" " Add a group of users to this role:\n" " ipa group-add --desc=\"User admins\" useradmins\n" " ipa role-add-member --groups=useradmins junioradmin\n" "\n" " Display information about a role:\n" " ipa role-show junioradmin\n" "\n" " The result of this is that any users in the group 'junioradmin' can\n" " add users, reset passwords or add a user to the default IPA user group.\n" msgstr "" msgid "Role name" msgstr "角色名" msgid "A description of this role-group" msgstr "该角色组的描述" msgid "Member users" msgstr "成员用户" msgid "Member groups" msgstr "成员组" msgid "Privileges" msgstr "特权" msgid "Member services" msgstr "成员服务" msgid "Add a new role." msgstr "添加一个新角色。" msgid "Add members to a role." msgstr "向角色中添加成员。" msgid "member service" msgstr "成员服务" msgid "services to add" msgstr "待添加服务" msgid "Add privileges to a role." msgstr "向一个角色中添加特权。" msgid "privilege" msgstr "特权" msgid "privileges" msgstr "特权" msgid "Number of privileges added" msgstr "已添加特权数" msgid "Delete a role." msgstr "删除一个角色。" msgid "Search for roles." msgstr "查找角色。" msgid "Modify a role." msgstr "修改一个角色。" msgid "Rename the role object" msgstr "重命名角色对象" msgid "Remove members from a role." msgstr "从一个角色中移除成员。" msgid "services to remove" msgstr "待移除服务" msgid "Remove privileges from a role." msgstr "从一个角色中移除权限。" msgid "Number of privileges removed" msgstr "已移除权限数" msgid "Display information about a role." msgstr "显示一个角色信息。" msgid "" "\n" "Self-service Permissions\n" "\n" "A permission enables fine-grained delegation of permissions. Access Control\n" "Rules, or instructions (ACIs), grant permission to permissions to perform\n" "given tasks such as adding a user, modifying a group, etc.\n" "\n" "A Self-service permission defines what an object can change in its own " "entry.\n" "\n" "\n" "EXAMPLES:\n" "\n" " Add a self-service rule to allow users to manage their address (using Bash\n" " brace expansion):\n" " ipa selfservice-add --permissions=write --attrs={street,postalCode,l,c," "st} \"Users manage their own address\"\n" "\n" " When managing the list of attributes you need to include all attributes\n" " in the list, including existing ones.\n" " Add telephoneNumber to the list (using Bash brace expansion):\n" " ipa selfservice-mod --attrs={street,postalCode,l,c,st,telephoneNumber} " "\"Users manage their own address\"\n" "\n" " Display our updated rule:\n" " ipa selfservice-show \"Users manage their own address\"\n" "\n" " Delete a rule:\n" " ipa selfservice-del \"Users manage their own address\"\n" msgstr "" msgid "Self-service name" msgstr "自助服务名" msgid "Attributes to which the permission applies." msgstr "权限应用属性。" msgid "Add a new self-service permission." msgstr "添加一个新的自助服务权限。" msgid "Delete a self-service permission." msgstr "删除一个自助服务权限。" msgid "Search for a self-service permission." msgstr "查找一个自助服务权限。" msgid "Modify a self-service permission." msgstr "修改一个自助服务权限。" msgid "Display information about a self-service permission." msgstr "显示一个自助服务权限信息。" msgid "" "\n" "SELinux User Mapping\n" "\n" "Map IPA users to SELinux users by host.\n" "\n" "Hosts, hostgroups, users and groups can be either defined within\n" "the rule or it may point to an existing HBAC rule. When using\n" "--hbacrule option to selinuxusermap-find an exact match is made on the\n" "HBAC rule name, so only one or zero entries will be returned.\n" "\n" "EXAMPLES:\n" "\n" " Create a rule, \"test1\", that sets all users to xguest_u:s0 on the host " "\"server\":\n" " ipa selinuxusermap-add --usercat=all --selinuxuser=xguest_u:s0 test1\n" " ipa selinuxusermap-add-host --hosts=server.example.com test1\n" "\n" " Create a rule, \"test2\", that sets all users to guest_u:s0 and uses an " "existing HBAC rule for users and hosts:\n" " ipa selinuxusermap-add --usercat=all --hbacrule=webserver --" "selinuxuser=guest_u:s0 test2\n" "\n" " Display the properties of a rule:\n" " ipa selinuxusermap-show test2\n" "\n" " Create a rule for a specific user. This sets the SELinux context for\n" " user john to unconfined_u:s0-s0:c0.c1023 on any machine:\n" " ipa selinuxusermap-add --hostcat=all --selinuxuser=unconfined_u:s0-s0:c0." "c1023 john_unconfined\n" " ipa selinuxusermap-add-user --users=john john_unconfined\n" "\n" " Disable a rule:\n" " ipa selinuxusermap-disable test1\n" "\n" " Enable a rule:\n" " ipa selinuxusermap-enable test1\n" "\n" " Find a rule referencing a specific HBAC rule:\n" " ipa selinuxusermap-find --hbacrule=allow_some\n" "\n" " Remove a rule:\n" " ipa selinuxusermap-del john_unconfined\n" "\n" "SEEALSO:\n" "\n" " The list controlling the order in which the SELinux user map is applied\n" " and the default SELinux user are available in the config-show command.\n" msgstr "" msgid "SELinux User" msgstr "SELinux用户" msgid "HBAC Rule" msgstr "HBAC规则" msgid "HBAC Rule that defines the users, groups and hostgroups" msgstr "HBAC规则定义了用户,用户组和主机组" msgid "Create a new SELinux User Map." msgstr "创建一个新的SELinux用户映射。" msgid "Add target hosts and hostgroups to an SELinux User Map rule." msgstr "向SELinux用户映射规则中添加目标主机和主机组。" msgid "Add users and groups to an SELinux User Map rule." msgstr "向SELinux用户映射规则中添加用户和用户组。" msgid "Delete a SELinux User Map." msgstr "删除一个SELinux用户映射。" msgid "Disable an SELinux User Map rule." msgstr "禁用一个SELinux用户映射规则。" msgid "Enable an SELinux User Map rule." msgstr "启用一个SELinux用户映射规则。" msgid "Search for SELinux User Maps." msgstr "查找SELinux用户映射。" msgid "Modify a SELinux User Map." msgstr "修改一个SELinux用户映射。" msgid "Remove target hosts and hostgroups from an SELinux User Map rule." msgstr "从一个SELinux用户映射规则中移除目标主机和主机组。" msgid "Remove users and groups from an SELinux User Map rule." msgstr "向SELinux用户映射规则中移除用户和用户组。" msgid "Display the properties of a SELinux User Map rule." msgstr "显示一个SELinux用户映射规则的属性。" msgid "" "\n" "Services\n" "\n" "A IPA service represents a service that runs on a host. The IPA service\n" "record can store a Kerberos principal, an SSL certificate, or both.\n" "\n" "An IPA service can be managed directly from a machine, provided that\n" "machine has been given the correct permission. This is true even for\n" "machines other than the one the service is associated with. For example,\n" "requesting an SSL certificate using the host service principal credentials\n" "of the host. To manage a service using host credentials you need to\n" "kinit as the host:\n" "\n" " # kinit -kt /etc/krb5.keytab host/ipa.example.com@EXAMPLE.COM\n" "\n" "Adding an IPA service allows the associated service to request an SSL\n" "certificate or keytab, but this is performed as a separate step; they\n" "are not produced as a result of adding the service.\n" "\n" "Only the public aspect of a certificate is stored in a service record;\n" "the private key is not stored.\n" "\n" "EXAMPLES:\n" "\n" " Add a new IPA service:\n" " ipa service-add HTTP/web.example.com\n" "\n" " Allow a host to manage an IPA service certificate:\n" " ipa service-add-host --hosts=web.example.com HTTP/web.example.com\n" " ipa role-add-member --hosts=web.example.com certadmin\n" "\n" " Override a default list of supported PAC types for the service:\n" " ipa service-mod HTTP/web.example.com --pac-type=MS-PAC\n" "\n" " A typical use case where overriding the PAC type is needed is NFS.\n" " Currently the related code in the Linux kernel can only handle Kerberos\n" " tickets up to a maximal size. Since the PAC data can become quite large " "it\n" " is recommended to set --pac-type=NONE for NFS services.\n" "\n" " Delete an IPA service:\n" " ipa service-del HTTP/web.example.com\n" "\n" " Find all IPA services associated with a host:\n" " ipa service-find web.example.com\n" "\n" " Find all HTTP services:\n" " ipa service-find HTTP\n" "\n" " Disable the service Kerberos key and SSL certificate:\n" " ipa service-disable HTTP/web.example.com\n" "\n" " Request a certificate for an IPA service:\n" " ipa cert-request --principal=HTTP/web.example.com example.csr\n" "\n" " Allow user to create a keytab:\n" " ipa service-allow-create-keytab HTTP/web.example.com --users=tuser1\n" "\n" " Generate and retrieve a keytab for an IPA service:\n" " ipa-getkeytab -s ipa.example.com -p HTTP/web.example.com -k /etc/httpd/" "httpd.keytab\n" msgstr "" msgid "Service principal" msgstr "服务主体" msgid "PAC type" msgstr "PAC类型" msgid "" "Override default list of supported PAC types. Use 'NONE' to disable PAC " "support for this service, e.g. this might be necessary for NFS services." msgstr "" "覆盖默认支持的PAC类型列表。使用'NONE'来禁用该服务的PAC支持,例如,这可能是NFS" "服务的必要条件。" msgid "Add a new IPA new service." msgstr "添加一个新的IPA服务。" msgid "force principal name even if not in DNS" msgstr "即使主体名在DNS中不存在,也强制添加它" msgid "Add hosts that can manage this service." msgstr "添加可以管理该服务的主机。" msgid "" "Allow users, groups, hosts or host groups to create a keytab of this service." msgstr "允许用户,用户组,主机或主机组来创建一个该服务的keytab。" msgid "" "Allow users, groups, hosts or host groups to retrieve a keytab of this " "service." msgstr "允许用户,用户组,主机或主机组来检索一个该服务的keytab。" msgid "Delete an IPA service." msgstr "删除一个IPA服务。" msgid "Disable the Kerberos key and SSL certificate of a service." msgstr "禁用一个服务的Kerberos密钥和SSL证书。" msgid "" "Disallow users, groups, hosts or host groups to create a keytab of this " "service." msgstr "不允许用户,用户组,主机或主机组来创建该服务的keytab。" msgid "" "Disallow users, groups, hosts or host groups to retrieve a keytab of this " "service." msgstr "不允许用户,用户组,主机或主机组来检索该服务的keytab。" msgid "Search for IPA services." msgstr "查找IPA服务。" msgid "Results should contain primary key attribute only (\"principal\")" msgstr "结果应该只包括主键属性(\"principal\")" msgid "Search for services with these managed by hosts." msgstr "查找那些由主机管理的服务。" msgid "Search for services without these managed by hosts." msgstr "查找那些不由主机管理的服务。" msgid "Modify an existing IPA service." msgstr "修改一个已存在的IPA服务。" msgid "Remove hosts that can manage this service." msgstr "移除可以管理该服务的主机。" msgid "Display information about an IPA service." msgstr "显示一个IPA服务信息。" msgid "" "\n" "Session Support for IPA\n" "John Dennis \n" "\n" "Goals\n" "=====\n" "\n" "Provide per-user session data caching which persists between\n" "requests. Desired features are:\n" "\n" "* Integrates cleanly with minimum impact on existing infrastructure.\n" "\n" "* Provides maximum security balanced against real-world performance\n" " demands.\n" "\n" "* Sessions must be able to be revoked (flushed).\n" "\n" "* Should be flexible and easy to use for developers.\n" "\n" "* Should leverage existing technology and code to the maximum extent\n" " possible to avoid re-invention, excessive implementation time and to\n" " benefit from robustness in field proven components commonly shared\n" " in the open source community.\n" "\n" "* Must support multiple independent processes which share session\n" " data.\n" "\n" "* System must function correctly if session data is available or not.\n" "\n" "* Must be high performance.\n" "\n" "* Should not be tied to specific web servers or browsers. Should\n" " integrate with our chosen WSGI model.\n" "\n" "Issues\n" "======\n" "\n" "Cookies\n" "-------\n" "\n" "Most session implementations are based on the use of cookies. Cookies\n" "have some inherent problems.\n" "\n" "* User has the option to disable cookies.\n" "\n" "* User stored cookie data is not secure. Can be mitigated by setting\n" " flags indicating the cookie is only to be used with SSL secured HTTP\n" " connections to specific web resources and setting the cookie to\n" " expire at session termination. Most modern browsers enforce these.\n" "\n" "Where to store session data?\n" "----------------------------\n" "\n" "Session data may be stored on either on the client or on the\n" "server. Storing session data on the client addresses the problem of\n" "session data availability when requests are serviced by independent web\n" "servers because the session data travels with the request. However\n" "there are data size limitations. Storing session data on the client\n" "also exposes sensitive data but this can be mitigated by encrypting\n" "the session data such that only the server can decrypt it.\n" "\n" "The more conventional approach is to bind session data to a unique\n" "name, the session ID. The session ID is transmitted to the client and\n" "the session data is paired with the session ID on the server in a\n" "associative data store. The session data is retrieved by the server\n" "using the session ID when the receiving the request. This eliminates\n" "exposing sensitive session data on the client along with limitations\n" "on data size. It however introduces the issue of session data\n" "availability when requests are serviced by more than one server\n" "process.\n" "\n" "Multi-process session data availability\n" "---------------------------------------\n" "\n" "Apache (and other web servers) fork child processes to handle requests\n" "in parallel. Also web servers may be deployed in a farm where requests\n" "are load balanced in round robin fashion across different nodes. In\n" "both cases session data cannot be stored in the memory of a server\n" "process because it is not available to other processes, either sibling\n" "children of a master server process or server processes on distinct\n" "nodes.\n" "\n" "Typically this is addressed by storing session data in a SQL\n" "database. When a request is received by a server process containing a\n" "session ID in it's cookie data the session ID is used to perform a SQL\n" "query and the resulting data is then attached to the request as it\n" "proceeds through the request processing pipeline. This of course\n" "introduces coherency issues.\n" "\n" "For IPA the introduction of a SQL database dependency is undesired and\n" "should be avoided.\n" "\n" "Session data may also be shared by independent processes by storing\n" "the session data in files.\n" "\n" "An alternative solution which has gained considerable popularity\n" "recently is the use of a fast memory based caching server. Data is\n" "stored in a single process memory and may be queried and set via a\n" "light weight protocol using standard socket mechanisms, memcached is\n" "one example. A typical use is to optimize SQL queries by storing a SQL\n" "result in shared memory cache avoiding the more expensive SQL\n" "operation. But the memory cache has distinct advantages in non-SQL\n" "situations as well.\n" "\n" "Possible implementations for use by IPA\n" "=======================================\n" "\n" "Apache Sessions\n" "---------------\n" "\n" "Apache has 2.3 has implemented session support via these modules:\n" "\n" " mod_session\n" " Overarching session support based on cookies.\n" "\n" " See: http://httpd.apache.org/docs/2.3/mod/mod_session.html\n" "\n" " mod_session_cookie\n" " Stores session data in the client.\n" "\n" " See: http://httpd.apache.org/docs/2.3/mod/mod_session_cookie.html\n" "\n" " mod_session_crypto\n" " Encrypts session data for security. Encryption key is shared\n" " configuration parameter visible to all Apache processes and is\n" " stored in a configuration file.\n" "\n" " See: http://httpd.apache.org/docs/2.3/mod/mod_session_crypto.html\n" "\n" " mod_session_dbd\n" " Stores session data in a SQL database permitting multiple\n" " processes to access and share the same session data.\n" "\n" " See: http://httpd.apache.org/docs/2.3/mod/mod_session_dbd.html\n" "\n" "Issues with Apache sessions\n" "~~~~~~~~~~~~~~~~~~~~~~~~~~~\n" "\n" "Although Apache has implemented generic session support and Apache is\n" "our web server of preference it nonetheless introduces issues for IPA.\n" "\n" " * Session support is only available in httpd >= 2.3 which at the\n" " time of this writing is currently only available as a Beta release\n" " from upstream. We currently only ship httpd 2.2, the same is true\n" " for other distributions.\n" "\n" " * We could package and ship the sessions modules as a temporary\n" " package in httpd 2.2 environments. But this has the following\n" " consequences:\n" "\n" " - The code has to be backported. the module API has changed\n" " slightly between httpd 2.2 and 2.3. The backporting is not\n" " terribly difficult and a proof of concept has been\n" " implemented.\n" "\n" " - We would then be on the hook to package and maintain a special\n" " case Apache package. This is maintenance burden as well as a\n" " distribution packaging burden. Both of which would be best\n" " avoided if possible.\n" "\n" " * The design of the Apache session modules is such that they can\n" " only be manipulated by other Apache modules. The ability of\n" " consumers of the session data to control the session data is\n" " simplistic, constrained and static during the period the request\n" " is processed. Request handlers which are not native Apache modules\n" " (e.g. IPA via WSGI) can only examine the session data\n" " via request headers and reset it in response headers.\n" "\n" " * Shared session data is available exclusively via SQL.\n" "\n" "However using the 2.3 Apache session modules would give us robust\n" "session support implemented in C based on standardized Apache\n" "interfaces which are widely used.\n" "\n" "Python Web Frameworks\n" "---------------------\n" "\n" "Virtually every Python web framework supports cookie based sessions,\n" "e.g. Django, Twisted, Zope, Turbogears etc. Early on in IPA we decided\n" "to avoid the use of these frameworks. Trying to pull in just one part\n" "of these frameworks just to get session support would be problematic\n" "because the code does not function outside it's framework.\n" "\n" "IPA implemented sessions\n" "------------------------\n" "\n" "Originally it was believed the path of least effort was to utilize\n" "existing session support, most likely what would be provided by\n" "Apache. However there are enough basic modular components available in\n" "native Python and other standard packages it should be possible to\n" "provide session support meeting the aforementioned goals with a modest\n" "implementation effort. Because we're leveraging existing components\n" "the implementation difficulties are subsumed by other components which\n" "have already been field proven and have community support. This is a\n" "smart strategy.\n" "\n" "Proposed Solution\n" "=================\n" "\n" "Our interface to the web server is via WSGI which invokes a callback\n" "per request passing us an environmental context for the request. For\n" "this discussion we'll name the WSGI callback \"application()\", a\n" "conventional name in WSGI parlance.\n" "\n" "Shared session data will be handled by memcached. We will create one\n" "instance of memcached on each server node dedicated to IPA\n" "exclusively. Communication with memcached will be via a UNIX socket\n" "located in the file system under /var/run/ipa_memcached. It will be\n" "protected by file permissions and optionally SELinux policy.\n" "\n" "In application() we examine the request cookies and if there is an IPA\n" "session cookie with a session ID we retrieve the session data from our\n" "memcached instance.\n" "\n" "The session data will be a Python dict. IPA components will read or\n" "write their session information by using a pre-agreed upon name\n" "(e.g. key) in the dict. This is a very flexible system and consistent\n" "with how we pass data in most parts of IPA.\n" "\n" "If the session data is not available an empty session data dict will\n" "be created.\n" "\n" "How does this session data travel with the request in the IPA\n" "pipeline? In IPA we use the HTTP request/response to implement RPC. In\n" "application() we convert the request into a procedure call passing it\n" "arguments derived from the HTTP request. The passed parameters are\n" "specific to the RPC method being invoked. The context the RPC call is\n" "executing in is not passed as an RPC parameter.\n" "\n" "How would the contextual information such as session data be bound to\n" "the request and hence the RPC call?\n" "\n" "In IPA when a RPC invocation is being prepared from a request we\n" "recognize this will only ever be processed serially by one Python\n" "thread. A thread local dict called \"context\" is allocated for each\n" "thread. The context dict is cleared in between requests (e.g. RPC method\n" "invocations). The per-thread context dict is populated during the\n" "lifetime of the request and is used as a global data structure unique to\n" "the request that various IPA component can read from and write to with\n" "the assurance the data is unique to the current request and/or method\n" "call.\n" "\n" "The session data dict will be written into the context dict under the\n" "session key before the RPC method begins execution. Thus session data\n" "can be read and written by any IPA component by accessing\n" "``context.session``.\n" "\n" "When the RPC method finishes execution the session data bound to the\n" "request/method is retrieved from the context and written back to the\n" "memcached instance. The session ID is set in the response sent back to\n" "the client in the ``Set-Cookie`` header along with the flags\n" "controlling it's usage.\n" "\n" "Issues and details\n" "------------------\n" "\n" "IPA code cannot depend on session data being present, however it\n" "should always update session data with the hope it will be available\n" "in the future. Session data may not be available because:\n" "\n" " * This is the first request from the user and no session data has\n" " been created yet.\n" "\n" " * The user may have cookies disabled.\n" "\n" " * The session data may have been flushed. memcached operates with\n" " a fixed memory allocation and will flush entries on a LRU basis,\n" " like with any cache there is no guarantee of persistence.\n" "\n" " Also we may have have deliberately expired or deleted session\n" " data, see below.\n" "\n" "Cookie manipulation is done via the standard Python Cookie module.\n" "\n" "Session cookies will be set to only persist as long as the browser has\n" "the session open. They will be tagged so the browser only returns\n" "the session ID on SSL secured HTTP requests. They will not be visible\n" "to Javascript in the browser.\n" "\n" "Session ID's will be created by using 48 bits of random data and\n" "converted to 12 hexadecimal digits. Newly generated session ID's will\n" "be checked for prior existence to handle the unlikely case the random\n" "number repeats.\n" "\n" "memcached will have significantly higher performance than a SQL or file\n" "based storage solution. Communication is effectively though a pipe\n" "(UNIX socket) using a very simple protocol and the data is held\n" "entirely in process memory. memcached also scales easily, it is easy\n" "to add more memcached processes and distribute the load across them.\n" "At this point in time we don't anticipate the need for this.\n" "\n" "A very nice feature of the Python memcached module is that when a data\n" "item is written to the cache it is done with standard Python pickling\n" "(pickling is a standard Python mechanism to marshal and unmarshal\n" "Python objects). We adopt the convention the object written to cache\n" "will be a dict to meet our internal data handling conventions. The\n" "pickling code will recursively handle nested objects in the dict. Thus\n" "we gain a lot of flexibility using standard Python data structures to\n" "store and retrieve our session data without having to author and debug\n" "code to marshal and unmarshal the data if some other storage mechanism\n" "had been used. This is a significant implementation win. Of course\n" "some common sense limitations need to observed when deciding on what\n" "is written to the session cache keeping in mind the data is shared\n" "between processes and it should not be excessively large (a\n" "configurable option)\n" "\n" "We can set an expiration on memcached entries. We may elect to do that\n" "to force session data to be refreshed periodically. For example we may\n" "wish the client to present fresh credentials on a periodic basis even\n" "if the cached credentials are otherwise within their validity period.\n" "\n" "We can explicitly delete session data if for some reason we believe it\n" "is stale, invalid or compromised.\n" "\n" "memcached also gives us certain facilities to prevent race conditions\n" "between different processes utilizing the cache. For example you can\n" "check of the entry has been modified since you last read it or use CAS\n" "(Check And Set) semantics. What has to be protected in terms of cache\n" "coherency will likely have to be determined as the session support is\n" "utilized and different data items are added to the cache. This is very\n" "much data and context specific. Fortunately memcached operations are\n" "atomic.\n" "\n" "Controlling the memcached process\n" "---------------------------------\n" "\n" "We need a mechanism to start the memcached process and secure it so\n" "that only IPA components can access it.\n" "\n" "Although memcached ships with both an initscript and systemd unit\n" "files those are for generic instances. We want a memcached instance\n" "dedicated exclusively to IPA usage. To accomplish this we would install\n" "a systemd unit file or an SysV initscript to control the IPA specific\n" "memcached service. ipactl would be extended to know about this\n" "additional service. systemd's cgroup facility would give us additional\n" "mechanisms to integrate the IPA memcached service within a larger IPA\n" "process group.\n" "\n" "Protecting the memcached data would be done via file permissions (and\n" "optionally SELinux policy) on the UNIX domain socket. Although recent\n" "implementations of memcached support authentication via SASL this\n" "introduces a performance and complexity burden not warranted when\n" "cached is dedicated to our exclusive use and access controlled by OS\n" "mechanisms.\n" "\n" "Conventionally daemons are protected by assigning a system uid and/or\n" "gid to the daemon. A daemon launched by root will drop it's privileges\n" "by assuming the effective uid:gid assigned to it. File system access\n" "is controlled by the OS via the effective identity and SELinux policy\n" "can be crafted based on the identity. Thus the memcached UNIX socket\n" "would be protected by having it owned by a specific system user and/or\n" "membership in a restricted system group (discounting for the moment\n" "SELinux).\n" "\n" "Unfortunately we currently do not have an IPA system uid whose\n" "identity our processes operate under nor do we have an IPA system\n" "group. IPA does manage a collection of related processes (daemons) and\n" "historically each has been assigned their own uid. When these\n" "unrelated processes communicate they mutually authenticate via other\n" "mechanisms. We do not have much of a history of using shared file\n" "system objects across identities. When file objects are created they\n" "are typically assigned the identity of daemon needing to access the\n" "object and are not accessed by other daemons, or they carry root\n" "identity.\n" "\n" "When our WSGI application runs in Apache it is run as a WSGI\n" "daemon. This means when Apache starts up it forks off WSGI processes\n" "for us and we are independent of other Apache processes. When WSGI is\n" "run in this mode there is the ability to set the uid:gid of the WSGI\n" "process hosting us, however we currently do not take advantage of this\n" "option. WSGI can be run in other modes as well, only in daemon mode\n" "can the uid:gid be independently set from the rest of Apache. All\n" "processes started by Apache can be set to a common uid:gid specified\n" "in the global Apache configuration, by default it's\n" "apache:apache. Thus when our IPA code executes it is running as\n" "apache:apache.\n" "\n" "To protect our memcached UNIX socket we can do one of two things:\n" "\n" "1. Assign it's uid:gid as apache:apache. This would limit access to\n" " our cache only to processes running under httpd. It's somewhat\n" " restricted but far from ideal. Any code running in the web server\n" " could potentially access our cache. It's difficult to control what the\n" " web server runs and admins may not understand the consequences of\n" " configuring httpd to serve other things besides IPA.\n" "\n" "2. Create an IPA specific uid:gid, for example ipa:ipa. We then configure\n" " our WSGI application to run as the ipa:ipa user and group. We also\n" " configure our memcached instance to run as the ipa:ipa user and\n" " group. In this configuration we are now fully protected, only our WSGI\n" " code can read & write to our memcached UNIX socket.\n" "\n" "However there may be unforeseen issues by converting our code to run as\n" "something other than apache:apache. This would require some\n" "investigation and testing.\n" "\n" "IPA is dependent on other system daemons, specifically Directory\n" "Server (ds) and Certificate Server (cs). Currently we configure ds to\n" "run under the dirsrv:dirsrv user and group, an identity of our\n" "creation. We allow cs to default to it's pkiuser:pkiuser user and\n" "group. Should these other cooperating daemons also run under the\n" "common ipa:ipa user and group identities? At first blush there would\n" "seem to be an advantage to coalescing all process identities under a\n" "common IPA user and group identity. However these other processes do\n" "not depend on user and group permissions when working with external\n" "agents, processes, etc. Rather they are designed to be stand-alone\n" "network services which authenticate their clients via other\n" "mechanisms. They do depend on user and group permission to manage\n" "their own file system objects. If somehow the ipa user and/or group\n" "were compromised or malicious code somehow executed under the ipa\n" "identity there would be an advantage in having the cooperating\n" "processes cordoned off under their own identities providing one extra\n" "layer of protection. (Note, these cooperating daemons may not even be\n" "co-located on the same node in which case the issue is moot)\n" "\n" "The UNIX socket behavior (ldapi) with Directory Server is as follows:\n" "\n" " * The socket ownership is: root:root\n" "\n" " * The socket permissions are: 0666\n" "\n" " * When connecting via ldapi you must authenticate as you would\n" " normally with a TCP socket, except ...\n" "\n" " * If autobind is enabled and the uid:gid is available via\n" " SO_PEERCRED and the uid:gid can be found in the set of users known\n" " to the Directory Server then that connection will be bound as that\n" " user.\n" "\n" " * Otherwise an anonymous bind will occur.\n" "\n" "memcached UNIX socket behavior is as follows:\n" "\n" " * memcached can be invoked with a user argument, no group may be\n" " specified. The effective uid is the uid of the user argument and\n" " the effective gid is the primary group of the user, let's call\n" " this euid:egid\n" "\n" " * The socket ownership is: euid:egid\n" "\n" " * The socket permissions are 0700 by default, but this can be\n" " modified by the -a mask command line arg which sets the umask\n" " (defaults to 0700).\n" "\n" "Overview of authentication in IPA\n" "=================================\n" "\n" "This describes how we currently authenticate and how we plan to\n" "improve authentication performance. First some definitions.\n" "\n" "There are 4 major players:\n" "\n" " 1. client\n" " 2. mod_auth_kerb (in Apache process)\n" " 3. wsgi handler (in IPA wsgi python process)\n" " 4. ds (directory server)\n" "\n" "There are several resources:\n" "\n" " 1. /ipa/ui (unprotected, web UI static resources)\n" " 2. /ipa/xml (protected, xmlrpc RPC used by command line clients)\n" " 3. /ipa/json (protected, json RPC used by javascript in web UI)\n" " 4. ds (protected, wsgi acts as proxy, our LDAP server)\n" "\n" "Current Model\n" "-------------\n" "\n" "This describes how things work in our current system for the web UI.\n" "\n" " 1. Client requests /ipa/ui, this is unprotected, is static and\n" " contains no sensitive information. Apache replies with html and\n" " javascript. The javascript requests /ipa/json.\n" "\n" " 2. Client sends post to /ipa/json.\n" "\n" " 3. mod_auth_kerb is configured to protect /ipa/json, replies 401\n" " authenticate negotiate.\n" "\n" " 4. Client resends with credentials\n" "\n" " 5. mod_auth_kerb validates credentials\n" "\n" " a. if invalid replies 403 access denied (stops here)\n" "\n" " b. if valid creates temporary ccache, adds KRB5CCNAME to request\n" " headers\n" "\n" " 6. Request passed to wsgi handler\n" "\n" " a. validates request, KRB5CCNAME must be present, referrer, etc.\n" "\n" " b. ccache saved and used to bind to ds\n" "\n" " c. routes to specified RPC handler.\n" "\n" " 7. wsgi handler replies to client\n" "\n" "Proposed new session based optimization\n" "---------------------------------------\n" "\n" "The round trip negotiate and credential validation in steps 3,4,5 is\n" "expensive. This can be avoided if we can cache the client\n" "credentials. With client sessions we can store the client credentials\n" "in the session bound to the client.\n" "\n" "A few notes about the session implementation.\n" "\n" " * based on session cookies, cookies must be enabled\n" "\n" " * session cookie is secure, only passed on secure connections, only\n" " passed to our URL resource, never visible to client javascript\n" " etc.\n" "\n" " * session cookie has a session id which is used by wsgi handler to\n" " retrieve client session data from shared multi-process cache.\n" "\n" "Changes to Apache's resource protection\n" "---------------------------------------\n" "\n" " * /ipa/json is no longer protected by mod_auth_kerb. This is\n" " necessary to avoid the negotiate expense in steps 3,4,5\n" " above. Instead the /ipa/json resource will be protected in our wsgi\n" " handler via the session cookie.\n" "\n" " * A new protected URI is introduced, /ipa/login. This resource\n" " does no serve any data, it is used exclusively for authentication.\n" "\n" "The new sequence is:\n" "\n" " 1. Client requests /ipa/ui, this is unprotected. Apache replies with\n" " html and javascript. The javascript requests /ipa/json.\n" "\n" " 2. Client sends post to /ipa/json, which is unprotected.\n" "\n" " 3. wsgi handler obtains session data from session cookie.\n" "\n" " a. if ccache is present in session data and is valid\n" "\n" " - request is further validated\n" "\n" " - ccache is established for bind to ds\n" "\n" " - request is routed to RPC handler\n" "\n" " - wsgi handler eventually replies to client\n" "\n" " b. if ccache is not present or not valid processing continues ...\n" "\n" " 4. wsgi handler replies with 401 Unauthorized\n" "\n" " 5. client sends request to /ipa/login to obtain session credentials\n" "\n" " 6. mod_auth_kerb replies 401 negotiate on /ipa/login\n" "\n" " 7. client sends credentials to /ipa/login\n" "\n" " 8. mod_auth_kerb validates credentials\n" "\n" " a. if valid\n" "\n" " - mod_auth_kerb permits access to /ipa/login. wsgi handler is\n" " invoked and does the following:\n" "\n" " * establishes session for client\n" "\n" " * retrieves the ccache from KRB5CCNAME and stores it\n" "\n" " a. if invalid\n" "\n" " - mod_auth_kerb sends 403 access denied (processing stops)\n" "\n" " 9. client now posts the same data again to /ipa/json including\n" " session cookie. Processing repeats starting at step 2 and since\n" " the session data now contains a valid ccache step 3a executes, a\n" " successful reply is sent to client.\n" "\n" "Command line client using xmlrpc\n" "--------------------------------\n" "\n" "The above describes the web UI utilizing the json RPC mechanism. The\n" "IPA command line tools utilize a xmlrpc RPC mechanism on the same\n" "HTTP server. Access to the xmlrpc is via the /ipa/xml URI. The json\n" "and xmlrpc API's are the same, they differ only on how their procedure\n" "calls are marshalled and unmarshalled.\n" "\n" "Under the new scheme /ipa/xml will continue to be Kerberos protected\n" "at all times. Apache's mod_auth_kerb will continue to require the\n" "client provides valid Kerberos credentials.\n" "\n" "When the WSGI handler routes to /ipa/xml the Kerberos credentials will\n" "be extracted from the KRB5CCNAME environment variable as provided by\n" "mod_auth_kerb. Everything else remains the same.\n" msgstr "" msgid "RPC command used to log the current user out of their session." msgstr "RPC命令用于记录当前用户的会话。" msgid "" "\n" "Sudo Commands\n" "\n" "Commands used as building blocks for sudo\n" "\n" "EXAMPLES:\n" "\n" " Create a new command\n" " ipa sudocmd-add --desc='For reading log files' /usr/bin/less\n" "\n" " Remove a command\n" " ipa sudocmd-del /usr/bin/less\n" msgstr "" msgid "Sudo Command" msgstr "Sudo命令" msgid "A description of this command" msgstr "该命令的一个描述" msgid "Sudo Command Groups" msgstr "Sudo命令组" msgid "Create new Sudo Command." msgstr "创建新的Sudo命令。" msgid "Delete Sudo Command." msgstr "删除Sudo命令。" msgid "Search for Sudo Commands." msgstr "查找Sudo命令。" msgid "Results should contain primary key attribute only (\"command\")" msgstr "结果应该只包括主键属性(\"command\")" msgid "Modify Sudo Command." msgstr "修改Sudo命令。" msgid "Display Sudo Command." msgstr "显示Sudo命令。" msgid "" "\n" "Groups of Sudo Commands\n" "\n" "Manage groups of Sudo Commands.\n" "\n" "EXAMPLES:\n" "\n" " Add a new Sudo Command Group:\n" " ipa sudocmdgroup-add --desc='administrators commands' admincmds\n" "\n" " Remove a Sudo Command Group:\n" " ipa sudocmdgroup-del admincmds\n" "\n" " Manage Sudo Command Group membership, commands:\n" " ipa sudocmdgroup-add-member --sudocmds=/usr/bin/less --sudocmds=/usr/bin/" "vim admincmds\n" "\n" " Manage Sudo Command Group membership, commands:\n" " ipa group-remove-member --sudocmds=/usr/bin/less admincmds\n" "\n" " Show a Sudo Command Group:\n" " ipa group-show localadmins\n" msgstr "" msgid "Sudo Command Group" msgstr "Sudo命令组" msgid "Group description" msgstr "组描述" msgid "Commands" msgstr "命令" msgid "Member Sudo commands" msgstr "成员Sudo命令" msgid "Create new Sudo Command Group." msgstr "创建新的Sudo命令组。" msgid "Add members to Sudo Command Group." msgstr "向Sudo命令组中添加成员。" msgid "member sudo command" msgstr "成员sudo命令" msgid "sudo commands to add" msgstr "待添加的sudo命令" msgid "Delete Sudo Command Group." msgstr "删除Sudo命令组。" msgid "Search for Sudo Command Groups." msgstr "查找Sudo命令组。" msgid "" "Results should contain primary key attribute only (\"sudocmdgroup-name\")" msgstr "结果应该只包括主键属性(\"sudocmdgroup-name\")" msgid "Modify Sudo Command Group." msgstr "修改Sudo命令组。" msgid "Remove members from Sudo Command Group." msgstr "从Sudo命令组中移除成员。" msgid "sudo commands to remove" msgstr "待移除的sudo命令" msgid "Display Sudo Command Group." msgstr "显示Sudo命令组。" msgid "" "\n" "Sudo Rules\n" "\n" "Sudo (su \"do\") allows a system administrator to delegate authority to\n" "give certain users (or groups of users) the ability to run some (or all)\n" "commands as root or another user while providing an audit trail of the\n" "commands and their arguments.\n" "\n" "FreeIPA provides a means to configure the various aspects of Sudo:\n" " Users: The user(s)/group(s) allowed to invoke Sudo.\n" " Hosts: The host(s)/hostgroup(s) which the user is allowed to to invoke " "Sudo.\n" " Allow Command: The specific command(s) permitted to be run via Sudo.\n" " Deny Command: The specific command(s) prohibited to be run via Sudo.\n" " RunAsUser: The user(s) or group(s) of users whose rights Sudo will be " "invoked with.\n" " RunAsGroup: The group(s) whose gid rights Sudo will be invoked with.\n" " Options: The various Sudoers Options that can modify Sudo's behavior.\n" "\n" "An order can be added to a sudorule to control the order in which they\n" "are evaluated (if the client supports it). This order is an integer and\n" "must be unique.\n" "\n" "FreeIPA provides a designated binddn to use with Sudo located at:\n" "uid=sudo,cn=sysaccounts,cn=etc,dc=example,dc=com\n" "\n" "To enable the binddn run the following command to set the password:\n" "LDAPTLS_CACERT=/etc/ipa/ca.crt /usr/bin/ldappasswd -S -W -h ipa.example.com -" "ZZ -D \"cn=Directory Manager\" uid=sudo,cn=sysaccounts,cn=etc,dc=example," "dc=com\n" "\n" "EXAMPLES:\n" "\n" " Create a new rule:\n" " ipa sudorule-add readfiles\n" "\n" " Add sudo command object and add it as allowed command in the rule:\n" " ipa sudocmd-add /usr/bin/less\n" " ipa sudorule-add-allow-command readfiles --sudocmds /usr/bin/less\n" "\n" " Add a host to the rule:\n" " ipa sudorule-add-host readfiles --hosts server.example.com\n" "\n" " Add a user to the rule:\n" " ipa sudorule-add-user readfiles --users jsmith\n" "\n" " Add a special Sudo rule for default Sudo server configuration:\n" " ipa sudorule-add defaults\n" "\n" " Set a default Sudo option:\n" " ipa sudorule-add-option defaults --sudooption '!authenticate'\n" msgstr "" msgid "Command category" msgstr "命令类别" msgid "Command category the rule applies to" msgstr "规则适用的命令类别" msgid "RunAs User category" msgstr "作为用户类别来运行" msgid "RunAs User category the rule applies to" msgstr "作为规则适用的用户类别来运行" msgid "RunAs Group category" msgstr "作为用户组类别来运行" msgid "RunAs Group category the rule applies to" msgstr "作为规则适用的用户组类别来运行" msgid "Sudo order" msgstr "Sudo命令" #, fuzzy #| msgid "Add an option to the Sudo Rule." msgid "integer to order the Sudo rules" msgstr "向Sudo规则中添加一个选项。" msgid "External User" msgstr "外部用户" msgid "External User the rule applies to (sudorule-find only)" msgstr "规则适用的外部用户(只是sudorule-find)" #, fuzzy #| msgid "Hosts" msgid "Host Masks" msgstr "主机" msgid "Sudo Allow Commands" msgstr "Sudo允许命令" msgid "Sudo Deny Commands" msgstr "Sudo阻止命令" msgid "Sudo Allow Command Groups" msgstr "Sudo运行命令组" msgid "Sudo Deny Command Groups" msgstr "Sudo阻止命令组" msgid "RunAs Users" msgstr "作为用户来运行" msgid "Run as a user" msgstr "作为一个用户来运行" msgid "Groups of RunAs Users" msgstr "作为用户来运行的用户组" msgid "Run as any user within a specified group" msgstr "作为任何一个有指定组用户来运行" msgid "RunAs External User" msgstr "作为外部用户来运行" msgid "External User the commands can run as (sudorule-find only)" msgstr "外部用户可以运行的命令(只是sudorule-find)" msgid "External Groups of RunAs Users" msgstr "作为用户来运行的外部用户组" msgid "External Groups of users that the command can run as" msgstr "外部用户组可以运行的命令" msgid "RunAs Groups" msgstr "作为用户组来运行" msgid "Run with the gid of a specified POSIX group" msgstr "以一个指定POSIX组的gid来运行" msgid "RunAs External Group" msgstr "作为外部用户组来运行" msgid "External Group the commands can run as (sudorule-find only)" msgstr "外部用户组可以运行的命令(只是sudorule-find)" msgid "Sudo Option" msgstr "Sudo选项" msgid "Create new Sudo Rule." msgstr "创建新的Sudo规则。" msgid "Add commands and sudo command groups affected by Sudo Rule." msgstr "添加受Sudo规则影响的命令和sudo命令组。" msgid "member sudo command group" msgstr "成员sudo命令组" msgid "sudo command groups to add" msgstr "待添加的sudo命令组" msgid "Add hosts and hostgroups affected by Sudo Rule." msgstr "添加受Sudo规则影响的主机和主机组。" msgid "host masks of allowed hosts" msgstr "" msgid "Add an option to the Sudo Rule." msgstr "向Sudo规则中添加一个选项。" msgid "Add group for Sudo to execute as." msgstr "" #, fuzzy #| msgid "Add users and groups affected by Sudo Rule." msgid "Add users and groups for Sudo to execute as." msgstr "添加受Sudo规则影响的用户和用户组。" msgid "Add users and groups affected by Sudo Rule." msgstr "添加受Sudo规则影响的用户和用户组。" msgid "Delete Sudo Rule." msgstr "删除Sudo规则。" msgid "Disable a Sudo Rule." msgstr "禁用一个Sudo规则。" msgid "Enable a Sudo Rule." msgstr "启用一个Sudo规则。" msgid "Search for Sudo Rule." msgstr "查找Sudo规则。" msgid "Results should contain primary key attribute only (\"sudorule-name\")" msgstr "结果应该只包括主键属性(\"sudorule-name\")" msgid "Modify Sudo Rule." msgstr "修改Sudo规则。" msgid "Remove commands and sudo command groups affected by Sudo Rule." msgstr "移除受Sudo规则影响的命令和命令组。" msgid "sudo command groups to remove" msgstr "待移除的sudo命令组" msgid "Remove hosts and hostgroups affected by Sudo Rule." msgstr "移除受Sudo规则影响的主机和主机组。" msgid "Remove an option from Sudo Rule." msgstr "从Sudo规则中移除一个选项。" #, fuzzy #| msgid "Remove an option from Sudo Rule." msgid "Remove group for Sudo to execute as." msgstr "从Sudo规则中移除一个选项。" #, fuzzy #| msgid "Remove users and groups affected by Sudo Rule." msgid "Remove users and groups for Sudo to execute as." msgstr "移除受Sudo规则影响的用户和用户组。" msgid "Remove users and groups affected by Sudo Rule." msgstr "移除受Sudo规则影响的用户和用户组。" msgid "Display Sudo Rule." msgstr "显示Sudo规则。" msgid "" "\n" "Users\n" "\n" "Manage user entries. All users are POSIX users.\n" "\n" "IPA supports a wide range of username formats, but you need to be aware of " "any\n" "restrictions that may apply to your particular environment. For example,\n" "usernames that start with a digit or usernames that exceed a certain length\n" "may cause problems for some UNIX systems.\n" "Use 'ipa config-mod' to change the username format allowed by IPA tools.\n" "\n" "Disabling a user account prevents that user from obtaining new Kerberos\n" "credentials. It does not invalidate any credentials that have already\n" "been issued.\n" "\n" "Password management is not a part of this module. For more information\n" "about this topic please see: ipa help passwd\n" "\n" "Account lockout on password failure happens per IPA master. The user-status\n" "command can be used to identify which master the user is locked out on.\n" "It is on that master the administrator must unlock the user.\n" "\n" "EXAMPLES:\n" "\n" " Add a new user:\n" " ipa user-add --first=Tim --last=User --password tuser1\n" "\n" " Find all users whose entries include the string \"Tim\":\n" " ipa user-find Tim\n" "\n" " Find all users with \"Tim\" as the first name:\n" " ipa user-find --first=Tim\n" "\n" " Disable a user account:\n" " ipa user-disable tuser1\n" "\n" " Enable a user account:\n" " ipa user-enable tuser1\n" "\n" " Delete a user:\n" " ipa user-del tuser1\n" msgstr "" msgid "First name" msgstr "名" msgid "Last name" msgstr "姓" msgid "Full name" msgstr "全名" msgid "Display name" msgstr "显示名称" msgid "Initials" msgstr "名字的首字母" msgid "Kerberos principal" msgstr "Kerberos主体" msgid "Kerberos principal expiration" msgstr "Kerberos主体过期" msgid "Email address" msgstr "邮件地址" msgid "Prompt to set the user password" msgstr "提示设置用户密码" msgid "Generate a random user password" msgstr "生成一个随机用户密码" msgid "User ID Number (system will assign one if not provided)" msgstr "用户ID号码(如果没有提供系统会分配一个)" msgid "Street address" msgstr "街道地址" msgid "City" msgstr "城市" msgid "State/Province" msgstr "州/省" msgid "ZIP" msgstr "" msgid "Telephone Number" msgstr "电话号码" msgid "Mobile Telephone Number" msgstr "移动电话号码" msgid "Pager Number" msgstr "传真号码" msgid "Fax Number" msgstr "传真号码" msgid "Org. Unit" msgstr "组织单位" msgid "Job Title" msgstr "职称" msgid "Car License" msgstr "汽车执照" msgid "Account disabled" msgstr "禁用账户" msgid "User authentication types" msgstr "用户认证类型" msgid "Types of supported user authentication" msgstr "支持的用户认证类型" msgid "" "User category (semantics placed on this attribute are for local " "interpretation)" msgstr "用户类别(该属性的语义是就近解读)" msgid "RADIUS proxy configuration" msgstr "RADIUS代理配置" msgid "RADIUS proxy username" msgstr "RADIUS代理名称" msgid "Department Number" msgstr "部门编号" msgid "Employee Number" msgstr "员工编号" msgid "Employee Type" msgstr "员工类型" msgid "Preferred Language" msgstr "首选语言" msgid "Member of groups" msgstr "组成员" msgid "Indirect Member of group" msgstr "间接组成员" msgid "Kerberos keys available" msgstr "Kerberos密码可用" msgid "Add a new user." msgstr "添加一个新用户。" msgid "Don't create user private group" msgstr "不创建用户私有组" msgid "Delete a user." msgstr "删除一个用户。" msgid "Disable a user account." msgstr "禁用一个用户账户。" msgid "Enable a user account." msgstr "启用一个用户账户。" msgid "Search for users." msgstr "查找用户。" msgid "Self" msgstr "自己" msgid "Display user record for current Kerberos principal" msgstr "显示当前Kerberos主体的用户记录" msgid "Results should contain primary key attribute only (\"login\")" msgstr "结果应该只包括主键属性(\"login\")" msgid "Search for users with these member of groups." msgstr "查找包含这些组成员的用户。" msgid "Search for users without these member of groups." msgstr "查找不包含这些组成员的用户。" msgid "Search for users with these member of netgroups." msgstr "查找包含这些网络组成员的用户。" msgid "Search for users without these member of netgroups." msgstr "查找不包含这些网络组成员的用户。" msgid "Search for users with these member of roles." msgstr "查找包含这些角色成员的用户。" msgid "Search for users without these member of roles." msgstr "查找不包含这些角色成员的用户。" msgid "Search for users with these member of HBAC rules." msgstr "查找包含这些HBAC规则成员的用户。" msgid "Search for users without these member of HBAC rules." msgstr "查找不包含这些HBAC规则成员的用户。" msgid "Search for users with these member of sudo rules." msgstr "查找包含这些sudo规则成员的用户。" msgid "Search for users without these member of sudo rules." msgstr "查找不包含这些sudo规则成员的用户。" msgid "Modify a user." msgstr "修改一个用户。" msgid "Rename the user object" msgstr "重命名用户对象" msgid "Display information about a user." msgstr "显示一个用户信息。" msgid "" "\n" "Lockout status of a user account\n" "\n" " An account may become locked if the password is entered incorrectly too\n" " many times within a specific time period as controlled by password\n" " policy. A locked account is a temporary condition and may be unlocked " "by\n" " an administrator.\n" "\n" " This connects to each IPA master and displays the lockout status on\n" " each one.\n" "\n" " To determine whether an account is locked on a given server you need\n" " to compare the number of failed logins and the time of the last " "failure.\n" " For an account to be locked it must exceed the maxfail failures within\n" " the failinterval duration as specified in the password policy " "associated\n" " with the user.\n" "\n" " The failed login counter is modified only when a user attempts a log in\n" " so it is possible that an account may appear locked but the last failed\n" " login attempt is older than the lockouttime of the password policy. " "This\n" " means that the user may attempt a login again.\n" " " msgstr "" msgid "" "\n" "Unlock a user account\n" "\n" " An account may become locked if the password is entered incorrectly too\n" " many times within a specific time period as controlled by password\n" " policy. A locked account is a temporary condition and may be unlocked " "by\n" " an administrator.\n" " " msgstr "" msgid "" "\n" "Auto Membership Rule.\n" "\n" "Bring clarity to the membership of hosts and users by configuring inclusive\n" "or exclusive regex patterns, you can automatically assign a new entries " "into\n" "a group or hostgroup based upon attribute information.\n" "\n" "A rule is directly associated with a group by name, so you cannot create\n" "a rule without an accompanying group or hostgroup.\n" "\n" "A condition is a regular expression used by 389-ds to match a new incoming\n" "entry with an automember rule. If it matches an inclusive rule then the\n" "entry is added to the appropriate group or hostgroup.\n" "\n" "A default group or hostgroup could be specified for entries that do not\n" "match any rule. In case of user entries this group will be a fallback group\n" "because all users are by default members of group specified in IPA config.\n" "\n" "The automember-rebuild command can be used to retroactively run automember " "rules\n" "against existing entries, thus rebuilding their membership.\n" "\n" "EXAMPLES:\n" "\n" " Add the initial group or hostgroup:\n" " ipa hostgroup-add --desc=\"Web Servers\" webservers\n" " ipa group-add --desc=\"Developers\" devel\n" "\n" " Add the initial rule:\n" " ipa automember-add --type=hostgroup webservers\n" " ipa automember-add --type=group devel\n" "\n" " Add a condition to the rule:\n" " ipa automember-add-condition --key=fqdn --type=hostgroup --inclusive-" "regex=^web[1-9]+\\.example\\.com webservers\n" " ipa automember-add-condition --key=manager --type=group --inclusive-" "regex=^uid=mscott devel\n" "\n" " Add an exclusive condition to the rule to prevent auto assignment:\n" " ipa automember-add-condition --key=fqdn --type=hostgroup --exclusive-" "regex=^web5\\.example\\.com webservers\n" "\n" " Add a host:\n" " ipa host-add web1.example.com\n" "\n" " Add a user:\n" " ipa user-add --first=Tim --last=User --password tuser1 --manager=mscott\n" "\n" " Verify automembership:\n" " ipa hostgroup-show webservers\n" " Host-group: webservers\n" " Description: Web Servers\n" " Member hosts: web1.example.com\n" "\n" " ipa group-show devel\n" " Group name: devel\n" " Description: Developers\n" " GID: 1004200000\n" " Member users: tuser\n" "\n" " Remove a condition from the rule:\n" " ipa automember-remove-condition --key=fqdn --type=hostgroup --inclusive-" "regex=^web[1-9]+\\.example\\.com webservers\n" "\n" " Modify the automember rule:\n" " ipa automember-mod\n" "\n" " Set the default (fallback) target group:\n" " ipa automember-default-group-set --default-group=webservers --" "type=hostgroup\n" " ipa automember-default-group-set --default-group=ipausers --type=group\n" "\n" " Remove the default (fallback) target group:\n" " ipa automember-default-group-remove --type=hostgroup\n" " ipa automember-default-group-remove --type=group\n" "\n" " Show the default (fallback) target group:\n" " ipa automember-default-group-show --type=hostgroup\n" " ipa automember-default-group-show --type=group\n" "\n" " Find all of the automember rules:\n" " ipa automember-find\n" "\n" " Display a automember rule:\n" " ipa automember-show --type=hostgroup webservers\n" " ipa automember-show --type=group devel\n" "\n" " Delete an automember rule:\n" " ipa automember-del --type=hostgroup webservers\n" " ipa automember-del --type=group devel\n" "\n" " Rebuild membership for all users:\n" " ipa automember-rebuild --type=group\n" "\n" " Rebuild membership for all hosts:\n" " ipa automember-rebuild --type=hostgroup\n" "\n" " Rebuild membership for specified users:\n" " ipa automember-rebuild --users=tuser1 --users=tuser2\n" "\n" " Rebuild membership for specified hosts:\n" " ipa automember-rebuild --hosts=web1.example.com --hosts=web2.example." "com\n" msgstr "" msgid "A description of this auto member rule" msgstr "一个自动成员规则的描述" msgid "Default (fallback) Group" msgstr "默认(回退)组" #, fuzzy #| msgid "Default group for new users not found" msgid "Default group for entries to land" msgstr "新用户的默认组没有找到" msgid "Add an automember rule." msgstr "添加一个自动成员规则。" msgid "Automember Rule" msgstr "自动成员规则" msgid "Grouping Type" msgstr "组类型" msgid "Grouping to which the rule applies" msgstr "组应用于哪种规则" msgid "Add conditions to an automember rule." msgstr "添加条件到一个自动成员规则。" msgid "Inclusive Regex" msgstr "兼容的正则表达式" msgid "Exclusive Regex" msgstr "独占的正则表达式" msgid "Attribute Key" msgstr "性键值" msgid "" "Attribute to filter via regex. For example fqdn for a host, or manager for a " "user" msgstr "" "通过正则表达式来过滤属性。例如:一个主机的fqdn属性,或者一个用户的manager属性" msgid "Conditions that could not be added" msgstr "不能被添加的条件" msgid "Number of conditions added" msgstr "已添加的条件数" msgid "Remove default (fallback) group for all unmatched entries." msgstr "对所有不匹配的条目移除默认(回退)组。" msgid "Set default (fallback) group for all unmatched entries." msgstr "对所有不匹配的条目设置默认(回退)组。" #, fuzzy #| msgid "Set default (fallback) group for all unmatched entries." msgid "Default (fallback) group for entries to land" msgstr "对所有不匹配的条目设置默认(回退)组。" msgid "Display information about the default (fallback) automember groups." msgstr "显示默认(回退)自动成员组的信息。" msgid "Delete an automember rule." msgstr "删除一个自动成员规则。" msgid "Search for automember rules." msgstr "查找自动成员规则。" msgid "Modify an automember rule." msgstr "修改一个自动成员规则。" #, fuzzy #| msgid "Rebuild auto membership" msgid "Rebuild auto membership." msgstr "重建自动成员" msgid "Rebuild membership for all members of a grouping" msgstr "" msgid "Rebuild membership for specified users" msgstr "" msgid "Rebuild membership for specified hosts" msgstr "" msgid "No wait" msgstr "无需等待" #, fuzzy #| msgid "Are you sure you want to rebuild auto membership?" msgid "Don't wait for rebuilding membership" msgstr "你确定要重建自动成员吗?" msgid "Remove conditions from an automember rule." msgstr "从一个自动成员规则中移除条件。" msgid "Conditions that could not be removed" msgstr "不能被移除的条件" msgid "Number of conditions removed" msgstr "已移除的条件数" msgid "Display information about an automember rule." msgstr "显示一个自动成员规则信息。" msgid "" "\n" "IPA certificate operations\n" "\n" "Implements a set of commands for managing server SSL certificates.\n" "\n" "Certificate requests exist in the form of a Certificate Signing Request " "(CSR)\n" "in PEM format.\n" "\n" "The dogtag CA uses just the CN value of the CSR and forces the rest of the\n" "subject to values configured in the server.\n" "\n" "A certificate is stored with a service principal and a service principal\n" "needs a host.\n" "\n" "In order to request a certificate:\n" "\n" "* The host must exist\n" "* The service must exist (or you use the --add option to automatically add " "it)\n" "\n" "SEARCHING:\n" "\n" "Certificates may be searched on by certificate subject, serial number,\n" "revocation reason, validity dates and the issued date.\n" "\n" "When searching on dates the _from date does a >= search and the _to date\n" "does a <= search. When combined these are done as an AND.\n" "\n" "Dates are treated as GMT to match the dates in the certificates.\n" "\n" "The date format is YYYY-mm-dd.\n" "\n" "EXAMPLES:\n" "\n" " Request a new certificate and add the principal:\n" " ipa cert-request --add --principal=HTTP/lion.example.com example.csr\n" "\n" " Retrieve an existing certificate:\n" " ipa cert-show 1032\n" "\n" " Revoke a certificate (see RFC 5280 for reason details):\n" " ipa cert-revoke --revocation-reason=6 1032\n" "\n" " Remove a certificate from revocation hold status:\n" " ipa cert-remove-hold 1032\n" "\n" " Check the status of a signing request:\n" " ipa cert-status 10\n" "\n" " Search for certificates by hostname:\n" " ipa cert-find --subject=ipaserver.example.com\n" "\n" " Search for revoked certificates by reason:\n" " ipa cert-find --revocation-reason=5\n" "\n" " Search for certificates based on issuance date\n" " ipa cert-find --issuedon-from=2013-02-01 --issuedon-to=2013-02-07\n" "\n" "IPA currently immediately issues (or declines) all certificate requests so\n" "the status of a request is not normally useful. This is for future use\n" "or the case where a CA does not immediately issue a certificate.\n" "\n" "The following revocation reasons are supported:\n" "\n" " * 0 - unspecified\n" " * 1 - keyCompromise\n" " * 2 - cACompromise\n" " * 3 - affiliationChanged\n" " * 4 - superseded\n" " * 5 - cessationOfOperation\n" " * 6 - certificateHold\n" " * 8 - removeFromCRL\n" " * 9 - privilegeWithdrawn\n" " * 10 - aACompromise\n" "\n" "Note that reason code 7 is not used. See RFC 5280 for more details:\n" "\n" "http://www.ietf.org/rfc/rfc5280.txt\n" msgstr "" msgid "Checks if any of the servers has the CA service enabled." msgstr "检查是否有任何服务器启用了CA服务。" msgid "Search for existing certificates." msgstr "查找已存在的证书。" #, fuzzy #| msgid "The username attribute on the user object" msgid "Match cn attribute in subject" msgstr "用户对象的用户名属性" msgid "Reason" msgstr "原因" msgid "Reason for revoking the certificate (0-10)" msgstr "撤消证书的原因(0-10)" msgid "minimum serial number" msgstr "最小序列号" msgid "maximum serial number" msgstr "最大序列号" msgid "match the common name exactly" msgstr "完全匹配常用名" msgid "Valid not after from this date (YYYY-mm-dd)" msgstr "" msgid "Valid not after to this date (YYYY-mm-dd)" msgstr "" msgid "Valid not before from this date (YYYY-mm-dd)" msgstr "" msgid "Valid not before to this date (YYYY-mm-dd)" msgstr "" msgid "Issued on from this date (YYYY-mm-dd)" msgstr "" msgid "Issued on to this date (YYYY-mm-dd)" msgstr "" msgid "Revoked on from this date (YYYY-mm-dd)" msgstr "" msgid "Revoked on to this date (YYYY-mm-dd)" msgstr "" msgid "Maximum number of certs returned" msgstr "返回的最大证书数" #, fuzzy #| msgid "Revoke a certificate." msgid "Take a revoked certificate off hold." msgstr "撤销证书。" msgid "Serial number" msgstr "序列号" msgid "Serial number in decimal or if prefixed with 0x in hexadecimal" msgstr "十进制序列号或者以0x为前缀的十六进制序列号" msgid "Submit a certificate signing request." msgstr "提交一个证书签名请求。" msgid "CSR" msgstr "" msgid "Service principal for this certificate (e.g. HTTP/test.example.com)" msgstr "该证书服务主体(例如:HTTP/test.example.com)" msgid "automatically add the principal if it doesn't exist" msgstr "若主体不存在,则自动添加" msgid "Revoke a certificate." msgstr "撤销证书。" msgid "Retrieve an existing certificate." msgstr "检索一个已存在的证书。" msgid "Output filename" msgstr "输出文件名" msgid "File to store the certificate in." msgstr "存储证书文件。" msgid "Check the status of a certificate signing request." msgstr "检查证书签名请求的状态。" msgid "Request id" msgstr "请求号" msgid "" "\n" "Groups of users\n" "\n" "Manage groups of users. By default, new groups are POSIX groups. You\n" "can add the --nonposix option to the group-add command to mark a new group\n" "as non-POSIX. You can use the --posix argument with the group-mod command\n" "to convert a non-POSIX group into a POSIX group. POSIX groups cannot be\n" "converted to non-POSIX groups.\n" "\n" "Every group must have a description.\n" "\n" "POSIX groups must have a Group ID (GID) number. Changing a GID is\n" "supported but can have an impact on your file permissions. It is not " "necessary\n" "to supply a GID when creating a group. IPA will generate one automatically\n" "if it is not provided.\n" "\n" "EXAMPLES:\n" "\n" " Add a new group:\n" " ipa group-add --desc='local administrators' localadmins\n" "\n" " Add a new non-POSIX group:\n" " ipa group-add --nonposix --desc='remote administrators' remoteadmins\n" "\n" " Convert a non-POSIX group to posix:\n" " ipa group-mod --posix remoteadmins\n" "\n" " Add a new POSIX group with a specific Group ID number:\n" " ipa group-add --gid=500 --desc='unix admins' unixadmins\n" "\n" " Add a new POSIX group and let IPA assign a Group ID number:\n" " ipa group-add --desc='printer admins' printeradmins\n" "\n" " Remove a group:\n" " ipa group-del unixadmins\n" "\n" " To add the \"remoteadmins\" group to the \"localadmins\" group:\n" " ipa group-add-member --groups=remoteadmins localadmins\n" "\n" " Add multiple users to the \"localadmins\" group:\n" " ipa group-add-member --users=test1 --users=test2 localadmins\n" "\n" " Remove a user from the \"localadmins\" group:\n" " ipa group-remove-member --users=test2 localadmins\n" "\n" " Display information about a named group.\n" " ipa group-show localadmins\n" "\n" "External group membership is designed to allow users from trusted domains\n" "to be mapped to local POSIX groups in order to actually use IPA resources.\n" "External members should be added to groups that specifically created as\n" "external and non-POSIX. Such group later should be included into one of " "POSIX\n" "groups.\n" "\n" "An external group member is currently a Security Identifier (SID) as defined " "by\n" "the trusted domain. When adding external group members, it is possible to\n" "specify them in either SID, or DOM\\name, or name@domain format. IPA will " "attempt\n" "to resolve passed name to SID with the use of Global Catalog of the trusted " "domain.\n" "\n" "Example:\n" "\n" "1. Create group for the trusted domain admins' mapping and their local POSIX " "group:\n" "\n" " ipa group-add --desc=' admins external map' ad_admins_external " "--external\n" " ipa group-add --desc=' admins' ad_admins\n" "\n" "2. Add security identifier of Domain Admins of the to the " "ad_admins_external\n" " group:\n" "\n" " ipa group-add-member ad_admins_external --external 'AD\\Domain Admins'\n" "\n" "3. Allow members of ad_admins_external group to be associated with ad_admins " "POSIX group:\n" "\n" " ipa group-add-member ad_admins --groups ad_admins_external\n" "\n" "4. List members of external members of ad_admins_external group to see their " "SIDs:\n" "\n" " ipa group-show ad_admins_external\n" msgstr "" msgid "GID (use this option to set it manually)" msgstr "GID(使用该选项来手动设置它)" msgid "Indirect Member users" msgstr "间接成员用户" msgid "Indirect Member groups" msgstr "间接成员组" msgid "Create a new group." msgstr "创建一个新组。" msgid "Create as a non-POSIX group" msgstr "创建一个非POSIX组" msgid "Allow adding external non-IPA members from trusted domains" msgstr "允许从信任域中添加额外的非IPA成员" msgid "Add members to a group." msgstr "向一个组中添加成员。" msgid "External member" msgstr "额外的成员" msgid "Members of a trusted domain in DOM\\name or name@domain form" msgstr "信任域的成员是“DOM\\名称”或“名称@域名”格式" msgid "Delete group." msgstr "删除组。" #, fuzzy #| msgid "search for managed groups" msgid "Detach a managed group from a user." msgstr "查找管理组" msgid "Search for groups." msgstr "查找组。" msgid "search for private groups" msgstr "查找私有组" msgid "search for POSIX groups" msgstr "查找POSIX组" msgid "" "search for groups with support of external non-IPA members from trusted " "domains" msgstr "查找组,该组在信任域中支持额外的非IPA成员" msgid "search for non-POSIX groups" msgstr "查找非POSIX组" msgid "Results should contain primary key attribute only (\"group-name\")" msgstr "结果应该只包括主键属性(\"group-name\")" msgid "Search for groups with these member users." msgstr "查找包含这些成员用户的组。" msgid "Search for groups without these member users." msgstr "查找不包含这些成员用户的组。" msgid "Search for groups with these member groups." msgstr "查找包含这些成员用户组的组。" msgid "Search for groups without these member groups." msgstr "查找不包含这些成员用户组的组。" msgid "Search for groups with these member of groups." msgstr "查找包含这些组成员的组。" msgid "Search for groups without these member of groups." msgstr "查找不包含这些组成员的组。" msgid "Search for groups with these member of netgroups." msgstr "查找包含这些网络组成员的组。" msgid "Search for groups without these member of netgroups." msgstr "查找不包含这些网络组成员的组。" msgid "Search for groups with these member of roles." msgstr "查找包含这些角色成员的组。" msgid "Search for groups without these member of roles." msgstr "查找不包含这些角色成员的组。" msgid "Search for groups with these member of HBAC rules." msgstr "查找包含这些HBAC规则成员的组。" msgid "Search for groups without these member of HBAC rules." msgstr "查找不包含这些HBAC规则成员的组。" msgid "Search for groups with these member of sudo rules." msgstr "查找包含这些sudo规则成员的组。" msgid "Search for groups without these member of sudo rules." msgstr "查找不包含这些sudo规则成员的组。" msgid "Modify a group." msgstr "修改一个组。" msgid "change to a POSIX group" msgstr "改变一个POSIX组" msgid "change to support external non-IPA members from trusted domains" msgstr "改变以便从信任域中支持额外的非IPA成员" msgid "Rename the group object" msgstr "重命名组对象" msgid "Remove members from a group." msgstr "从一个组中移除成员。" msgid "Display information about a named group." msgstr "显示指定组信息。" msgid "" "\n" "Simulate use of Host-based access controls\n" "\n" "HBAC rules control who can access what services on what hosts.\n" "You can use HBAC to control which users or groups can access a service,\n" "or group of services, on a target host.\n" "\n" "Since applying HBAC rules implies use of a production environment,\n" "this plugin aims to provide simulation of HBAC rules evaluation without\n" "having access to the production environment.\n" "\n" " Test user coming to a service on a named host against\n" " existing enabled rules.\n" "\n" " ipa hbactest --user= --host= --service=\n" " [--rules=rules-list] [--nodetail] [--enabled] [--disabled]\n" " [--sizelimit= ]\n" "\n" " --user, --host, and --service are mandatory, others are optional.\n" "\n" " If --rules is specified simulate enabling of the specified rules and test\n" " the login of the user using only these rules.\n" "\n" " If --enabled is specified, all enabled HBAC rules will be added to " "simulation\n" "\n" " If --disabled is specified, all disabled HBAC rules will be added to " "simulation\n" "\n" " If --nodetail is specified, do not return information about rules matched/" "not matched.\n" "\n" " If both --rules and --enabled are specified, apply simulation to --rules " "_and_\n" " all IPA enabled rules.\n" "\n" " If no --rules specified, simulation is run against all IPA enabled rules.\n" " By default there is a IPA-wide limit to number of entries fetched, you can " "change it\n" " with --sizelimit option.\n" "\n" "EXAMPLES:\n" "\n" " 1. Use all enabled HBAC rules in IPA database to simulate:\n" " $ ipa hbactest --user=a1a --host=bar --service=sshd\n" " --------------------\n" " Access granted: True\n" " --------------------\n" " Not matched rules: my-second-rule\n" " Not matched rules: my-third-rule\n" " Not matched rules: myrule\n" " Matched rules: allow_all\n" "\n" " 2. Disable detailed summary of how rules were applied:\n" " $ ipa hbactest --user=a1a --host=bar --service=sshd --nodetail\n" " --------------------\n" " Access granted: True\n" " --------------------\n" "\n" " 3. Test explicitly specified HBAC rules:\n" " $ ipa hbactest --user=a1a --host=bar --service=sshd \\\n" " --rules=myrule --rules=my-second-rule\n" " ---------------------\n" " Access granted: False\n" " ---------------------\n" " Not matched rules: my-second-rule\n" " Not matched rules: myrule\n" "\n" " 4. Use all enabled HBAC rules in IPA database + explicitly specified " "rules:\n" " $ ipa hbactest --user=a1a --host=bar --service=sshd \\\n" " --rules=myrule --rules=my-second-rule --enabled\n" " --------------------\n" " Access granted: True\n" " --------------------\n" " Not matched rules: my-second-rule\n" " Not matched rules: my-third-rule\n" " Not matched rules: myrule\n" " Matched rules: allow_all\n" "\n" " 5. Test all disabled HBAC rules in IPA database:\n" " $ ipa hbactest --user=a1a --host=bar --service=sshd --disabled\n" " ---------------------\n" " Access granted: False\n" " ---------------------\n" " Not matched rules: new-rule\n" "\n" " 6. Test all disabled HBAC rules in IPA database + explicitly specified " "rules:\n" " $ ipa hbactest --user=a1a --host=bar --service=sshd \\\n" " --rules=myrule --rules=my-second-rule --disabled\n" " ---------------------\n" " Access granted: False\n" " ---------------------\n" " Not matched rules: my-second-rule\n" " Not matched rules: my-third-rule\n" " Not matched rules: myrule\n" "\n" " 7. Test all (enabled and disabled) HBAC rules in IPA database:\n" " $ ipa hbactest --user=a1a --host=bar --service=sshd \\\n" " --enabled --disabled\n" " --------------------\n" " Access granted: True\n" " --------------------\n" " Not matched rules: my-second-rule\n" " Not matched rules: my-third-rule\n" " Not matched rules: myrule\n" " Not matched rules: new-rule\n" " Matched rules: allow_all\n" "\n" "\n" "HBACTEST AND TRUSTED DOMAINS\n" "\n" "When an external trusted domain is configured in IPA, HBAC rules are also " "applied\n" "on users accessing IPA resources from the trusted domain. Trusted domain " "users and\n" "groups (and their SIDs) can be then assigned to external groups which can " "be\n" "members of POSIX groups in IPA which can be used in HBAC rules and thus " "allowing\n" "access to resources protected by the HBAC system.\n" "\n" "hbactest plugin is capable of testing access for both local IPA users and " "users\n" "from the trusted domains, either by a fully qualified user name or by user " "SID.\n" "Such user names need to have a trusted domain specified as a short name\n" "(DOMAIN\\Administrator) or with a user principal name (UPN), " "Administrator@ad.test.\n" "\n" "Please note that hbactest executed with a trusted domain user as --user " "parameter\n" "can be only run by members of \"trust admins\" group.\n" "\n" "EXAMPLES:\n" "\n" " 1. Test if a user from a trusted domain specified by its shortname " "matches any\n" " rule:\n" "\n" " $ ipa hbactest --user 'DOMAIN\\Administrator' --host `hostname` --" "service sshd\n" " --------------------\n" " Access granted: True\n" " --------------------\n" " Matched rules: allow_all\n" " Matched rules: can_login\n" "\n" " 2. Test if a user from a trusted domain specified by its domain name " "matches\n" " any rule:\n" "\n" " $ ipa hbactest --user 'Administrator@domain.com' --host `hostname` --" "service sshd\n" " --------------------\n" " Access granted: True\n" " --------------------\n" " Matched rules: allow_all\n" " Matched rules: can_login\n" "\n" " 3. Test if a user from a trusted domain specified by its SID matches any " "rule:\n" "\n" " $ ipa hbactest --user S-1-5-21-3035198329-144811719-1378114514-500 \\\n" " --host `hostname` --service sshd\n" " --------------------\n" " Access granted: True\n" " --------------------\n" " Matched rules: allow_all\n" " Matched rules: can_login\n" "\n" " 4. Test if other user from a trusted domain specified by its SID matches " "any rule:\n" "\n" " $ ipa hbactest --user S-1-5-21-3035198329-144811719-1378114514-1203 \\\n" " --host `hostname` --service sshd\n" " --------------------\n" " Access granted: True\n" " --------------------\n" " Matched rules: allow_all\n" " Not matched rules: can_login\n" "\n" " 5. Test if other user from a trusted domain specified by its shortname " "matches\n" " any rule:\n" "\n" " $ ipa hbactest --user 'DOMAIN\\Otheruser' --host `hostname` --service " "sshd\n" " --------------------\n" " Access granted: True\n" " --------------------\n" " Matched rules: allow_all\n" " Not matched rules: can_login\n" msgstr "" msgid "Simulate use of Host-based access controls" msgstr "模拟使用基于主机访问控制" msgid "Target host" msgstr "目标主机" msgid "Rules to test. If not specified, --enabled is assumed" msgstr "带测试规则。如果没有指定,--enable是假定的" msgid "Hide details which rules are matched, not matched, or invalid" msgstr "隐藏规则匹配,不匹配或无效的细节" msgid "Include all enabled IPA rules into test [default]" msgstr "在测试中包含所有启用的IPA规则【默认】" msgid "Include all disabled IPA rules into test" msgstr "在测试中包含所有禁用的IPA规则" msgid "Maximum number of rules to process when no --rules is specified" msgstr "当没有使用--rules来指定规则时,能处理的最大规则数" msgid "Warning" msgstr "警告" msgid "Matched rules" msgstr "已匹配规则" msgid "Not matched rules" msgstr "不匹配规则" msgid "Non-existent or invalid rules" msgstr "不存在或无效的规则" msgid "Result of simulation" msgstr "模拟结果" msgid "" "\n" "Cross-realm trusts\n" "\n" "Manage trust relationship between IPA and Active Directory domains.\n" "\n" "In order to allow users from a remote domain to access resources in IPA\n" "domain, trust relationship needs to be established. Currently IPA supports\n" "only trusts between IPA and Active Directory domains under control of " "Windows\n" "Server 2008 or later, with functional level 2008 or later.\n" "\n" "Please note that DNS on both IPA and Active Directory domain sides should " "be\n" "configured properly to discover each other. Trust relationship relies on\n" "ability to discover special resources in the other domain via DNS records.\n" "\n" "Examples:\n" "\n" "1. Establish cross-realm trust with Active Directory using AD administrator\n" " credentials:\n" "\n" " ipa trust-add --type=ad --admin --" "password\n" "\n" "2. List all existing trust relationships:\n" "\n" " ipa trust-find\n" "\n" "3. Show details of the specific trust relationship:\n" "\n" " ipa trust-show \n" "\n" "4. Delete existing trust relationship:\n" "\n" " ipa trust-del \n" "\n" "Once trust relationship is established, remote users will need to be mapped\n" "to local POSIX groups in order to actually use IPA resources. The mapping " "should\n" "be done via use of external membership of non-POSIX group and then this " "group\n" "should be included into one of local POSIX groups.\n" "\n" "Example:\n" "\n" "1. Create group for the trusted domain admins' mapping and their local POSIX " "group:\n" "\n" " ipa group-add --desc=' admins external map' ad_admins_external " "--external\n" " ipa group-add --desc=' admins' ad_admins\n" "\n" "2. Add security identifier of Domain Admins of the to the " "ad_admins_external\n" " group:\n" "\n" " ipa group-add-member ad_admins_external --external 'AD\\Domain Admins'\n" "\n" "3. Allow members of ad_admins_external group to be associated with ad_admins " "POSIX group:\n" "\n" " ipa group-add-member ad_admins --groups ad_admins_external\n" "\n" "4. List members of external members of ad_admins_external group to see their " "SIDs:\n" "\n" " ipa group-show ad_admins_external\n" "\n" "\n" "GLOBAL TRUST CONFIGURATION\n" "\n" "When IPA AD trust subpackage is installed and ipa-adtrust-install is run,\n" "a local domain configuration (SID, GUID, NetBIOS name) is generated. These\n" "identifiers are then used when communicating with a trusted domain of the\n" "particular type.\n" "\n" "1. Show global trust configuration for Active Directory type of trusts:\n" "\n" " ipa trustconfig-show --type ad\n" "\n" "2. Modify global configuration for all trusts of Active Directory type and " "set\n" " a different fallback primary group (fallback primary group GID is used " "as\n" " a primary user GID if user authenticating to IPA domain does not have any " "other\n" " primary GID already set):\n" "\n" " ipa trustconfig-mod --type ad --fallback-primary-group \"alternative AD " "group\"\n" "\n" "3. Change primary fallback group back to default hidden group (any group " "with\n" " posixGroup object class is allowed):\n" "\n" " ipa trustconfig-mod --type ad --fallback-primary-group \"Default SMB Group" "\"\n" msgstr "" msgid "Domain NetBIOS name" msgstr "域NetBIOS名" msgid "Domain Security Identifier" msgstr "域安全标识符" msgid "SID blacklist incoming" msgstr "进来的SID黑名单" msgid "SID blacklist outgoing" msgstr "出去的SID黑名单" msgid "Security Identifier" msgstr "安全标识符" msgid "NetBIOS name" msgstr "NetBIOS名称" msgid "Domain GUID" msgstr "域GUID" msgid "Fallback primary group" msgstr "回退主要的组" msgid "Domain name" msgstr "域名" msgid "Trusted domain partner" msgstr "信任域合作伙伴" msgid "Determine whether ipa-adtrust-install has been run on this system" msgstr "确定是否在该系统上运行ipa-adtrust-install" msgid "" "Determine whether Schema Compatibility plugin is configured to serve trusted " "domain users and groups" msgstr "确定是否将模式兼容插件配置成服务器信任域用户和用户组" #, fuzzy #| msgid "Determine whether ipa-adtrust-install has been run on this system" msgid "Determine whether ipa-adtrust-install has been run with sidgen task" msgstr "确定是否在该系统上运行ipa-adtrust-install" msgid "" "\n" "Add new trust to use.\n" "\n" "This command establishes trust relationship to another domain\n" "which becomes 'trusted'. As result, users of the trusted domain\n" "may access resources of this domain.\n" "\n" "Only trusts to Active Directory domains are supported right now.\n" "\n" "The command can be safely run multiple times against the same domain,\n" "this will cause change to trust relationship credentials on both\n" "sides.\n" " " msgstr "" msgid "Trust type (ad for Active Directory, default)" msgstr "信任类型(活动目录,默认)" msgid "Active Directory domain administrator" msgstr "活动目录域管理员" msgid "Active Directory domain administrator's password" msgstr "活动目录域管理员密码" msgid "Domain controller for the Active Directory domain (optional)" msgstr "活动目录域的域控制器(可选的)" #, fuzzy #| msgid "Search domains of the trust" msgid "Shared secret for the trust" msgstr "查找信任域" msgid "First Posix ID of the range reserved for the trusted domain" msgstr "信任域范围的第一个Posix ID" msgid "Size of the ID range reserved for the trusted domain" msgstr "信任域ID范围的大小" msgid "Range type" msgstr "范围类型" msgid "" "Type of trusted domain ID range, one of ipa-ad-trust-posix, ipa-ad-trust" msgstr "信任域ID范围的类型,是ipa-ad-trust-posix和ipa-ad-trust中的一个" msgid "Delete a trust." msgstr "删除一个信任。" msgid "Refresh list of the domains associated with the trust" msgstr "刷新与信任相关的域列表" msgid "Search for trusts." msgstr "查找信任。" msgid "Results should contain primary key attribute only (\"realm\")" msgstr "结果应该只包括主键属性(\"realm\")" msgid "" "\n" "Modify a trust (for future use).\n" "\n" " Currently only the default option to modify the LDAP attributes is\n" " available. More specific options will be added in coming releases.\n" " " msgstr "" msgid "Resolve security identifiers of users and groups in trusted domains" msgstr "在信任域中重新解析用户和用户组的安全标识符" msgid "Security Identifiers (SIDs)" msgstr "安全标识符(SIDs)" msgid "Display information about a trust." msgstr "显示信任信息。" msgid "Modify global trust configuration." msgstr "修改全局信任配置。" msgid "Show global trust configuration." msgstr "显示全局信任配置。" msgid "Allow access from the trusted domain" msgstr "允许访问信任域" msgid "Remove information about the domain associated with the trust." msgstr "移除与信任相关的域信息。" msgid "Disable use of IPA resources by the domain of the trust" msgstr "禁止使用信任域中的IPA资源" msgid "Allow use of IPA resources by the domain of the trust" msgstr "允许使用信任域中的IPA资源" msgid "Search domains of the trust" msgstr "查找信任域" msgid "Results should contain primary key attribute only (\"domain\")" msgstr "结果应该只包括主键属性(\"domain\")" msgid "Modify trustdomain of the trust" msgstr "修改信任的信任域" msgid "" "\n" "ID ranges\n" "\n" "Manage ID ranges used to map Posix IDs to SIDs and back.\n" "\n" "There are two type of ID ranges which are both handled by this utility:\n" "\n" " - the ID ranges of the local domain\n" " - the ID ranges of trusted remote domains\n" "\n" "Both types have the following attributes in common:\n" "\n" " - base-id: the first ID of the Posix ID range\n" " - range-size: the size of the range\n" "\n" "With those two attributes a range object can reserve the Posix IDs starting\n" "with base-id up to but not including base-id+range-size exclusively.\n" "\n" "Additionally an ID range of the local domain may set\n" " - rid-base: the first RID(*) of the corresponding RID range\n" " - secondary-rid-base: first RID of the secondary RID range\n" "\n" "and an ID range of a trusted domain must set\n" " - rid-base: the first RID of the corresponding RID range\n" " - sid: domain SID of the trusted domain\n" "\n" "\n" "\n" "EXAMPLE: Add a new ID range for a trusted domain\n" "\n" "Since there might be more than one trusted domain the domain SID must be " "given\n" "while creating the ID range.\n" "\n" " ipa idrange-add --base-id=1200000 --range-size=200000 --rid-" "base=0 --dom-sid=S-1-5-21-123-456-789 trusted_dom_range\n" "\n" "This ID range is then used by the IPA server and the SSSD IPA provider to\n" "assign Posix UIDs to users from the trusted domain.\n" "\n" "If e.g. a range for a trusted domain is configured with the following " "values:\n" " base-id = 1200000\n" " range-size = 200000\n" " rid-base = 0\n" "the RIDs 0 to 199999 are mapped to the Posix ID from 1200000 to 13999999. " "So\n" "RID 1000 <-> Posix ID 1201000\n" "\n" "\n" "\n" "EXAMPLE: Add a new ID range for the local domain\n" "\n" "To create an ID range for the local domain it is not necessary to specify a\n" "domain SID. But since it is possible that a user and a group can have the " "same\n" "value as Posix ID a second RID interval is needed to handle conflicts.\n" "\n" " ipa idrange-add --base-id=1200000 --range-size=200000 --rid-" "base=1000 --secondary-rid-base=1000000 local_range\n" "\n" "The data from the ID ranges of the local domain are used by the IPA server\n" "internally to assign SIDs to IPA users and groups. The SID will then be " "stored\n" "in the user or group objects.\n" "\n" "If e.g. the ID range for the local domain is configured with the values " "from\n" "the example above then a new user with the UID 1200007 will get the RID " "1007.\n" "If this RID is already used by a group the RID will be 1000007. This can " "only\n" "happen if a user or a group object was created with a fixed ID because the\n" "automatic assignment will not assign the same ID twice. Since there are " "only\n" "users and groups sharing the same ID namespace it is sufficient to have " "only\n" "one fallback range to handle conflicts.\n" "\n" "To find the Posix ID for a given RID from the local domain it has to be\n" "checked first if the RID falls in the primary or secondary RID range and\n" "the rid-base or the secondary-rid-base has to be subtracted, respectively,\n" "and the base-id has to be added to get the Posix ID.\n" "\n" "Typically the creation of ID ranges happens behind the scenes and this CLI\n" "must not be used at all. The ID range for the local domain will be created\n" "during installation or upgrade from an older version. The ID range for a\n" "trusted domain will be created together with the trust by 'ipa trust-" "add ...'.\n" "\n" "USE CASES:\n" "\n" " Add an ID range from a transitively trusted domain\n" "\n" " If the trusted domain (A) trusts another domain (B) as well and this " "trust\n" " is transitive 'ipa trust-add domain-A' will only create a range for\n" " domain A. The ID range for domain B must be added manually.\n" "\n" " Add an additional ID range for the local domain\n" "\n" " If the ID range of the local domain is exhausted, i.e. no new IDs can " "be\n" " assigned to Posix users or groups by the DNA plugin, a new range has to " "be\n" " created to allow new users and groups to be added. (Currently there is " "no\n" " connection between this range CLI and the DNA plugin, but a future " "version\n" " might be able to modify the configuration of the DNS plugin as well)\n" "\n" "In general it is not necessary to modify or delete ID ranges. If there is " "no\n" "other way to achieve a certain configuration than to modify or delete an ID\n" "range it should be done with great care. Because UIDs are stored in the " "file\n" "system and are used for access control it might be possible that users are\n" "allowed to access files of other users if an ID range got deleted and " "reused\n" "for a different domain.\n" "\n" "(*) The RID is typically the last integer of a user or group SID which " "follows\n" "the domain SID. E.g. if the domain SID is S-1-5-21-123-456-789 and a user " "from\n" "this domain has the SID S-1-5-21-123-456-789-1010 then 1010 is the RID of " "the\n" "user. RIDs are unique in a domain, 32bit values and are used for users and\n" "groups.\n" "\n" "WARNING:\n" "\n" "DNA plugin in 389-ds will allocate IDs based on the ranges configured for " "the\n" "local domain. Currently the DNA plugin *cannot* be reconfigured itself " "based\n" "on the local ranges set via this family of commands.\n" "\n" "Manual configuration change has to be done in the DNA plugin configuration " "for\n" "the new local range. Specifically, The dnaNextRange attribute of 'cn=Posix\n" "IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has to " "be\n" "modified to match the new range.\n" msgstr "" msgid "Range name" msgstr "范围名称" msgid "First Posix ID of the range" msgstr "该范围的第一个Posix ID" msgid "Number of IDs in the range" msgstr "该范围的ID数" msgid "First RID of the corresponding RID range" msgstr "匹配RID范围的第一个RID" msgid "First RID of the secondary RID range" msgstr "次要RID范围的第一个RID" msgid "Domain SID of the trusted domain" msgstr "信任域的域SID" msgid "Name of the trusted domain" msgstr "信任域的名称" msgid "ID range type, one of ipa-ad-trust-posix, ipa-ad-trust, ipa-local" msgstr "ID范围类型,是ipa-ad-trust-posix,ipa-ad-trust,ipa-local中的一个" msgid "" "\n" "Add new ID range.\n" "\n" " To add a new ID range you always have to specify\n" "\n" " --base-id\n" " --range-size\n" "\n" " Additionally\n" "\n" " --rid-base\n" " --secondary-rid-base\n" "\n" " may be given for a new ID range for the local domain while\n" "\n" " --rid-base\n" " --dom-sid\n" "\n" " must be given to add a new range for a trusted AD domain.\n" "\n" " WARNING:\n" "\n" " DNA plugin in 389-ds will allocate IDs based on the ranges configured " "for the\n" " local domain. Currently the DNA plugin *cannot* be reconfigured itself " "based\n" " on the local ranges set via this family of commands.\n" "\n" " Manual configuration change has to be done in the DNA plugin " "configuration for\n" " the new local range. Specifically, The dnaNextRange attribute of " "'cn=Posix\n" " IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has " "to be\n" " modified to match the new range.\n" " " msgstr "" msgid "Delete an ID range." msgstr "删除一个ID范围。" msgid "Search for ranges." msgstr "查找范围。" msgid "Modify ID range." msgstr "修改ID范围。" msgid "Display information about a range." msgstr "显示范围信息。" msgid "Time limit of search in seconds (0 is unlimited)" msgstr "时间限制在几秒钟内的搜索(0代表无限制)" msgid "Maximum number of entries returned (0 is unlimited)" msgstr "返回的最大条目数(0代表无限制)" msgid "" "\n" "Manage CA ACL rules.\n" "\n" "This plugin is used to define rules governing which principals are\n" "permitted to have certificates issued using a given certificate\n" "profile.\n" "\n" "PROFILE ID SYNTAX:\n" "\n" "A Profile ID is a string without spaces or punctuation starting with a " "letter\n" "and followed by a sequence of letters, digits or underscore (\"_\").\n" "\n" "EXAMPLES:\n" "\n" " Create a CA ACL \"test\" that grants all users access to the\n" " \"UserCert\" profile:\n" " ipa caacl-add test --usercat=all\n" " ipa caacl-add-profile test --certprofiles UserCert\n" "\n" " Display the properties of a named CA ACL:\n" " ipa caacl-show test\n" "\n" " Create a CA ACL to let user \"alice\" use the \"DNP3\" profile:\n" " ipa caacl-add-profile alice_dnp3 --certprofiles DNP3\n" " ipa caacl-add-user alice_dnp3 --user=alice\n" "\n" " Disable a CA ACL:\n" " ipa caacl-disable test\n" "\n" " Remove a CA ACL:\n" " ipa caacl-del test\n" msgstr "" msgid "ACL name" msgstr "ACL名称" msgid "Profile category" msgstr "配置文件类别" msgid "Profile category the ACL applies to" msgstr "ACL适用于配置文件类别" msgid "User category the ACL applies to" msgstr "ACL适用于用户类别" msgid "Host category the ACL applies to" msgstr "ACL适用于主机类别" msgid "Service category the ACL applies to" msgstr "ACL适用于服务类别" msgid "Profiles" msgstr "配置文件" msgid "Create a new CA ACL." msgstr "创建一个新的CA ACL。" msgid "Add target hosts and hostgroups to a CA ACL." msgstr "向一个CA ACL中添加目标主机和主机组。" msgid "Add profiles to a CA ACL." msgstr "向一个CA ACL中添加配置文件。" msgid "member Certificate Profile" msgstr "成员证书配置文件" msgid "Certificate Profiles to add" msgstr "待添加的证书配置文件" msgid "Add services to a CA ACL." msgstr "向一个CA ACL中添加服务。" msgid "Add users and groups to a CA ACL." msgstr "向一个CA ACL中添加用户和用户组。" msgid "Delete a CA ACL." msgstr "删除一个CA ACL。" msgid "Disable a CA ACL." msgstr "禁用一个CA ACL。" msgid "Enable a CA ACL." msgstr "启用一个CA ACL。" msgid "Search for CA ACLs." msgstr "查找CA ACLs。" msgid "Modify a CA ACL." msgstr "修改一个CA ACL。" msgid "Remove target hosts and hostgroups from a CA ACL." msgstr "从一个CA ACL中移除目标主机和主机组。" msgid "Remove profiles from a CA ACL." msgstr "从一个CA ACL中移除配置文件。" msgid "Certificate Profiles to remove" msgstr "待移除的证书配置文件" msgid "Remove services from a CA ACL." msgstr "从一个CA ACL中移除服务。" msgid "Remove users and groups from a CA ACL." msgstr "从一个CA ACL中移除用户和用户组。" msgid "Display the properties of a CA ACL." msgstr "显示一个CA ACL的属性。" msgid "" "\n" "Manage Certificate Profiles\n" "\n" "Certificate Profiles are used by Certificate Authority (CA) in the signing " "of\n" "certificates to determine if a Certificate Signing Request (CSR) is " "acceptable,\n" "and if so what features and extensions will be present on the certificate.\n" "\n" "The Certificate Profile format is the property-list format understood by " "the\n" "Dogtag or Red Hat Certificate System CA.\n" "\n" "PROFILE ID SYNTAX:\n" "\n" "A Profile ID is a string without spaces or punctuation starting with a " "letter\n" "and followed by a sequence of letters, digits or underscore (\"_\").\n" "\n" "EXAMPLES:\n" "\n" " Import a profile that will not store issued certificates:\n" " ipa certprofile-import ShortLivedUserCert --file UserCert.profile " "--desc \"User Certificates\" --store=false\n" "\n" " Delete a certificate profile:\n" " ipa certprofile-del ShortLivedUserCert\n" "\n" " Show information about a profile:\n" " ipa certprofile-show ShortLivedUserCert\n" "\n" " Save profile configuration to a file:\n" " ipa certprofile-show caIPAserviceCert --out caIPAserviceCert.cfg\n" "\n" " Search for profiles that do not store certificates:\n" " ipa certprofile-find --store=false\n" "\n" "PROFILE CONFIGURATION FORMAT:\n" "\n" "The profile configuration format is the raw property-list format\n" "used by Dogtag Certificate System. The XML format is not supported.\n" "\n" "The following restrictions apply to profiles managed by FreeIPA:\n" "\n" "- When importing a profile the \"profileId\" field, if present, must\n" " match the ID given on the command line.\n" "\n" "- The \"classId\" field must be set to \"caEnrollImpl\"\n" "\n" "- The \"auth.instance_id\" field must be set to \"raCertAuth\"\n" "\n" "- The \"certReqInputImpl\" input class and \"certOutputImpl\" output\n" " class must be used.\n" msgstr "" msgid "Profile ID for referring to this profile" msgstr "指向该配置文件的配置文件ID" msgid "Profile description" msgstr "配置文件描述" msgid "Brief description of this profile" msgstr "该配置文件的简要描述" msgid "Store issued certificates" msgstr "存储已发布证书" msgid "Whether to store certs issued using this profile" msgstr "是否存储使用该配置文件的证书发布" msgid "Delete a Certificate Profile." msgstr "删除一个证书配置文件。" msgid "Search for Certificate Profiles." msgstr "查找证书配置文件。" msgid "Import a Certificate Profile." msgstr "导入一个证书配置文件。" msgid "Filename of a raw profile. The XML format is not supported." msgstr "原始配置文件的文件名。不支持XML格式。" msgid "Modify Certificate Profile configuration." msgstr "修改证书配置文件配置。" msgid "File containing profile configuration" msgstr "文件包含配置文件配置" msgid "Display the properties of a Certificate Profile." msgstr "显示一个证书配置文件的属性。" msgid "Write profile configuration to file" msgstr "将配置文件配置写进文件" msgid "Maximum amount of time (seconds) for a search (-1 or 0 is unlimited)" msgstr "最大的时间(秒)搜索(-1或0表示无限制)" msgid "Maximum number of records to search (-1 or 0 is unlimited)" msgstr "最大数量的搜索记录(-1或0表示无限制)" msgid "" "\n" "Raise the IPA Domain Level.\n" msgstr "" "\n" "提高IPA域级别。\n" msgid "Query current Domain Level." msgstr "查询当前域级别。" msgid "Current domain level:" msgstr "当前域级别:" msgid "Change current Domain Level." msgstr "改变当前域级别。" msgid "Domain Level" msgstr "域级别" msgid "Add certificates to host entry" msgstr "向主机条目中添加证书" msgid "Remove certificates from host entry" msgstr "从主机条目中移除证书" msgid "Fallback to AD DC LDAP" msgstr "回退到AD DC LDAP" msgid "" "Allow falling back to AD DC LDAP when resolving AD trusted objects. For two-" "way trusts only." msgstr "当解析AD信任对象时允许回退到AD DC LDAP。仅供双向信任。" msgid "" "Applies ID View to specified hosts or current members of specified " "hostgroups. If any other ID View is applied to the host, it is overridden." msgstr "" "ID视图适用于指定的主机或指定主机组的当前成员。如果该主机已有其他ID视图,则覆" "盖它。" msgid "Add to default group" msgstr "添加到默认组" msgid "Add migrated users without a group to a default group (default: true)" msgstr "添加没有组的移植用户到一个默认组(默认:正确的)" msgid "Search scope" msgstr "范围查找" msgid "" "LDAP search scope for users and groups: base, onelevel, or subtree. Defaults " "to onelevel" msgstr "用户和用户组的LDAP范围查找:基,一级,或子树。默认是一级" msgid "Remove users that can manage this token." msgstr "移除可以管理该令牌的用户。" msgid "Target DN subtree" msgstr "目标DN子树" msgid "" "Optional DN subtree where an entry can be moved to (must be in the subtree, " "but may not yet exist)" msgstr "" msgid "Origin DN subtree" msgstr "原始DN子树" msgid "" "Optional DN subtree from where an entry can be moved (must be in the " "subtree, but may not yet exist)" msgstr "" msgid "" "\n" "IPA servers\n" "\n" "Get information about installed IPA servers.\n" "\n" "EXAMPLES:\n" "\n" " Find all servers:\n" " ipa server-find\n" "\n" " Show specific server:\n" " ipa server-show ipa.example.com\n" msgstr "" msgid "Server name" msgstr "服务名称" msgid "IPA server hostname" msgstr "IPA服务主机名" msgid "Managed suffix" msgstr "管理的后缀" msgid "Min domain level" msgstr "最低域级别" msgid "Minimum domain level" msgstr "最低域级别" msgid "Max domain level" msgstr "最高域级别" msgid "Maximum domain level" msgstr "最高域级别" msgid "Delete IPA server." msgstr "删除IPA服务器。" msgid "Search for IPA servers." msgstr "查找IPA服务器。" msgid "Show IPA server." msgstr "显示IPA服务器。" msgid "Add new certificates to a service" msgstr "向一个服务中添加新证书" msgid "Remove certificates from a service" msgstr "从一个服务中移除证书" msgid "" "\n" "Service Constrained Delegation\n" "\n" "Manage rules to allow constrained delegation of credentials so\n" "that a service can impersonate a user when communicating with another\n" "service without requiring the user to actually forward their TGT.\n" "This makes for a much better method of delegating credentials as it\n" "prevents exposure of the short term secret of the user.\n" "\n" "The naming convention is to append the word \"target\" or \"targets\" to\n" "a matching rule name. This is not mandatory but helps conceptually\n" "to associate rules and targets.\n" "\n" "A rule consists of two things:\n" " - A list of targets the rule applies to\n" " - A list of memberPrincipals that are allowed to delegate for\n" " those targets\n" "\n" "A target consists of a list of principals that can be delegated.\n" "\n" "In English, a rule says that this principal can delegate as this\n" "list of principals, as defined by these targets.\n" "\n" "EXAMPLES:\n" "\n" " Add a new constrained delegation rule:\n" " ipa servicedelegationrule-add ftp-delegation\n" "\n" " Add a new constrained delegation target:\n" " ipa servicedelegationtarget-add ftp-delegation-target\n" "\n" " Add a principal to the rule:\n" " ipa servicedelegationrule-add-member --principals=ftp/ipa.example." "com ftp-delegation\n" "\n" " Add our target to the rule:\n" " ipa servicedelegationrule-add-target --servicedelegationtargets=ftp-" "delegation-target ftp-delegation\n" "\n" " Add a principal to the target:\n" " ipa servicedelegationtarget-add-member --principals=ldap/ipa.example." "com ftp-delegation-target\n" "\n" " Display information about a named delegation rule and target:\n" " ipa servicedelegationrule_show ftp-delegation\n" " ipa servicedelegationtarget_show ftp-delegation-target\n" "\n" " Remove a constrained delegation:\n" " ipa servicedelegationrule-del ftp-delegation-target\n" " ipa servicedelegationtarget-del ftp-delegation\n" "\n" "In this example the ftp service can get a TGT for the ldap service on\n" "the bound user's behalf.\n" "\n" "It is strongly discouraged to modify the delegations that ship with\n" "IPA, ipa-http-delegation and its targets ipa-cifs-delegation-targets and\n" "ipa-ldap-delegation-targets. Incorrect changes can remove the ability\n" "to delegate, causing the framework to stop functioning.\n" msgstr "" msgid "Allowed Target" msgstr "允许的目标" msgid "Create a new service delegation rule." msgstr "创建一个新的服务授权规则。" msgid "Add member to a named service delegation rule." msgstr "向一个命名服务授权规则中添加成员。" msgid "member principal" msgstr "成员主体" msgid "principal to add" msgstr "待添加主体" msgid "Add target to a named service delegation rule." msgstr "向一个命名服务授权规则中添加目标。" msgid "member service delegation target" msgstr "成员服务授权目标" msgid "service delegation targets to add" msgstr "待添加的服务授权目标" msgid "Delete service delegation." msgstr "删除服务授权。" msgid "Search for service delegations rule." msgstr "查找服务授权规则。" msgid "Results should contain primary key attribute only (\"delegation-name\")" msgstr "结果应该只包括主键属性(\"delegation-name\")" msgid "Remove member from a named service delegation rule." msgstr "从一个命名服务授权规则中移除成员。" msgid "principal to remove" msgstr "待移除的主体" msgid "Remove target from a named service delegation rule." msgstr "从一个命名服务授权规则中移除目标。" msgid "service delegation targets to remove" msgstr "待移除的服务授权目标" msgid "Display information about a named service delegation rule." msgstr "显示一个命名服务授权规则信息。" msgid "Create a new service delegation target." msgstr "创建一个新的服务授权目标。" msgid "Add member to a named service delegation target." msgstr "向一个命名服务授权规则中添加成员。" msgid "Delete service delegation target." msgstr "删除服务授权目标。" msgid "Search for service delegation target." msgstr "查找服务授权目标。" msgid "Remove member from a named service delegation target." msgstr "从一个命名服务授权目标中移除成员。" msgid "Display information about a named service delegation target." msgstr "显示一个命名服务授权目标信息。" msgid "" "\n" "Stageusers\n" "\n" "Manage stage user entries.\n" "\n" "Stage user entries are directly under the container: \"cn=stage users,\n" "cn=accounts, cn=provisioning, SUFFIX\".\n" "User can not authenticate with those entries (even if the entries\n" "contain credentials) and are candidate to become Active entries.\n" "\n" "Active user entries are Posix users directly under the container: " "\"cn=accounts, SUFFIX\".\n" "User can authenticate with Active entries, at the condition they have\n" "credentials\n" "\n" "Delete user entries are Posix users directly under the container: " "\"cn=deleted users,\n" "cn=accounts, cn=provisioning, SUFFIX\".\n" "User can not authenticate with those entries (even if the entries contain " "credentials)\n" "\n" "The stage user container contains entries\n" " - created by 'stageuser-add' commands that are Posix users\n" " - created by external provisioning system\n" "\n" "A valid stage user entry MUST:\n" " - entry RDN is 'uid'\n" " - ipaUniqueID is 'autogenerate'\n" "\n" "IPA supports a wide range of username formats, but you need to be aware of " "any\n" "restrictions that may apply to your particular environment. For example,\n" "usernames that start with a digit or usernames that exceed a certain length\n" "may cause problems for some UNIX systems.\n" "Use 'ipa config-mod' to change the username format allowed by IPA tools.\n" "\n" "\n" "EXAMPLES:\n" "\n" " Add a new stageuser:\n" " ipa stageuser-add --first=Tim --last=User --password tuser1\n" "\n" " Add a stageuser from the Delete container\n" " ipa stageuser-add --first=Tim --last=User --from-delete tuser1\n" msgstr "" msgid "Activate a stage user." msgstr "激活一个计划用户。" #, fuzzy #| msgid "Add a new user." msgid "Add a new stage user." msgstr "添加一个新用户。" msgid "Create Stage user in from a delete user" msgstr "从一个删除用户中创建计划用户" msgid "Delete a stage user." msgstr "删除一个计划用户。" msgid "Search for stage users." msgstr "查找计划用户。" msgid "Search for stage users with these member of groups." msgstr "查找包含这些组成员的计划用户。" msgid "Search for stage users without these member of groups." msgstr "查找不包含这些组成员的计划用户。" msgid "Search for stage users with these member of netgroups." msgstr "查找包含这些网络组成员的计划用户。" msgid "Search for stage users without these member of netgroups." msgstr "查找不包含这些网络组成员的计划用户。" msgid "Search for stage users with these member of roles." msgstr "查找包含这些角色成员的计划用户。" msgid "Search for stage users without these member of roles." msgstr "查找不包含这些角色成员的计划用户。" msgid "Search for stage users with these member of HBAC rules." msgstr "查找包含这些HBAC规则成员的计划用户。" msgid "Search for stage users without these member of HBAC rules." msgstr "查找不包含这些HBAC规则成员的计划用户。" msgid "Search for stage users with these member of sudo rules." msgstr "查找包含这些sudo规则成员的计划用户。" msgid "Search for stage users without these member of sudo rules." msgstr "查找不包含这些sudo规则成员的计划用户。" msgid "Modify a stage user." msgstr "修改一个计划用户。" msgid "Rename the stage user object" msgstr "重命名计划用户对象" msgid "Display information about a stage user." msgstr "显示一个计划用户信息。" #, fuzzy #| msgid "" #| "\n" #| "Topology\n" #| "\n" #| "Management of a replication topology at domain level 1.\n" msgid "" "\n" "Topology\n" "\n" "Management of a replication topology.\n" "\n" "Requires minimum domain level 1.\n" msgstr "" "\n" "拓扑\n" "\n" "域级别为1的复制拓扑的管理。\n" msgid "Segment name" msgstr "段名称" msgid "Arbitrary string identifying the segment" msgstr "" msgid "Left node" msgstr "左节点" msgid "Left replication node - an IPA server" msgstr "左复制节点-IPA服务器" msgid "Right node" msgstr "右节点" msgid "Right replication node - an IPA server" msgstr "右复制节点-IPA服务器" msgid "Connectivity" msgstr "连接" msgid "Direction of replication between left and right replication node" msgstr "" #, fuzzy #| msgid "Attributes to replicate" msgid "Attributes to strip" msgstr "待复制属性" msgid "" "A space separated list of attributes which are removed from replication " "updates." msgstr "从复制更新中删除的以空格分隔的属性列表。" msgid "Attributes to replicate" msgstr "待复制属性" msgid "" "Attributes that are not replicated to a consumer server during a fractional " "update. E.g., `(objectclass=*) $ EXCLUDE accountlockout memberof" msgstr "" msgid "Attributes for total update" msgstr "所有更新的属性" msgid "" "Attributes that are not replicated to a consumer server during a total " "update. E.g. (objectclass=*) $ EXCLUDE accountlockout" msgstr "" msgid "Session timeout" msgstr "会话超时" msgid "" "Number of seconds outbound LDAP operations waits for a response from the " "remote replica before timing out and failing" msgstr "在超时和失败前LDAP操作从远程复制服务器等待回应的用去的秒数" msgid "Replication agreement enabled" msgstr "启用复制协议" msgid "" "Whether a replication agreement is active, meaning whether replication is " "occurring per that agreement" msgstr "" msgid "Suffix name" msgstr "后缀名称" msgid "LDAP suffix to be managed" msgstr "待管理的LDAP后缀" msgid "Add a new segment." msgstr "添加一个新段。" msgid "Delete a segment." msgstr "删除一个段。" msgid "Search for topology segments." msgstr "查找拓扑段。" msgid "Modify a segment." msgstr "修改一个段。" msgid "" "Request a full re-initialization of the node retrieving data from the other " "node." msgstr "请求一个完整的从另一个节点检索数据的节点重初始化。" msgid "Initialize left node" msgstr "左节点初始化" msgid "Initialize right node" msgstr "右节点初始化" msgid "Stop already started refresh of chosen node(s)" msgstr "" msgid "Display a segment." msgstr "显示一个段。" msgid "Add a new topology suffix to be managed." msgstr "添加一个新的拓扑后缀到管理中。" msgid "Delete a topology suffix." msgstr "删除一个拓扑后缀。" #, fuzzy #| msgid "Search for topology suffixes." msgid "Search for topology suffices." msgstr "查找拓扑后缀。" msgid "Modify a topology suffix." msgstr "修改一个拓扑后缀。" msgid "Show managed suffix." msgstr "显示已管理的后缀。" #, fuzzy #| msgid "" #| "\n" #| "Verify replication topology for suffix.\n" #| "\n" #| "Checks done:\n" #| " 1. check if a topology is not disconnected. In other words if there " #| "are\n" #| " replication paths between all servers.\n" #| " 2. check if servers don't have more than the recommended number of\n" #| " replication agreements\n" msgid "" "\n" "Verify replication topology for suffix.\n" "\n" "Checks done:\n" " 1. check if a topology is not disconnected. In other words if there are\n" " replication paths between all servers.\n" " 2. check if servers don't have more than the recommended number of\n" " replication agreements\n" " " msgstr "" "\n" "验证复制拓扑的后缀。\n" "检查完成:\n" " 1. 检查是否还有没有连接的拓扑。换句话说,是否在所有服务器之间存在复制路" "径。\n" " 2. 检查是否服务器没有超过推荐的副本协议数\n" msgid "Preserved user" msgstr "备用用户" msgid "Add one or more certificates to the user entry" msgstr "向用户条目中添加一个或多个证书" msgid "Remove one or more certificates to the user entry" msgstr "向用户条目中移除一个或多个证书" msgid "Move deleted user into staged area" msgstr "将已删除用户移植到计划区域" msgid "Undelete a delete user account." msgstr "恢复删除用户账户。" msgid "" "\n" "Vaults\n" "\n" "Manage vaults.\n" "\n" "Vault is a secure place to store a secret.\n" "\n" "Based on the ownership there are three vault categories:\n" "* user/private vault\n" "* service vault\n" "* shared vault\n" "\n" "User vaults are vaults owned used by a particular user. Private\n" "vaults are vaults owned the current user. Service vaults are\n" "vaults owned by a service. Shared vaults are owned by the admin\n" "but they can be used by other users or services.\n" "\n" "Based on the security mechanism there are three types of\n" "vaults:\n" "* standard vault\n" "* symmetric vault\n" "* asymmetric vault\n" "\n" "Standard vault uses a secure mechanism to transport and\n" "store the secret. The secret can only be retrieved by users\n" "that have access to the vault.\n" "\n" "Symmetric vault is similar to the standard vault, but it\n" "pre-encrypts the secret using a password before transport.\n" "The secret can only be retrieved using the same password.\n" "\n" "Asymmetric vault is similar to the standard vault, but it\n" "pre-encrypts the secret using a public key before transport.\n" "The secret can only be retrieved using the private key.\n" "\n" "EXAMPLES:\n" "\n" " List vaults:\n" " ipa vault-find\n" " [--user |--service |--shared]\n" "\n" " Add a standard vault:\n" " ipa vault-add \n" " [--user |--service |--shared]\n" " --type standard\n" "\n" " Add a symmetric vault:\n" " ipa vault-add \n" " [--user |--service |--shared]\n" " --type symmetric --password-file password.txt\n" "\n" " Add an asymmetric vault:\n" " ipa vault-add \n" " [--user |--service |--shared]\n" " --type asymmetric --public-key-file public.pem\n" "\n" " Show a vault:\n" " ipa vault-show \n" " [--user |--service |--shared]\n" "\n" " Modify vault description:\n" " ipa vault-mod \n" " [--user |--service |--shared]\n" " --desc \n" "\n" " Modify vault type:\n" " ipa vault-mod \n" " [--user |--service |--shared]\n" " --type \n" " [old password/private key]\n" " [new password/public key]\n" "\n" " Modify symmetric vault password:\n" " ipa vault-mod \n" " [--user |--service |--shared]\n" " --change-password\n" " ipa vault-mod \n" " [--user |--service |--shared]\n" " --old-password \n" " --new-password \n" " ipa vault-mod \n" " [--user |--service |--shared]\n" " --old-password-file \n" " --new-password-file \n" "\n" " Modify asymmetric vault keys:\n" " ipa vault-mod \n" " [--user |--service |--shared]\n" " --private-key-file \n" " --public-key-file \n" "\n" " Delete a vault:\n" " ipa vault-del \n" " [--user |--service |--shared]\n" "\n" " Display vault configuration:\n" " ipa vaultconfig-show\n" "\n" " Archive data into standard vault:\n" " ipa vault-archive \n" " [--user |--service |--shared]\n" " --in \n" "\n" " Archive data into symmetric vault:\n" " ipa vault-archive \n" " [--user |--service |--shared]\n" " --in \n" " --password-file password.txt\n" "\n" " Archive data into asymmetric vault:\n" " ipa vault-archive \n" " [--user |--service |--shared]\n" " --in \n" "\n" " Retrieve data from standard vault:\n" " ipa vault-retrieve \n" " [--user |--service |--shared]\n" " --out \n" "\n" " Retrieve data from symmetric vault:\n" " ipa vault-retrieve \n" " [--user |--service |--shared]\n" " --out \n" " --password-file password.txt\n" "\n" " Retrieve data from asymmetric vault:\n" " ipa vault-retrieve \n" " [--user |--service |--shared]\n" " --out --private-key-file private.pem\n" "\n" " Add vault owners:\n" " ipa vault-add-owner \n" " [--user |--service |--shared]\n" " [--users ] [--groups ] [--services ]\n" "\n" " Delete vault owners:\n" " ipa vault-remove-owner \n" " [--user |--service |--shared]\n" " [--users ] [--groups ] [--services ]\n" "\n" " Add vault members:\n" " ipa vault-add-member \n" " [--user |--service |--shared]\n" " [--users ] [--groups ] [--services ]\n" "\n" " Delete vault members:\n" " ipa vault-remove-member \n" " [--user |--service |--shared]\n" " [--users ] [--groups ] [--services ]\n" msgstr "" msgid "Vault name" msgstr "库名称" msgid "Vault description" msgstr "库描述" msgid "Vault type" msgstr "库类型" msgid "Salt" msgstr "盐值" msgid "Vault salt" msgstr "库盐值" msgid "Public key" msgstr "公钥" msgid "Vault public key" msgstr "库公钥" msgid "Owner users" msgstr "所有者用户" msgid "Owner groups" msgstr "所有者用户组" msgid "Owner services" msgstr "所有者服务" msgid "Failed owners" msgstr "错误的所有者" msgid "Vault service" msgstr "库服务" msgid "Shared vault" msgstr "共享库" msgid "Vault user" msgstr "共享用户" #, fuzzy #| msgid "Host Certificate" msgid "Transport Certificate" msgstr "主机证书" msgid "Service name of the service vault" msgstr "服务库的服务名" msgid "Username of the user vault" msgstr "用户库的用户名" msgid "Add members to a vault." msgstr "向一个库中添加成员。" msgid "Add owners to a vault." msgstr "向一个库中添加所有者。" msgid "owner user" msgstr "所有者用户" msgid "owner group" msgstr "所有者用户组" msgid "owner service" msgstr "所有者服务" msgid "Owners that could not be added" msgstr "不能被添加的所有者" msgid "Number of owners added" msgstr "已添加的所有者数" msgid "Session key wrapped with transport certificate" msgstr "" msgid "Vault data encrypted with session key" msgstr "库数据用会话密钥加密" msgid "Nonce" msgstr "临时的" msgid "Delete a vault." msgstr "删除一个库。" msgid "Search for vaults." msgstr "查找库。" msgid "List all service vaults" msgstr "所有服务库列表" msgid "List all user vaults" msgstr "所有用户库列表" msgid "Remove members from a vault." msgstr "从一个库中移除成员。" msgid "Remove owners from a vault." msgstr "从一个库中移除所有者。" msgid "Owners that could not be removed" msgstr "不能被移除的所有者" msgid "Number of owners removed" msgstr "待移除的所有者数" msgid "Display information about a vault." msgstr "显示一个库信息。" msgid "Show vault configuration." msgstr "显示库配置。" #, fuzzy #| msgid "File to store the certificate in." msgid "Output file to store the transport certificate" msgstr "存储证书文件。" msgid "Add owners to a vault container." msgstr "向一个库容器中添加所有者。" msgid "Delete a vault container." msgstr "删除一个库容器。" msgid "Remove owners from a vault container." msgstr "从一个库容器中移除所有者。" msgid "Display information about a vault container." msgstr "显示一个库容器信息。" msgid "Certificate Profile to use" msgstr "待使用的证书配置文件" msgid "Two-way trust" msgstr "双向信任" msgid "" "Establish bi-directional trust. By default trust is inbound one-way only." msgstr "建立双向信任。默认信任仅是单项的。" msgid "" "\n" "ID ranges\n" "\n" "Manage ID ranges used to map Posix IDs to SIDs and back.\n" "\n" "There are two type of ID ranges which are both handled by this utility:\n" "\n" " - the ID ranges of the local domain\n" " - the ID ranges of trusted remote domains\n" "\n" "Both types have the following attributes in common:\n" "\n" " - base-id: the first ID of the Posix ID range\n" " - range-size: the size of the range\n" "\n" "With those two attributes a range object can reserve the Posix IDs starting\n" "with base-id up to but not including base-id+range-size exclusively.\n" "\n" "Additionally an ID range of the local domain may set\n" " - rid-base: the first RID(*) of the corresponding RID range\n" " - secondary-rid-base: first RID of the secondary RID range\n" "\n" "and an ID range of a trusted domain must set\n" " - rid-base: the first RID of the corresponding RID range\n" " - sid: domain SID of the trusted domain\n" "\n" "\n" "\n" "EXAMPLE: Add a new ID range for a trusted domain\n" "\n" "Since there might be more than one trusted domain the domain SID must be " "given\n" "while creating the ID range.\n" "\n" " ipa idrange-add --base-id=1200000 --range-size=200000 --rid-" "base=0 --dom-sid=S-1-5-21-123-456-789 trusted_dom_range\n" "\n" "This ID range is then used by the IPA server and the SSSD IPA provider to\n" "assign Posix UIDs to users from the trusted domain.\n" "\n" "If e.g. a range for a trusted domain is configured with the following " "values:\n" " base-id = 1200000\n" " range-size = 200000\n" " rid-base = 0\n" "the RIDs 0 to 199999 are mapped to the Posix ID from 1200000 to 13999999. " "So\n" "RID 1000 <-> Posix ID 1201000\n" "\n" "\n" "\n" "EXAMPLE: Add a new ID range for the local domain\n" "\n" "To create an ID range for the local domain it is not necessary to specify a\n" "domain SID. But since it is possible that a user and a group can have the " "same\n" "value as Posix ID a second RID interval is needed to handle conflicts.\n" "\n" " ipa idrange-add --base-id=1200000 --range-size=200000 --rid-" "base=1000 --secondary-rid-base=1000000 local_range\n" "\n" "The data from the ID ranges of the local domain are used by the IPA server\n" "internally to assign SIDs to IPA users and groups. The SID will then be " "stored\n" "in the user or group objects.\n" "\n" "If e.g. the ID range for the local domain is configured with the values " "from\n" "the example above then a new user with the UID 1200007 will get the RID " "1007.\n" "If this RID is already used by a group the RID will be 1000007. This can " "only\n" "happen if a user or a group object was created with a fixed ID because the\n" "automatic assignment will not assign the same ID twice. Since there are " "only\n" "users and groups sharing the same ID namespace it is sufficient to have " "only\n" "one fallback range to handle conflicts.\n" "\n" "To find the Posix ID for a given RID from the local domain it has to be\n" "checked first if the RID falls in the primary or secondary RID range and\n" "the rid-base or the secondary-rid-base has to be subtracted, respectively,\n" "and the base-id has to be added to get the Posix ID.\n" "\n" "Typically the creation of ID ranges happens behind the scenes and this CLI\n" "must not be used at all. The ID range for the local domain will be created\n" "during installation or upgrade from an older version. The ID range for a\n" "trusted domain will be created together with the trust by 'ipa trust-" "add ...'.\n" "\n" "USE CASES:\n" "\n" " Add an ID range from a transitively trusted domain\n" "\n" " If the trusted domain (A) trusts another domain (B) as well and this " "trust\n" " is transitive 'ipa trust-add domain-A' will only create a range for\n" " domain A. The ID range for domain B must be added manually.\n" "\n" " Add an additional ID range for the local domain\n" "\n" " If the ID range of the local domain is exhausted, i.e. no new IDs can " "be\n" " assigned to Posix users or groups by the DNA plugin, a new range has to " "be\n" " created to allow new users and groups to be added. (Currently there is " "no\n" " connection between this range CLI and the DNA plugin, but a future " "version\n" " might be able to modify the configuration of the DNS plugin as well)\n" "\n" "In general it is not necessary to modify or delete ID ranges. If there is " "no\n" "other way to achieve a certain configuration than to modify or delete an ID\n" "range it should be done with great care. Because UIDs are stored in the " "file\n" "system and are used for access control it might be possible that users are\n" "allowed to access files of other users if an ID range got deleted and " "reused\n" "for a different domain.\n" "\n" "(*) The RID is typically the last integer of a user or group SID which " "follows\n" "the domain SID. E.g. if the domain SID is S-1-5-21-123-456-789 and a user " "from\n" "this domain has the SID S-1-5-21-123-456-789-1010 then 1010 is the RID of " "the\n" "user. RIDs are unique in a domain, 32bit values and are used for users and\n" "groups.\n" "\n" "=======\n" "WARNING:\n" "\n" "DNA plugin in 389-ds will allocate IDs based on the ranges configured for " "the\n" "local domain. Currently the DNA plugin *cannot* be reconfigured itself " "based\n" "on the local ranges set via this family of commands.\n" "\n" "Manual configuration change has to be done in the DNA plugin configuration " "for\n" "the new local range. Specifically, The dnaNextRange attribute of 'cn=Posix\n" "IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has to " "be\n" "modified to match the new range.\n" "=======\n" msgstr "" msgid "" "\n" "Add new ID range.\n" "\n" " To add a new ID range you always have to specify\n" "\n" " --base-id\n" " --range-size\n" "\n" " Additionally\n" "\n" " --rid-base\n" " --secondary-rid-base\n" "\n" " may be given for a new ID range for the local domain while\n" "\n" " --rid-base\n" " --dom-sid\n" "\n" " must be given to add a new range for a trusted AD domain.\n" "\n" "=======\n" "WARNING:\n" "\n" "DNA plugin in 389-ds will allocate IDs based on the ranges configured for " "the\n" "local domain. Currently the DNA plugin *cannot* be reconfigured itself " "based\n" "on the local ranges set via this family of commands.\n" "\n" "Manual configuration change has to be done in the DNA plugin configuration " "for\n" "the new local range. Specifically, The dnaNextRange attribute of 'cn=Posix\n" "IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has to " "be\n" "modified to match the new range.\n" "=======\n" " " msgstr "" msgid "" "\n" "Modify ID range.\n" "\n" "=======\n" "WARNING:\n" "\n" "DNA plugin in 389-ds will allocate IDs based on the ranges configured for " "the\n" "local domain. Currently the DNA plugin *cannot* be reconfigured itself " "based\n" "on the local ranges set via this family of commands.\n" "\n" "Manual configuration change has to be done in the DNA plugin configuration " "for\n" "the new local range. Specifically, The dnaNextRange attribute of 'cn=Posix\n" "IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has to " "be\n" "modified to match the new range.\n" "=======\n" " " msgstr "" msgid "Resolve a host name in DNS. (Deprecated)" msgstr "在DNS中解析主机名。(不赞成)" msgid "Hostname (FQDN)" msgstr "主机名(FQDN)" msgid "Force DNS zone creation even if it will overlap with an existing zone." msgstr "强制创建DNS区域,即使它会覆盖一个已有区域。" msgid "" "Force DNS zone creation even if nameserver is not resolvable. (Deprecated)" msgstr "即使命名服务器无法解析,也强制创建DNS区域。(不赞成)" msgid "" "\n" "Groups of users\n" "\n" "Manage groups of users. By default, new groups are POSIX groups. You\n" "can add the --nonposix option to the group-add command to mark a new group\n" "as non-POSIX. You can use the --posix argument with the group-mod command\n" "to convert a non-POSIX group into a POSIX group. POSIX groups cannot be\n" "converted to non-POSIX groups.\n" "\n" "Every group must have a description.\n" "\n" "POSIX groups must have a Group ID (GID) number. Changing a GID is\n" "supported but can have an impact on your file permissions. It is not " "necessary\n" "to supply a GID when creating a group. IPA will generate one automatically\n" "if it is not provided.\n" "\n" "EXAMPLES:\n" "\n" " Add a new group:\n" " ipa group-add --desc='local administrators' localadmins\n" "\n" " Add a new non-POSIX group:\n" " ipa group-add --nonposix --desc='remote administrators' remoteadmins\n" "\n" " Convert a non-POSIX group to posix:\n" " ipa group-mod --posix remoteadmins\n" "\n" " Add a new POSIX group with a specific Group ID number:\n" " ipa group-add --gid=500 --desc='unix admins' unixadmins\n" "\n" " Add a new POSIX group and let IPA assign a Group ID number:\n" " ipa group-add --desc='printer admins' printeradmins\n" "\n" " Remove a group:\n" " ipa group-del unixadmins\n" "\n" " To add the \"remoteadmins\" group to the \"localadmins\" group:\n" " ipa group-add-member --groups=remoteadmins localadmins\n" "\n" " Add multiple users to the \"localadmins\" group:\n" " ipa group-add-member --users=test1 --users=test2 localadmins\n" "\n" " Remove a user from the \"localadmins\" group:\n" " ipa group-remove-member --users=test2 localadmins\n" "\n" " Display information about a named group.\n" " ipa group-show localadmins\n" "\n" "External group membership is designed to allow users from trusted domains\n" "to be mapped to local POSIX groups in order to actually use IPA resources.\n" "External members should be added to groups that specifically created as\n" "external and non-POSIX. Such group later should be included into one of " "POSIX\n" "groups.\n" "\n" "An external group member is currently a Security Identifier (SID) as defined " "by\n" "the trusted domain. When adding external group members, it is possible to\n" "specify them in either SID, or DOM\n" "ame, or name@domain format. IPA will attempt\n" "to resolve passed name to SID with the use of Global Catalog of the trusted " "domain.\n" "\n" "Example:\n" "\n" "1. Create group for the trusted domain admins' mapping and their local POSIX " "group:\n" "\n" " ipa group-add --desc=' admins external map' ad_admins_external " "--external\n" " ipa group-add --desc=' admins' ad_admins\n" "\n" "2. Add security identifier of Domain Admins of the to the " "ad_admins_external\n" " group:\n" "\n" " ipa group-add-member ad_admins_external --external 'AD\\Domain Admins'\n" "\n" "3. Allow members of ad_admins_external group to be associated with ad_admins " "POSIX group:\n" "\n" " ipa group-add-member ad_admins --groups ad_admins_external\n" "\n" "4. List members of external members of ad_admins_external group to see their " "SIDs:\n" "\n" " ipa group-show ad_admins_external\n" msgstr "" msgid "" "\n" "Simulate use of Host-based access controls\n" "\n" "HBAC rules control who can access what services on what hosts.\n" "You can use HBAC to control which users or groups can access a service,\n" "or group of services, on a target host.\n" "\n" "Since applying HBAC rules implies use of a production environment,\n" "this plugin aims to provide simulation of HBAC rules evaluation without\n" "having access to the production environment.\n" "\n" " Test user coming to a service on a named host against\n" " existing enabled rules.\n" "\n" " ipa hbactest --user= --host= --service=\n" " [--rules=rules-list] [--nodetail] [--enabled] [--disabled]\n" " [--sizelimit= ]\n" "\n" " --user, --host, and --service are mandatory, others are optional.\n" "\n" " If --rules is specified simulate enabling of the specified rules and test\n" " the login of the user using only these rules.\n" "\n" " If --enabled is specified, all enabled HBAC rules will be added to " "simulation\n" "\n" " If --disabled is specified, all disabled HBAC rules will be added to " "simulation\n" "\n" " If --nodetail is specified, do not return information about rules matched/" "not matched.\n" "\n" " If both --rules and --enabled are specified, apply simulation to --rules " "_and_\n" " all IPA enabled rules.\n" "\n" " If no --rules specified, simulation is run against all IPA enabled rules.\n" " By default there is a IPA-wide limit to number of entries fetched, you can " "change it\n" " with --sizelimit option.\n" "\n" "EXAMPLES:\n" "\n" " 1. Use all enabled HBAC rules in IPA database to simulate:\n" " $ ipa hbactest --user=a1a --host=bar --service=sshd\n" " --------------------\n" " Access granted: True\n" " --------------------\n" " Not matched rules: my-second-rule\n" " Not matched rules: my-third-rule\n" " Not matched rules: myrule\n" " Matched rules: allow_all\n" "\n" " 2. Disable detailed summary of how rules were applied:\n" " $ ipa hbactest --user=a1a --host=bar --service=sshd --nodetail\n" " --------------------\n" " Access granted: True\n" " --------------------\n" "\n" " 3. Test explicitly specified HBAC rules:\n" " $ ipa hbactest --user=a1a --host=bar --service=sshd --" "rules=myrule --rules=my-second-rule\n" " ---------------------\n" " Access granted: False\n" " ---------------------\n" " Not matched rules: my-second-rule\n" " Not matched rules: myrule\n" "\n" " 4. Use all enabled HBAC rules in IPA database + explicitly specified " "rules:\n" " $ ipa hbactest --user=a1a --host=bar --service=sshd --" "rules=myrule --rules=my-second-rule --enabled\n" " --------------------\n" " Access granted: True\n" " --------------------\n" " Not matched rules: my-second-rule\n" " Not matched rules: my-third-rule\n" " Not matched rules: myrule\n" " Matched rules: allow_all\n" "\n" " 5. Test all disabled HBAC rules in IPA database:\n" " $ ipa hbactest --user=a1a --host=bar --service=sshd --disabled\n" " ---------------------\n" " Access granted: False\n" " ---------------------\n" " Not matched rules: new-rule\n" "\n" " 6. Test all disabled HBAC rules in IPA database + explicitly specified " "rules:\n" " $ ipa hbactest --user=a1a --host=bar --service=sshd --" "rules=myrule --rules=my-second-rule --disabled\n" " ---------------------\n" " Access granted: False\n" " ---------------------\n" " Not matched rules: my-second-rule\n" " Not matched rules: my-third-rule\n" " Not matched rules: myrule\n" "\n" " 7. Test all (enabled and disabled) HBAC rules in IPA database:\n" " $ ipa hbactest --user=a1a --host=bar --service=sshd --enabled " "--disabled\n" " --------------------\n" " Access granted: True\n" " --------------------\n" " Not matched rules: my-second-rule\n" " Not matched rules: my-third-rule\n" " Not matched rules: myrule\n" " Not matched rules: new-rule\n" " Matched rules: allow_all\n" "\n" "\n" "HBACTEST AND TRUSTED DOMAINS\n" "\n" "When an external trusted domain is configured in IPA, HBAC rules are also " "applied\n" "on users accessing IPA resources from the trusted domain. Trusted domain " "users and\n" "groups (and their SIDs) can be then assigned to external groups which can " "be\n" "members of POSIX groups in IPA which can be used in HBAC rules and thus " "allowing\n" "access to resources protected by the HBAC system.\n" "\n" "hbactest plugin is capable of testing access for both local IPA users and " "users\n" "from the trusted domains, either by a fully qualified user name or by user " "SID.\n" "Such user names need to have a trusted domain specified as a short name\n" "(DOMAIN\\Administrator) or with a user principal name (UPN), " "Administrator@ad.test.\n" "\n" "Please note that hbactest executed with a trusted domain user as --user " "parameter\n" "can be only run by members of \"trust admins\" group.\n" "\n" "EXAMPLES:\n" "\n" " 1. Test if a user from a trusted domain specified by its shortname " "matches any\n" " rule:\n" "\n" " $ ipa hbactest --user 'DOMAIN\\Administrator' --host `hostname` --" "service sshd\n" " --------------------\n" " Access granted: True\n" " --------------------\n" " Matched rules: allow_all\n" " Matched rules: can_login\n" "\n" " 2. Test if a user from a trusted domain specified by its domain name " "matches\n" " any rule:\n" "\n" " $ ipa hbactest --user 'Administrator@domain.com' --host `hostname` --" "service sshd\n" " --------------------\n" " Access granted: True\n" " --------------------\n" " Matched rules: allow_all\n" " Matched rules: can_login\n" "\n" " 3. Test if a user from a trusted domain specified by its SID matches any " "rule:\n" "\n" " $ ipa hbactest --user " "S-1-5-21-3035198329-144811719-1378114514-500 --host `hostname` --" "service sshd\n" " --------------------\n" " Access granted: True\n" " --------------------\n" " Matched rules: allow_all\n" " Matched rules: can_login\n" "\n" " 4. Test if other user from a trusted domain specified by its SID matches " "any rule:\n" "\n" " $ ipa hbactest --user " "S-1-5-21-3035198329-144811719-1378114514-1203 --host `hostname` " "--service sshd\n" " --------------------\n" " Access granted: True\n" " --------------------\n" " Matched rules: allow_all\n" " Not matched rules: can_login\n" "\n" " 5. Test if other user from a trusted domain specified by its shortname " "matches\n" " any rule:\n" "\n" " $ ipa hbactest --user 'DOMAIN\\Otheruser' --host `hostname` --service " "sshd\n" " --------------------\n" " Access granted: True\n" " --------------------\n" " Matched rules: allow_all\n" " Not matched rules: can_login\n" msgstr "" msgid "Managed suffixes" msgstr "已管理的后缀" msgid "Check connection to remote IPA server." msgstr "检测和远程IPA服务器的连接。" msgid "Remote server name" msgstr "远程服务器名称" msgid "Remote IPA server hostname" msgstr "远程IPA服务器主机名" msgid "suffix" msgstr "后缀" msgid "Search for servers with these managed suffixes." msgstr "查找包含这些管理后缀的服务器。" msgid "Search for servers without these managed suffixes." msgstr "查找不包含这些管理后缀的服务器。" msgid "Add a manager to the stage user entry" msgstr "向一个计划用户条目中添加一个管理员" msgid "Remove a manager to the stage user entry" msgstr "从一个计划用户条目中移除一个管理员" msgid "" "\n" "Topology\n" "\n" "Management of a replication topology at domain level 1.\n" "\n" "IPA server's data is stored in LDAP server in two suffixes:\n" "* domain suffix, e.g., 'dc=example,dc=com', contains all domain related " "data\n" "* ca suffix, 'o=ipaca', is present only on server with CA installed. It\n" " contains data for Certificate Server component\n" "\n" "Data stored on IPA servers is replicated to other IPA servers. The way it " "is\n" "replicated is defined by replication agreements. Replication agreements " "needs\n" "to be set for both suffixes separately. On domain level 0 they are managed\n" "using ipa-replica-manage and ipa-csreplica-manage tools. With domain level " "1\n" "they are managed centrally using `ipa topology*` commands.\n" "\n" "Agreements are represented by topology segments. By default topology " "segment\n" "represents 2 replication agreements - one for each direction, e.g., A to B " "and\n" "B to A. Creation of unidirectional segments is not allowed.\n" "\n" "To verify that no server is disconnected in the topology of the given " "suffix,\n" "use:\n" " ipa topologysuffix-verify $suffix\n" "\n" "\n" "Examples:\n" " Find all IPA servers:\n" " ipa server-find\n" "\n" " Find all suffixes:\n" " ipa topologysuffix-find\n" "\n" " Add topology segment to 'domain' suffix:\n" " ipa topologysegment-add domain --left IPA_SERVER_A --right IPA_SERVER_B\n" "\n" " Add topology segment to 'ca' suffix:\n" " ipa topologysegment-add ca --left IPA_SERVER_A --right IPA_SERVER_B\n" "\n" " List all topology segments in 'domain' suffix:\n" " ipa topologysegment-find domain\n" "\n" " List all topology segments in 'ca' suffix:\n" " ipa topologysegment-find ca\n" "\n" " Delete topology segment in 'domain' suffix:\n" " ipa topologysegment-del domain segment_name\n" "\n" " Delete topology segment in 'ca' suffix:\n" " ipa topologysegment-del ca segment_name\n" "\n" " Verify topology of 'domain' suffix:\n" " ipa topologysuffix-verify domain\n" "\n" " Verify topology of 'ca' suffix:\n" " ipa topologysuffix-verify ca\n" msgstr "" msgid "Managed LDAP suffix DN" msgstr "已管理的LDAP后缀DN" msgid "Search for topology suffixes." msgstr "查找拓扑后缀。" msgid "Add a manager to the user entry" msgstr "向一个用户条目中添加一个管理员" msgid "Remove a manager to the user entry" msgstr "向一个用户条目中移除一个管理员" msgid "" "\n" "Directory Server Access Control Instructions (ACIs)\n" "\n" "ACIs are used to allow or deny access to information. This module is\n" "currently designed to allow, not deny, access.\n" "\n" "The aci commands are designed to grant permissions that allow updating\n" "existing entries or adding or deleting new ones. The goal of the ACIs\n" "that ship with IPA is to provide a set of low-level permissions that\n" "grant access to special groups called taskgroups. These low-level\n" "permissions can be combined into roles that grant broader access. These\n" "roles are another type of group, roles.\n" "\n" "For example, if you have taskgroups that allow adding and modifying users " "you\n" "could create a role, useradmin. You would assign users to the useradmin\n" "role to allow them to do the operations defined by the taskgroups.\n" "\n" "You can create ACIs that delegate permission so users in group A can write\n" "attributes on group B.\n" "\n" "The type option is a map that applies to all entries in the users, groups " "or\n" "host location. It is primarily designed to be used when granting add\n" "permissions (to write new entries).\n" "\n" "An ACI consists of three parts:\n" "1. target\n" "2. permissions\n" "3. bind rules\n" "\n" "The target is a set of rules that define which LDAP objects are being\n" "targeted. This can include a list of attributes, an area of that LDAP\n" "tree or an LDAP filter.\n" "\n" "The targets include:\n" "- attrs: list of attributes affected\n" "- type: an object type (user, group, host, service, etc)\n" "- memberof: members of a group\n" "- targetgroup: grant access to modify a specific group. This is primarily\n" " designed to enable users to add or remove members of a specific group.\n" "- filter: A legal LDAP filter used to narrow the scope of the target.\n" "- subtree: Used to apply a rule across an entire set of objects. For " "example,\n" " to allow adding users you need to grant \"add\" permission to the subtree\n" " ldap://uid=*,cn=users,cn=accounts,dc=example,dc=com. The subtree option\n" " is a fail-safe for objects that may not be covered by the type option.\n" "\n" "The permissions define what the ACI is allowed to do, and are one or\n" "more of:\n" "1. write - write one or more attributes\n" "2. read - read one or more attributes\n" "3. add - add a new entry to the tree\n" "4. delete - delete an existing entry\n" "5. all - all permissions are granted\n" "\n" "Note the distinction between attributes and entries. The permissions are\n" "independent, so being able to add a user does not mean that the user will\n" "be editable.\n" "\n" "The bind rule defines who this ACI grants permissions to. The LDAP server\n" "allows this to be any valid LDAP entry but we encourage the use of\n" "taskgroups so that the rights can be easily shared through roles.\n" "\n" "For a more thorough description of access controls see\n" "http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Managing_Access_Control." "html\n" "\n" "EXAMPLES:\n" "\n" "NOTE: ACIs are now added via the permission plugin. These examples are to\n" "demonstrate how the various options work but this is done via the " "permission\n" "command-line now (see last example).\n" "\n" " Add an ACI so that the group \"secretaries\" can update the address on any " "user:\n" " ipa group-add --desc=\"Office secretaries\" secretaries\n" " ipa aci-add --attrs=streetAddress --memberof=ipausers --group=secretaries " "--permissions=write --prefix=none \"Secretaries write addresses\"\n" "\n" " Show the new ACI:\n" " ipa aci-show --prefix=none \"Secretaries write addresses\"\n" "\n" " Add an ACI that allows members of the \"addusers\" permission to add new " "users:\n" " ipa aci-add --type=user --permission=addusers --permissions=add --" "prefix=none \"Add new users\"\n" "\n" " Add an ACI that allows members of the editors manage members of the admins " "group:\n" " ipa aci-add --permissions=write --attrs=member --targetgroup=admins --" "group=editors --prefix=none \"Editors manage admins\"\n" "\n" " Add an ACI that allows members of the admins group to manage the street and " "zip code of those in the editors group:\n" " ipa aci-add --permissions=write --memberof=editors --group=admins --" "attrs=street,postalcode --prefix=none \"admins edit the address of editors" "\"\n" "\n" " Add an ACI that allows the admins group manage the street and zipcode of " "those who work for the boss:\n" " ipa aci-add --permissions=write --group=admins --attrs=street,postalcode " "--filter=\"(manager=uid=boss,cn=users,cn=accounts,dc=example,dc=com)\" --" "prefix=none \"Edit the address of those who work for the boss\"\n" "\n" " Add an entirely new kind of record to IPA that isn't covered by any of the " "--type options, creating a permission:\n" " ipa permission-add --permissions=add --subtree=\"cn=*,cn=orange," "cn=accounts,dc=example,dc=com\" --desc=\"Add Orange Entries\" add_orange\n" "\n" "\n" "The show command shows the raw 389-ds ACI.\n" "\n" "IMPORTANT: When modifying the target attributes of an existing ACI you\n" "must include all existing attributes as well. When doing an aci-mod the\n" "targetattr REPLACES the current attributes, it does not add to them.\n" msgstr "" msgid "" "comma-separated list of permissions to grant(read, write, add, delete, all)" msgstr "以逗号分隔的授权列表(读,写,添加,删除,全部)" msgid "Comma-separated list of attributes" msgstr "以逗号分隔的属性列表" msgid "" "\n" "Auto Membership Rule.\n" "\n" "Bring clarity to the membership of hosts and users by configuring inclusive\n" "or exclusive regex patterns, you can automatically assign a new entries " "into\n" "a group or hostgroup based upon attribute information.\n" "\n" "A rule is directly associated with a group by name, so you cannot create\n" "a rule without an accompanying group or hostgroup.\n" "\n" "A condition is a regular expression used by 389-ds to match a new incoming\n" "entry with an automember rule. If it matches an inclusive rule then the\n" "entry is added to the appropriate group or hostgroup.\n" "\n" "A default group or hostgroup could be specified for entries that do not\n" "match any rule. In case of user entries this group will be a fallback group\n" "because all users are by default members of group specified in IPA config.\n" "\n" "\n" "EXAMPLES:\n" "\n" " Add the initial group or hostgroup:\n" " ipa hostgroup-add --desc=\"Web Servers\" webservers\n" " ipa group-add --desc=\"Developers\" devel\n" "\n" " Add the initial rule:\n" " ipa automember-add --type=hostgroup webservers\n" " ipa automember-add --type=group devel\n" "\n" " Add a condition to the rule:\n" " ipa automember-add-condition --key=fqdn --type=hostgroup --inclusive-" "regex=^web[1-9]+\\.example\\.com webservers\n" " ipa automember-add-condition --key=manager --type=group --inclusive-" "regex=^uid=mscott devel\n" "\n" " Add an exclusive condition to the rule to prevent auto assignment:\n" " ipa automember-add-condition --key=fqdn --type=hostgroup --exclusive-" "regex=^web5\\.example\\.com webservers\n" "\n" " Add a host:\n" " ipa host-add web1.example.com\n" "\n" " Add a user:\n" " ipa user-add --first=Tim --last=User --password tuser1 --manager=mscott\n" "\n" " Verify automembership:\n" " ipa hostgroup-show webservers\n" " Host-group: webservers\n" " Description: Web Servers\n" " Member hosts: web1.example.com\n" "\n" " ipa group-show devel\n" " Group name: devel\n" " Description: Developers\n" " GID: 1004200000\n" " Member users: tuser\n" "\n" " Remove a condition from the rule:\n" " ipa automember-remove-condition --key=fqdn --type=hostgroup --inclusive-" "regex=^web[1-9]+\\.example\\.com webservers\n" "\n" " Modify the automember rule:\n" " ipa automember-mod\n" "\n" " Set the default (fallback) target group:\n" " ipa automember-default-group-set --default-group=webservers --" "type=hostgroup\n" " ipa automember-default-group-set --default-group=ipausers --type=group\n" "\n" " Remove the default (fallback) target group:\n" " ipa automember-default-group-remove --type=hostgroup\n" " ipa automember-default-group-remove --type=group\n" "\n" " Show the default (fallback) target group:\n" " ipa automember-default-group-show --type=hostgroup\n" " ipa automember-default-group-show --type=group\n" "\n" " Find all of the automember rules:\n" " ipa automember-find\n" "\n" " Display a automember rule:\n" " ipa automember-show --type=hostgroup webservers\n" " ipa automember-show --type=group devel\n" "\n" " Delete an automember rule:\n" " ipa automember-del --type=hostgroup webservers\n" " ipa automember-del --type=group devel\n" msgstr "" msgid "" "\n" "IPA certificate operations\n" "\n" "Implements a set of commands for managing server SSL certificates.\n" "\n" "Certificate requests exist in the form of a Certificate Signing Request " "(CSR)\n" "in PEM format.\n" "\n" "If using the selfsign back end then the subject in the CSR needs to match\n" "the subject configured in the server. The dogtag CA uses just the CN\n" "value of the CSR and forces the rest of the subject.\n" "\n" "A certificate is stored with a service principal and a service principal\n" "needs a host.\n" "\n" "In order to request a certificate:\n" "\n" "* The host must exist\n" "* The service must exist (or you use the --add option to automatically add " "it)\n" "\n" "EXAMPLES:\n" "\n" " Request a new certificate and add the principal:\n" " ipa cert-request --add --principal=HTTP/lion.example.com example.csr\n" "\n" " Retrieve an existing certificate:\n" " ipa cert-show 1032\n" "\n" " Revoke a certificate (see RFC 5280 for reason details):\n" " ipa cert-revoke --revocation-reason=6 1032\n" "\n" " Remove a certificate from revocation hold status:\n" " ipa cert-remove-hold 1032\n" "\n" " Check the status of a signing request:\n" " ipa cert-status 10\n" "\n" "IPA currently immediately issues (or declines) all certificate requests so\n" "the status of a request is not normally useful. This is for future use\n" "or the case where a CA does not immediately issue a certificate.\n" "\n" "The following revocation reasons are supported:\n" "\n" " * 0 - unspecified\n" " * 1 - keyCompromise\n" " * 2 - cACompromise\n" " * 3 - affiliationChanged\n" " * 4 - superseded\n" " * 5 - cessationOfOperation\n" " * 6 - certificateHold\n" " * 8 - removeFromCRL\n" " * 9 - privilegeWithdrawn\n" " * 10 - aACompromise\n" "\n" "Note that reason code 7 is not used. See RFC 5280 for more details:\n" "\n" "http://www.ietf.org/rfc/rfc5280.txt\n" msgstr "" msgid "" "\n" "Group to Group Delegation\n" "\n" "A permission enables fine-grained delegation of permissions. Access Control\n" "Rules, or instructions (ACIs), grant permission to permissions to perform\n" "given tasks such as adding a user, modifying a group, etc.\n" "\n" "Group to Group Delegations grants the members of one group to update a set\n" "of attributes of members of another group.\n" "\n" "EXAMPLES:\n" "\n" " Add a delegation rule to allow managers to edit employee's addresses:\n" " ipa delegation-add --attrs=street --group=managers --" "membergroup=employees \"managers edit employees' street\"\n" "\n" " When managing the list of attributes you need to include all attributes\n" " in the list, including existing ones. Add postalCode to the list:\n" " ipa delegation-mod --attrs=street,postalCode --group=managers --" "membergroup=employees \"managers edit employees' street\"\n" "\n" " Display our updated rule:\n" " ipa delegation-show \"managers edit employees' street\"\n" "\n" " Delete a rule:\n" " ipa delegation-del \"managers edit employees' street\"\n" msgstr "" msgid "" "Comma-separated list of permissions to grant (read, write). Default is write." msgstr "以逗号分隔的授权列表(读,写)。默认是写。" msgid "" "\n" "Domain Name System (DNS)\n" "\n" "Manage DNS zone and resource records.\n" "\n" "\n" "USING STRUCTURED PER-TYPE OPTIONS\n" "\n" "There are many structured DNS RR types where DNS data stored in LDAP server\n" "is not just a scalar value, for example an IP address or a domain name, but\n" "a data structure which may be often complex. A good example is a LOC record\n" "[RFC1876] which consists of many mandatory and optional parts (degrees,\n" "minutes, seconds of latitude and longitude, altitude or precision).\n" "\n" "It may be difficult to manipulate such DNS records without making a mistake\n" "and entering an invalid value. DNS module provides an abstraction over " "these\n" "raw records and allows to manipulate each RR type with specific options. " "For\n" "each supported RR type, DNS module provides a standard option to manipulate\n" "a raw records with format ---rec, e.g. --mx-rec, and special " "options\n" "for every part of the RR structure with format ---, e.g.\n" "--mx-preference and --mx-exchanger.\n" "\n" "When adding a record, either RR specific options or standard option for a " "raw\n" "value can be used, they just should not be combined in one add operation. " "When\n" "modifying an existing entry, new RR specific options can be used to change\n" "one part of a DNS record, where the standard option for raw value is used\n" "to specify the modified value. The following example demonstrates\n" "a modification of MX record preference from 0 to 1 in a record without\n" "modifying the exchanger:\n" "ipa dnsrecord-mod --mx-rec=\"0 mx.example.com.\" --mx-preference=1\n" "\n" "\n" "EXAMPLES:\n" "\n" " Add new zone:\n" " ipa dnszone-add example.com --name-" "server=ns --admin-email=admin@example." "com --ip-address=10.0.0.1\n" "\n" " Add system permission that can be used for per-zone privilege delegation:\n" " ipa dnszone-add-permission example.com\n" "\n" " Modify the zone to allow dynamic updates for hosts own records in realm " "EXAMPLE.COM:\n" " ipa dnszone-mod example.com --dynamic-update=TRUE\n" "\n" " This is the equivalent of:\n" " ipa dnszone-mod example.com --dynamic-update=TRUE --update-policy=" "\"grant EXAMPLE.COM krb5-self * A; grant EXAMPLE.COM krb5-self * AAAA; grant " "EXAMPLE.COM krb5-self * SSHFP;\"\n" "\n" " Modify the zone to allow zone transfers for local network only:\n" " ipa dnszone-mod example.com --allow-transfer=10.0.0.0/8\n" "\n" " Add new reverse zone specified by network IP address:\n" " ipa dnszone-add --name-from-ip=80.142.15.0/24 --name-" "server=ns.example.com.\n" "\n" " Add second nameserver for example.com:\n" " ipa dnsrecord-add example.com @ --ns-rec=nameserver2.example.com\n" "\n" " Add a mail server for example.com:\n" " ipa dnsrecord-add example.com @ --mx-rec=\"10 mail1\"\n" "\n" " Add another record using MX record specific options:\n" " ipa dnsrecord-add example.com @ --mx-preference=20 --mx-exchanger=mail2\n" "\n" " Add another record using interactive mode (started when dnsrecord-add, " "dnsrecord-mod,\n" " or dnsrecord-del are executed with no options):\n" " ipa dnsrecord-add example.com @\n" " Please choose a type of DNS resource record to be added\n" " The most common types for this type of zone are: NS, MX, LOC\n" "\n" " DNS resource record type: MX\n" " MX Preference: 30\n" " MX Exchanger: mail3\n" " Record name: example.com\n" " MX record: 10 mail1, 20 mail2, 30 mail3\n" " NS record: nameserver.example.com., nameserver2.example.com.\n" "\n" " Delete previously added nameserver from example.com:\n" " ipa dnsrecord-del example.com @ --ns-rec=nameserver2.example.com.\n" "\n" " Add LOC record for example.com:\n" " ipa dnsrecord-add example.com @ --loc-rec=\"49 11 42.4 N 16 36 29.6 E " "227.64m\"\n" "\n" " Add new A record for www.example.com. Create a reverse record in " "appropriate\n" " reverse zone as well. In this case a PTR record \"2\" pointing to www." "example.com\n" " will be created in zone 15.142.80.in-addr.arpa.\n" " ipa dnsrecord-add example.com www --a-rec=80.142.15.2 --a-create-reverse\n" "\n" " Add new PTR record for www.example.com\n" " ipa dnsrecord-add 15.142.80.in-addr.arpa. 2 --ptr-rec=www.example.com.\n" "\n" " Add new SRV records for LDAP servers. Three quarters of the requests\n" " should go to fast.example.com, one quarter to slow.example.com. If neither\n" " is available, switch to backup.example.com.\n" " ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"0 3 389 fast.example." "com\"\n" " ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"0 1 389 slow.example." "com\"\n" " ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"1 1 389 backup." "example.com\"\n" "\n" " The interactive mode can be used for easy modification:\n" " ipa dnsrecord-mod example.com _ldap._tcp\n" " No option to modify specific record provided.\n" " Current DNS record contents:\n" "\n" " SRV record: 0 3 389 fast.example.com, 0 1 389 slow.example.com, 1 1 389 " "backup.example.com\n" "\n" " Modify SRV record '0 3 389 fast.example.com'? Yes/No (default No):\n" " Modify SRV record '0 1 389 slow.example.com'? Yes/No (default No): y\n" " SRV Priority [0]: (keep the default value)\n" " SRV Weight [1]: 2 (modified value)\n" " SRV Port [389]: (keep the default value)\n" " SRV Target [slow.example.com]: (keep the default value)\n" " 1 SRV record skipped. Only one value per DNS record type can be modified " "at one time.\n" " Record name: _ldap._tcp\n" " SRV record: 0 3 389 fast.example.com, 1 1 389 backup.example.com, 0 2 " "389 slow.example.com\n" "\n" " After this modification, three fifths of the requests should go to\n" " fast.example.com and two fifths to slow.example.com.\n" "\n" " An example of the interactive mode for dnsrecord-del command:\n" " ipa dnsrecord-del example.com www\n" " No option to delete specific record provided.\n" " Delete all? Yes/No (default No): (do not delete all records)\n" " Current DNS record contents:\n" "\n" " A record: 1.2.3.4, 11.22.33.44\n" "\n" " Delete A record '1.2.3.4'? Yes/No (default No):\n" " Delete A record '11.22.33.44'? Yes/No (default No): y\n" " Record name: www\n" " A record: 1.2.3.4 (A record 11.22.33.44 has been " "deleted)\n" "\n" " Show zone example.com:\n" " ipa dnszone-show example.com\n" "\n" " Find zone with \"example\" in its domain name:\n" " ipa dnszone-find example\n" "\n" " Find records for resources with \"www\" in their name in zone example.com:\n" " ipa dnsrecord-find example.com www\n" "\n" " Find A records with value 10.10.0.1 in zone example.com\n" " ipa dnsrecord-find example.com --a-rec=10.10.0.1\n" "\n" " Show records for resource www in zone example.com\n" " ipa dnsrecord-show example.com www\n" "\n" " Delegate zone sub.example to another nameserver:\n" " ipa dnsrecord-add example.com ns.sub --a-rec=10.0.100.5\n" " ipa dnsrecord-add example.com sub --ns-rec=ns.sub.example.com.\n" "\n" " If global forwarder is configured, all requests to sub.example.com will be\n" " routed through the global forwarder. To change the behavior for example." "com\n" " zone only and forward the request directly to ns.sub.example.com., global\n" " forwarding may be disabled per-zone:\n" " ipa dnszone-mod example.com --forward-policy=none\n" "\n" " Forward all requests for the zone external.com to another nameserver using\n" " a \"first\" policy (it will send the queries to the selected forwarder and " "if\n" " not answered it will use global resolvers):\n" " ipa dnszone-add external.com\n" " ipa dnszone-mod external.com --" "forwarder=10.20.0.1 --forward-policy=first\n" "\n" " Delete zone example.com with all resource records:\n" " ipa dnszone-del example.com\n" "\n" " Resolve a host name to see if it exists (will add default IPA domain\n" " if one is not included):\n" " ipa dns-resolve www.example.com\n" " ipa dns-resolve www\n" "\n" "\n" "GLOBAL DNS CONFIGURATION\n" "\n" "DNS configuration passed to command line install script is stored in a " "local\n" "configuration file on each IPA server where DNS service is configured. " "These\n" "local settings can be overridden with a common configuration stored in LDAP\n" "server:\n" "\n" " Show global DNS configuration:\n" " ipa dnsconfig-show\n" "\n" " Modify global DNS configuration and set a list of global forwarders:\n" " ipa dnsconfig-mod --forwarder=10.0.0.1\n" msgstr "" msgid "" "A list of global forwarders. A custom port can be specified for each " "forwarder using a standard format \"IP_ADDRESS port PORT\"" msgstr "" "一个全局转发器列表。使用标准格式\"IP_ADDRESS port PORT\"为每个转发器指定一个" "自定义端口" msgid "An interval between regular polls of the name server for new DNS zones" msgstr "命名服务器新的DNS区域定期调查的间隔" msgid "DNS class" msgstr "DNS类" msgid "Comma-separated list of raw A records" msgstr "以逗号分隔的原始A记录列表" msgid "Comma-separated list of raw AAAA records" msgstr "以逗号分隔的原始AAAA记录列表" msgid "Comma-separated list of raw A6 records" msgstr "以逗号分隔的原始A6记录列表" msgid "Comma-separated list of raw AFSDB records" msgstr "以逗号分隔的原始AFSDB记录列表" msgid "Comma-separated list of raw APL records" msgstr "以逗号分隔的原始APL记录列表" msgid "Comma-separated list of raw CERT records" msgstr "以逗号分隔的原始CERT记录列表" msgid "Comma-separated list of raw CNAME records" msgstr "以逗号分隔的原始CNAME记录列表" msgid "Comma-separated list of raw DHCID records" msgstr "以逗号分隔的原始DHCID记录列表" msgid "Comma-separated list of raw DLV records" msgstr "以逗号分隔的原始DLV记录列表" msgid "Comma-separated list of raw DNAME records" msgstr "以逗号分隔的原始DNAME记录列表" msgid "Comma-separated list of raw DNSKEY records" msgstr "以逗号分隔的原始DNSKEY记录列表" msgid "Comma-separated list of raw DS records" msgstr "以逗号分隔的原始DS记录列表" msgid "Comma-separated list of raw HIP records" msgstr "以逗号分隔的原始HIP记录列表" msgid "Comma-separated list of raw IPSECKEY records" msgstr "以逗号分隔的原始IPSECKEY记录列表" msgid "Comma-separated list of raw KEY records" msgstr "以逗号分隔的原始KEY记录列表" msgid "KEY Flags" msgstr "KEY标记" msgid "KEY Protocol" msgstr "KEY协议" msgid "Protocol" msgstr "协议" msgid "KEY Algorithm" msgstr "KEY算法" msgid "KEY Public Key" msgstr "KEY公钥" msgid "Public Key" msgstr "公钥" msgid "Comma-separated list of raw KX records" msgstr "以逗号分隔的原始KX记录列表" msgid "Comma-separated list of raw LOC records" msgstr "以逗号分隔的原始LOC记录列表" msgid "Comma-separated list of raw MX records" msgstr "以逗号分隔的原始MX记录列表" msgid "Comma-separated list of raw NAPTR records" msgstr "以逗号分隔的原始NAPTR记录列表" msgid "Comma-separated list of raw NS records" msgstr "以逗号分隔的原始NS记录列表" msgid "Comma-separated list of raw NSEC records" msgstr "以逗号分隔的原始NSEC记录列表" msgid "NSEC Next Domain Name" msgstr "NSEC下一个域名" msgid "Next Domain Name" msgstr "下一个域名" msgid "NSEC Type Map" msgstr "NSEC类型映射" msgid "Type Map" msgstr "类型映射" msgid "Comma-separated list of raw NSEC3 records" msgstr "以逗号分隔的原始NSEC3记录列表" msgid "Comma-separated list of raw NSEC3PARAM records" msgstr "以逗号分隔的原始NSEC3PARAM记录列表" msgid "Comma-separated list of raw PTR records" msgstr "以逗号分隔的原始PTR记录列表" msgid "Comma-separated list of raw RRSIG records" msgstr "以逗号分隔的原始RRSIG记录列表" msgid "RRSIG Type Covered" msgstr "RRSIG类型覆盖" msgid "Type Covered" msgstr "类型覆盖" msgid "RRSIG Algorithm" msgstr "RRSIG算法" msgid "RRSIG Labels" msgstr "RRSIG分类" msgid "Labels" msgstr "分类" msgid "RRSIG Original TTL" msgstr "RRSIG原始TTL" msgid "Original TTL" msgstr "原始TTL" msgid "RRSIG Signature Expiration" msgstr "RRSIG签名过期" msgid "Signature Expiration" msgstr "签名过期" msgid "RRSIG Signature Inception" msgstr "RRSIG签名开端" msgid "Signature Inception" msgstr "签名开端" msgid "RRSIG Key Tag" msgstr "RRSIG密钥标记" msgid "RRSIG Signer's Name" msgstr "RRSIG签名者的名字" msgid "Signer's Name" msgstr "签名者的名字" msgid "RRSIG Signature" msgstr "RRSIG签名" msgid "Signature" msgstr "签名" msgid "Comma-separated list of raw RP records" msgstr "以逗号分隔的原始RP记录列表" msgid "Comma-separated list of raw SIG records" msgstr "以逗号分隔的原始SIG记录列表" msgid "SIG Type Covered" msgstr "SIG类型覆盖" msgid "SIG Algorithm" msgstr "SIG算法" msgid "SIG Labels" msgstr "SIG分类" msgid "SIG Original TTL" msgstr "SIG原始TTL" msgid "SIG Signature Expiration" msgstr "SIG签名过期" msgid "SIG Signature Inception" msgstr "SIG签名开端" msgid "SIG Key Tag" msgstr "SIG密钥标记" msgid "SIG Signer's Name" msgstr "SIG签名者的名字" msgid "SIG Signature" msgstr "SIG签名" msgid "Comma-separated list of raw SPF records" msgstr "以逗号分隔的原始SPF记录列表" msgid "Comma-separated list of raw SRV records" msgstr "以逗号分隔的原始SRV记录列表" msgid "Comma-separated list of raw SSHFP records" msgstr "以逗号分隔的原始SSHFP记录列表" msgid "Comma-separated list of raw TA records" msgstr "以逗号分隔的原始TA记录列表" msgid "Comma-separated list of raw TKEY records" msgstr "以逗号分隔的原始TKEY记录列表" msgid "Comma-separated list of raw TSIG records" msgstr "以逗号分隔的原始TSIG记录列表" msgid "Comma-separated list of raw TXT records" msgstr "以逗号分隔的原始TXT记录列表" msgid "SOA time to live" msgstr "SOA存活时间" msgid "SOA record time to live" msgstr "SOA记录存活时间" msgid "SOA class" msgstr "SOA类" msgid "SOA record class" msgstr "SOA记录类" msgid "" "A list of per-zone forwarders. A custom port can be specified for each " "forwarder using a standard format \"IP_ADDRESS port PORT\"" msgstr "" "一个Per-zone转发器列表。使用标准格式\"IP_ADDRESS port PORT\"为每个转发器指定" "一个自定义端口" msgid "Add forward record for nameserver located in the created zone" msgstr "为位于创建区域的命名服务器添加正向记录" msgid "" "\n" "Entitlements\n" "\n" "Manage entitlements for client machines\n" "\n" "Entitlements can be managed either by registering with an entitlement\n" "server with a username and password or by manually importing entitlement\n" "certificates. An entitlement certificate contains embedded information\n" "such as the product being entitled, the quantity and the validity dates.\n" "\n" "An entitlement server manages the number of client entitlements available.\n" "To mark these entitlements as used by the IPA server you provide a quantity\n" "and they are marked as consumed on the entitlement server.\n" "\n" " Register with an entitlement server:\n" " ipa entitle-register consumer\n" "\n" " Import an entitlement certificate:\n" " ipa entitle-import /home/user/ipaclient.pem\n" "\n" " Display current entitlements:\n" " ipa entitle-status\n" "\n" " Retrieve details on entitlement certificates:\n" " ipa entitle-get\n" "\n" " Consume some entitlements from the entitlement server:\n" " ipa entitle-consume 50\n" "\n" "The registration ID is a Unique Identifier (UUID). This ID will be\n" "IMPORTED if you have used entitle-import.\n" "\n" "Changes to /etc/rhsm/rhsm.conf require a restart of the httpd service.\n" msgstr "" #, fuzzy #| msgid "Display current entitlements." msgid "Consume an entitlement." msgstr "显示当前权利。" msgid "Quantity" msgstr "数量" msgid "Search for entitlement accounts." msgstr "查找权利账户。" msgid "Retrieve the entitlement certs." msgstr "检索权利证书。" msgid "Import an entitlement certificate." msgstr "导入一个权利证书。" msgid "UUID" msgstr "" msgid "Enrollment UUID" msgstr "注册UUID" #, fuzzy #| msgid "Retrieve the entitlement certs." msgid "Register to the entitlement system." msgstr "检索权利证书。" msgid "Username" msgstr "用户名" msgid "Enrollment UUID (not implemented)" msgstr "注册UUID(没有实现)" msgid "Registration password" msgstr "注册密码" msgid "Display current entitlements." msgstr "显示当前权利。" msgid "Re-sync the local entitlement cache with the entitlement server." msgstr "重新同步在权利服务器上的本地权利缓存。" msgid "" "\n" "Groups of users\n" "\n" "Manage groups of users. By default, new groups are POSIX groups. You\n" "can add the --nonposix option to the group-add command to mark a new group\n" "as non-POSIX. You can use the --posix argument with the group-mod command\n" "to convert a non-POSIX group into a POSIX group. POSIX groups cannot be\n" "converted to non-POSIX groups.\n" "\n" "Every group must have a description.\n" "\n" "POSIX groups must have a Group ID (GID) number. Changing a GID is\n" "supported but can have an impact on your file permissions. It is not " "necessary\n" "to supply a GID when creating a group. IPA will generate one automatically\n" "if it is not provided.\n" "\n" "EXAMPLES:\n" "\n" " Add a new group:\n" " ipa group-add --desc='local administrators' localadmins\n" "\n" " Add a new non-POSIX group:\n" " ipa group-add --nonposix --desc='remote administrators' remoteadmins\n" "\n" " Convert a non-POSIX group to posix:\n" " ipa group-mod --posix remoteadmins\n" "\n" " Add a new POSIX group with a specific Group ID number:\n" " ipa group-add --gid=500 --desc='unix admins' unixadmins\n" "\n" " Add a new POSIX group and let IPA assign a Group ID number:\n" " ipa group-add --desc='printer admins' printeradmins\n" "\n" " Remove a group:\n" " ipa group-del unixadmins\n" "\n" " To add the \"remoteadmins\" group to the \"localadmins\" group:\n" " ipa group-add-member --groups=remoteadmins localadmins\n" "\n" " Add a list of users to the \"localadmins\" group:\n" " ipa group-add-member --users=test1,test2 localadmins\n" "\n" " Remove a user from the \"localadmins\" group:\n" " ipa group-remove-member --users=test2 localadmins\n" "\n" " Display information about a named group.\n" " ipa group-show localadmins\n" "\n" "External group membership is designed to allow users from trusted domains\n" "to be mapped to local POSIX groups in order to actually use IPA resources.\n" "External members should be added to groups that specifically created as\n" "external and non-POSIX. Such group later should be included into one of " "POSIX\n" "groups.\n" "\n" "An external group member is currently a Security Identifier (SID) as defined " "by\n" "the trusted domain. When adding external group members, it is possible to\n" "specify them in either SID, or DOM\n" "ame, or name@domain format. IPA will attempt\n" "to resolve passed name to SID with the use of Global Catalog of the trusted " "domain.\n" "\n" "Example:\n" "\n" "1. Create group for the trusted domain admins' mapping and their local POSIX " "group:\n" "\n" " ipa group-add --desc=' admins external map' ad_admins_external " "--external\n" " ipa group-add --desc=' admins' ad_admins\n" "\n" "2. Add security identifier of Domain Admins of the to the " "ad_admins_external\n" " group:\n" "\n" " ipa group-add-member ad_admins_external --external 'AD\\Domain Admins'\n" "\n" "3. Allow members of ad_admins_external group to be associated with ad_admins " "POSIX group:\n" "\n" " ipa group-add-member ad_admins --groups ad_admins_external\n" "\n" "4. List members of external members of ad_admins_external group to see their " "SIDs:\n" "\n" " ipa group-show ad_admins_external\n" msgstr "" msgid "" "comma-separated list of members of a trusted domain in DOM\\name or " "name@domain form" msgstr "以逗号分隔的信任域成员列表是“DOM\\名称”或“名称@域名”格式" msgid "comma-separated list of users to add" msgstr "待添加的以逗号分隔的用户列表" msgid "comma-separated list of groups to add" msgstr "待添加的以逗号分隔的用户组列表" msgid "comma-separated list of users to remove" msgstr "待移除的以逗号分隔的用户列表" msgid "comma-separated list of groups to remove" msgstr "待移除的以逗号分隔的用户组列表" msgid "" "\n" "Host-based access control\n" "\n" "Control who can access what services on what hosts and from where. You\n" "can use HBAC to control which users or groups on a source host can\n" "access a service, or group of services, on a target host.\n" "\n" "You can also specify a category of users, target hosts, and source\n" "hosts. This is currently limited to \"all\", but might be expanded in the\n" "future.\n" "\n" "Target hosts and source hosts in HBAC rules must be hosts managed by IPA.\n" "\n" "The available services and groups of services are controlled by the\n" "hbacsvc and hbacsvcgroup plug-ins respectively.\n" "\n" "EXAMPLES:\n" "\n" " Create a rule, \"test1\", that grants all users access to the host \"server" "\" from\n" " anywhere:\n" " ipa hbacrule-add --usercat=all --srchostcat=all test1\n" " ipa hbacrule-add-host --hosts=server.example.com test1\n" "\n" " Display the properties of a named HBAC rule:\n" " ipa hbacrule-show test1\n" "\n" " Create a rule for a specific service. This lets the user john access\n" " the sshd service on any machine from any machine:\n" " ipa hbacrule-add --hostcat=all --srchostcat=all john_sshd\n" " ipa hbacrule-add-user --users=john john_sshd\n" " ipa hbacrule-add-service --hbacsvcs=sshd john_sshd\n" "\n" " Create a rule for a new service group. This lets the user john access\n" " the FTP service on any machine from any machine:\n" " ipa hbacsvcgroup-add ftpers\n" " ipa hbacsvc-add sftp\n" " ipa hbacsvcgroup-add-member --hbacsvcs=ftp,sftp ftpers\n" " ipa hbacrule-add --hostcat=all --srchostcat=all john_ftp\n" " ipa hbacrule-add-user --users=john john_ftp\n" " ipa hbacrule-add-service --hbacsvcgroups=ftpers john_ftp\n" "\n" " Disable a named HBAC rule:\n" " ipa hbacrule-disable test1\n" "\n" " Remove a named HBAC rule:\n" " ipa hbacrule-del allow_server\n" msgstr "" msgid "Source host category" msgstr "源主机类别" msgid "Source host category the rule applies to" msgstr "规则应用的源主机类别" msgid "Source Hosts" msgstr "源主机" msgid "Source Host Groups" msgstr "源主机组" msgid "comma-separated list of hosts to add" msgstr "待添加的以逗号分隔的主机列表" msgid "comma-separated list of host groups to add" msgstr "待添加的以逗号分隔的主机组列表" msgid "comma-separated list of HBAC services to add" msgstr "待添加的以逗号分隔的HBAC服务列表" msgid "comma-separated list of HBAC service groups to add" msgstr "待添加的以逗号分隔的HBAC服务组列表" msgid "Add source hosts and hostgroups from a HBAC rule." msgstr "从一个HBAC规则中添加源主机和主机组。" msgid "comma-separated list of hosts to remove" msgstr "待移除的以逗号分隔的主机列表" msgid "comma-separated list of host groups to remove" msgstr "待移除的以逗号分隔的主机组列表" msgid "comma-separated list of HBAC services to remove" msgstr "待移除的以逗号分隔的HBAC服务列表" msgid "comma-separated list of HBAC service groups to remove" msgstr "待移除的以逗号分隔的HBAC服务组列表" msgid "Remove source hosts and hostgroups from an HBAC rule." msgstr "从一个HBAC规则中移除源主机和主机组。" msgid "" "\n" "HBAC Service Groups\n" "\n" "HBAC service groups can contain any number of individual services,\n" "or \"members\". Every group must have a description.\n" "\n" "EXAMPLES:\n" "\n" " Add a new HBAC service group:\n" " ipa hbacsvcgroup-add --desc=\"login services\" login\n" "\n" " Add members to an HBAC service group:\n" " ipa hbacsvcgroup-add-member --hbacsvcs=sshd,login login\n" "\n" " Display information about a named group:\n" " ipa hbacsvcgroup-show login\n" "\n" " Add a new group to the \"login\" group:\n" " ipa hbacsvcgroup-add --desc=\"switch users\" login\n" " ipa hbacsvcgroup-add-member --hbacsvcs=su,su-l login\n" "\n" " Delete an HBAC service group:\n" " ipa hbacsvcgroup-del login\n" msgstr "" msgid "" "\n" "Simulate use of Host-based access controls\n" "\n" "HBAC rules control who can access what services on what hosts and from " "where.\n" "You can use HBAC to control which users or groups can access a service,\n" "or group of services, on a target host.\n" "\n" "Since applying HBAC rules implies use of a production environment,\n" "this plugin aims to provide simulation of HBAC rules evaluation without\n" "having access to the production environment.\n" "\n" " Test user coming to a service on a named host against\n" " existing enabled rules.\n" "\n" " ipa hbactest --user= --host= --service=\n" " [--rules=rules-list] [--nodetail] [--enabled] [--disabled]\n" " [--srchost= ] [--sizelimit= ]\n" "\n" " --user, --host, and --service are mandatory, others are optional.\n" "\n" " If --rules is specified simulate enabling of the specified rules and test\n" " the login of the user using only these rules.\n" "\n" " If --enabled is specified, all enabled HBAC rules will be added to " "simulation\n" "\n" " If --disabled is specified, all disabled HBAC rules will be added to " "simulation\n" "\n" " If --nodetail is specified, do not return information about rules matched/" "not matched.\n" "\n" " If both --rules and --enabled are specified, apply simulation to --rules " "_and_\n" " all IPA enabled rules.\n" "\n" " If no --rules specified, simulation is run against all IPA enabled rules.\n" " By default there is a IPA-wide limit to number of entries fetched, you can " "change it\n" " with --sizelimit option.\n" "\n" " If --srchost is specified, it will be ignored. It is left because of " "compatibility reasons only.\n" "\n" "EXAMPLES:\n" "\n" " 1. Use all enabled HBAC rules in IPA database to simulate:\n" " $ ipa hbactest --user=a1a --host=bar --service=sshd\n" " --------------------\n" " Access granted: True\n" " --------------------\n" " notmatched: my-second-rule\n" " notmatched: my-third-rule\n" " notmatched: myrule\n" " matched: allow_all\n" "\n" " 2. Disable detailed summary of how rules were applied:\n" " $ ipa hbactest --user=a1a --host=bar --service=sshd --nodetail\n" " --------------------\n" " Access granted: True\n" " --------------------\n" "\n" " 3. Test explicitly specified HBAC rules:\n" " $ ipa hbactest --user=a1a --host=bar --service=sshd --rules=my-" "second-rule,myrule\n" " ---------------------\n" " Access granted: False\n" " ---------------------\n" " notmatched: my-second-rule\n" " notmatched: myrule\n" "\n" " 4. Use all enabled HBAC rules in IPA database + explicitly specified " "rules:\n" " $ ipa hbactest --user=a1a --host=bar --service=sshd --rules=my-" "second-rule,myrule --enabled\n" " --------------------\n" " Access granted: True\n" " --------------------\n" " notmatched: my-second-rule\n" " notmatched: my-third-rule\n" " notmatched: myrule\n" " matched: allow_all\n" "\n" " 5. Test all disabled HBAC rules in IPA database:\n" " $ ipa hbactest --user=a1a --host=bar --service=sshd --disabled\n" " ---------------------\n" " Access granted: False\n" " ---------------------\n" " notmatched: new-rule\n" "\n" " 6. Test all disabled HBAC rules in IPA database + explicitly specified " "rules:\n" " $ ipa hbactest --user=a1a --host=bar --service=sshd --rules=my-" "second-rule,myrule --disabled\n" " ---------------------\n" " Access granted: False\n" " ---------------------\n" " notmatched: my-second-rule\n" " notmatched: my-third-rule\n" " notmatched: myrule\n" "\n" " 7. Test all (enabled and disabled) HBAC rules in IPA database:\n" " $ ipa hbactest --user=a1a --host=bar --service=sshd --enabled " "--disabled\n" " --------------------\n" " Access granted: True\n" " --------------------\n" " notmatched: my-second-rule\n" " notmatched: my-third-rule\n" " notmatched: myrule\n" " notmatched: new-rule\n" " matched: allow_all\n" msgstr "" msgid "Source host" msgstr "源主机" msgid "" "\n" "Hosts/Machines\n" "\n" "A host represents a machine. It can be used in a number of contexts:\n" "- service entries are associated with a host\n" "- a host stores the host/ service principal\n" "- a host can be used in Host-based Access Control (HBAC) rules\n" "- every enrolled client generates a host entry\n" "\n" "ENROLLMENT:\n" "\n" "There are three enrollment scenarios when enrolling a new client:\n" "\n" "1. You are enrolling as a full administrator. The host entry may exist\n" " or not. A full administrator is a member of the hostadmin role\n" " or the admins group.\n" "2. You are enrolling as a limited administrator. The host must already\n" " exist. A limited administrator is a member a role with the\n" " Host Enrollment privilege.\n" "3. The host has been created with a one-time password.\n" "\n" "A host can only be enrolled once. If a client has enrolled and needs to\n" "be re-enrolled, the host entry must be removed and re-created. Note that\n" "re-creating the host entry will result in all services for the host being\n" "removed, and all SSL certificates associated with those services being\n" "revoked.\n" "\n" "A host can optionally store information such as where it is located,\n" "the OS that it runs, etc.\n" "\n" "EXAMPLES:\n" "\n" " Add a new host:\n" " ipa host-add --location=\"3rd floor lab\" --locality=Dallas test.example." "com\n" "\n" " Delete a host:\n" " ipa host-del test.example.com\n" "\n" " Add a new host with a one-time password:\n" " ipa host-add --os='Fedora 12' --password=Secret123 test.example.com\n" "\n" " Add a new host with a random one-time password:\n" " ipa host-add --os='Fedora 12' --random test.example.com\n" "\n" " Modify information about a host:\n" " ipa host-mod --os='Fedora 12' test.example.com\n" "\n" " Remove SSH public keys of a host and update DNS to reflect this change:\n" " ipa host-mod --sshpubkey= --updatedns test.example.com\n" "\n" " Disable the host Kerberos key, SSL certificate and all of its services:\n" " ipa host-disable test.example.com\n" "\n" " Add a host that can manage this host's keytab and certificate:\n" " ipa host-add-managedby --hosts=test2 test\n" msgstr "" msgid "" "\n" "Groups of hosts.\n" "\n" "Manage groups of hosts. This is useful for applying access control to a\n" "number of hosts by using Host-based Access Control.\n" "\n" "EXAMPLES:\n" "\n" " Add a new host group:\n" " ipa hostgroup-add --desc=\"Baltimore hosts\" baltimore\n" "\n" " Add another new host group:\n" " ipa hostgroup-add --desc=\"Maryland hosts\" maryland\n" "\n" " Add members to the hostgroup:\n" " ipa hostgroup-add-member --hosts=box1,box2,box3 baltimore\n" "\n" " Add a hostgroup as a member of another hostgroup:\n" " ipa hostgroup-add-member --hostgroups=baltimore maryland\n" "\n" " Remove a host from the hostgroup:\n" " ipa hostgroup-remove-member --hosts=box2 baltimore\n" "\n" " Display a host group:\n" " ipa hostgroup-show baltimore\n" "\n" " Delete a hostgroup:\n" " ipa hostgroup-del baltimore\n" msgstr "" msgid "" "Comma-separated list of objectclasses used to search for user entries in DS" msgstr "在DS中用于查找用户条目以逗号分隔的对象类" msgid "" "Comma-separated list of objectclasses used to search for group entries in DS" msgstr "在DS中用于查找用户组条目以逗号分隔的对象类" msgid "" "Comma-separated list of objectclasses to be ignored for user entries in DS" msgstr "在DS中被用户条目所忽略以逗号分隔的对象类" msgid "Comma-separated list of attributes to be ignored for user entries in DS" msgstr "在DS中被用户条目所忽略以逗号分隔的属性" msgid "" "Comma-separated list of objectclasses to be ignored for group entries in DS" msgstr "在DS中被组条目所忽略以逗号分隔的对象类" msgid "" "Comma-separated list of attributes to be ignored for group entries in DS" msgstr "在DS中被组条目所忽略以逗号分隔的属性" msgid "comma-separated list of groups to exclude from migration" msgstr "允许迁移的以逗号分隔的用户组列表" msgid "comma-separated list of users to exclude from migration" msgstr "允许迁移的以逗号分隔的用户列表" msgid "" "\n" "Netgroups\n" "\n" "A netgroup is a group used for permission checking. It can contain both\n" "user and host values.\n" "\n" "EXAMPLES:\n" "\n" " Add a new netgroup:\n" " ipa netgroup-add --desc=\"NFS admins\" admins\n" "\n" " Add members to the netgroup:\n" " ipa netgroup-add-member --users=tuser1,tuser2 admins\n" "\n" " Remove a member from the netgroup:\n" " ipa netgroup-remove-member --users=tuser2 admins\n" "\n" " Display information about a netgroup:\n" " ipa netgroup-show admins\n" "\n" " Delete a netgroup:\n" " ipa netgroup-del admins\n" msgstr "" msgid "comma-separated list of netgroups to add" msgstr "待添加的以逗号分隔的网络组列表" msgid "comma-separated list of netgroups to remove" msgstr "待移除的以逗号分隔的网络组列表" msgid "" "\n" "Permissions\n" "\n" "A permission enables fine-grained delegation of rights. A permission is\n" "a human-readable form of a 389-ds Access Control Rule, or instruction " "(ACI).\n" "A permission grants the right to perform a specific task such as adding a\n" "user, modifying a group, etc.\n" "\n" "A permission may not contain other permissions.\n" "\n" "* A permission grants access to read, write, add or delete.\n" "* A privilege combines similar permissions (for example all the permissions\n" " needed to add a user).\n" "* A role grants a set of privileges to users, groups, hosts or hostgroups.\n" "\n" "A permission is made up of a number of different parts:\n" "\n" "1. The name of the permission.\n" "2. The target of the permission.\n" "3. The rights granted by the permission.\n" "\n" "Rights define what operations are allowed, and may be one or more\n" "of the following:\n" "1. write - write one or more attributes\n" "2. read - read one or more attributes\n" "3. add - add a new entry to the tree\n" "4. delete - delete an existing entry\n" "5. all - all permissions are granted\n" "\n" "Read permission is granted for most attributes by default so the read\n" "permission is not expected to be used very often.\n" "\n" "Note the distinction between attributes and entries. The permissions are\n" "independent, so being able to add a user does not mean that the user will\n" "be editable.\n" "\n" "There are a number of allowed targets:\n" "1. type: a type of object (user, group, etc).\n" "2. memberof: a member of a group or hostgroup\n" "3. filter: an LDAP filter\n" "4. subtree: an LDAP filter specifying part of the LDAP DIT. This is a\n" " super-set of the \"type\" target.\n" "5. targetgroup: grant access to modify a specific group (such as granting\n" " the rights to manage group membership)\n" "\n" "EXAMPLES:\n" "\n" " Add a permission that grants the creation of users:\n" " ipa permission-add --type=user --permissions=add \"Add Users\"\n" "\n" " Add a permission that grants the ability to manage group membership:\n" " ipa permission-add --attrs=member --permissions=write --type=group " "\"Manage Group Members\"\n" msgstr "" msgid "" "Comma-separated list of permissions to grant (read, write, add, delete, all)" msgstr "以逗号分隔的授权列表(读,写,添加,删除,全部)" msgid "" "Type of IPA object (user, group, host, hostgroup, service, netgroup, dns)" msgstr "IPA对象类型(用户,用户组,主机,主机组,服务,网络组,dns)" msgid "Target members of a group" msgstr "一个组的目标成员" msgid "User group to apply permissions to" msgstr "待应用权限的用户组" msgid "comma-separated list of privileges to add" msgstr "待添加的以逗号分隔的权限列表" msgid "Add a system permission without an ACI" msgstr "添加一个没有ACI的系统权限" msgid "Permission type" msgstr "权限类型" msgid "comma-separated list of privileges to remove" msgstr "待移除的以逗号分隔的权限列表" msgid "" "\n" "Ping the remote IPA server to ensure it is running.\n" "\n" "The ping command sends an echo request to an IPA server. The server\n" "returns its version information. This is used by an IPA client\n" "to confirm that the server is available and accepting requests.\n" "\n" "The server from xmlrpc_uri in /etc/ipa/default.conf is contacted first.\n" "If it does not respond then the client will contact any servers defined\n" "by ldap SRV records in DNS.\n" "\n" "EXAMPLES:\n" "\n" " Ping an IPA server:\n" " ipa ping\n" " ------------------------------------------\n" " IPA server version 2.1.9. API version 2.20\n" " ------------------------------------------\n" "\n" " Ping an IPA server verbosely:\n" " ipa -v ping\n" " ipa: INFO: trying https://ipa.example.com/ipa/xml\n" " ipa: INFO: Forwarding 'ping' to server u'https://ipa.example.com/ipa/" "xml'\n" " -----------------------------------------------------\n" " IPA server version 2.1.9. API version 2.20\n" " -----------------------------------------------------\n" msgstr "" msgid "comma-separated list of roles to add" msgstr "待添加的以逗号分隔的角色列表" msgid "comma-separated list of permissions" msgstr "以逗号分隔的权限列表" msgid "comma-separated list of roles to remove" msgstr "待移除的以逗号分隔的角色列表" msgid "comma-separated list of privileges" msgstr "以逗号分隔的权限列表" msgid "" "\n" "Self-service Permissions\n" "\n" "A permission enables fine-grained delegation of permissions. Access Control\n" "Rules, or instructions (ACIs), grant permission to permissions to perform\n" "given tasks such as adding a user, modifying a group, etc.\n" "\n" "A Self-service permission defines what an object can change in its own " "entry.\n" "\n" "\n" "EXAMPLES:\n" "\n" " Add a self-service rule to allow users to manage their address:\n" " ipa selfservice-add --permissions=write --attrs=street,postalCode,l,c,st " "\"Users manage their own address\"\n" "\n" " When managing the list of attributes you need to include all attributes\n" " in the list, including existing ones. Add telephoneNumber to the list:\n" " ipa selfservice-mod --attrs=street,postalCode,l,c,st,telephoneNumber " "\"Users manage their own address\"\n" "\n" " Display our updated rule:\n" " ipa selfservice-show \"Users manage their own address\"\n" "\n" " Delete a rule:\n" " ipa selfservice-del \"Users manage their own address\"\n" msgstr "" msgid "" "\n" "Services\n" "\n" "A IPA service represents a service that runs on a host. The IPA service\n" "record can store a Kerberos principal, an SSL certificate, or both.\n" "\n" "An IPA service can be managed directly from a machine, provided that\n" "machine has been given the correct permission. This is true even for\n" "machines other than the one the service is associated with. For example,\n" "requesting an SSL certificate using the host service principal credentials\n" "of the host. To manage a service using host credentials you need to\n" "kinit as the host:\n" "\n" " # kinit -kt /etc/krb5.keytab host/ipa.example.com@EXAMPLE.COM\n" "\n" "Adding an IPA service allows the associated service to request an SSL\n" "certificate or keytab, but this is performed as a separate step; they\n" "are not produced as a result of adding the service.\n" "\n" "Only the public aspect of a certificate is stored in a service record;\n" "the private key is not stored.\n" "\n" "EXAMPLES:\n" "\n" " Add a new IPA service:\n" " ipa service-add HTTP/web.example.com\n" "\n" " Allow a host to manage an IPA service certificate:\n" " ipa service-add-host --hosts=web.example.com HTTP/web.example.com\n" " ipa role-add-member --hosts=web.example.com certadmin\n" "\n" " Override a default list of supported PAC types for the service:\n" " ipa service-mod HTTP/web.example.com --pac-type=MS-PAC\n" "\n" " Delete an IPA service:\n" " ipa service-del HTTP/web.example.com\n" "\n" " Find all IPA services associated with a host:\n" " ipa service-find web.example.com\n" "\n" " Find all HTTP services:\n" " ipa service-find HTTP\n" "\n" " Disable the service Kerberos key and SSL certificate:\n" " ipa service-disable HTTP/web.example.com\n" "\n" " Request a certificate for an IPA service:\n" " ipa cert-request --principal=HTTP/web.example.com example.csr\n" "\n" " Generate and retrieve a keytab for an IPA service:\n" " ipa-getkeytab -s ipa.example.com -p HTTP/web.example.com -k /etc/httpd/" "httpd.keytab\n" msgstr "" msgid "" "Override default list of supported PAC types. Use 'NONE' to disable PAC " "support for this service" msgstr "覆盖默认支持的PAC类型列表。使用'NONE'来禁用该服务的PAC支持" msgid "" "\n" "Groups of Sudo Commands\n" "\n" "Manage groups of Sudo Commands.\n" "\n" "EXAMPLES:\n" "\n" " Add a new Sudo Command Group:\n" " ipa sudocmdgroup-add --desc='administrators commands' admincmds\n" "\n" " Remove a Sudo Command Group:\n" " ipa sudocmdgroup-del admincmds\n" "\n" " Manage Sudo Command Group membership, commands:\n" " ipa sudocmdgroup-add-member --sudocmds=/usr/bin/less,/usr/bin/vim " "admincmds\n" "\n" " Manage Sudo Command Group membership, commands:\n" " ipa group-remove-member --sudocmds=/usr/bin/less admincmds\n" "\n" " Show a Sudo Command Group:\n" " ipa group-show localadmins\n" msgstr "" msgid "comma-separated list of sudo commands to add" msgstr "待添加的以逗号分隔的sudo命令列表" msgid "comma-separated list of sudo commands to remove" msgstr "待移除的以逗号分隔的sudo命令列表" msgid "" "\n" "Sudo Rules\n" "\n" "Sudo (su \"do\") allows a system administrator to delegate authority to\n" "give certain users (or groups of users) the ability to run some (or all)\n" "commands as root or another user while providing an audit trail of the\n" "commands and their arguments.\n" "\n" "FreeIPA provides a means to configure the various aspects of Sudo:\n" " Users: The user(s)/group(s) allowed to invoke Sudo.\n" " Hosts: The host(s)/hostgroup(s) which the user is allowed to to invoke " "Sudo.\n" " Allow Command: The specific command(s) permitted to be run via Sudo.\n" " Deny Command: The specific command(s) prohibited to be run via Sudo.\n" " RunAsUser: The user(s) or group(s) of users whose rights Sudo will be " "invoked with.\n" " RunAsGroup: The group(s) whose gid rights Sudo will be invoked with.\n" " Options: The various Sudoers Options that can modify Sudo's behavior.\n" "\n" "An order can be added to a sudorule to control the order in which they\n" "are evaluated (if the client supports it). This order is an integer and\n" "must be unique.\n" "\n" "FreeIPA provides a designated binddn to use with Sudo located at:\n" "uid=sudo,cn=sysaccounts,cn=etc,dc=example,dc=com\n" "\n" "To enable the binddn run the following command to set the password:\n" "LDAPTLS_CACERT=/etc/ipa/ca.crt /usr/bin/ldappasswd -S -W -h ipa.example.com -" "ZZ -D \"cn=Directory Manager\" uid=sudo,cn=sysaccounts,cn=etc,dc=example," "dc=com\n" "\n" "For more information, see the FreeIPA Documentation to Sudo.\n" msgstr "" msgid "comma-separated list of sudo command groups to add" msgstr "待添加的以逗号分隔的sudo命令组列表" msgid "comma-separated list of sudo command groups to remove" msgstr "待移除的以逗号分隔的sudo命令组列表" msgid "Active directory domain administrator's password" msgstr "活动目录域管理员密码" msgid "GECOS field" msgstr "GECOS字段" msgid "" "\n" "ID ranges\n" "\n" "Manage ID ranges used to map Posix IDs to SIDs and back.\n" "\n" "There are two type of ID ranges which are both handled by this utility:\n" "\n" " - the ID ranges of the local domain\n" " - the ID ranges of trusted remote domains\n" "\n" "Both types have the following attributes in common:\n" "\n" " - base-id: the first ID of the Posix ID range\n" " - range-size: the size of the range\n" "\n" "With those two attributes a range object can reserve the Posix IDs starting\n" "with base-id up to but not including base-id+range-size exclusively.\n" "\n" "Additionally an ID range of the local domain may set\n" " - rid-base: the first RID(*) of the corresponding RID range\n" " - secondary-rid-base: first RID of the secondary RID range\n" "\n" "and an ID range of a trusted domain must set\n" " - rid-base: the first RID of the corresponding RID range\n" " - dom_sid: domain SID of the trusted domain\n" "\n" "\n" "\n" "EXAMPLE: Add a new ID range for a trusted domain\n" "\n" "Since there might be more than one trusted domain the domain SID must be " "given\n" "while creating the ID range.\n" "\n" " ipa idrange-add --base-id=1200000 --range-size=200000 --rid-" "base=0 --dom-sid=S-1-5-21-123-456-789 trusted_dom_range\n" "\n" "This ID range is then used by the IPA server and the SSSD IPA provider to\n" "assign Posix UIDs to users from the trusted domain.\n" "\n" "If e.g. a range for a trusted domain is configured with the following " "values:\n" " base-id = 1200000\n" " range-size = 200000\n" " rid-base = 0\n" "the RIDs 0 to 199999 are mapped to the Posix ID from 1200000 to 13999999. " "So\n" "RID 1000 <-> Posix ID 1201000\n" "\n" "\n" "\n" "EXAMPLE: Add a new ID range for the local domain\n" "\n" "To create an ID range for the local domain it is not necessary to specify a\n" "domain SID. But since it is possible that a user and a group can have the " "same\n" "value as Posix ID a second RID interval is needed to handle conflicts.\n" "\n" " ipa idrange-add --base-id=1200000 --range-size=200000 --rid-" "base=1000 --secondary-rid-base=1000000 local_range\n" "\n" "The data from the ID ranges of the local domain are used by the IPA server\n" "internally to assign SIDs to IPA users and groups. The SID will then be " "stored\n" "in the user or group objects.\n" "\n" "If e.g. the ID range for the local domain is configured with the values " "from\n" "the example above then a new user with the UID 1200007 will get the RID " "1007.\n" "If this RID is already used by a group the RID will be 1000007. This can " "only\n" "happen if a user or a group object was created with a fixed ID because the\n" "automatic assignment will not assign the same ID twice. Since there are " "only\n" "users and groups sharing the same ID namespace it is sufficient to have " "only\n" "one fallback range to handle conflicts.\n" "\n" "To find the Posix ID for a given RID from the local domain it has to be\n" "checked first if the RID falls in the primary or secondary RID range and\n" "the rid-base or the secondary-rid-base has to be subtracted, respectively,\n" "and the base-id has to be added to get the Posix ID.\n" "\n" "Typically the creation of ID ranges happens behind the scenes and this CLI\n" "must not be used at all. The ID range for the local domain will be created\n" "during installation or upgrade from an older version. The ID range for a\n" "trusted domain will be created together with the trust by 'ipa trust-" "add ...'.\n" "\n" "USE CASES:\n" "\n" " Add an ID range from a transitively trusted domain\n" "\n" " If the trusted domain (A) trusts another domain (B) as well and this " "trust\n" " is transitive 'ipa trust-add domain-A' will only create a range for\n" " domain A. The ID range for domain B must be added manually.\n" "\n" " Add an additional ID range for the local domain\n" "\n" " If the ID range of the local domain is exhausted, i.e. no new IDs can " "be\n" " assigned to Posix users or groups by the DNA plugin, a new range has to " "be\n" " created to allow new users and groups to be added. (Currently there is " "no\n" " connection between this range CLI and the DNA plugin, but a future " "version\n" " might be able to modify the configuration of the DNS plugin as well)\n" "\n" "In general it is not necessary to modify or delete ID ranges. If there is " "no\n" "other way to achieve a certain configuration than to modify or delete an ID\n" "range it should be done with great care. Because UIDs are stored in the " "file\n" "system and are used for access control it might be possible that users are\n" "allowed to access files of other users if an ID range got deleted and " "reused\n" "for a different domain.\n" "\n" "(*) The RID is typically the last integer of a user or group SID which " "follows\n" "the domain SID. E.g. if the domain SID is S-1-5-21-123-456-789 and a user " "from\n" "this domain has the SID S-1-5-21-123-456-789-1010 then 1010 is the RID of " "the\n" "user. RIDs are unique in a domain, 32bit values and are used for users and\n" "groups.\n" "\n" "WARNING:\n" "\n" "DNA plugin in 389-ds will allocate IDs based on the ranges configured for " "the\n" "local domain. Currently the DNA plugin *cannot* be reconfigured itself " "based\n" "on the local ranges set via this family of commands.\n" "\n" "Manual configuration change has to be done in the DNA plugin configuration " "for\n" "the new local range. Specifically, The dnaNextRange attribute of 'cn=Posix\n" "IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has to " "be\n" "modified to match the new range.\n" msgstr "" msgid "" "\n" "Add new ID range.\n" "\n" " To add a new ID range you always have to specify\n" "\n" " --base-id\n" " --range-size\n" "\n" " Additionally\n" "\n" " --rid-base\n" " --secondary-rid-base\n" "\n" " may be given for a new ID range for the local domain while\n" "\n" " --rid-bas\n" " --dom-sid\n" "\n" " must be given to add a new range for a trusted AD domain.\n" "\n" " WARNING:\n" "\n" " DNA plugin in 389-ds will allocate IDs based on the ranges configured " "for the\n" " local domain. Currently the DNA plugin *cannot* be reconfigured itself " "based\n" " on the local ranges set via this family of commands.\n" "\n" " Manual configuration change has to be done in the DNA plugin " "configuration for\n" " the new local range. Specifically, The dnaNextRange attribute of " "'cn=Posix\n" " IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has " "to be\n" " modified to match the new range.\n" " " msgstr "" msgid "Failed members" msgstr "失败的成员" msgid "Failed source hosts/hostgroups" msgstr "失败的源主机/主机组" msgid "Failed hosts/hostgroups" msgstr "失败的主机/主机组" msgid "Failed users/groups" msgstr "失败的用户/用户组" msgid "Failed service/service groups" msgstr "失败的服务/服务组" msgid "Failed to remove" msgstr "移除失败" msgid "Failed RunAs" msgstr "作为其他用户运行失败" msgid "Failed RunAsGroup" msgstr "作为其他用户组运行失败" msgid "Failed profiles" msgstr "错误的配置文件" #, fuzzy #| msgid "Failed RunAs" msgid "Failed CAs" msgstr "作为其他用户运行失败" #, fuzzy #| msgid "Failed members" msgid "Failed member manager" msgstr "失败的成员" #, fuzzy #| msgid "Failed members" msgid "Failed managedby" msgstr "失败的成员" msgid "Failed allowed to retrieve keytab" msgstr "不允许检索keytab" msgid "Failed allowed to create keytab" msgstr "不允许创建keytab" msgid "Failed targets" msgstr "失败的目标" msgid "" "\n" "Routines for constructing certificate signing requests using IPA data and\n" "stored templates.\n" msgstr "" #, python-format msgid "Required CSR generation rule %(name)s is missing data" msgstr "" #, fuzzy #| msgid "Search for existing certificates." msgid "Template error when formatting certificate data" msgstr "查找已存在的证书。" #, fuzzy, python-format #| msgid "HBAC rule %(rule)s not found" msgid "No generation rule %(rulename)s found." msgstr "HBAC规则%(rule)s没有找到" #, python-format msgid "Generation rule \"%(rulename)s\" is missing the \"rule\" key" msgstr "" #, python-format msgid "No CSR generation rules are defined for profile %(profile_id)s" msgstr "" msgid "any of the configured servers" msgstr "任何已配置的服务器" #, fuzzy #| msgid "The number of times to retry authentication" msgid "Exceeded number of tries to forward a request." msgstr "重试认证的次数" #, python-format msgid "%(count)d variables" msgstr "%(count)d个变量" #, python-format msgid "%(count)d plugin loaded" msgid_plural "%(count)d plugins loaded" msgstr[0] "已加载%(count)d个插件" msgid "incorrect type" msgstr "不正确的类型" msgid "Only one value is allowed" msgstr "只允许一个值" msgid "this option is deprecated" msgstr "该选项已被弃用" msgid "must be True or False" msgstr "必须是True或False" msgid "must be an integer" msgstr "必须是一个整数" #, python-format msgid "must be at least %(minvalue)d" msgstr "必须至少%(minvalue)d" #, python-format msgid "can be at most %(maxvalue)d" msgstr "最多%(maxvalue)d" msgid "must be a decimal number" msgstr "必须是一个十进制数" #, python-format msgid "must be at least %(minvalue)s" msgstr "必须至少%(minvalue)s" #, python-format msgid "can be at most %(maxvalue)s" msgstr "最多%(maxvalue)s" #, python-format msgid "" "number class '%(cls)s' is not included in a list of allowed number classes: " "%(allowed)s" msgstr "数字类'%(cls)s'不在允许的数字类列表中:%(allowed)s" #, python-format msgid "must match pattern \"%(pattern)s\"" msgstr "必须匹配模式\"%(pattern)s\"" msgid "must be binary data" msgstr "必须是二进制数据" #, python-format msgid "must be at least %(minlength)d bytes" msgstr "必须至少%(minlength)d字节" #, python-format msgid "can be at most %(maxlength)d bytes" msgstr "最多%(maxlength)d字节" #, python-format msgid "must be exactly %(length)d bytes" msgstr "必须恰好是%(length)d字节" #, fuzzy #| msgid "Revoke a certificate." msgid "must be a certificate" msgstr "撤销证书。" #, fuzzy #| msgid "Submit a certificate signing request." msgid "must be a certificate signing request" msgstr "提交一个证书签名请求。" #, python-format msgid "Failure decoding Certificate Signing Request: %s" msgstr "解码证书签名请求失败:%s" msgid "must be Unicode text" msgstr "必须是Unicode文本" msgid "Leading and trailing spaces are not allowed" msgstr "开头和结尾空格是不允许的" #, python-format msgid "must be at least %(minlength)d characters" msgstr "必须至少%(minlength)d字符" #, python-format msgid "can be at most %(maxlength)d characters" msgstr "最多%(maxlength)d字符" #, python-format msgid "must be exactly %(length)d characters" msgstr "必须恰好是%(length)d字符" #, python-format msgid "The character %(char)r is not allowed." msgstr "字符%(char)r是不允许的。" #, python-format msgid "must be '%(value)s'" msgstr "必须是'%(value)s'" #, python-format msgid "must be one of %(values)s" msgstr "必须是%(values)s中的一个" msgid "must be datetime value" msgstr "必须是时间值" msgid "does not match any of accepted formats: " msgstr "不匹配任何可接受的格式:" msgid "incomplete time value" msgstr "不完整的时间值" msgid "must be DNS name" msgstr "必须是DNS名" msgid "must be absolute" msgstr "必须是绝对的" msgid "must be relative" msgstr "必须是相对的" msgid "must be dictionary" msgstr "必须是字典" msgid "must be Kerberos principal" msgstr "必须是Kerberos主体" #, python-format msgid "Malformed principal: '%(value)s'" msgstr "有缺陷的主体:'%(value)s'" msgid "Service principal is required" msgstr "需要服务主体" msgid "A dictionary representing an LDAP entry" msgstr "一个字典代表一个LDAP条目" msgid "A list of LDAP entries" msgstr "LDAP条目列表" msgid "All commands should at least have a result" msgstr "所有命令至少有一个返回值" #, python-format msgid "Enter %(label)s again to verify: " msgstr "再次输入 %(label)s进行校验: " msgid "Passwords do not match!" msgstr "密码不匹配!" msgid "No matching entries found" msgstr "发现了不匹配的条目" msgid "Topic or Command" msgstr "主题或命令" msgid "The topic or command name." msgstr "主题或命令名。" msgid "Topic commands:" msgstr "主题命令:" msgid "To get command help, use:" msgstr "获取命令帮助,使用:" msgid " ipa --help" msgstr "" msgid "Command name" msgstr "命令名" msgid "Positional arguments" msgstr "位置参数" #, python-format msgid "Same as --%s" msgstr "相同于 --%s" msgid "Deprecated options" msgstr "已弃用的选项" msgid "No file to read" msgstr "无文件可读" #, python-format msgid "%(cver)s client incompatible with %(sver)s server at '%(server)s'" msgstr "%(cver)s客户端和在'%(server)s'的%(sver)s服务器不兼容" #, python-format msgid "unknown error %(code)d from %(server)s: %(error)s" msgstr "%(server)s上未知的错误%(code)d:%(error)s" msgid "an internal error has occurred" msgstr "发生了内部错误" #, python-format msgid "an internal error has occurred on server at '%(server)s'" msgstr "服务器 '%(server)s' 已经发生了一次内部错误" #, python-format msgid "unknown command '%(name)s'" msgstr "未知的命令'%(name)s'" #, python-format msgid "error on server '%(server)s': %(error)s" msgstr "服务器'%(server)s'错误:%(error)s" #, python-format msgid "cannot connect to '%(uri)s': %(error)s" msgstr "不能连接到'%(uri)s':%(error)s" #, python-format msgid "Invalid JSON-RPC request: %(error)s" msgstr "无效的JSON-RPC请求: %(error)s" #, python-format msgid "error marshalling data for XML-RPC transport: %(error)s" msgstr "XML-RPC传输数据整理错误:%(error)s" #, python-format msgid "Missing or invalid HTTP Referer, %(referer)s" msgstr "丢失或者无效的 HTTP Referer, %(referer)s" #, python-format msgid "" "System encoding must be UTF-8, '%(encoding)s' is not supported. Set LC_ALL=" "\"C.UTF-8\", or LC_ALL=\"\" and LC_CTYPE=\"C.UTF-8\"." msgstr "" #, python-format msgid "Kerberos error: %(major)s/%(minor)s" msgstr "Kerberos 错误: %(major)s/%(minor)s" msgid "did not receive Kerberos credentials" msgstr "没有收到Kerberos凭证" #, python-format msgid "Service '%(service)s' not found in Kerberos database" msgstr "在Kerberos数据库中没有找到服务'%(service)s'" msgid "No credentials cache found" msgstr "没有找到凭证缓存" msgid "Ticket expired" msgstr "票据过期" msgid "Credentials cache permissions incorrect" msgstr "凭证缓存权限不正确" msgid "Bad format in credentials cache" msgstr "凭证缓存格式错误" msgid "Cannot resolve KDC for requested realm" msgstr "请求域中不能解析KDC" msgid "Session error" msgstr "会话错误" #, python-format msgid "Principal %(principal)s cannot be authenticated: %(message)s" msgstr "不能认证主体%(principal)s:%(message)s" #, python-format msgid "Insufficient access: %(info)s" msgstr "访问受限:%(info)s" #, python-format msgid "command '%(name)s' takes no arguments" msgstr "命令'%(name)s'没有参数" #, python-format msgid "command '%(name)s' takes at most %(count)d argument" msgid_plural "command '%(name)s' takes at most %(count)d arguments" msgstr[0] "命令'%(name)s'最多能带%(count)d个参数" #, python-format msgid "overlapping arguments and options: %(names)s" msgstr "覆盖参数和选项:%(names)s" #, python-format msgid "'%(name)s' is required" msgstr "需要'%(name)s'" #, python-format msgid "invalid '%(name)s': %(error)s" msgstr "无效的'%(name)s':%(error)s" #, python-format msgid "api has no such namespace: '%(name)s'" msgstr "api没有这样的命名空间:'%(name)s'" msgid "Passwords do not match" msgstr "密码不匹配" msgid "Command not implemented" msgstr "命令没有实现" msgid "Client is not configured. Run ipa-client-install." msgstr "客户端没有配置。运行ipa-client-install。" #, python-format msgid "Could not get %(name)s interactively" msgstr "不能交互式地获取%(name)s" #, python-format msgid "Command '%(name)s' has been deprecated" msgstr "命令'%(name)s'已被弃用" #, python-format msgid "Domain '%(domain)s' is not a root domain for forest '%(forest)s'" msgstr "域'%(domain)s'不是一个森林'%(forest)s'的根域" #, python-format msgid "%(reason)s" msgstr "%(reason)s" msgid "This entry already exists" msgstr "条目已经存在" msgid "You must enroll a host in order to create a host service" msgstr "要创建一个主机服务,你必须注册一个主机" #, python-format msgid "" "Service principal is not of the form: service/fully-qualified host name: " "%(reason)s" msgstr "服务主体不是这种格式:服务名/完全限定的主机名:%(reason)s" msgid "" "The realm for the principal does not match the realm for this IPA server" msgstr "主体域在该IPA服务器域中不匹配" msgid "This command requires root access" msgstr "该命令需要root访问权限" msgid "This is already a posix group" msgstr "这已经是一个posix组" #, python-format msgid "Principal is not of the form user@REALM: '%(principal)s'" msgstr "主体不是这种格式user@REALM:'%(principal)s'" msgid "This entry is already enabled" msgstr "条目已启用" msgid "This entry is already disabled" msgstr "条目已禁用" msgid "This entry cannot be enabled or disabled" msgstr "条目不能被启用或禁用" msgid "This entry is not a member" msgstr "条目不是一个成员" msgid "A group may not be a member of itself" msgstr "一个组不能是自己的成员" msgid "This entry is already a member" msgstr "条目已经时一个成员" #, python-format msgid "Base64 decoding failed: %(reason)s" msgstr "Base64解码失败: %(reason)s" msgid "A group may not be added as a member of itself" msgstr "一个组不能是自己的成员" msgid "The default users group cannot be removed" msgstr "默认的用户组不成被删除" msgid "Deleting a managed group is not allowed. It must be detached first." msgstr "删除一个管理组时不允许的。它必须先分离出来。" msgid "A managed group cannot have a password policy." msgstr "管理组不能有密码策略。" #, python-format msgid "'%(entry)s' doesn't have a certificate." msgstr "'%(entry)s'没有证书。" #, python-format msgid "Unable to create private group. A group '%(group)s' already exists." msgstr "不能创建私有组。组'%(group)s'已存在。" #, python-format msgid "" "A problem was encountered when verifying that all members were %(verb)s: " "%(exc)s" msgstr "遇到的问题是什么时候验证所有成员是%(verb)s:%(exc)s" #, python-format msgid "%(attr)s does not contain '%(value)s'" msgstr "%(attr)s没有包含'%(value)s'" #, python-format msgid "" "The search criteria was not specific enough. Expected 1 and found %(found)d." msgstr "查找条件不够具体。预期1和找到%(found)d。" msgid "This group already allows external members" msgstr "该组已允许外部成员" msgid "This group cannot be posix because it is external" msgstr "该组不是posix因为它是外部的" msgid "This is already a posix group and cannot be converted to external one" msgstr "这已经是一个posix组了,并且不能转换为外部的" #, python-format msgid "Server removal aborted: %(reason)s." msgstr "服务器删除失败:%(reason)s。" #, python-format msgid "%(operation)s is not supported for %(principal_type)s principals" msgstr "%(operation)s不支持主体 %(principal_type)s" #, python-format msgid "Request failed with status %(status)s: %(reason)s" msgstr "请求失败状态%(status)s:%(reason)s" #, python-format msgid "" "Mapping ruleset \"%(ruleset)s\" has more than one rule for the %(helper)s " "helper" msgstr "" #, python-format msgid "'%(attr)s' already contains one or more values" msgstr "'%(attr)s'已包含一个或多个值" #, python-format msgid "no command nor help topic '%(topic)s'" msgstr "没有命令也没有帮助主题'%(topic)s'" msgid "change collided with another change" msgstr "修改冲突" msgid "no modifications to be performed" msgstr "没有修改" #, fuzzy, python-format #| msgid "%(info)s" msgid "%(desc)s: %(info)s" msgstr "%(info)s" msgid "limits exceeded for this query" msgstr "超出该查询的限制" #, python-format msgid "%(info)s" msgstr "%(info)s" msgid "modifying primary key is not allowed" msgstr "修改主键是不允许的" #, python-format msgid "%(attr)s: Only one value allowed." msgstr "%(attr)s:仅允许一个值。" #, python-format msgid "%(attr)s: Invalid syntax." msgstr "%(attr)s:无效的语法。" #, python-format msgid "Bad search filter %(info)s" msgstr "不正确的查询筛选器%(info)s" msgid "Not allowed on non-leaf entry" msgstr "在非叶子条目上是不允许的" msgid "LDAP timeout" msgstr "LDAP超时" #, python-format msgid "%(task)s LDAP task timeout, Task DN: '%(task_dn)s'" msgstr "%(task)s LDAP任务超时,任务DN:'%(task_dn)s'" msgid "Configured time limit exceeded" msgstr "配置时间超出限制" msgid "Configured size limit exceeded" msgstr "配置大小超出限制" msgid "Configured administrative server limit exceeded" msgstr "配置管理服务器超出限制" #, python-format msgid "Certificate operation cannot be completed: %(error)s" msgstr "证书操作没有完成:%(error)s" #, python-format msgid "Certificate format error: %(error)s" msgstr "证书格式错误:%(error)s" msgid "Already registered" msgstr "已注册" msgid "Not registered yet" msgstr "尚未注册" #, python-format msgid "%(key)s cannot be deleted because %(label)s %(dependent)s requires it" msgstr "%(key)s不能被删除因为%(label)s %(dependent)s需要它" #, python-format msgid "" "%(key)s cannot be deleted or disabled because it is the last member of " "%(label)s %(container)s" msgstr "%(key)s不能被删除或禁用因为它是%(label)s %(container)s的最后一个成员" #, python-format msgid "%(label)s %(key)s cannot be deleted/modified: %(reason)s" msgstr "%(label)s %(key)s不能被删除/修改:%(reason)s" #, python-format msgid "%(name)s certificate is not valid" msgstr "%(name)s证书无效" #, python-format msgid "Schema is up to date (FP '%(fingerprint)s', TTL %(ttl)s s)" msgstr "模式是最新的(FP '%(fingerprint)s', TTL %(ttl)s s)" #, python-format msgid "Host '%(hostname)s' does not have corresponding DNS A/AAAA record" msgstr "主机'%(hostname)s'没有相配的DNS A/AAAA记录" #, python-format msgid "DNS check failed: Expected {%(expected)s} got {%(got)s}" msgstr "DNS检测失败:预期的{%(expected)s},得到的{%(got)s}" #, fuzzy, python-format #| msgid "Service Options" msgid "%(exception)s" msgstr "服务选项" #, python-format msgid "" "Forest '%(forest)s' has existing trust to forest(s) %(domains)s which " "prevents a trust to '%(conflict)s'" msgstr "" msgid "Results are truncated, try a more specific search" msgstr "结果被截断,请尝试更明确的搜索" #, python-format msgid "Unknown option: %(option)s" msgstr "未知的选项:%(option)s" msgid "Client version. Used to determine if server will accept request." msgstr "客户端版本。用来确定是否服务器接受请求。" msgid "Additional instructions:" msgstr "附加指示:" #, python-format msgid "" "API Version number was not sent, forward compatibility not guaranteed. " "Assuming server's API version, %(server_version)s" msgstr "" "没有发送API版本号,不能保证向前兼容。假定服务器的API版本%(server_version)s" msgid "" "DNS forwarder semantics changed since IPA 4.0.\n" "You may want to use forward zones (dnsforwardzone-*) instead.\n" "For more details read the docs." msgstr "" "自从IPA 4.0后DNS转发器语义改变了。你可以使用正向区域(dnsforwardzone-*)来替" "代。查看帮助文档获取更多详细信息。" #, python-format msgid "" "DNSSEC support is experimental.\n" "%(additional_info)s" msgstr "DNSSEC支持是实验性的。%(additional_info)s" #, python-format msgid "'%(option)s' option is deprecated. %(additional_info)s" msgstr "'%(option)s'选项已弃用。%(additional_info)s" #, python-format msgid "" "Semantic of %(label)s was changed. %(current_behavior)s\n" "%(hint)s" msgstr "%(label)s语义已改变了。%(current_behavior)s %(hint)s" #, python-format msgid "DNS server %(server)s: %(error)s." msgstr "DNS服务器%(server)s:%(error)s。" #, python-format msgid "" "DNS server %(server)s does not support DNSSEC: %(error)s.\n" "If DNSSEC validation is enabled on IPA server(s), please disable it." msgstr "" "DNS服务器%(server)s不支持DNSSEC:%(error)s。如果DNSSEC认证在IPA服务器上启用" "了,请禁用它。" #, python-format msgid "" "forward zone \"%(fwzone)s\" is not effective because of missing proper NS " "delegation in authoritative zone \"%(authzone)s\". Please add NS record " "\"%(ns_rec)s\" to parent zone \"%(authzone)s\"." msgstr "" "正向\"%(fwzone)s\"无效因为在认证区域\"%(authzone)s\"缺少合适的NS记录。请添加" "NS记录\"%(ns_rec)s\"到父区域\"%(authzone)s\"。" #, python-format msgid "" "DNS server %(server)s does not support EDNS0 (RFC 6891): %(error)s.\n" "If DNSSEC validation is enabled on IPA server(s), please disable it." msgstr "" "DNS服务器%(server)s不支持EDNS0 (RFC 6891):%(error)s。如果DNSSEC认证在IPA服务" "器上启用了,请禁用它。" #, python-format msgid "" "DNSSEC validation failed: %(error)s.\n" "Please verify your DNSSEC configuration or disable DNSSEC validation on all " "IPA servers." msgstr "" "DNSSEC认证失败:%(error)s。请确认你的DNSSEC配置或者在所有IPA服务器中禁用" "DNSSEC认证。" #, python-format msgid "" "The _kerberos TXT record from domain %(domain)s could not be created " "(%(error)s).\n" "This can happen if the zone is not managed by IPA. Please create the record " "manually, containing the following value: '%(realm)s'" msgstr "" "不能创建域%(domain)s中的_kerberos TXT记录(%(error)s)。可能是因为该区域没有被" "IPA管理。请手动创建该记录,包含下面值:'%(realm)s'" #, python-format msgid "" "The _kerberos TXT record from domain %(domain)s could not be removed " "(%(error)s).\n" "This can happen if the zone is not managed by IPA. Please remove the record " "manually." msgstr "" "不能移除域%(domain)s中的_kerberos TXT记录(%(error)s)。可能是因为该区域没有被" "IPA管理。请手动移除该记录。" msgid "" "No DNSSEC key master is installed. DNSSEC zone signing will not work until " "the DNSSEC key master is installed." msgstr "没有安装DNSSEC密钥主机。DNSSEC区域签名不会工作直到安装DNSSEC密钥主机。" #, python-format msgid "" "Relative record name '%(record)s' contains the zone name '%(zone)s' as a " "suffix, which results in FQDN '%(fqdn)s'. This is usually a mistake caused " "by a missing dot at the end of the name specification." msgstr "" "相对记录名'%(record)s'将区域名'%(zone)s'当作一个后缀,导致FQDN '%(fqdn)s'。这" "通常是由于在名称规范后缺少一个点号引起的错误。" #, python-format msgid "'%(command)s' is deprecated. %(additional_info)s" msgstr "'%(command)s'已被弃用。%(additional_info)s" #, python-format msgid "%(line)s" msgstr "" #, python-format msgid "Search result has been truncated: %(reason)s" msgstr "查找结果被截断:%(reason)s" #, python-format msgid "" "Your trust to %(domain)s is broken. Please re-create it by running 'ipa " "trust-add' again." msgstr "你对域%(domain)s的信任已中断。请再次运行'ipa trust-add'来重新创建它。" #, python-format msgid "DNS record(s) of host %(host)s could not be removed. (%(reason)s)" msgstr "主机%(host)s的DNS记录不能被移除。(%(reason)s)" msgid "" "Forwarding policy conflicts with some automatic empty zones. Queries for " "zones specified by RFC 6303 will ignore forwarding and recursion and always " "result in NXDOMAIN answers. To override this behavior use forward policy " "'only'." msgstr "" #, python-format msgid "Update of system record '%(record)s' failed with error: %(error)s" msgstr "更新系统记录'%(record)s'失败:%(error)s" #, python-format msgid "" "IPA does not manage the zone %(zone)s, please add records to your DNS server " "manually" msgstr "IPA没有管理区域%(zone)s,请手动在你的DNS服务器上添加记录" msgid "" "Automatic update of DNS system records failed. Please re-run update of " "system records manually to get list of missing records." msgstr "自动更新DNS系统记录失败。请手动重新运行更新系统记录来获取缺少的记录。" #, python-format msgid "" "Service %(service)s requires restart on IPA server %(server)s to apply " "configuration changes." msgstr "应用改变的配置需要在IPA服务器%(server)s上重启服务%(service)s。" #, python-format msgid "" "No DNS servers in IPA location %(location)s. Without DNS servers location is " "not working as expected." msgstr "" "在IPA位置%(location)s没有DNS服务器。没有DNS服务器位置是不会按预期工作的。" #, python-format msgid "%(subject)s: Malformed certificate. %(reason)s" msgstr "" #, python-format msgid "The host was added but the DNS update failed with: %(reason)s" msgstr "" #, fuzzy, python-format #| msgid "The character %(char)r is not allowed." msgid "The certificate for %(ca)s is not available on this server." msgstr "字符%(char)r是不允许的。" #, python-format msgid "%(filename)s: file not found" msgstr "%(filename)s:文件没找到" msgid "Filename is empty" msgstr "文件名为空" #, python-format msgid "Permission denied: %(file)s" msgstr "权限阻止:%(file)s" msgid "empty DNS label" msgstr "空的DNS标签" msgid "DNS label cannot be longer that 63 characters" msgstr "DNS标签不能长于63个字符" #, python-format msgid "" "only letters, numbers, %(chars)s are allowed. DNS label may not start or end " "with %(chars2)s" msgstr "只允许字母,数字和%(chars)s。DNS标签不能以%(chars2)s开始或结束" #, fuzzy #| msgid "Host is not supported" msgid "single label {}s are not supported" msgstr "主机不被支持" msgid "too many '@' characters" msgstr "太多'@'字符" #, fuzzy #| msgid "DNS label cannot be longer that 63 characters" msgid "cannot be longer that {} characters" msgstr "DNS标签不能长于63个字符" msgid "hostname contains empty label (consecutive dots)" msgstr "主机名包含空的标签(连续的点)" msgid "not fully qualified" msgstr "没有完全限制" msgid "invalid SSH public key" msgstr "无效的SSH公钥" msgid "options are not allowed" msgstr "选项是不允许的" msgid "invalid hostmask" msgstr "无效的hostmask" #, python-format msgid "query '%(owner)s %(rtype)s': %(error)s" msgstr "查询'%(owner)s %(rtype)s':%(error)s" #, python-format msgid "query '%(owner)s %(rtype)s' with EDNS0: %(error)s" msgstr "用EDNS0查询'%(owner)s %(rtype)s':%(error)s" #, python-format msgid "" "answer to query '%(owner)s %(rtype)s' is missing DNSSEC signatures (no RRSIG " "data)" msgstr "查询答案'%(owner)s %(rtype)s'缺少DNSSEC签名(没有RRSIG数据)" #, python-format msgid "record '%(owner)s %(rtype)s' failed DNSSEC validation on server %(ip)s" msgstr "记录'%(owner)s %(rtype)s'DNSSEC验证服务器 %(ip)s失败" msgid "invalid escape code in domain name" msgstr "无效的域名转换代码" msgid "domain name cannot be longer than 255 characters" msgstr "域名不能长于255个字符" msgid "DNS label cannot be longer than 63 characters" msgstr "DNS标签不能长于63个字符" msgid "invalid domain name" msgstr "无效的域名" #, python-format msgid "domain name '%(domain)s' should be normalized to: %(normalized)s" msgstr "域名'%(domain)s'应该规范化:%(normalized)s" #, python-format msgid "invalid domain-name: %s" msgstr "无效的域名:%s" #, python-format msgid "invalid IP address version (is %(value)d, must be %(required_value)d)!" msgstr "无效的IP地址版本(是%(value)d,必须是%(required_value)d)!" msgid "invalid IP address format" msgstr "无效的IP地址格式" #, python-format msgid "%(port)s is not a valid port" msgstr "%(port)s不是一个有效的端口" msgid "" "at least one value equal to the canonical principal name must be present" msgstr "必须存在至少一个值等同规范主体名称" msgid "realm or UPN suffix overlaps with trusted domain namespace" msgstr "域或UPN后缀覆盖信任域命名空间" #, python-format msgid "Retrieving CA cert chain failed: %s" msgstr "检索CA证书链失败:%s" #, python-format msgid "request failed with HTTP status %d" msgstr "请求失败HTTP状态%d" #, python-format msgid "Retrieving CA status failed: %s" msgstr "检索CA状态失败:%s" #, python-format msgid "Retrieving CA status failed with status %d" msgstr "检索CA状态失败%d" #, python-format msgid "objectclass %s not found" msgstr "对象类%s没找到" #, python-format msgid "Unable to communicate with CMS (status %d)" msgstr "不能与CMS通信(状态%d)" #, fuzzy, python-format #| msgid "Replication agreement enabled" msgid "Replication agreement for %(hostname)s not found" msgstr "启用复制协议" msgid "" "\n" "Sudo Rules\n" msgstr "" "\n" "Sudo规则\n" msgid "" "\n" "Sudo (su \"do\") allows a system administrator to delegate authority to\n" "give certain users (or groups of users) the ability to run some (or all)\n" "commands as root or another user while providing an audit trail of the\n" "commands and their arguments.\n" msgstr "" "\n" "Sudo (su \"do\")允许一个系统管理员给特定用户(或用户组)授予权限使其有以root" "或其他用户的能力来运行一些(或全部)命令,同时会对命令和命令参数提供一个审计" "跟踪。\n" msgid "" "\n" "FreeIPA provides a means to configure the various aspects of Sudo:\n" " Users: The user(s)/group(s) allowed to invoke Sudo.\n" " Hosts: The host(s)/hostgroup(s) which the user is allowed to to invoke " "Sudo.\n" " Allow Command: The specific command(s) permitted to be run via Sudo.\n" " Deny Command: The specific command(s) prohibited to be run via Sudo.\n" " RunAsUser: The user(s) or group(s) of users whose rights Sudo will be " "invoked with.\n" " RunAsGroup: The group(s) whose gid rights Sudo will be invoked with.\n" " Options: The various Sudoers Options that can modify Sudo's behavior.\n" msgstr "" "\n" "FreeIPA提供了一种方法来配置Sudo的各个方面:\n" " 用户:用户/用户组允许调用Sudo。\n" " 主机:主机/主机组上的用户允许调用Sudo。\n" " 允许的命令:指定命令允许通过Sudo来运行。\n" " 阻止的命令:指定命令禁止通过Sudo来运行。\n" " 作为用户来运行:Sudo会调用用户或用户组的权限。\n" " 作为组来运行:Sudo会调用组的gid权限。\n" " 选项:各种Sudoers选项可以修改Sudo的行为。\n" msgid "" "\n" "An order can be added to a sudorule to control the order in which they\n" "are evaluated (if the client supports it). This order is an integer and\n" "must be unique.\n" msgstr "" "\n" "顺序可以添加到一个sudo规则中来控制它们评估的顺序(如果客户端支持)。该顺序是" "一个整数并且是唯一的。\n" msgid "" "\n" "FreeIPA provides a designated binddn to use with Sudo located at:\n" "uid=sudo,cn=sysaccounts,cn=etc,dc=example,dc=com\n" msgstr "" msgid "" "\n" "To enable the binddn run the following command to set the password:\n" "LDAPTLS_CACERT=/etc/ipa/ca.crt /usr/bin/ldappasswd -S -W -h ipa.example.com -" "ZZ -D \"cn=Directory Manager\" uid=sudo,cn=sysaccounts,cn=etc,dc=example," "dc=com\n" msgstr "" msgid "" "\n" " Create a new rule:\n" " ipa sudorule-add readfiles\n" msgstr "" msgid "" "\n" " Add sudo command object and add it as allowed command in the rule:\n" " ipa sudocmd-add /usr/bin/less\n" " ipa sudorule-add-allow-command readfiles --sudocmds /usr/bin/less\n" msgstr "" msgid "" "\n" " Add a host to the rule:\n" " ipa sudorule-add-host readfiles --hosts server.example.com\n" msgstr "" msgid "" "\n" " Add a user to the rule:\n" " ipa sudorule-add-user readfiles --users jsmith\n" msgstr "" msgid "" "\n" " Add a special Sudo rule for default Sudo server configuration:\n" " ipa sudorule-add defaults\n" msgstr "" msgid "" "\n" " Set a default Sudo option:\n" " ipa sudorule-add-option defaults --sudooption '!authenticate'\n" msgstr "" msgid "" "\n" " Set SELinux type and role transitions on a rule:\n" " ipa sudorule-add-option sysadmin_sudo --sudooption type=unconfined_t\n" " ipa sudorule-add-option sysadmin_sudo --sudooption role=unconfined_r\n" msgstr "" msgid "this option has been deprecated." msgstr "该选项已被弃用。" msgid "sudo rules" msgstr "sudo规则" msgid "Sudo Rules" msgstr "Sudo规则" msgid "Sudo Rule" msgstr "Sudo规则" #, python-format msgid "order must be a unique value (%(order)d already used by %(rule)s)" msgstr "序号必须是唯一值(%(order)d已被%(rule)s使用)" #, python-format msgid "Added Sudo Rule \"%(value)s\"" msgstr "已添加Sudo规则\"%(value)s\"" #, python-format msgid "Deleted Sudo Rule \"%(value)s\"" msgstr "已删除Sudo规则\"%(value)s\"" #, python-format msgid "Modified Sudo Rule \"%(value)s\"" msgstr "已修改Sudo规则\"%(value)s\"" #, python-format msgid "" "%(type)s category cannot be set to 'all' while there are allowed %(objects)s" msgstr "%(type)s类别不能设置为all',虽然有允许%(objects)s" msgid "users" msgstr "用户" msgid "command" msgstr "命令" msgid "commands" msgstr "命令" msgid "runAs user" msgstr "作为用户来运行" msgid "runAs users" msgstr "作为用户来运行" msgid "group runAs" msgstr "作为组来运行" msgid "runAs groups" msgstr "作为组来运行" #, python-format msgid "%(count)d Sudo Rule matched" msgid_plural "%(count)d Sudo Rules matched" msgstr[0] "已匹配%(count)d个Sudo规则" msgid "commands cannot be added when command category='all'" msgstr "当命令类别='all'时命令不能被添加" msgid "users cannot be added when user category='all'" msgstr "当用户类别='all'时用户不能被添加" msgid "hosts cannot be added when host category='all'" msgstr "当主机类别='all'时主机不能被添加" msgid "users cannot be added when runAs user or runAs group category='all'" msgstr "当作为用户来运行或作为组来运行类别='all'时用户不能被添加" #, python-format msgid "RunAsUser does not accept '%(name)s' as a user name" msgstr "作为用户来运行不能接受'%(name)s'来作为一个用户名" #, python-format msgid "RunAsUser does not accept '%(name)s' as a group name" msgstr "作为用户来运行不能接受'%(name)s'来作为一个组名" #, python-format msgid "RunAsGroup does not accept '%(name)s' as a group name" msgstr "作为组来运行不能接受'%(name)s'来作为一个组名" msgid "automount location" msgstr "自动挂载位置" msgid "automount locations" msgstr "自动挂载位置" msgid "Automount Locations" msgstr "自动挂载位置" msgid "Automount Location" msgstr "自动挂载位置" #, python-format msgid "Added automount location \"%(value)s\"" msgstr "已添加自动挂载位置\"%(value)s\"" #, python-format msgid "Deleted automount location \"%(value)s\"" msgstr "已删除自动挂载位置\"%(value)s\"" #, python-format msgid "%(count)d automount location matched" msgid_plural "%(count)d automount locations matched" msgstr[0] "已匹配%(count)d个自动挂载位置" msgid "automount map" msgstr "自动挂载映射" msgid "automount maps" msgstr "自动挂载映射" msgid "Automount Maps" msgstr "自动挂载映射" msgid "Automount Map" msgstr "自动挂载映射" #, python-format msgid "Added automount map \"%(value)s\"" msgstr "已添加自动挂载映射\"%(value)s\"" #, python-format msgid "Deleted automount map \"%(value)s\"" msgstr "已删除自动挂载映射\"%(value)s\"" #, python-format msgid "Modified automount map \"%(value)s\"" msgstr "已修改自动挂载映射\"%(value)s\"" #, python-format msgid "%(count)d automount map matched" msgid_plural "%(count)d automount maps matched" msgstr[0] "已匹配%(count)d个自动挂载映射" msgid "Automount key object." msgstr "自动挂载键对象。" msgid "automount key" msgstr "自动挂载键" msgid "automount keys" msgstr "自动挂载键" msgid "Automount Keys" msgstr "自动挂载键" msgid "Automount Key" msgstr "自动挂载键" #, python-format msgid "" "The key,info pair must be unique. A key named %(key)s with info %(info)s " "already exists" msgstr "“键,信息”对必须是唯一的。信息为%(info)s的键名%(key)s已存在" #, python-format msgid "key named %(key)s already exists" msgstr "键名%(key)s已存在" #, python-format msgid "The automount key %(key)s with info %(info)s does not exist" msgstr "信息为%(info)s的自动挂载键%(key)s不存在" #, python-format msgid "" "More than one entry with key %(key)s found, use --info to select specific " "entry." msgstr "找到不止一个拥有键%(key)s的条目,使用--info来选择指定条目。" #, python-format msgid "Added automount key \"%(value)s\"" msgstr "已添加自动挂载键\"%(value)s\"" #, python-format msgid "Added automount indirect map \"%(value)s\"" msgstr "已添加自动间接映射\"%(value)s\"" msgid "mount point is relative to parent map, cannot begin with /" msgstr "挂载点是相对于父映射的,不能以/开始" #, python-format msgid "Deleted automount key \"%(value)s\"" msgstr "已删除自动挂载键\"%(value)s\"" #, python-format msgid "Modified automount key \"%(value)s\"" msgstr "已修改自动挂载键\"%(value)s\"" #, python-format msgid "%(count)d automount key matched" msgid_plural "%(count)d automount keys matched" msgstr[0] "已匹配%(count)d个自动挂载键" msgid "" "\n" "Hosts/Machines\n" "\n" "A host represents a machine. It can be used in a number of contexts:\n" "- service entries are associated with a host\n" "- a host stores the host/ service principal\n" "- a host can be used in Host-based Access Control (HBAC) rules\n" "- every enrolled client generates a host entry\n" msgstr "" msgid "" "\n" "ENROLLMENT:\n" "\n" "There are three enrollment scenarios when enrolling a new client:\n" "\n" "1. You are enrolling as a full administrator. The host entry may exist\n" " or not. A full administrator is a member of the hostadmin role\n" " or the admins group.\n" "2. You are enrolling as a limited administrator. The host must already\n" " exist. A limited administrator is a member a role with the\n" " Host Enrollment privilege.\n" "3. The host has been created with a one-time password.\n" msgstr "" msgid "" "\n" "RE-ENROLLMENT:\n" "\n" "Host that has been enrolled at some point, and lost its configuration (e.g. " "VM\n" "destroyed) can be re-enrolled.\n" "\n" "For more information, consult the manual pages for ipa-client-install.\n" "\n" "A host can optionally store information such as where it is located,\n" "the OS that it runs, etc.\n" msgstr "" msgid "" "\n" " Add a new host:\n" " ipa host-add --location=\"3rd floor lab\" --locality=Dallas test.example." "com\n" msgstr "" msgid "" "\n" " Delete a host:\n" " ipa host-del test.example.com\n" msgstr "" msgid "" "\n" " Add a new host with a one-time password:\n" " ipa host-add --os='Fedora 12' --password=Secret123 test.example.com\n" msgstr "" msgid "" "\n" " Add a new host with a random one-time password:\n" " ipa host-add --os='Fedora 12' --random test.example.com\n" msgstr "" msgid "" "\n" " Modify information about a host:\n" " ipa host-mod --os='Fedora 12' test.example.com\n" msgstr "" msgid "" "\n" " Remove SSH public keys of a host and update DNS to reflect this change:\n" " ipa host-mod --sshpubkey= --updatedns test.example.com\n" msgstr "" #, fuzzy #| msgid "" #| "Disable the Kerberos key, SSL certificate and all services of a host." msgid "" "\n" " Disable the host Kerberos key, SSL certificate and all of its services:\n" " ipa host-disable test.example.com\n" msgstr "禁用该主机的Kerberos密钥,SSL证书和所有的服务。" msgid "" "\n" " Add a host that can manage this host's keytab and certificate:\n" " ipa host-add-managedby --hosts=test2 test\n" msgstr "" msgid "" "\n" " Allow user to create a keytab:\n" " ipa host-allow-create-keytab test2 --users=tuser1\n" msgstr "" msgid "Host" msgstr "主机" msgid "Base-64 encoded host certificate" msgstr "Base-64编码的主机证书" msgid "Subject" msgstr "主题" msgid "Serial Number" msgstr "序列号" msgid "Serial Number (hex)" msgstr "序列号(十六进制)" msgid "Issuer" msgstr "发行人" msgid "Not Before" msgstr "不早于" msgid "Not After" msgstr "不晚于" msgid "Fingerprint (SHA1)" msgstr "指纹(SHA1)" #, fuzzy #| msgid "Fingerprint (SHA1)" msgid "Fingerprint (SHA256)" msgstr "指纹(SHA1)" msgid "Revocation reason" msgstr "撤消原因" msgid "Principal alias" msgstr "主体别名" msgid "SSH public key fingerprint" msgstr "SSH公钥指纹" msgid "Authentication Indicators" msgstr "认证指标" msgid "" "Defines an allow list for Authentication Indicators. Use 'otp' to allow OTP-" "based 2FA authentications. Use 'radius' to allow RADIUS-based 2FA " "authentications. Use 'pkinit' to allow PKINIT-based 2FA authentications. Use " "'hardened' to allow brute-force hardened password authentication by SPAKE or " "FAST. With no indicator specified, all authentication mechanisms are allowed." msgstr "" #, python-format msgid "Added host \"%(value)s\"" msgstr "新增主机 \"%(value)s\"" #, python-format msgid "can be at most %(len)d characters" msgstr "最多%(len)d个字符" #, python-format msgid "Deleted host \"%(value)s\"" msgstr "已删除主机 \"%(value)s\"" msgid "Remove A, AAAA, SSHFP and PTR records of the host(s) managed by IPA DNS" msgstr "移除被IPA DNS管理的主机的A,AAAA,SSHFP和PTR记录" msgid "No A, AAAA, SSHFP or PTR records found." msgstr "没有找到A,AAAA,SSHFP和PTR记录。" #, python-format msgid "Modified host \"%(value)s\"" msgstr "已修改主机 \"%(value)s\"" msgid "Password cannot be set on enrolled host." msgstr "密码不能在注册主机上设置。" msgid "cn is immutable" msgstr "cn是不变的" #, python-format msgid "%(count)d host matched" msgid_plural "%(count)d hosts matched" msgstr[0] "已匹配%(count)d个主机" #, python-format msgid "Disabled host \"%(value)s\"" msgstr "已禁用主机\"%(value)s\"" #, python-format msgid "Added certificates to host \"%(value)s\"" msgstr "已向主机\"%(value)s\"中添加证书" #, python-format msgid "Removed certificates from host \"%(value)s\"" msgstr "已从主机\"%(value)s\"中移除证书" msgid "Add new principal alias to host entry" msgstr "为主机条目添加新的主体别名" #, python-format msgid "Added new aliases to host \"%(value)s\"" msgstr "已为主机\"%(value)s\"添加新别名" msgid "Remove principal alias from a host entry" msgstr "从一个主机条目中移除主体别名" #, python-format msgid "Removed aliases from host \"%(value)s\"" msgstr "已从主机\"%(value)s\"中移除别名" msgid "" "\n" "Manage CA ACL rules.\n" "\n" "This plugin is used to define rules governing which CAs and profiles\n" "may be used to issue certificates to particular principals or groups\n" "of principals.\n" "\n" "SUBJECT PRINCIPAL SCOPE:\n" "\n" "For a certificate request to be allowed, the principal(s) that are\n" "the subject of a certificate request (not necessarily the principal\n" "actually requesting the certificate) must be included in the scope\n" "of a CA ACL that also includes the target CA and profile.\n" "\n" "Users can be included by name, group or the \"all users\" category.\n" "Hosts can be included by name, hostgroup or the \"all hosts\"\n" "category. Services can be included by service name or the \"all\n" "services\" category. CA ACLs may be associated with a single type of\n" "principal, or multiple types.\n" "\n" "CERTIFICATE AUTHORITY SCOPE:\n" "\n" "A CA ACL can be associated with one or more CAs by name, or by the\n" "\"all CAs\" category. For compatibility reasons, a CA ACL with no CA\n" "association implies an association with the 'ipa' CA (and only this\n" "CA).\n" "\n" "PROFILE SCOPE:\n" "\n" "A CA ACL can be associated with one or more profiles by Profile ID.\n" "The Profile ID is a string without spaces or punctuation starting\n" "with a letter and followed by a sequence of letters, digits or\n" "underscore (\"_\").\n" "\n" "EXAMPLES:\n" "\n" " Create a CA ACL \"test\" that grants all users access to the\n" " \"UserCert\" profile on all CAs:\n" " ipa caacl-add test --usercat=all --cacat=all\n" " ipa caacl-add-profile test --certprofiles UserCert\n" "\n" " Display the properties of a named CA ACL:\n" " ipa caacl-show test\n" "\n" " Create a CA ACL to let user \"alice\" use the \"DNP3\" profile on \"DNP3-CA" "\":\n" " ipa caacl-add alice_dnp3\n" " ipa caacl-add-ca alice_dnp3 --cas DNP3-CA\n" " ipa caacl-add-profile alice_dnp3 --certprofiles DNP3\n" " ipa caacl-add-user alice_dnp3 --user=alice\n" "\n" " Disable a CA ACL:\n" " ipa caacl-disable test\n" "\n" " Remove a CA ACL:\n" " ipa caacl-del test\n" msgstr "" msgid "CA ACL" msgstr "" msgid "CA ACLs" msgstr "" msgid "CA category" msgstr "CA类别" msgid "CA category the ACL applies to" msgstr "ACL应用的CA类别" msgid "CAs" msgstr "" #, python-format msgid "Added CA ACL \"%(value)s\"" msgstr "已添加CA ACL\"%(value)s\"" #, python-format msgid "Deleted CA ACL \"%(value)s\"" msgstr "已删除CA ACL\"%(value)s\"" msgid "default CA ACL can be only disabled" msgstr "默认的CA ACL只可以被禁用" #, python-format msgid "Modified CA ACL \"%(value)s\"" msgstr "已修改CA ACL\"%(value)s\"" msgid "CA category cannot be set to 'all' while there are allowed CAs" msgstr "CA类别不能设置为all',虽然有允许CAs" msgid "" "profile category cannot be set to 'all' while there are allowed profiles" msgstr "配置文件类别不能设置为all',虽然有允许配置文件" msgid "user category cannot be set to 'all' while there are allowed users" msgstr "用户类别不能设置为all',虽然有允许用户" msgid "host category cannot be set to 'all' while there are allowed hosts" msgstr "主机类别不能设置为all',虽然有允许主机" msgid "" "service category cannot be set to 'all' while there are allowed services" msgstr "服务类别不能设置为all',虽然有允许服务" #, python-format msgid "%(count)d CA ACL matched" msgid_plural "%(count)d CA ACLs matched" msgstr[0] "已匹配%(count)d个CA ACL" #, python-format msgid "Enabled CA ACL \"%(value)s\"" msgstr "已启用CA ACL\"%(value)s\"" #, python-format msgid "Disabled CA ACL \"%(value)s\"" msgstr "已禁用CA ACL\"%(value)s\"" #, python-format msgid "%i user or group added." msgstr "%i用户或组已添加。" #, python-format msgid "%i users or groups added." msgstr "%i用户或用户组已添加。" #, python-format msgid "%i user or group removed." msgstr "%i用户或组已移除。" #, python-format msgid "%i users or groups removed." msgstr "%i用户或用户组已移除。" #, python-format msgid "%i host or hostgroup added." msgstr "%i主机或主机组已添加。" #, python-format msgid "%i hosts or hostgroups added." msgstr "%i主机或主机组已添加。" #, python-format msgid "%i host or hostgroup removed." msgstr "%i主机或主机组已移除。" #, python-format msgid "%i hosts or hostgroups removed." msgstr "%i主机或主机组已移除。" #, python-format msgid "%i service added." msgstr "%i服务已添加。" #, python-format msgid "%i services added." msgstr "%i服务已添加。" msgid "services cannot be added when service category='all'" msgstr "当服务类别='all'时服务不能被添加" #, python-format msgid "%i service removed." msgstr "%i服务已移除。" #, python-format msgid "%i services removed." msgstr "%i服务已移除。" #, python-format msgid "%i profile added." msgstr "%i配置文件已添加。" #, python-format msgid "%i profiles added." msgstr "%i配置文件已添加。" msgid "profiles cannot be added when profile category='all'" msgstr "当配置文件类别='all'时配置文件不能被添加" #, python-format msgid "%i profile removed." msgstr "%i配置文件已移除。" #, python-format msgid "%i profiles removed." msgstr "%i配置文件已移除。" msgid "Add CAs to a CA ACL." msgstr "向一个CA ACL中添加CAs。" #, python-format msgid "%i CA added." msgstr "%iCA已添加。" #, python-format msgid "%i CAs added." msgstr "%iCAs已添加。" msgid "CAs cannot be added when CA category='all'" msgstr "当CA类别='all'时CAs不能被添加" msgid "Remove CAs from a CA ACL." msgstr "从一个CA ACL中移除CAs。" #, python-format msgid "%i CA removed." msgstr "%iCA已移除。" #, python-format msgid "%i CAs removed." msgstr "%iCAs已移除。" msgid "The deny type has been deprecated." msgstr "阻止类型已被弃用。" msgid "HBAC rules" msgstr "HBAC规则" msgid "HBAC Rules" msgstr "HBAC规则" msgid "HBAC Services" msgstr "HBAC服务" msgid "HBAC Service Groups" msgstr "HBAC服务组" #, python-format msgid "Added HBAC rule \"%(value)s\"" msgstr "已添加HBAC规则\"%(value)s\"" #, python-format msgid "Deleted HBAC rule \"%(value)s\"" msgstr "已删除HBAC规则\"%(value)s\"" #, python-format msgid "Modified HBAC rule \"%(value)s\"" msgstr "已修改HBAC规则\"%(value)s\"" #, python-format msgid "%(count)d HBAC rule matched" msgid_plural "%(count)d HBAC rules matched" msgstr[0] "已匹配%(count)d个HBAC规则" #, python-format msgid "Enabled HBAC rule \"%(value)s\"" msgstr "已启用HBAC规则\"%(value)s\"" #, python-format msgid "Disabled HBAC rule \"%(value)s\"" msgstr "已禁用HBAC规则\"%(value)s\"" msgid "Access time" msgstr "访问时间" #, fuzzy #| msgid "Add source hosts and hostgroups from a HBAC rule." msgid "Add source hosts and hostgroups to an HBAC rule." msgstr "从一个HBAC规则中添加源主机和主机组。" msgid "operation not defined" msgstr "操作没有定义" #, python-format msgid "not allowed to perform operation: %s" msgstr "不允许执行操作:%s" msgid "No such virtual command" msgstr "没有这样的虚拟命令" msgid "" "\n" "DNS server configuration\n" msgstr "" "\n" "DNS服务器配置\n" msgid "" "\n" "Manipulate DNS server configuration\n" msgstr "" "\n" "设置DNS服务器配置\n" msgid "" "\n" " Show configuration of a specific DNS server:\n" " ipa dnsserver-show\n" msgstr "" msgid "" "\n" " Update configuration of a specific DNS server:\n" " ipa dnsserver-mod\n" msgstr "" msgid "DNS server" msgstr "DNS服务器" msgid "DNS servers" msgstr "DNS服务器" msgid "DNS Servers" msgstr "DNS服务器" msgid "DNS Server" msgstr "DNS服务器" msgid "DNS Server name" msgstr "DNS服务器名" msgid "SOA mname override" msgstr "SOA mname覆盖" msgid "SOA mname (authoritative server) override" msgstr "SOA mname(权威服务器)覆盖" msgid "Forwarders" msgstr "转发器" msgid "" "Per-server forwarders. A custom port can be specified for each forwarder " "using a standard format \"IP_ADDRESS port PORT\"" msgstr "" "Per-server转发器。使用标准格式\"IP_ADDRESS port PORT\"为每个转发器指定一个自" "定义端口" msgid "" "Per-server conditional forwarding policy. Set to \"none\" to disable " "forwarding to global forwarder for this zone. In that case, conditional zone " "forwarders are disregarded." msgstr "" "Per-server有条件的转发器策略。设置为\"none\"来禁止该区域转发至全局转发器。那" "样的话,有条件的区域转发器被忽视了。" msgid "DNS is not configured" msgstr "DNS没有配置" msgid "Modify DNS server configuration" msgstr "修改DNS服务器配置" #, python-format msgid "Modified DNS server \"%(value)s\"" msgstr "已修改DNS服务器\"%(value)s\"" msgid "Search for DNS servers." msgstr "查找DNS服务器。" #, python-format msgid "%(count)d DNS server matched" msgid_plural "%(count)d DNS servers matched" msgstr[0] "已匹配%(count)d个DNS服务器" #, fuzzy #| msgid "KRA service is not enabled" msgid "IPA DNS Server is not installed" msgstr "KRA服务没有启用" msgid "Display configuration of a DNS server." msgstr "显示一个DNS服务器配置。" msgid "Add a new DNS server." msgstr "添加一个新的DNS服务器。" #, python-format msgid "Added new DNS server \"%(value)s\"" msgstr "已添加新的DNS服务器\"%(value)s\"" msgid "Delete a DNS server" msgstr "删除一个DNS服务器" #, python-format msgid "Deleted DNS server \"%(value)s\"" msgstr "已删除DNS服务器\"%(value)s\"" msgid "Host-based access control commands" msgstr "基于主机访问控制命令" msgid "" "\n" "HBAC Services\n" "\n" "The PAM services that HBAC can control access to. The name used here\n" "must match the service name that PAM is evaluating.\n" "\n" "EXAMPLES:\n" "\n" " Add a new HBAC service:\n" " ipa hbacsvc-add tftp\n" "\n" " Modify an existing HBAC service:\n" " ipa hbacsvc-mod --desc=\"TFTP service\" tftp\n" "\n" " Search for HBAC services. This example will return two results, the FTP\n" " service and the newly-added tftp service:\n" " ipa hbacsvc-find ftp\n" "\n" " Delete an HBAC service:\n" " ipa hbacsvc-del tftp\n" "\n" msgstr "" msgid "HBAC services" msgstr "HBAC服务" msgid "HBAC Service" msgstr "HBAC服务" #, python-format msgid "Added HBAC service \"%(value)s\"" msgstr "已添加HBAC服务\"%(value)s\"" #, python-format msgid "Deleted HBAC service \"%(value)s\"" msgstr "已删除HBAC服务\"%(value)s\"" #, python-format msgid "Modified HBAC service \"%(value)s\"" msgstr "已修改HBAC服务\"%(value)s\"" #, python-format msgid "%(count)d HBAC service matched" msgid_plural "%(count)d HBAC services matched" msgstr[0] "已匹配%(count)d个HBAC服务" msgid "HBAC service group" msgstr "HBAC服务组" msgid "HBAC service groups" msgstr "HBAC服务组" msgid "HBAC Service Group" msgstr "HBAC服务组" #, python-format msgid "Added HBAC service group \"%(value)s\"" msgstr "已添加HBAC服务组\"%(value)s\"" #, python-format msgid "Deleted HBAC service group \"%(value)s\"" msgstr "已删除HBAC服务组\"%(value)s\"" #, python-format msgid "Modified HBAC service group \"%(value)s\"" msgstr "已修改HBAC服务组\"%(value)s\"" #, python-format msgid "%(count)d HBAC service group matched" msgid_plural "%(count)d HBAC service groups matched" msgstr[0] "已匹配%(count)d个HBAC服务组" #, python-format msgid "" "cannot add permission \"%(perm)s\" with bindtype \"%(bindtype)s\" to a " "privilege" msgstr "不能给一个特权添加带有绑定类型\"%(bindtype)s\"的权限\"%(perm)s\"" msgid "Privilege" msgstr "特权" #, python-format msgid "Added privilege \"%(value)s\"" msgstr "已添加特权\"%(value)s\"" #, python-format msgid "Deleted privilege \"%(value)s\"" msgstr "已删除特权\"%(value)s\"" #, python-format msgid "Modified privilege \"%(value)s\"" msgstr "已修改特权\"%(value)s\"" #, python-format msgid "%(count)d privilege matched" msgid_plural "%(count)d privileges matched" msgstr[0] "已匹配%(count)d个特权" msgid "Class of Service object used for linking policies with groups" msgstr "" #, python-format msgid "priority must be a unique value (%(prio)d already used by %(gname)s)" msgstr "优先权必须是一个唯一值((%(prio)d已被%(gname)s使用)" msgid "Add Class of Service entry" msgstr "" #, fuzzy #| msgid "Delete an IPA service." msgid "Delete Class of Service entry" msgstr "删除一个IPA服务。" #, fuzzy #| msgid "Modify an HBAC service group." msgid "Modify Class of Service entry" msgstr "修改一个HBAC服务组。" msgid "Display Class of Service entry" msgstr "" #, fuzzy #| msgid "Search for an HBAC service group." msgid "Search for Class of Service entry" msgstr "查找一个HBAC服务组。" msgid "password policy" msgstr "密码策略" msgid "password policies" msgstr "密码策略" msgid "Password Policies" msgstr "密码策略" msgid "Password Policy" msgstr "密码策略" msgid "Maximum password life must be greater than minimum." msgstr "最小密码生存周期必须比最小值大。" msgid "cannot delete global password policy" msgstr "不能删除全局密码策略" msgid "priority cannot be set on global policy" msgstr "优先权布不能在本地策略上设置" msgid "" "\n" "Realm domains\n" "\n" "Manage the list of domains associated with IPA realm.\n" "\n" "This list is useful for Domain Controllers from other realms which have\n" "established trust with this IPA realm. They need the information to know\n" "which request should be forwarded to KDC of this IPA realm.\n" "\n" "Automatic management: a domain is automatically added to the realm domains\n" "list when a new DNS Zone managed by IPA is created. Same applies for " "deletion.\n" "\n" "Externally managed DNS: domains which are not managed in IPA server DNS\n" "need to be manually added to the list using ipa realmdomains-mod command.\n" "\n" "EXAMPLES:\n" "\n" " Display the current list of realm domains:\n" " ipa realmdomains-show\n" "\n" " Replace the list of realm domains:\n" " ipa realmdomains-mod --domain=example.com\n" " ipa realmdomains-mod --domain={example1.com,example2.com,example3.com}\n" "\n" " Add a domain to the list of realm domains:\n" " ipa realmdomains-mod --add-domain=newdomain.com\n" "\n" " Delete a domain from the list of realm domains:\n" " ipa realmdomains-mod --del-domain=olddomain.com\n" msgstr "" msgid "Realm domains" msgstr "Realm域" msgid "Realm Domains" msgstr "Realm域" msgid "" "\n" " Modify realm domains\n" "\n" " DNS check: When manually adding a domain to the list, a DNS check is\n" " performed by default. It ensures that the domain is associated with\n" " the IPA realm, by checking whether the domain has a _kerberos TXT " "record\n" " containing the IPA realm name. This check can be skipped by specifying\n" " --force option.\n" "\n" " Removal: when a realm domain which has a matching DNS zone managed by\n" " IPA is being removed, a corresponding _kerberos TXT record in the zone " "is\n" " removed automatically as well. Other records in the zone or the zone\n" " itself are not affected.\n" " " msgstr "" #, python-format msgid "" "DNS zone for each realmdomain must contain SOA or NS records. No records " "found for: %s" msgstr "DNS区域的每个realm域必须包括SOA或NS记录。没有找到记录:%s" #, python-format msgid "The following domains do not belong to this realm: %(domains)s" msgstr "下面的域不属于该realm:%(domains)s" #, python-format msgid "" "The realm of the following domains could not be detected: %(domains)s. If " "these are domains that belong to the this realm, please create a _kerberos " "TXT record containing \"%(realm)s\" in each of them." msgstr "" "下面域的realm不能被检测到:%(domains)s。如果有属于该realm的域,请为它们创建一" "个包含\"%(realm)s\"的_kerberos TXT记录。" msgid "" "The --domain option cannot be used together with --add-domain or --del-" "domain. Use --domain to specify the whole realm domain list explicitly, to " "add/remove individual domains, use --add-domain/del-domain." msgstr "" "--domain选项不能和--add-domain或--del-domain选项一起使用。使用--domain来显示" "地指定整个realm域列表,添加/删除个别域,使用--add-domain/--del-domain。" msgid "IPA server domain cannot be omitted" msgstr "IPA服务器域不能被省略" msgid "IPA server domain cannot be deleted" msgstr "IPA服务器域不能被删除" msgid "" "\n" "Services\n" "\n" "A IPA service represents a service that runs on a host. The IPA service\n" "record can store a Kerberos principal, an SSL certificate, or both.\n" "\n" "An IPA service can be managed directly from a machine, provided that\n" "machine has been given the correct permission. This is true even for\n" "machines other than the one the service is associated with. For example,\n" "requesting an SSL certificate using the host service principal credentials\n" "of the host. To manage a service using host credentials you need to\n" "kinit as the host:\n" "\n" " # kinit -kt /etc/krb5.keytab host/ipa.example.com@EXAMPLE.COM\n" "\n" "Adding an IPA service allows the associated service to request an SSL\n" "certificate or keytab, but this is performed as a separate step; they\n" "are not produced as a result of adding the service.\n" "\n" "Only the public aspect of a certificate is stored in a service record;\n" "the private key is not stored.\n" "\n" "EXAMPLES:\n" "\n" " Add a new IPA service:\n" " ipa service-add HTTP/web.example.com\n" "\n" " Allow a host to manage an IPA service certificate:\n" " ipa service-add-host --hosts=web.example.com HTTP/web.example.com\n" " ipa role-add-member --hosts=web.example.com certadmin\n" "\n" " Override a default list of supported PAC types for the service:\n" " ipa service-mod HTTP/web.example.com --pac-type=MS-PAC\n" "\n" " A typical use case where overriding the PAC type is needed is NFS.\n" " Currently the related code in the Linux kernel can only handle Kerberos\n" " tickets up to a maximal size. Since the PAC data can become quite large " "it\n" " is recommended to set --pac-type=NONE for NFS services.\n" "\n" " Delete an IPA service:\n" " ipa service-del HTTP/web.example.com\n" "\n" " Find all IPA services associated with a host:\n" " ipa service-find web.example.com\n" "\n" " Find all HTTP services:\n" " ipa service-find HTTP\n" "\n" " Disable the service Kerberos key and SSL certificate:\n" " ipa service-disable HTTP/web.example.com\n" "\n" " Request a certificate for an IPA service:\n" " ipa cert-request --principal=HTTP/web.example.com example.csr\n" msgstr "" msgid "" "\n" " Allow user to create a keytab:\n" " ipa service-allow-create-keytab HTTP/web.example.com --users=tuser1\n" msgstr "" msgid "" "\n" " Generate and retrieve a keytab for an IPA service:\n" " ipa-getkeytab -s ipa.example.com -p HTTP/web.example.com -k /etc/httpd/" "httpd.keytab\n" "\n" msgstr "" msgid "Trusted to authenticate as user" msgstr "信任用户认证" msgid "The service is allowed to authenticate on behalf of a client" msgstr "服务可以代表一个客户端进行认证" #, fuzzy #| msgid "Malformed principal: '%(value)s'" msgid "Malformed principal" msgstr "有缺陷的主体:'%(value)s'" #, fuzzy #| msgid "This principal is required by the IPA master" msgid "{} is required by the IPA master" msgstr "这个主体是IPA主服务器所需的" msgid "service" msgstr "服务" msgid "services" msgstr "服务" msgid "Service principal alias" msgstr "服务主体别名" msgid "Base-64 encoded service certificate" msgstr "Base-64编码的服务证书" msgid "NONE value cannot be combined with other PAC types" msgstr "NONE值不能与其他PAC类型相结合" msgid "Add a new IPA service." msgstr "添加一个新的IPA服务。" #, python-format msgid "Added service \"%(value)s\"" msgstr "已添加服务\"%(value)s\"" #, fuzzy #| msgid "force principal name even if not in DNS" msgid "force principal name even if host not in DNS" msgstr "即使主体名在DNS中不存在,也强制添加它" #, fuzzy #| msgid "Skip DNS check" msgid "Skip host check" msgstr "忽略DNS检查" #, fuzzy #| msgid "Force server removal even if it does not exist" msgid "" "force service to be created even when host object does not exist to manage it" msgstr "强制服务器删除即使它不存在" #, python-format msgid "The host '%s' does not exist to add a service to." msgstr "" #, fuzzy #| msgid "Add a new HBAC service." msgid "Add a new SMB service." msgstr "添加一个新的HBAC服务。" #, fuzzy #| msgid "NetBIOS name" msgid "SMB service NetBIOS name" msgstr "NetBIOS名称" #, python-format msgid "Deleted service \"%(value)s\"" msgstr "已删除服务\"%(value)s\"" #, python-format msgid "Modified service \"%(value)s\"" msgstr "已修改服务\"%(value)s\"" #, python-format msgid "%(count)d service matched" msgid_plural "%(count)d services matched" msgstr[0] "已匹配%(count)d个服务" #, python-format msgid "Disabled service \"%(value)s\"" msgstr "已禁用服务\"%(value)s\"" #, python-format msgid "Added certificates to service principal \"%(value)s\"" msgstr "已添加证书到服务主体\"%(value)s\"" #, python-format msgid "Removed certificates from service principal \"%(value)s\"" msgstr "已从服务主体\"%(value)s\"中删除证书" msgid "Add new principal alias to a service" msgstr "向一个服务添加新的主体别名" #, python-format msgid "Added new aliases to the service principal \"%(value)s\"" msgstr "已添加新的别名到服务主体\"%(value)s\"" msgid "Remove principal alias from a service" msgstr "从一个服务中删除主体别名" #, python-format msgid "Removed aliases to the service principal \"%(value)s\"" msgstr "已从服务主体\"%(value)s\"中删除别名" msgid "" "=======\n" "WARNING:\n" "\n" "DNA plugin in 389-ds will allocate IDs based on the ranges configured for " "the\n" "local domain. Currently the DNA plugin *cannot* be reconfigured itself " "based\n" "on the local ranges set via this family of commands.\n" "\n" "Manual configuration change has to be done in the DNA plugin configuration " "for\n" "the new local range. Specifically, The dnaNextRange attribute of 'cn=Posix\n" "IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has to " "be\n" "modified to match the new range.\n" "=======\n" msgstr "" msgid "" "\n" "ID ranges\n" "\n" "Manage ID ranges used to map Posix IDs to SIDs and back.\n" "\n" "There are two type of ID ranges which are both handled by this utility:\n" "\n" " - the ID ranges of the local domain\n" " - the ID ranges of trusted remote domains\n" "\n" "Both types have the following attributes in common:\n" "\n" " - base-id: the first ID of the Posix ID range\n" " - range-size: the size of the range\n" "\n" "With those two attributes a range object can reserve the Posix IDs starting\n" "with base-id up to but not including base-id+range-size exclusively.\n" "\n" "Additionally an ID range of the local domain may set\n" " - rid-base: the first RID(*) of the corresponding RID range\n" " - secondary-rid-base: first RID of the secondary RID range\n" "\n" "and an ID range of a trusted domain must set\n" " - rid-base: the first RID of the corresponding RID range\n" " - sid: domain SID of the trusted domain\n" "\n" "\n" "\n" "EXAMPLE: Add a new ID range for a trusted domain\n" "\n" "Since there might be more than one trusted domain the domain SID must be " "given\n" "while creating the ID range.\n" "\n" " ipa idrange-add --base-id=1200000 --range-size=200000 --rid-base=0 \\\n" " --dom-sid=S-1-5-21-123-456-789 trusted_dom_range\n" "\n" "This ID range is then used by the IPA server and the SSSD IPA provider to\n" "assign Posix UIDs to users from the trusted domain.\n" "\n" "If e.g. a range for a trusted domain is configured with the following " "values:\n" " base-id = 1200000\n" " range-size = 200000\n" " rid-base = 0\n" "the RIDs 0 to 199999 are mapped to the Posix ID from 1200000 to 13999999. " "So\n" "RID 1000 <-> Posix ID 1201000\n" "\n" "\n" "\n" "EXAMPLE: Add a new ID range for the local domain\n" "\n" "To create an ID range for the local domain it is not necessary to specify a\n" "domain SID. But since it is possible that a user and a group can have the " "same\n" "value as Posix ID a second RID interval is needed to handle conflicts.\n" "\n" " ipa idrange-add --base-id=1200000 --range-size=200000 --rid-base=1000 \\\n" " --secondary-rid-base=1000000 local_range\n" "\n" "The data from the ID ranges of the local domain are used by the IPA server\n" "internally to assign SIDs to IPA users and groups. The SID will then be " "stored\n" "in the user or group objects.\n" "\n" "If e.g. the ID range for the local domain is configured with the values " "from\n" "the example above then a new user with the UID 1200007 will get the RID " "1007.\n" "If this RID is already used by a group the RID will be 1000007. This can " "only\n" "happen if a user or a group object was created with a fixed ID because the\n" "automatic assignment will not assign the same ID twice. Since there are " "only\n" "users and groups sharing the same ID namespace it is sufficient to have " "only\n" "one fallback range to handle conflicts.\n" "\n" "To find the Posix ID for a given RID from the local domain it has to be\n" "checked first if the RID falls in the primary or secondary RID range and\n" "the rid-base or the secondary-rid-base has to be subtracted, respectively,\n" "and the base-id has to be added to get the Posix ID.\n" "\n" "Typically the creation of ID ranges happens behind the scenes and this CLI\n" "must not be used at all. The ID range for the local domain will be created\n" "during installation or upgrade from an older version. The ID range for a\n" "trusted domain will be created together with the trust by 'ipa trust-" "add ...'.\n" "\n" "USE CASES:\n" "\n" " Add an ID range from a transitively trusted domain\n" "\n" " If the trusted domain (A) trusts another domain (B) as well and this " "trust\n" " is transitive 'ipa trust-add domain-A' will only create a range for\n" " domain A. The ID range for domain B must be added manually.\n" "\n" " Add an additional ID range for the local domain\n" "\n" " If the ID range of the local domain is exhausted, i.e. no new IDs can " "be\n" " assigned to Posix users or groups by the DNA plugin, a new range has to " "be\n" " created to allow new users and groups to be added. (Currently there is " "no\n" " connection between this range CLI and the DNA plugin, but a future " "version\n" " might be able to modify the configuration of the DNS plugin as well)\n" "\n" "In general it is not necessary to modify or delete ID ranges. If there is " "no\n" "other way to achieve a certain configuration than to modify or delete an ID\n" "range it should be done with great care. Because UIDs are stored in the " "file\n" "system and are used for access control it might be possible that users are\n" "allowed to access files of other users if an ID range got deleted and " "reused\n" "for a different domain.\n" "\n" "(*) The RID is typically the last integer of a user or group SID which " "follows\n" "the domain SID. E.g. if the domain SID is S-1-5-21-123-456-789 and a user " "from\n" "this domain has the SID S-1-5-21-123-456-789-1010 then 1010 is the RID of " "the\n" "user. RIDs are unique in a domain, 32bit values and are used for users and\n" "groups.\n" "\n" msgstr "" msgid "ID Ranges" msgstr "ID范围" msgid "ID Range" msgstr "ID范围" msgid "local domain range" msgstr "本地域范围" msgid "Active Directory domain range" msgstr "活动目录域范围" msgid "Active Directory trust range with POSIX attributes" msgstr "有POSIX属性的活动目录信任范围" msgid "ID range type, one of allowed values" msgstr "" msgid "" "range modification leaving objects with ID out of the defined range is not " "allowed" msgstr "对象ID范围修改超出定义范围是不允许的" msgid "" "Cannot perform SID validation without Samba 4 support installed. Make sure " "you have installed server-trust-ad sub-package of IPA on the server" msgstr "" "没有安装Samba 4不能执行SID验证。确认你已经在IPA服务器上安装了server-trust-ad" "子包" msgid "" "Cross-realm trusts are not configured. Make sure you have run ipa-adtrust-" "install on the IPA server first" msgstr "" "跨域信任没有配置。首先确认你已经在IPA服务器上运行了ipa-adtrust-install命令" msgid "SID is not recognized as a valid SID for a trusted domain" msgstr "对于一个信任域来说,SID不被认为是一个有效的SID" msgid "" "\n" " Add new ID range.\n" "\n" " To add a new ID range you always have to specify\n" "\n" " --base-id\n" " --range-size\n" "\n" " Additionally\n" "\n" " --rid-base\n" " --secondary-rid-base\n" "\n" " may be given for a new ID range for the local domain while\n" "\n" " --rid-base\n" " --dom-sid\n" "\n" " must be given to add a new range for a trusted AD domain.\n" "\n" msgstr "" #, python-format msgid "Added ID range \"%(value)s\"" msgstr "已添加ID范围\"%(value)s\"" msgid "Options dom-sid and dom-name cannot be used together" msgstr "选项dom-sid和dom-name不能被同时使用" #, fuzzy #| msgid "trusted domain object not found" msgid "Specified trusted domain name could not be found." msgstr "信任域对象没有找到" msgid "Options dom-sid/dom-name and rid-base must be used together" msgstr "选项dom-sid/dom-name和rid-base必须同时使用" msgid "" "Option rid-base must not be used when IPA range type is ipa-ad-trust-posix" msgstr "当IPA范围类型是ipa-ad-trust-posix时,选项rid-base不能使用" msgid "" "IPA Range type must be one of ipa-ad-trust or ipa-ad-trust-posix when SID of " "the trusted domain is specified" msgstr "" "当信任域的SID被指定时,IPA范围类型必须是ipa-ad-trust或ipa-ad-trust-posix中的" "一个" msgid "Options dom-sid/dom-name and secondary-rid-base cannot be used together" msgstr "选项dom-sid/dom-name和secondary-rid-base不能同时使用" msgid "" "IPA Range type must not be one of ipa-ad-trust or ipa-ad-trust-posix when " "SID of the trusted domain is not specified." msgstr "" "当信任域的SID没有被指定时,IPA范围类型必不能是ipa-ad-trust或ipa-ad-trust-" "posix。" msgid "Options secondary-rid-base and rid-base must be used together" msgstr "选项secondary-rid-base和rid-base必须同时使用" msgid "Primary RID range and secondary RID range cannot overlap" msgstr "主要RID范围和次要RID范围不能覆盖" msgid "" "You must specify both rid-base and secondary-rid-base options, because ipa-" "adtrust-install has already been run." msgstr "" "你必须同时指定 rid-base和secondary-rid-base选项,因为ipa-adtrust-install已经" "运行了。" #, python-format msgid "Deleted ID range \"%(value)s\"" msgstr "已删除ID范围\"%(value)s\"" #, python-format msgid "%(count)d range matched" msgid_plural "%(count)d ranges matched" msgstr[0] "已匹配%(count)d个范围" #, fuzzy #| msgid "Modify ID range." msgid "" "Modify ID range.\n" "\n" msgstr "修改ID范围。" #, python-format msgid "Modified ID range \"%(value)s\"" msgstr "已修改ID范围\"%(value)s\"" msgid "" "This command can not be used to change ID allocation for local IPA domain. " "Run `ipa help idrange` for more information" msgstr "" "这个命令在本地IPA域中不能用来改变ID分配。运行`ipa help idrange`查看更多信息" msgid "" "SID for the specified trusted domain name could not be found. Please specify " "the SID directly using dom-sid option." msgstr "指定信任域名的SID没有找到。请使用dom-sid选项直接指定SID。" msgid "Options dom-sid and secondary-rid-base cannot be used together" msgstr "选项dom-sid和secondary-rid-base不能同时使用" msgid "Options dom-sid and rid-base must be used together" msgstr "选项dom-sid和rid-base必须同时使用" msgid "netgroups" msgstr "网络组" msgid "Netgroups" msgstr "网络组" msgid "Netgroup" msgstr "网络组" #, python-format msgid "Added netgroup \"%(value)s\"" msgstr "已添加网络组\"%(value)s\"" #, python-format msgid "" "hostgroup with name \"%s\" already exists. Hostgroups and netgroups share a " "common namespace" msgstr "主机组名\"%s\"已存在。主机组和网络组共享一个共同的名字空间" #, python-format msgid "Deleted netgroup \"%(value)s\"" msgstr "已删除网络组\"%(value)s\"" #, python-format msgid "Modified netgroup \"%(value)s\"" msgstr "已修改网络组\"%(value)s\"" #, python-format msgid "%(count)d netgroup matched" msgid_plural "%(count)d netgroups matched" msgstr[0] "已匹配%(count)d个网络组" msgid "One time password commands" msgstr "一次性密码命令" msgid "OTP configuration options" msgstr "OTP配置选项" msgid "OTP Configuration" msgstr "OTP配置" #, python-format msgid "Changed password for \"%(value)s\"" msgstr "已改变\"%(value)s\"的密码" msgid "" "\n" "Kerberos PKINIT feature status reporting tools.\n" "\n" "Report IPA masters on which Kerberos PKINIT is enabled or disabled\n" "\n" "EXAMPLES:\n" " List PKINIT status on all masters:\n" " ipa pkinit-status\n" "\n" " Check PKINIT status on `ipa.example.com`:\n" " ipa pkinit-status --server ipa.example.com\n" "\n" " List all IPA masters with disabled PKINIT:\n" " ipa pkinit-status --status='disabled'\n" "\n" "For more info about PKINIT support see:\n" "\n" "https://www.freeipa.org/page/V4/Kerberos_PKINIT\n" msgstr "" msgid "pkinit" msgstr "" msgid "PKINIT" msgstr "" #, fuzzy #| msgid "Trust status" msgid "PKINIT status" msgstr "信任状态" #, fuzzy #| msgid "This entry cannot be enabled or disabled" msgid "Whether PKINIT is enabled or disabled" msgstr "条目不能被启用或禁用" msgid "Report PKINIT status on the IPA masters" msgstr "" #, fuzzy, python-format #| msgid "%(count)s server role matched" #| msgid_plural "%(count)s server roles matched" msgid "%(count)s server matched" msgid_plural "%(count)s servers matched" msgstr[0] "已匹配%(count)s个服务器角色" msgid "" "\n" "RADIUS Proxy Servers\n" msgstr "" "\n" "RADIUS代理服务器\n" msgid "" "\n" "Manage RADIUS Proxy Servers.\n" msgstr "" "\n" "管理RADIUS代理服务器。\n" msgid "" "\n" "IPA supports the use of an external RADIUS proxy server for krb5 OTP\n" "authentications. This permits a great deal of flexibility when\n" "integrating with third-party authentication services.\n" msgstr "" "\n" "IPA对于krb5 OTP认证支持使用额外的RADIUS代理服务器。这在集成第三方认证服务时提" "供了很多方便。\n" msgid "" "\n" " Add a new server:\n" " ipa radiusproxy-add MyRADIUS --server=radius.example.com:1812\n" msgstr "" msgid "" "\n" " Find all servers whose entries include the string \"example.com\":\n" " ipa radiusproxy-find example.com\n" msgstr "" msgid "" "\n" " Examine the configuration:\n" " ipa radiusproxy-show MyRADIUS\n" msgstr "" msgid "" "\n" " Change the secret:\n" " ipa radiusproxy-mod MyRADIUS --secret\n" msgstr "" msgid "" "\n" " Delete a configuration:\n" " ipa radiusproxy-del MyRADIUS\n" msgstr "" msgid "invalid attribute name" msgstr "无效的属性名" msgid "invalid port number" msgstr "无效的端口号" msgid "RADIUS proxy server" msgstr "RADIUS代理服务器" msgid "RADIUS proxy servers" msgstr "RADIUS代理服务器" msgid "RADIUS Servers" msgstr "RADIUS代理服务器" msgid "RADIUS Server" msgstr "RADIUS代理服务器" #, python-format msgid "Added RADIUS proxy server \"%(value)s\"" msgstr "已添加RADIUS代理服务器\"%(value)s\"" #, python-format msgid "Deleted RADIUS proxy server \"%(value)s\"" msgstr "已删除RADIUS代理服务器\"%(value)s\"" #, python-format msgid "Modified RADIUS proxy server \"%(value)s\"" msgstr "已修改RADIUS代理服务器\"%(value)s\"" #, python-format msgid "%(count)d RADIUS proxy server matched" msgid_plural "%(count)d RADIUS proxy servers matched" msgstr[0] "已匹配%(count)d个RADIUS代理服务器" msgid "ID View" msgstr "ID视图" msgid "system ID View" msgstr "系统ID视图" msgid "ID Views" msgstr "ID视图" msgid "User object overrides" msgstr "用户对象覆盖" msgid "Group object overrides" msgstr "组对象覆盖" msgid "Hosts the view applies to" msgstr "适用于主机的视图" msgid "Domain resolution order" msgstr "" #, fuzzy #| msgid "comma-separated list of groups to exclude from migration" msgid "colon-separated list of domains used for short name qualification" msgstr "允许迁移的以逗号分隔的用户组列表" #, python-format msgid "Added ID View \"%(value)s\"" msgstr "已添加ID视图\"%(value)s\"" #, python-format msgid "Deleted ID View \"%(value)s\"" msgstr "已删除ID视图\"%(value)s\"" #, python-format msgid "Modified an ID View \"%(value)s\"" msgstr "已修改一个ID视图\"%(value)s\"" #, python-format msgid "%(count)d ID View matched" msgid_plural "%(count)d ID Views matched" msgstr[0] "已匹配%(count)d个ID视图" msgid "Default Trust View cannot be applied on hosts" msgstr "默认信任视图不能应用于主机上" msgid "not found" msgstr "没有找到" #, fuzzy #| msgid "Default Trust View cannot be applied on hosts" msgid "ID View cannot be applied to IPA master" msgstr "默认信任视图不能应用于主机上" msgid "ID View already applied" msgstr "ID视图已应用" msgid "value" msgstr "值" #, python-format msgid "ID View applied to %i host." msgstr "ID视图应用于%i主机。" #, python-format msgid "ID View applied to %i hosts." msgstr "ID视图应用于%i主机。" #, python-format msgid "ID View cleared from %i host." msgstr "从%i主机中清除ID视图。" #, python-format msgid "ID View cleared from %i hosts." msgstr "从%i主机中清除ID视图。" msgid "" "You are trying to reference a magic private group which is not allowed to be " "overridden. Try overriding the GID attribute of the corresponding user " "instead." msgstr "" "你正尝试引用一个不允许覆盖的神奇私有组。而不是尝试覆盖对应用户的GID属性。" msgid "IPA object" msgstr "IPA对象" msgid "" "system IPA objects (e.g. system groups, user private groups) cannot be " "overridden" msgstr "" #, python-format msgid "Anchor '%(anchor)s' could not be resolved." msgstr "锚'%(anchor)s'不能被解析。" msgid "Default Trust View cannot contain IPA users" msgstr "默认信任视图不能包含IPA用户" msgid "Add a new ID override." msgstr "添加一个新的ID覆盖。" #, python-format msgid "Added ID override \"%(value)s\"" msgstr "已添加ID覆盖\"%(value)s\"" msgid "Delete an ID override." msgstr "删除一个ID覆盖。" #, python-format msgid "Deleted ID override \"%(value)s\"" msgstr "已删除ID覆盖\"%(value)s\"" msgid "Modify an ID override." msgstr "修改一个ID覆盖。" #, python-format msgid "Modified an ID override \"%(value)s\"" msgstr "已修改一个ID覆盖\"%(value)s\"" msgid "ID override" msgstr "ID覆盖" msgid "ID overrides cannot be renamed" msgstr "ID覆盖不能被重命名" msgid "Search for an ID override." msgstr "查找一个ID覆盖。" #, python-format msgid "%(count)d ID override matched" msgid_plural "%(count)d ID overrides matched" msgstr[0] "已匹配%(count)d个ID覆盖" msgid "Display information about an ID override." msgstr "显示一个ID覆盖信息。" msgid "User ID override" msgstr "用户ID覆盖" msgid "User ID overrides" msgstr "用户ID覆盖" msgid "Base-64 encoded user certificate" msgstr "Base-64编码的用户证书" msgid "Group ID override" msgstr "组ID覆盖" msgid "Group ID overrides" msgstr "组ID覆盖" msgid "Add one or more certificates to the idoverrideuser entry" msgstr "向id覆盖用户条目中添加一个或多个证书" #, python-format msgid "Added certificates to idoverrideuser \"%(value)s\"" msgstr "已添加证书到id覆盖用户\"%(value)s\"" msgid "Remove one or more certificates to the idoverrideuser entry" msgstr "从id覆盖用户条目中移除一个或多个证书" #, python-format msgid "Removed certificates from idoverrideuser \"%(value)s\"" msgstr "已从id覆盖用户\"%(value)s\"中移除证书" #, python-format msgid "Added User ID override \"%(value)s\"" msgstr "已添加用户ID覆盖\"%(value)s\"" #, python-format msgid "Deleted User ID override \"%(value)s\"" msgstr "已删除用户ID覆盖\"%(value)s\"" #, python-format msgid "Modified an User ID override \"%(value)s\"" msgstr "已修改一个用户ID覆盖\"%(value)s\"" #, python-format msgid "%(count)d User ID override matched" msgid_plural "%(count)d User ID overrides matched" msgstr[0] "已匹配%(count)d个用户ID覆盖" #, python-format msgid "Added Group ID override \"%(value)s\"" msgstr "已添加组ID覆盖\"%(value)s\"" #, python-format msgid "Deleted Group ID override \"%(value)s\"" msgstr "已删除组ID覆盖\"%(value)s\"" #, python-format msgid "Modified an Group ID override \"%(value)s\"" msgstr "已修改一个组ID覆盖\"%(value)s\"" #, python-format msgid "%(count)d Group ID override matched" msgid_plural "%(count)d Group ID overrides matched" msgstr[0] "已匹配%(count)d个组ID覆盖" msgid "" "\n" "IPA locations\n" msgstr "" "\n" "IPA位置\n" msgid "" "\n" "Manipulate DNS locations\n" msgstr "" "\n" "设置DNS位置\n" msgid "" "\n" " Find all locations:\n" " ipa location-find\n" msgstr "" msgid "" "\n" " Show specific location:\n" " ipa location-show location\n" msgstr "" msgid "" "\n" " Add location:\n" " ipa location-add location --description 'My location'\n" msgstr "" msgid "" "\n" " Delete location:\n" " ipa location-del location\n" msgstr "" msgid "location" msgstr "位置" msgid "locations" msgstr "位置" msgid "IPA Locations" msgstr "IPA位置" msgid "IPA Location" msgstr "IPA位置" msgid "Location name" msgstr "位置名" msgid "IPA location name" msgstr "IPA位置名" msgid "IPA Location description" msgstr "IPA本地描述" msgid "Servers" msgstr "服务器" msgid "Servers that belongs to the IPA location" msgstr "属于IPA位置的服务器" msgid "Advertised by servers" msgstr "由服务器公布" msgid "List of servers which advertise the given location" msgstr "公布给出位置的服务器列表" msgid "Add a new IPA location." msgstr "添加一个新的IPA位置。" #, python-format msgid "Added IPA location \"%(value)s\"" msgstr "已添加IPA位置\"%(value)s\"" msgid "Delete an IPA location." msgstr "删除一个IPA位置。" #, python-format msgid "Deleted IPA location \"%(value)s\"" msgstr "已删除IPA位置\"%(value)s\"" msgid "IPA Server" msgstr "IPA服务器" msgid "Modify information about an IPA location." msgstr "修改一个IPA位置信息。" #, python-format msgid "Modified IPA location \"%(value)s\"" msgstr "已修改IPA位置\"%(value)s\"" msgid "Search for IPA locations." msgstr "查找IPA位置。" #, python-format msgid "%(count)d IPA location matched" msgid_plural "%(count)d IPA locations matched" msgstr[0] "已匹配%(count)d个IPA位置" msgid "Display information about an IPA location." msgstr "显示一个IPA位置信息。" msgid "Servers in location" msgstr "本地服务器" msgid "roles" msgstr "角色" msgid "Role" msgstr "角色" #, python-format msgid "Added role \"%(value)s\"" msgstr "已添加角色\"%(value)s\"" #, python-format msgid "Deleted role \"%(value)s\"" msgstr "已删除角色\"%(value)s\"" #, python-format msgid "Modified role \"%(value)s\"" msgstr "已修改角色\"%(value)s\"" #, python-format msgid "%(count)d role matched" msgid_plural "%(count)d roles matched" msgstr[0] "已匹配%(count)d个角色" msgid "" "\n" "API Schema\n" msgstr "" "\n" "API 模式\n" msgid "" "\n" "Provides API introspection capabilities.\n" msgstr "" "\n" "提供API自省能力。\n" msgid "" "\n" " Show user-find details:\n" " ipa command-show user-find\n" msgstr "" msgid "" "\n" " Find user-find parameters:\n" " ipa param-find user-find\n" msgstr "" msgid "Name" msgstr "名称" msgid "Documentation" msgstr "文档" msgid "Exclude from" msgstr "排斥" msgid "Include in" msgstr "包含" #, python-format msgid "Results should contain primary key attribute only (\"%s\")" msgstr "结果应该只包括主键属性(\"%s\")" msgid "Help topic" msgstr "帮助主题" msgid "Version" msgstr "版本" msgid "Parameters" msgstr "参数" msgid "Method of" msgstr "方法" msgid "Method name" msgstr "方法名" #, python-format msgid "%(pkey)s: %(oname)s not found" msgstr "%(pkey)s:%(oname)s没有找到" msgid "Display information about a command." msgstr "显示一个命令信息。" msgid "Search for commands." msgstr "查找命令。" #, fuzzy #| msgid "Run Commands" msgid "Return command defaults" msgstr "允许命令" msgid "Display information about a class." msgstr "显示一个类信息。" msgid "Search for classes." msgstr "查找类。" msgid "Display information about a help topic." msgstr "显示一个帮助主题信息。" msgid "Search for help topics." msgstr "查找帮助主题。" msgid "Required" msgstr "必需的" msgid "Multi-value" msgstr "多值" msgid "Always ask" msgstr "总是询问" #, fuzzy #| msgid "CLI name" msgid "CLI metavar" msgstr "CLI名称" msgid "CLI name" msgstr "CLI名称" msgid "Confirm (password)" msgstr "确认(密码)" msgid "Default" msgstr "默认" msgid "Default from" msgstr "默认的" msgid "Label" msgstr "级别" msgid "Convert on server" msgstr "在服务器上转换" msgid "Option group" msgstr "选项组" msgid "Sensitive" msgstr "敏感的" msgid "Positional argument" msgstr "位置参数" #, fuzzy, python-format #| msgid "%(parent)s: %(oname)s not found" msgid "%(metaobject)s: %(oname)s not found" msgstr "%(parent)s:%(oname)s没有找到" msgid "Display information about a command parameter." msgstr "显示一个命令参数信息。" msgid "Search command parameters." msgstr "查找命令参数。" #, fuzzy, python-format #| msgid "%(parent)s: %(oname)s not found" msgid "%(command_name)s: %(oname)s not found" msgstr "%(parent)s:%(oname)s没有找到" msgid "Display information about a command output." msgstr "显示一个命令输出信息。" msgid "Search for command outputs." msgstr "查找命令输出。" msgid "Store and provide schema for commands and topics" msgstr "" msgid "Fingerprint of schema cached by client" msgstr "客户端缓存的模式指纹" msgid "HBAC rule and local members cannot both be set" msgstr "HBAC规则和本地成员不能被同时设置" msgid "Invalid SELinux user name, must match {}" msgstr "" #, python-brace-format msgid "Invalid MLS value, must match {mls}, where max level {mls_max}" msgstr "" #, python-brace-format msgid "Invalid MCS value, must match {mcs}, where max category {mcs_max}" msgstr "" msgid "SELinux user map list not found in configuration" msgstr "SELinux用户映射列表在配置中没有找到" #, python-format msgid "SELinux user %(user)s not found in ordering list (in config)" msgstr "SELinux用户%(user)s在顺序列表中(配置)没有找到" msgid "SELinux User Map rule" msgstr "SELinux用户映射规则" msgid "SELinux User Map rules" msgstr "SELinux用户映射规则" msgid "SELinux User Maps" msgstr "SELinux用户映射规则" msgid "SELinux User Map" msgstr "SELinux用户映射规则" #, python-format msgid "HBAC rule %(rule)s not found" msgstr "HBAC规则%(rule)s没有找到" #, python-format msgid "Added SELinux User Map \"%(value)s\"" msgstr "已添加SELinux用户映射\"%(value)s\"" #, python-format msgid "Deleted SELinux User Map \"%(value)s\"" msgstr "已删除SELinux用户映射\"%(value)s\"" #, python-format msgid "Modified SELinux User Map \"%(value)s\"" msgstr "已修改SELinux用户映射\"%(value)s\"" #, python-format msgid "%(count)d SELinux User Map matched" msgid_plural "%(count)d SELinux User Maps matched" msgstr[0] "已匹配%(count)d个SELinux用户映射" #, python-format msgid "Enabled SELinux User Map \"%(value)s\"" msgstr "已启用SELinux用户映射\"%(value)s\"" #, python-format msgid "Disabled SELinux User Map \"%(value)s\"" msgstr "已禁用SELinux用户映射\"%(value)s\"" msgid "" "\n" "Service Constrained Delegation\n" "\n" "Manage rules to allow constrained delegation of credentials so\n" "that a service can impersonate a user when communicating with another\n" "service without requiring the user to actually forward their TGT.\n" "This makes for a much better method of delegating credentials as it\n" "prevents exposure of the short term secret of the user.\n" "\n" "The naming convention is to append the word \"target\" or \"targets\" to\n" "a matching rule name. This is not mandatory but helps conceptually\n" "to associate rules and targets.\n" "\n" "A rule consists of two things:\n" " - A list of targets the rule applies to\n" " - A list of memberPrincipals that are allowed to delegate for\n" " those targets\n" "\n" "A target consists of a list of principals that can be delegated.\n" "\n" "In English, a rule says that this principal can delegate as this\n" "list of principals, as defined by these targets.\n" "\n" "In both a rule and a target Kerberos principals may be specified\n" "by their name or an alias and the realm can be omitted. Additionally,\n" "hosts can be specified by their names. If Kerberos principal specified\n" "has a single component and does not end with '$' sign, it will be treated\n" "as a host name. Kerberos principal names ending with '$' are typically\n" "used as aliases for Active Directory-related services.\n" "\n" "EXAMPLES:\n" "\n" " Add a new constrained delegation rule:\n" " ipa servicedelegationrule-add ftp-delegation\n" "\n" " Add a new constrained delegation target:\n" " ipa servicedelegationtarget-add ftp-delegation-target\n" "\n" " Add a principal to the rule:\n" " ipa servicedelegationrule-add-member --principals=ftp/ipa.example." "com ftp-delegation\n" "\n" " Add a host principal of the host 'ipa.example.com' to the rule:\n" " ipa servicedelegationrule-add-member --principals=ipa.example.com " "ftp-delegation\n" "\n" " Add our target to the rule:\n" " ipa servicedelegationrule-add-target --servicedelegationtargets=ftp-" "delegation-target ftp-delegation\n" "\n" " Add a principal to the target:\n" " ipa servicedelegationtarget-add-member --principals=ldap/ipa.example." "com ftp-delegation-target\n" "\n" " Display information about a named delegation rule and target:\n" " ipa servicedelegationrule_show ftp-delegation\n" " ipa servicedelegationtarget_show ftp-delegation-target\n" "\n" " Remove a constrained delegation:\n" " ipa servicedelegationrule-del ftp-delegation-target\n" " ipa servicedelegationtarget-del ftp-delegation\n" "\n" "In this example the ftp service can get a TGT for the ldap service on\n" "the bound user's behalf.\n" "\n" "It is strongly discouraged to modify the delegations that ship with\n" "IPA, ipa-http-delegation and its targets ipa-cifs-delegation-targets and\n" "ipa-ldap-delegation-targets. Incorrect changes can remove the ability\n" "to delegate, causing the framework to stop functioning.\n" msgstr "" msgid "Allowed to Impersonate" msgstr "允许模仿" msgid "Member principals" msgstr "成员主体" #, fuzzy, python-format #| msgid "Malformed principal: '%(value)s'" msgid "Malformed principal: %(error)s" msgstr "有缺陷的主体:'%(value)s'" msgid "Add target to a named service delegation." msgstr "添加目标到一个命名服务授权。" #, python-format msgid "member %s" msgstr "成员%s" msgid "Remove member from a named service delegation." msgstr "从一个命名服务授权中删除成员。" msgid "service delegation rule" msgstr "服务授权规则" msgid "service delegation rules" msgstr "服务授权规则" msgid "Service delegation rules" msgstr "服务授权规则" msgid "Service delegation rule" msgstr "服务授权规则" #, python-format msgid "Added service delegation rule \"%(value)s\"" msgstr "已添加服务授权规则\"%(value)s\"" #, python-format msgid "Deleted service delegation \"%(value)s\"" msgstr "已删除服务授权规则\"%(value)s\"" msgid "privileged service delegation rule" msgstr "特权服务授权规则" #, python-format msgid "%(count)d service delegation rule matched" msgid_plural "%(count)d service delegation rules matched" msgstr[0] "已匹配%(count)d个服务授权规则" msgid "service delegation target" msgstr "服务授权目标" msgid "service delegation targets" msgstr "服务授权目标" msgid "Service delegation targets" msgstr "服务授权目标" msgid "Service delegation target" msgstr "服务授权目标" #, python-format msgid "Added service delegation target \"%(value)s\"" msgstr "已添加服务授权目标\"%(value)s\"" #, python-format msgid "Deleted service delegation target \"%(value)s\"" msgstr "已删除服务授权目标\"%(value)s\"" msgid "privileged service delegation target" msgstr "特权服务授权目标" #, python-format msgid "%(count)d service delegation target matched" msgid_plural "%(count)d service delegation targets matched" msgstr[0] "已匹配%(count)d个服务授权目标" msgid "" "\n" "Session Support for IPA\n" msgstr "" msgid "" "\n" "Stageusers\n" "\n" "Manage stage user entries.\n" "\n" "Stage user entries are directly under the container: \"cn=stage users,\n" "cn=accounts, cn=provisioning, SUFFIX\".\n" "Users can not authenticate with those entries (even if the entries\n" "contain credentials). Those entries are only candidate to become Active " "entries.\n" "\n" "Active user entries are Posix users directly under the container: " "\"cn=accounts, SUFFIX\".\n" "Users can authenticate with Active entries, at the condition they have\n" "credentials.\n" "\n" "Deleted user entries are Posix users directly under the container: " "\"cn=deleted users,\n" "cn=accounts, cn=provisioning, SUFFIX\".\n" "Users can not authenticate with those entries, even if the entries contain " "credentials.\n" "\n" "The stage user container contains entries:\n" " - created by 'stageuser-add' commands that are Posix users,\n" " - created by external provisioning system.\n" "\n" "A valid stage user entry MUST have:\n" " - entry RDN is 'uid',\n" " - ipaUniqueID is 'autogenerate'.\n" "\n" "IPA supports a wide range of username formats, but you need to be aware of " "any\n" "restrictions that may apply to your particular environment. For example,\n" "usernames that start with a digit or usernames that exceed a certain length\n" "may cause problems for some UNIX systems.\n" "Use 'ipa config-mod' to change the username format allowed by IPA tools.\n" "\n" "\n" "EXAMPLES:\n" "\n" " Add a new stageuser:\n" " ipa stageuser-add --first=Tim --last=User --password tuser1\n" "\n" " Add a stageuser from the deleted users container:\n" " ipa stageuser-add --first=Tim --last=User --from-delete tuser1\n" "\n" msgstr "" msgid "Stage Users" msgstr "计划用户" msgid "Stage User" msgstr "计划用户" msgid "stage user" msgstr "计划用户" msgid "stage users" msgstr "计划用户" #, python-format msgid "Added stage user \"%(value)s\"" msgstr "已添加计划用户\"%(value)s\"" msgid "givenname is required" msgstr "需要名字" msgid "sn is required" msgstr "需要sn" #, python-format msgid "Deleted stage user \"%(value)s\"" msgstr "已删除计划用户\"%(value)s\"" #, python-format msgid "Modified stage user \"%(value)s\"" msgstr "已修改计划用户\"%(value)s\"" #, python-format msgid "%(count)d user matched" msgid_plural "%(count)d users matched" msgstr[0] "已匹配%(count)d个用户" #, python-format msgid "Activate a stage user \"%(value)s\"" msgstr "激活一个计划用户\"%(value)s\"" msgid "Entry RDN is not 'uid'" msgstr "条目RDN不是'uid'" #, python-format msgid "Entry has no '%(attribute)s'" msgstr "条目没有'%(attribute)s'" #, python-format msgid "active user with name \"%(user)s\" already exists" msgstr "活跃用户名\"%(user)s\"已存在" #, python-format msgid "Stage user %s activated" msgstr "计划用户%s已激活" #, fuzzy #| msgid "Add one or more certificates to the user entry" msgid "Add one or more certificates to the stageuser entry" msgstr "向用户条目中添加一个或多个证书" #, fuzzy, python-format #| msgid "Added certificates to user \"%(value)s\"" msgid "Added certificates to stageuser \"%(value)s\"" msgstr "已为用户\"%(value)s\"添加证书" #, fuzzy #| msgid "Remove one or more certificates to the user entry" msgid "Remove one or more certificates to the stageuser entry" msgstr "向用户条目中移除一个或多个证书" #, fuzzy, python-format #| msgid "Removed certificates from user \"%(value)s\"" msgid "Removed certificates from stageuser \"%(value)s\"" msgstr "已为用户\"%(value)s\"删除证书" #, fuzzy #| msgid "Add new principal alias to the user entry" msgid "Add new principal alias to the stageuser entry" msgstr "为用户条目添加新的主体别名" #, fuzzy, python-format #| msgid "Added new aliases to user \"%(value)s\"" msgid "Added new aliases to stageuser \"%(value)s\"" msgstr "已为用户\"%(value)s\"添加新别名" #, fuzzy #| msgid "Remove principal alias from the user entry" msgid "Remove principal alias from the stageuser entry" msgstr "从用户条目中删除主体别名" #, fuzzy, python-format #| msgid "Removed aliases from user \"%(value)s\"" msgid "Removed aliases from stageuser \"%(value)s\"" msgstr "已从用户\"%(value)s\"中删除别名" #, fuzzy #| msgid "Add one or more certificates to the user entry" msgid "Add one or more certificate mappings to the stage user entry." msgstr "向用户条目中添加一个或多个证书" #, fuzzy #| msgid "Remove one or more certificates to the user entry" msgid "Remove one or more certificate mappings from the stage user entry." msgstr "向用户条目中移除一个或多个证书" msgid "commands for controlling sudo configuration" msgstr "控制sudo配置的命令" msgid "" "\n" "Sudo Commands\n" "\n" "Commands used as building blocks for sudo\n" "\n" "EXAMPLES:\n" "\n" " Create a new command\n" " ipa sudocmd-add --desc='For reading log files' /usr/bin/less\n" "\n" " Remove a command\n" " ipa sudocmd-del /usr/bin/less\n" "\n" msgstr "" msgid "sudo command" msgstr "sudo命令" msgid "sudo commands" msgstr "sudo命令" msgid "Sudo Commands" msgstr "Sudo命令" #, python-format msgid "Added Sudo Command \"%(value)s\"" msgstr "已添加Sudo命令\"%(value)s\"" #, python-format msgid "Deleted Sudo Command \"%(value)s\"" msgstr "已删除Sudo命令\"%(value)s\"" #, python-format msgid "Modified Sudo Command \"%(value)s\"" msgstr "已修改Sudo命令\"%(value)s\"" #, python-format msgid "%(count)d Sudo Command matched" msgid_plural "%(count)d Sudo Commands matched" msgstr[0] "已匹配%(count)d个Sudo命令" msgid "" "\n" "Groups of Sudo Commands\n" "\n" "Manage groups of Sudo Commands.\n" "\n" "EXAMPLES:\n" "\n" " Add a new Sudo Command Group:\n" " ipa sudocmdgroup-add --desc='administrators commands' admincmds\n" "\n" " Remove a Sudo Command Group:\n" " ipa sudocmdgroup-del admincmds\n" "\n" " Manage Sudo Command Group membership, commands:\n" " ipa sudocmdgroup-add-member --sudocmds=/usr/bin/less --sudocmds=/usr/bin/" "vim admincmds\n" "\n" " Manage Sudo Command Group membership, commands:\n" " ipa sudocmdgroup-remove-member --sudocmds=/usr/bin/less admincmds\n" "\n" " Show a Sudo Command Group:\n" " ipa sudocmdgroup-show admincmds\n" msgstr "" msgid "sudo command group" msgstr "sudo命令组" msgid "sudo command groups" msgstr "sudo命令组" #, python-format msgid "Added Sudo Command Group \"%(value)s\"" msgstr "已添加Sudo命令组\"%(value)s\"" #, python-format msgid "Deleted Sudo Command Group \"%(value)s\"" msgstr "已删除Sudo命令组\"%(value)s\"" #, python-format msgid "Modified Sudo Command Group \"%(value)s\"" msgstr "已修改Sudo命令组\"%(value)s\"" #, python-format msgid "%(count)d Sudo Command Group matched" msgid_plural "%(count)d Sudo Command Groups matched" msgstr[0] "已匹配%(count)d个Sudo命令组" #, python-format msgid "" "Insufficient 'write' privilege to the 'krbLastPwdChange' attribute of entry " "'%s'." msgstr "对条目'%s'的'krbLastPwdChange'属性没有'write'权限。" msgid "kerberos ticket policy settings" msgstr "kerberos票据策略设置" msgid "Kerberos Ticket Policy" msgstr "Kerberos票据策略" #, fuzzy #| msgid "Max life" msgid "OTP max life" msgstr "最长存活期" #, fuzzy #| msgid "Maximum ticket life (seconds)" msgid "OTP token maximum ticket life (seconds)" msgstr "票据最长存活期(秒)" msgid "OTP max renew" msgstr "" #, fuzzy #| msgid "TOTP authentication time variance (seconds)" msgid "OTP token ticket maximum renewable age (seconds)" msgstr "TOTP认证时间差异(秒)" #, fuzzy #| msgid "Max life" msgid "RADIUS max life" msgstr "最长存活期" #, fuzzy #| msgid "Maximum ticket life (seconds)" msgid "RADIUS maximum ticket life (seconds)" msgstr "票据最长存活期(秒)" #, fuzzy #| msgid "RADIUS proxy server name" msgid "RADIUS max renew" msgstr "RADIUS代理服务器名称" msgid "RADIUS ticket maximum renewable age (seconds)" msgstr "" #, fuzzy #| msgid "Max life" msgid "PKINIT max life" msgstr "最长存活期" #, fuzzy #| msgid "Maximum ticket life (seconds)" msgid "PKINIT maximum ticket life (seconds)" msgstr "票据最长存活期(秒)" msgid "PKINIT max renew" msgstr "" msgid "PKINIT ticket maximum renewable age (seconds)" msgstr "" msgid "Hardened max life" msgstr "" #, fuzzy #| msgid "Maximum ticket life (seconds)" msgid "Hardened ticket maximum ticket life (seconds)" msgstr "票据最长存活期(秒)" msgid "Hardened max renew" msgstr "" msgid "Hardened ticket maximum renewable age (seconds)" msgstr "" #, python-format msgid "Ticket policy for %s could not be read" msgstr "票据策略%s不可读" msgid "Default ticket policy could not be read" msgstr "默认票据策略不可读" msgid "" "\n" "Return information about currently authenticated identity\n" "\n" "Who am I command returns information on how to get\n" "more details about the identity authenticated for this\n" "request. The information includes:\n" "\n" " * type of object\n" " * command to retrieve details of the object\n" " * arguments and options to pass to the command\n" "\n" "The information is returned as a dictionary. Examples below use\n" "'key: value' output for illustrative purposes.\n" "\n" "EXAMPLES:\n" "\n" " Look up as IPA user:\n" " kinit admin\n" " ipa console\n" " >> api.Command.whoami()\n" " ------------------------------------------\n" " object: user\n" " command: user_show/1\n" " arguments: admin\n" " ------------------------------------------\n" "\n" " Look up as a user from a trusted domain:\n" " kinit user@AD.DOMAIN\n" " ipa console\n" " >> api.Command.whoami()\n" " ------------------------------------------\n" " object: idoverrideuser\n" " command: idoverrideuser_show/1\n" " arguments: ('default trust view', 'user@ad.domain')\n" " ------------------------------------------\n" "\n" " Look up as a host:\n" " kinit -k\n" " ipa console\n" " >> api.Command.whoami()\n" " ------------------------------------------\n" " object: host\n" " command: host_show/1\n" " arguments: ipa.example.com\n" " ------------------------------------------\n" "\n" " Look up as a Kerberos service:\n" " kinit -k -t /path/to/keytab HTTP/ipa.example.com\n" " ipa console\n" " >> api.Command.whoami()\n" " ------------------------------------------\n" " object: service\n" " command: service_show/1\n" " arguments: HTTP/ipa.example.com\n" " ------------------------------------------\n" msgstr "" msgid "Describe currently authenticated identity." msgstr "" #, fuzzy #| msgid "Subject DNS name" msgid "Object class name" msgstr "主题DNS名" msgid "Function to get details" msgstr "" msgid "Arguments to details function" msgstr "" msgid "Cannot query Directory Manager with API" msgstr "" msgid "delegation" msgstr "授权" msgid "delegations" msgstr "授权" msgid "Delegations" msgstr "授权" msgid "Delegation" msgstr "授权" #, fuzzy #| msgid "ACIs" msgid "ACI" msgstr "ACIs" #, python-format msgid "Added delegation \"%(value)s\"" msgstr "已添加授权\"%(value)s\"" #, python-format msgid "Deleted delegation \"%(value)s\"" msgstr "已删除授权\"%(value)s\"" #, python-format msgid "Modified delegation \"%(value)s\"" msgstr "已修改授权\"%(value)s\"" #, python-format msgid "%(count)d delegation matched" msgid_plural "%(count)d delegations matched" msgstr[0] "已匹配%(count)d个授权" msgid "" "\n" "Server configuration\n" "\n" "Manage the default values that IPA uses and some of its tuning parameters.\n" "\n" "NOTES:\n" "\n" "The password notification value (--pwdexpnotify) is stored here so it will\n" "be replicated. It is not currently used to notify users in advance of an\n" "expiring password.\n" "\n" "Some attributes are read-only, provided only for information purposes. " "These\n" "include:\n" "\n" "Certificate Subject base: the configured certificate subject base,\n" " e.g. O=EXAMPLE.COM. This is configurable only at install time.\n" "Password plug-in features: currently defines additional hashes that the\n" " password will generate (there may be other conditions).\n" "\n" "When setting the order list for mapping SELinux users you may need to\n" "quote the value so it isn't interpreted by the shell.\n" "\n" "The maximum length of a hostname in Linux is controlled by\n" "MAXHOSTNAMELEN in the kernel and defaults to 64. Some other operating\n" "systems, Solaris for example, allows hostnames up to 255 characters.\n" "This option will allow flexibility in length but by default limiting\n" "to the Linux maximum length.\n" "\n" "EXAMPLES:\n" "\n" " Show basic server configuration:\n" " ipa config-show\n" "\n" " Show all configuration options:\n" " ipa config-show --all\n" "\n" " Change maximum username length to 99 characters:\n" " ipa config-mod --maxusername=99\n" "\n" " Change maximum host name length to 255 characters:\n" " ipa config-mod --maxhostname=255\n" "\n" " Increase default time and size limits for maximum IPA server search:\n" " ipa config-mod --searchtimelimit=10 --searchrecordslimit=2000\n" "\n" " Set default user e-mail domain:\n" " ipa config-mod --emaildomain=example.com\n" "\n" " Enable migration mode to make \"ipa migrate-ds\" command operational:\n" " ipa config-mod --enable-migration=TRUE\n" "\n" " Define SELinux user map order:\n" " ipa config-mod --ipaselinuxusermaporder='guest_u:s0$xguest_u:s0$user_u:s0-" "s0:c0.c1023$staff_u:s0-s0:c0.c1023$unconfined_u:s0-s0:c0.c1023'\n" msgstr "" #, fuzzy #| msgid "must be at least %(minvalue)d" msgid "must be at least 10" msgstr "必须至少%(minvalue)d" msgid "configuration options" msgstr "配置选项" msgid "Configuration" msgstr "配置" #, fuzzy #| msgid "Maximum username length" msgid "Maximum hostname length" msgstr "最大用户名长度" msgid "IPA masters" msgstr "IPA主服务器" msgid "List of all IPA masters" msgstr "所有IPA主服务器列表" #, fuzzy #| msgid "IPA masters" msgid "Hidden IPA masters" msgstr "IPA主服务器" #, fuzzy #| msgid "List of all IPA masters" msgid "List of all hidden IPA masters" msgstr "所有IPA主服务器列表" msgid "IPA master capable of PKINIT" msgstr "" msgid "IPA master which can process PKINIT requests" msgstr "" msgid "IPA CA servers" msgstr "IPA CA服务器" msgid "IPA servers configured as certificate authority" msgstr "IPA服务器配置为证书认证机构" #, fuzzy #| msgid "IPA CA servers" msgid "Hidden IPA CA servers" msgstr "IPA CA服务器" #, fuzzy #| msgid "IPA servers configured as certificate authority" msgid "Hidden IPA servers configured as certificate authority" msgstr "IPA服务器配置为证书认证机构" msgid "IPA CA renewal master" msgstr "IPA CA更新主服务器" msgid "Renewal master for IPA certificate authority" msgstr "为IPA证书认证机构更新主服务器" msgid "IPA KRA servers" msgstr "IPA KRA服务器" #, fuzzy #| msgid "IPA servers configured as key recovery agents" msgid "IPA servers configured as key recovery agent" msgstr "IPA服务器配置为密钥恢复代理" #, fuzzy #| msgid "IPA KRA servers" msgid "Hidden IPA KRA servers" msgstr "IPA KRA服务器" #, fuzzy #| msgid "IPA servers configured as key recovery agents" msgid "Hidden IPA servers configured as key recovery agent" msgstr "IPA服务器配置为密钥恢复代理" msgid "IPA DNS servers" msgstr "IPA DNS服务器" #, fuzzy #| msgid "IPA server configured as DNSSec key master" msgid "IPA servers configured as domain name server" msgstr "IPA服务器配置为DNSSec密钥主机" #, fuzzy #| msgid "IPA DNS servers" msgid "Hidden IPA DNS servers" msgstr "IPA DNS服务器" #, fuzzy #| msgid "IPA servers configured as key recovery agents" msgid "Hidden IPA servers configured as domain name server" msgstr "IPA服务器配置为密钥恢复代理" msgid "IPA DNSSec key master" msgstr "IPA DNSSec密钥主机" #, fuzzy #| msgid "IPA DNSSec key master" msgid "DNSec key master" msgstr "IPA DNSSec密钥主机" #, fuzzy #| msgid "options are not allowed" msgid "Empty domain is not allowed" msgstr "选项是不允许的" #, fuzzy, python-format #| msgid "invalid domain-name: %s" msgid "Invalid domain name '%(domain)s': %(e)s" msgstr "无效的域名:%s" #, fuzzy, python-format #| msgid "Removed information about the trusted domain \"%(value)s\"" msgid "Server has no information about domain '%(domain)s'" msgstr "删除信任域\"%(value)s\"的信息" #, python-format msgid "Disabled domain '%(domain)s' is not allowed" msgstr "" msgid "The group doesn't exist" msgstr "组不存在" #, python-format msgid "attribute \"%s\" not allowed" msgstr "不允许属性\"%s\"" msgid "May not be empty" msgstr "可能不是闲置的" #, python-format msgid "%(obj)s default attribute %(attr)s would not be allowed!" msgstr "%(obj)s默认属性%(attr)s是不允许的!" msgid "A list of SELinux users delimited by $ expected" msgstr "SELinux用户列表期望以$分隔" #, python-format msgid "SELinux user '%(user)s' is not valid: %(error)s" msgstr "SELinux用户'%(user)s'是无效的:%(error)s" msgid "SELinux user map default user not in order list" msgstr "SELinux用户映射默认用户没有在列表中" #, fuzzy, python-brace-format #| msgid "" #| "Domain Level cannot be raised to {0}, server {1} does not support it." msgid "" "Domain Level cannot be raised to {0}, existing replication conflicts have to " "be resolved." msgstr "域级别不能提高到{0},服务器{1}不支持它。" msgid "Server does not support domain level functionality" msgstr "" msgid "Domain Level cannot be lowered." msgstr "域级别不能降低了。" #, python-brace-format msgid "Domain Level cannot be raised to {0}, server {1} does not support it." msgstr "域级别不能提高到{0},服务器{1}不支持它。" msgid "" "\n" "Groups of users\n" "\n" "Manage groups of users, groups, or services. By default, new groups are " "POSIX\n" "groups. You can add the --nonposix option to the group-add command to mark " "a\n" "new group as non-POSIX. You can use the --posix argument with the group-mod\n" "command to convert a non-POSIX group into a POSIX group. POSIX groups cannot " "be\n" "converted to non-POSIX groups.\n" "\n" "Every group must have a description.\n" "\n" "POSIX groups must have a Group ID (GID) number. Changing a GID is\n" "supported but can have an impact on your file permissions. It is not " "necessary\n" "to supply a GID when creating a group. IPA will generate one automatically\n" "if it is not provided.\n" "\n" "Groups members can be users, other groups, and Kerberos services. In POSIX\n" "environments only users will be visible as group members, but nested groups " "and\n" "groups of services can be used for IPA management purposes.\n" "\n" "EXAMPLES:\n" "\n" " Add a new group:\n" " ipa group-add --desc='local administrators' localadmins\n" "\n" " Add a new non-POSIX group:\n" " ipa group-add --nonposix --desc='remote administrators' remoteadmins\n" "\n" " Convert a non-POSIX group to posix:\n" " ipa group-mod --posix remoteadmins\n" "\n" " Add a new POSIX group with a specific Group ID number:\n" " ipa group-add --gid=500 --desc='unix admins' unixadmins\n" "\n" " Add a new POSIX group and let IPA assign a Group ID number:\n" " ipa group-add --desc='printer admins' printeradmins\n" "\n" " Remove a group:\n" " ipa group-del unixadmins\n" "\n" " To add the \"remoteadmins\" group to the \"localadmins\" group:\n" " ipa group-add-member --groups=remoteadmins localadmins\n" "\n" " Add multiple users to the \"localadmins\" group:\n" " ipa group-add-member --users=test1 --users=test2 localadmins\n" "\n" " To add Kerberos services to the \"printer admins\" group:\n" " ipa group-add-member --services=CUPS/some.host printeradmins\n" "\n" " Remove a user from the \"localadmins\" group:\n" " ipa group-remove-member --users=test2 localadmins\n" "\n" " Display information about a named group.\n" " ipa group-show localadmins\n" "\n" "Group membership managers are users or groups that can add members to a\n" "group or remove members from a group.\n" "\n" " Allow user \"test2\" to add or remove members from group \"localadmins\":\n" " ipa group-add-member-manager --users=test2 localadmins\n" "\n" " Revoke membership management rights for user \"test2\" from \"localadmins" "\":\n" " ipa group-remove-member-manager --users=test2 localadmins\n" "\n" "External group membership is designed to allow users from trusted domains\n" "to be mapped to local POSIX groups in order to actually use IPA resources.\n" "External members should be added to groups that specifically created as\n" "external and non-POSIX. Such group later should be included into one of " "POSIX\n" "groups.\n" "\n" "An external group member is currently a Security Identifier (SID) as defined " "by\n" "the trusted domain. When adding external group members, it is possible to\n" "specify them in either SID, or DOM\\name, or name@domain format. IPA will " "attempt\n" "to resolve passed name to SID with the use of Global Catalog of the trusted " "domain.\n" "\n" "Example:\n" "\n" "1. Create group for the trusted domain admins' mapping and their local POSIX " "group:\n" "\n" " ipa group-add --desc=' admins external map' ad_admins_external " "--external\n" " ipa group-add --desc=' admins' ad_admins\n" "\n" "2. Add security identifier of Domain Admins of the to the " "ad_admins_external\n" " group:\n" "\n" " ipa group-add-member ad_admins_external --external 'AD\\Domain Admins'\n" "\n" "3. Allow members of ad_admins_external group to be associated with ad_admins " "POSIX group:\n" "\n" " ipa group-add-member ad_admins --groups ad_admins_external\n" "\n" "4. List members of external members of ad_admins_external group to see their " "SIDs:\n" "\n" " ipa group-show ad_admins_external\n" msgstr "" msgid "groups" msgstr "用户组" msgid "User Group" msgstr "用户组" #, python-format msgid "Added group \"%(value)s\"" msgstr "已添加组\"%(value)s\"" msgid "gid cannot be set for external group" msgstr "gid不能被设置为外部组" #, python-format msgid "Deleted group \"%(value)s\"" msgstr "已删除组\"%(value)s\"" msgid "privileged group" msgstr "特权组" #, python-format msgid "Modified group \"%(value)s\"" msgstr "已修改组\"%(value)s\"" #, python-format msgid "%(count)d group matched" msgid_plural "%(count)d groups matched" msgstr[0] "已匹配%(count)d个组" msgid "" "Cannot perform external member validation without Samba 4 support installed. " "Make sure you have installed server-trust-ad sub-package of IPA on the server" msgstr "" "没有安装Samba 4不能执行外部成员验证。确认你已经在IPA服务器上安装了server-" "trust-ad子包" msgid "" "Cannot perform join operation without own domain configured. Make sure you " "have run ipa-adtrust-install on the IPA server first" msgstr "" "没有自己的域配置不能执行加入操作。首先确认你已经在IPA服务器上运行了ipa-" "adtrust-install命令" #, python-format msgid "Detached group \"%(value)s\" from user \"%(value)s\"" msgstr "从用户\"%(value)s\"中分离组\"%(value)s\"" msgid "not allowed to modify user entries" msgstr "不允许修改用户条目" msgid "not allowed to modify group entries" msgstr "不允许修改组条目" msgid "Not a managed group" msgstr "不是一个管理组" #, fuzzy #| msgid "Add users that can manage this token." msgid "Add users that can manage members of this group." msgstr "添加可以管理该令牌的用户" #, fuzzy #| msgid "Remove users that can manage this token." msgid "Remove users that can manage members of this group." msgstr "移除可以管理该令牌的用户。" msgid "Could not read UPG Definition originfilter. Check your permissions." msgstr "不能读UPG原过滤器定义。检查你的权限。" #, python-format msgid "Added user \"%(value)s\"" msgstr "已添加用户\"%(value)s\"" msgid "Default group for new users not found" msgstr "新用户的默认组没有找到" msgid "Default group for new users is not POSIX" msgstr "新用户的默认组不是POSIX" #, python-format msgid "Deleted user \"%(value)s\"" msgstr "已删除用户\"%(value)s\"" #, python-format msgid "%s: user is already preserved" msgstr "%s:用户已保存" #, python-format msgid "Modified user \"%(value)s\"" msgstr "已修改用户\"%(value)s\"" #, python-format msgid "Undeleted user account \"%(value)s\"" msgstr "已恢复用户账户\"%(value)s\"" #, python-format msgid "user \"%s\" is already active" msgstr "用户%s已是活跃的" #, fuzzy, python-format #| msgid "Enabled user account \"%(value)s\"" msgid "Staged user account \"%(value)s\"" msgstr "已启用用户账户\"%(value)s\"" #, python-format msgid "Disabled user account \"%(value)s\"" msgstr "已禁用用户账户\"%(value)s\"" #, python-format msgid "Enabled user account \"%(value)s\"" msgstr "已启用用户账户\"%(value)s\"" msgid "" "\n" " Unlock a user account\n" "\n" " An account may become locked if the password is entered incorrectly too\n" " many times within a specific time period as controlled by password\n" " policy. A locked account is a temporary condition and may be unlocked " "by\n" " an administrator." msgstr "" #, python-format msgid "Unlocked account \"%(value)s\"" msgstr "已解锁账户\"%(value)s\"" msgid "Failed logins" msgstr "登录失败" msgid "Last successful authentication" msgstr "上一次认证成功" msgid "Last failed authentication" msgstr "上一次认证失败" msgid "Time now" msgstr "当前时间" msgid "" "\n" " Lockout status of a user account\n" "\n" " An account may become locked if the password is entered incorrectly too\n" " many times within a specific time period as controlled by password\n" " policy. A locked account is a temporary condition and may be unlocked " "by\n" " an administrator.\n" "\n" " This connects to each IPA master and displays the lockout status on\n" " each one.\n" "\n" " To determine whether an account is locked on a given server you need\n" " to compare the number of failed logins and the time of the last " "failure.\n" " For an account to be locked it must exceed the maxfail failures within\n" " the failinterval duration as specified in the password policy " "associated\n" " with the user.\n" "\n" " The failed login counter is modified only when a user attempts a log in\n" " so it is possible that an account may appear locked but the last failed\n" " login attempt is older than the lockouttime of the password policy. " "This\n" " means that the user may attempt a login again. " msgstr "" #, python-format msgid "%(host)s failed: %(error)s" msgstr "%(host)s已失败:%(error)s" #, python-format msgid "%(host)s failed" msgstr "%(host)s已失败" #, python-format msgid "Account disabled: %(disabled)s" msgstr "账户已禁用:%(disabled)s" #, python-format msgid "Added certificates to user \"%(value)s\"" msgstr "已为用户\"%(value)s\"添加证书" #, python-format msgid "Removed certificates from user \"%(value)s\"" msgstr "已为用户\"%(value)s\"删除证书" #, fuzzy #| msgid "Add one or more certificates to the user entry" msgid "Add one or more certificate mappings to the user entry." msgstr "向用户条目中添加一个或多个证书" #, fuzzy #| msgid "Remove one or more certificates to the user entry" msgid "Remove one or more certificate mappings from the user entry." msgstr "向用户条目中移除一个或多个证书" msgid "Add new principal alias to the user entry" msgstr "为用户条目添加新的主体别名" #, python-format msgid "Added new aliases to user \"%(value)s\"" msgstr "已为用户\"%(value)s\"添加新别名" msgid "Remove principal alias from the user entry" msgstr "从用户条目中删除主体别名" #, python-format msgid "Removed aliases from user \"%(value)s\"" msgstr "已从用户\"%(value)s\"中删除别名" msgid "" "\n" "Vaults\n" msgstr "" "\n" "库\n" msgid "" "\n" "Manage vaults.\n" msgstr "" "\n" "管理库。\n" msgid "" "\n" "Vault is a secure place to store a secret. One vault can only\n" "store one secret. When archiving a secret in a vault, the\n" "existing secret (if any) is overwritten.\n" msgstr "" msgid "" "\n" "Based on the ownership there are three vault categories:\n" "* user/private vault\n" "* service vault\n" "* shared vault\n" msgstr "" "\n" "基于所有者管理有三种库类别:\n" "* 用户/私有库\n" "* 服务库\n" "* 共享库\n" msgid "" "\n" "User vaults are vaults owned used by a particular user. Private\n" "vaults are vaults owned the current user. Service vaults are\n" "vaults owned by a service. Shared vaults are owned by the admin\n" "but they can be used by other users or services.\n" msgstr "" "\n" "用户库被特定用户拥有并使用。私有库被当前用户拥有。服务库被一个服务拥有。共享" "库被管理员拥有但可以被其他用户或服务使用。\n" msgid "" "\n" "Based on the security mechanism there are three types of\n" "vaults:\n" "* standard vault\n" "* symmetric vault\n" "* asymmetric vault\n" msgstr "" "\n" "基于安全机制有三种库类型:\n" "* 标准库\n" "* 对称库\n" "* 非对称库\n" msgid "" "\n" "Standard vault uses a secure mechanism to transport and\n" "store the secret. The secret can only be retrieved by users\n" "that have access to the vault.\n" msgstr "" "\n" "标准库使用一种安全机制来传输和存储密码。密码仅能被有权限访问该库的用户检" "索。\n" msgid "" "\n" "Symmetric vault is similar to the standard vault, but it\n" "pre-encrypts the secret using a password before transport.\n" "The secret can only be retrieved using the same password.\n" msgstr "" "\n" "对称库和标准库类似,但它在传输前会使用一个密码来预加密该密码。密码仅能使用相" "同的密码来检索。\n" msgid "" "\n" "Asymmetric vault is similar to the standard vault, but it\n" "pre-encrypts the secret using a public key before transport.\n" "The secret can only be retrieved using the private key.\n" msgstr "" "\n" "非对称库和标准库类似,但它在传输前会使用一个公钥来预加密密码。该密码仅能通过" "对应的私钥来检索。\n" msgid "" "\n" " List vaults:\n" " ipa vault-find\n" " [--user |--service |--shared]\n" msgstr "" msgid "" "\n" " Add a standard vault:\n" " ipa vault-add \n" " [--user |--service |--shared]\n" " --type standard\n" msgstr "" msgid "" "\n" " Add a symmetric vault:\n" " ipa vault-add \n" " [--user |--service |--shared]\n" " --type symmetric --password-file password.txt\n" msgstr "" msgid "" "\n" " Add an asymmetric vault:\n" " ipa vault-add \n" " [--user |--service |--shared]\n" " --type asymmetric --public-key-file public.pem\n" msgstr "" msgid "" "\n" " Show a vault:\n" " ipa vault-show \n" " [--user |--service |--shared]\n" msgstr "" msgid "" "\n" " Modify vault description:\n" " ipa vault-mod \n" " [--user |--service |--shared]\n" " --desc \n" msgstr "" msgid "" "\n" " Modify vault type:\n" " ipa vault-mod \n" " [--user |--service |--shared]\n" " --type \n" " [old password/private key]\n" " [new password/public key]\n" msgstr "" msgid "" "\n" " Modify symmetric vault password:\n" " ipa vault-mod \n" " [--user |--service |--shared]\n" " --change-password\n" " ipa vault-mod \n" " [--user |--service |--shared]\n" " --old-password \n" " --new-password \n" " ipa vault-mod \n" " [--user |--service |--shared]\n" " --old-password-file \n" " --new-password-file \n" msgstr "" msgid "" "\n" " Modify asymmetric vault keys:\n" " ipa vault-mod \n" " [--user |--service |--shared]\n" " --private-key-file \n" " --public-key-file \n" msgstr "" msgid "" "\n" " Delete a vault:\n" " ipa vault-del \n" " [--user |--service |--shared]\n" msgstr "" msgid "" "\n" " Display vault configuration:\n" " ipa vaultconfig-show\n" msgstr "" msgid "" "\n" " Archive data into standard vault:\n" " ipa vault-archive \n" " [--user |--service |--shared]\n" " --in \n" msgstr "" msgid "" "\n" " Archive data into symmetric vault:\n" " ipa vault-archive \n" " [--user |--service |--shared]\n" " --in \n" " --password-file password.txt\n" msgstr "" msgid "" "\n" " Archive data into asymmetric vault:\n" " ipa vault-archive \n" " [--user |--service |--shared]\n" " --in \n" msgstr "" msgid "" "\n" " Retrieve data from standard vault:\n" " ipa vault-retrieve \n" " [--user |--service |--shared]\n" " --out \n" msgstr "" msgid "" "\n" " Retrieve data from symmetric vault:\n" " ipa vault-retrieve \n" " [--user |--service |--shared]\n" " --out \n" " --password-file password.txt\n" msgstr "" msgid "" "\n" " Retrieve data from asymmetric vault:\n" " ipa vault-retrieve \n" " [--user |--service |--shared]\n" " --out --private-key-file private.pem\n" msgstr "" msgid "" "\n" " Add vault owners:\n" " ipa vault-add-owner \n" " [--user |--service |--shared]\n" " [--users ] [--groups ] [--services ]\n" msgstr "" msgid "" "\n" " Delete vault owners:\n" " ipa vault-remove-owner \n" " [--user |--service |--shared]\n" " [--users ] [--groups ] [--services ]\n" msgstr "" msgid "" "\n" " Add vault members:\n" " ipa vault-add-member \n" " [--user |--service |--shared]\n" " [--users ] [--groups ] [--services ]\n" msgstr "" msgid "" "\n" " Delete vault members:\n" " ipa vault-remove-member \n" " [--user |--service |--shared]\n" " [--users ] [--groups ] [--services ]\n" msgstr "" msgid "" "\n" " Vault Container object.\n" " " msgstr "" "\n" " 库容器对象。\n" " " msgid "vaultcontainer" msgstr "库容器" msgid "vaultcontainers" msgstr "库容器" msgid "Vault Containers" msgstr "库容器" msgid "Vault Container" msgstr "库容器" msgid "Service, shared and user options cannot be specified simultaneously" msgstr "服务,共享的和用户选项不能被同时指定" msgid "Host is not supported" msgstr "主机不被支持" msgid "KRA service is not enabled" msgstr "KRA服务没有启用" msgid "Deleted vault container" msgstr "已删除库容器" #, python-format msgid "owner %s" msgstr "所有者%s" msgid "" "\n" " Vault object.\n" " " msgstr "" "\n" " 库对象。\n" " " msgid "vault" msgstr "库" msgid "vaults" msgstr "库" msgid "Vaults" msgstr "库" msgid "Vault" msgstr "库" msgid "Service, shared, and user options cannot be specified simultaneously" msgstr "服务,共享的和用户选项不能被同时指定" #, fuzzy #| msgid "Modify a vault." msgid "Add a vault." msgstr "修改一个库。" #, python-format msgid "Added vault \"%(value)s\"" msgstr "已添加库\"%(value)s\"" #, python-format msgid "Deleted vault \"%(value)s\"" msgstr "已删除库\"%(value)s\"" #, python-format msgid "%(count)d vault matched" msgid_plural "%(count)d vaults matched" msgstr[0] "已匹配%(count)d个库" msgid "" "Service(s), shared, and user(s) options cannot be specified simultaneously" msgstr "服务,共享的和用户选项不能被同时指定" #, python-format msgid "Modified vault \"%(value)s\"" msgstr "已修改库\"%(value)s\"" msgid "Vault configuration" msgstr "库配置" msgid "IPA servers configured as key recovery agents" msgstr "IPA服务器配置为密钥恢复代理" #, python-format msgid "Archived data into vault \"%(value)s\"" msgstr "数据归档到库\"%(value)s\"" #, fuzzy #| msgid "Retrieve a data from a vault." msgid "Retrieve data from a vault." msgstr "从库中检索一个数据。" #, python-format msgid "Retrieved data from vault \"%(value)s\"" msgstr "从库\"%(value)s\"中检索数据" msgid "No archived data." msgstr "没有归档数据。" #, fuzzy #| msgid "Checks if any of the servers has the CA service enabled." msgid "Checks if any of the servers has the KRA service enabled" msgstr "检查是否有任何服务器启用了CA服务。" msgid "" "\n" "Manage Certificate Authorities\n" msgstr "" "\n" "管理证书颁发机构\n" msgid "" "\n" "Subordinate Certificate Authorities (Sub-CAs) can be added for scoped " "issuance\n" "of X.509 certificates.\n" msgstr "" "\n" "从属证书颁发机构(Sub-CAs)可以当作是X.509证书的发行范围。\n" msgid "" "\n" "CAs are enabled on creation, but their use is subject to CA ACLs unless the\n" "operator has permission to bypass CA ACLs.\n" msgstr "" msgid "" "\n" "All CAs except the 'IPA' CA can be disabled or re-enabled. Disabling a CA\n" "prevents it from issuing certificates but does not affect the validity of " "its\n" "certificate.\n" msgstr "" "\n" "所有的CAs除了'IPA' CA都可以被禁用或重新启用。禁用一个CA会阻止它发布证书,但不" "会影响它的证书的有效性。\n" msgid "" "\n" "CAs (all except the 'IPA' CA) can be deleted. Deleting a CA causes its " "signing\n" "certificate to be revoked and its private key deleted.\n" msgstr "" "\n" "CAs (除了'IPA' CA)都可以被删除。删除一个CA会撤销它的签名证书并删除它的私" "钥。\n" msgid "" "\n" " Create new CA, subordinate to the IPA CA (requires permission\n" " \"System: Add CA\"):\n" "\n" " ipa ca-add puppet --desc \"Puppet\" \\\n" " --subject \"CN=Puppet CA,O=EXAMPLE.COM\"\n" msgstr "" msgid "" "\n" " Disable a CA (requires permission \"System: Modify CA\"):\n" "\n" " ipa ca-disable puppet\n" msgstr "" msgid "" "\n" " Re-enable a CA (requires permission \"System: Modify CA\"):\n" "\n" " ipa ca-enable puppet\n" msgstr "" msgid "" "\n" " Delete a CA (requires permission \"System: Delete CA\"; also requires\n" " CA to be disabled first):\n" "\n" " ipa ca-del puppet\n" msgstr "" msgid "Certificate Authority" msgstr "证书颁发机构" msgid "Certificate Authorities" msgstr "证书颁发机构" msgid "Name for referencing the CA" msgstr "" msgid "Description of the purpose of the CA" msgstr "CA描述的目的" msgid "Authority ID" msgstr "授权ID" msgid "Dogtag Authority ID" msgstr "Dogtag授权ID" msgid "Subject DN" msgstr "证书持有者名字" msgid "Subject Distinguished Name" msgstr "主题的专有名称" msgid "Issuer DN" msgstr "证书颁发机构名字" msgid "Issuer Distinguished Name" msgstr "发行人专有名称" msgid "Base-64 encoded certificate." msgstr "Base-64编码的证书。" #, fuzzy #| msgid "Certificate" msgid "Certificate chain" msgstr "证书" #, fuzzy #| msgid "CA certificate" msgid "X.509 certificate chain" msgstr "CA证书" msgid "Search for CAs." msgstr "查找CAs。" #, python-format msgid "%(count)d CA matched" msgid_plural "%(count)d CAs matched" msgstr[0] "已匹配%(count)d个CA" msgid "Include certificate chain in output" msgstr "" msgid "Display the properties of a CA." msgstr "显示一个CA属性。" msgid "Create a CA." msgstr "创建一个CA。" #, python-format msgid "Created CA \"%(value)s\"" msgstr "已创建CA\"%(value)s\"" #, python-format msgid "Insufficient 'add' privilege for entry '%s'." msgstr "对条目'%s'没有'add'权限。" #, python-format msgid "Unrecognized attributes: %(attrs)s" msgstr "" #, python-format msgid "Subject DN is already used by CA '%s'" msgstr "主题DN已被CA'%s'使用" msgid "Delete a CA (must be disabled first)." msgstr "" #, python-format msgid "Deleted CA \"%(value)s\"" msgstr "已删除CA\"%(value)s\"" #, fuzzy #| msgid "Insufficient 'add' privilege for entry '%s'." msgid "Insufficient privilege to delete a CA." msgstr "对条目'%s'没有'add'权限。" msgid "CA" msgstr "" msgid "IPA CA cannot be deleted" msgstr "IPA CA不能被删除" #, fuzzy #| msgid "Must be a decimal number" msgid "Must be disabled first" msgstr "必须是一个小数" msgid "Modify CA configuration." msgstr "修改CA配置。" #, python-format msgid "Modified CA \"%(value)s\"" msgstr "已修改CA\"%(value)s\"" #, fuzzy #| msgid "Insufficient 'add' privilege for entry '%s'." msgid "Insufficient privilege to modify a CA." msgstr "对条目'%s'没有'add'权限。" msgid "Disable a CA." msgstr "禁用一个CA。" #, python-format msgid "Disabled CA \"%(value)s\"" msgstr "已禁用CA\"%(value)s\"" msgid "IPA CA cannot be disabled" msgstr "IPA CA不能被禁用" msgid "Enable a CA." msgstr "启用一个CA。" #, python-format msgid "Enabled CA \"%(value)s\"" msgstr "已启用CA\"%(value)s\"" msgid "Internationalization messages" msgstr "" msgid "Your session has expired. Please log in again." msgstr "" msgid "Apply" msgstr "应用" msgid "Rebuild auto membership" msgstr "重建自动成员" msgid "Are you sure you want to rebuild auto membership?" msgstr "你确定要重建自动成员吗?" msgid "Automember rebuild membership task completed" msgstr "自动成员重建成员关系任务已完成" msgid "Are you sure you want to proceed with the action?" msgstr "你确定要执行该操作吗?" #, python-brace-format msgid "Are you sure you want to delete ${object}?" msgstr "你确定要删除${object}?" #, python-brace-format msgid "Are you sure you want to disable ${object}?" msgstr "你确定要禁用${object}?" #, python-brace-format msgid "Are you sure you want to enable ${object}?" msgstr "你确定要启用${object}?" msgid "Actions" msgstr "操作" msgid "Add" msgstr "添加" #, python-brace-format msgid "${count} item(s) added" msgstr "${count} item(s)已添加" msgid "Direct Membership" msgstr "直接成员" #, python-brace-format msgid "Filter available ${other_entity}" msgstr "${other_entity}过滤器可用" msgid "Indirect Membership" msgstr "间接成员" msgid "No entries." msgstr "没有条目。" #, python-brace-format msgid "Showing ${start} to ${end} of ${total} entries." msgstr "从${start}到${end}显示${total}条目。" #, fuzzy #| msgid "Remove hold" msgid "Remove" msgstr "删除持有" #, python-brace-format msgid "${count} item(s) removed" msgstr "${count} item(s) 已移除" msgid "Show Results" msgstr "显示结果" msgid "Authentication indicators" msgstr "认证指标" msgid "Authentication indicator" msgstr "认证指标" msgid "" "

Implicit method (password) will be used if no method is chosen.

Password + Two-factor: LDAP and Kerberos allow " "authentication with either one of the authentication types but Kerberos uses " "pre-authentication method which requires to use armor ccache.

RADIUS with another type: Kerberos always use RADIUS, " "but LDAP never does. LDAP only recognize the password and two-factor " "authentication options.

" msgstr "" "

如果没有选择方法那么就使用隐式方法(密码)。

密码+双因素LDAP和Kerberos允许使用其中任一认证类型来认证但是Kerberos使用预认证方" "法,该方法需要使用armor ccache

RADIUS和另外的类型: " "Kerberos总是使用RADIUS,但是LDAP从不使用。LDAP仅识别密码和双因素认证选项。" msgid "Add Custom Authentication Indicator" msgstr "添加自定义认证机构" msgid "Two factor authentication (password + OTP)" msgstr "双因素认证(密码+OTP)" #, fuzzy #| msgid "RADIUS Server" msgid "RADIUS" msgstr "RADIUS代理服务器" msgid "Hardened Password (by SPAKE or FAST)" msgstr "" msgid "Disable per-user override" msgstr "禁用每个用户覆盖" msgid "" "

Per-user setting, overwrites the global setting if any option is checked." "

Password + Two-factor: LDAP and Kerberos allow " "authentication with either one of the authentication types but Kerberos uses " "pre-authentication method which requires to use armor ccache.

RADIUS with another type: Kerberos always use RADIUS, " "but LDAP never does. LDAP only recognize the password and two-factor " "authentication options.

" msgstr "" "

如果所有选项都检测了那么每个用户设置会覆盖全局设置。

密码+双" "因素LDAP和Kerberos允许使用其中任一认证类型来认证但是Kerberos使用预认" "证方法,该方法需要使用armor ccache

RADIUS和另外的类型: Kerberos总是使用RADIUS,但是LDAP从不使用。LDAP仅识别密码和双因素认证" "选项。

" msgid "About" msgstr "关于" msgid "Activate" msgstr "激活" msgid "Add and Add Another" msgstr "添加并添加另一个" msgid "Add and Close" msgstr "添加和关闭" msgid "Add and Edit" msgstr "添加和编辑" msgid "Add Many" msgstr "添加多个" msgid "Back" msgstr "返回" msgid "Cancel" msgstr "取消" msgid "Clear" msgstr "" #, fuzzy #| msgid "Refresh the page." msgid "Clear all fields on the page." msgstr "刷新页面。" msgid "Close" msgstr "关闭" msgid "Disable" msgstr "禁用" msgid "Download" msgstr "下载" msgid "Download certificate as PEM formatted file." msgstr "下载证书为PEM格式文件。" msgid "Edit" msgstr "编辑" msgid "Enable" msgstr "启用" msgid "Find" msgstr "查找" msgid "Get" msgstr "获得" msgid "Hide" msgstr "隐藏" msgid "Issue" msgstr "发布" #, fuzzy #| msgid "Matched" msgid "Match" msgstr "匹配" #, fuzzy #| msgid "Search for existing certificates." msgid "Match users according to certificate." msgstr "查找已存在的证书。" msgid "Migrate" msgstr "" msgid "OK" msgstr "" msgid "Refresh" msgstr "更新" msgid "Reload current settings from the server." msgstr "从服务器重新加载当前设置。" msgid "Delete" msgstr "删除" msgid "Remove hold" msgstr "删除持有" msgid "Reset" msgstr "重置" msgid "Reset Password" msgstr "重置密码" #, fuzzy #| msgid "Reset Password" msgid "Reset Password and Log in" msgstr "重置密码" msgid "Restore" msgstr "恢复" msgid "Retry" msgstr "重试" msgid "Revert" msgstr "返回" msgid "Revoke" msgstr "撤回" msgid "Save" msgstr "保存" msgid "Set" msgstr "设置" msgid "Show" msgstr "显示" msgid "Stage" msgstr "呈现" msgid "Update" msgstr "更新" msgid "View" msgstr "查看" #, fuzzy #| msgid "Confirmation" msgid "Customization" msgstr "确认" msgid "Pagination Size" msgstr "" msgid "Collapse All" msgstr "全部折叠" msgid "Expand All" msgstr "全部展开" msgid "General" msgstr "普通的" msgid "Identity Settings" msgstr "身份设置" #, fuzzy #| msgid "Role Settings" msgid "Record Settings" msgstr "角色设置" #, python-brace-format msgid "${entity} ${primary_key} Settings" msgstr "${entity} ${primary_key}设置" msgid "Back to Top" msgstr "回到顶部" #, python-brace-format msgid "${entity} ${primary_key} updated" msgstr "${entity} ${primary_key}已更新" #, python-brace-format msgid "${entity} successfully added" msgstr "${entity}已添加成功" msgid "Add custom value" msgstr "添加自定义值" msgid "Available" msgstr "可用的" msgid "Some operations failed." msgstr "一些操作失败。" msgid "Operations Error" msgstr "操作错误" msgid "Confirmation" msgstr "确认" msgid "Custom value" msgstr "自定义值" msgid "This page has unsaved changes. Please save or revert." msgstr "这个页面有未保存的更改。请保存或恢复。" msgid "Unsaved Changes" msgstr "未保存的更改" #, python-brace-format msgid "Edit ${entity}" msgstr "编辑${entity}" msgid "Hide details" msgstr "隐藏细节" #, python-brace-format msgid "${product}, version: ${version}" msgstr "${product},版本:${version}" msgid "Prospective" msgstr "预期的" msgid "Redirection" msgstr "重定向" msgid "Select entries to be removed." msgstr "选择要删除的条目。" msgid "Result" msgstr "结果" msgid "Show details" msgstr "显示细节" msgid "Success" msgstr "成功" msgid "Validation error" msgstr "验证错误" msgid "Input form contains invalid or missing values." msgstr "输入包含无效的或缺失的值。" msgid "Please try the following options:" msgstr "请尝试下面选项:" msgid "If the problem persists please contact the system administrator." msgstr "如果问题仍然存在,请联系系统管理员。" msgid "Refresh the page." msgstr "刷新页面。" msgid "Reload the browser." msgstr "重新加载浏览器。" msgid "Return to the main page and retry the operation" msgstr "返回到主页面并重试操作" #, python-brace-format msgid "An error has occurred (${error})" msgstr "出现一个错误(${error})" msgid "HTTP Error" msgstr "HTTP错误" msgid "Internal Error" msgstr "内部错误" msgid "IPA Error" msgstr "IPA错误" msgid "No response" msgstr "没有响应" msgid "Unknown Error" msgstr "未知的错误" msgid "URL" msgstr "" #, python-brace-format msgid "${primary_key} is managed by:" msgstr "${primary_key}受管于:" #, python-brace-format msgid "${primary_key} members:" msgstr "${primary_key}成员:" #, python-brace-format msgid "${primary_key} is a member of:" msgstr "${primary_key}是其中一个成员:" #, fuzzy, python-brace-format #| msgid "${primary_key} members:" msgid "${primary_key} member managers:" msgstr "${primary_key}成员:" msgid "Settings" msgstr "设置" msgid "Search" msgstr "查找" msgid "False" msgstr "" #, fuzzy, python-brace-format #| msgid "" #| "Allow users, groups, hosts or host groups to create a keytab of this " #| "service." msgid "Allow user groups to create keytab of '${primary_key}'" msgstr "允许用户,用户组,主机或主机组来创建一个该服务的keytab。" #, fuzzy, python-brace-format #| msgid "" #| "Allow users, groups, hosts or host groups to retrieve a keytab of this " #| "service." msgid "Allow user groups to retrieve keytab of '${primary_key}'" msgstr "允许用户,用户组,主机或主机组来检索一个该服务的keytab。" #, fuzzy, python-brace-format #| msgid "" #| "Allow users, groups, hosts or host groups to create a keytab of this " #| "service." msgid "Allow host groups to create keytab of '${primary_key}'" msgstr "允许用户,用户组,主机或主机组来创建一个该服务的keytab。" #, fuzzy, python-brace-format #| msgid "" #| "Allow users, groups, hosts or host groups to retrieve a keytab of this " #| "service." msgid "Allow host groups to retrieve keytab of '${primary_key}'" msgstr "允许用户,用户组,主机或主机组来检索一个该服务的keytab。" #, fuzzy, python-brace-format #| msgid "Allowed to create keytab" msgid "Allow hosts to create keytab of '${primary_key}'" msgstr "允许创建keytab" #, fuzzy, python-brace-format #| msgid "Allowed to retrieve keytab" msgid "Allow hosts to retrieve keytab of '${primary_key}'" msgstr "允许检索keytab" #, fuzzy, python-brace-format #| msgid "Allowed to create keytab" msgid "Allow users to create keytab of '${primary_key}'" msgstr "允许创建keytab" #, fuzzy, python-brace-format #| msgid "Allowed to retrieve keytab" msgid "Allow users to retrieve keytab of '${primary_key}'" msgstr "允许检索keytab" msgid "Allowed to create keytab" msgstr "允许创建keytab" msgid "Allowed to retrieve keytab" msgstr "允许检索keytab" #, fuzzy, python-brace-format #| msgid "" #| "Disallow users, groups, hosts or host groups to create a keytab of this " #| "service." msgid "Disallow user groups to create keytab of '${primary_key}'" msgstr "不允许用户,用户组,主机或主机组来创建该服务的keytab。" #, fuzzy, python-brace-format #| msgid "" #| "Disallow users, groups, hosts or host groups to retrieve a keytab of this " #| "service." msgid "Disallow user groups to retrieve keytab of '${primary_key}'" msgstr "不允许用户,用户组,主机或主机组来检索该服务的keytab。" #, fuzzy, python-brace-format #| msgid "" #| "Disallow users, groups, hosts or host groups to create a keytab of this " #| "service." msgid "Disallow host groups to create keytab of '${primary_key}'" msgstr "不允许用户,用户组,主机或主机组来创建该服务的keytab。" #, fuzzy, python-brace-format #| msgid "" #| "Disallow users, groups, hosts or host groups to retrieve a keytab of this " #| "service." msgid "Disallow host groups to retrieve keytab of '${primary_key}'" msgstr "不允许用户,用户组,主机或主机组来检索该服务的keytab。" #, python-brace-format msgid "Disallow hosts to create keytab of '${primary_key}'" msgstr "" #, python-brace-format msgid "Disallow hosts to retrieve keytab of '${primary_key}'" msgstr "" #, python-brace-format msgid "Disallow users to create keytab of '${primary_key}'" msgstr "" #, fuzzy, python-brace-format #| msgid "Users allowed to retrieve keytab" msgid "Disallow users to retrieve keytab of '${primary_key}'" msgstr "允许检索keytab的用户" msgid "Add Kerberos Principal Alias" msgstr "添加Kerberos主体别名" msgid "New kerberos principal alias" msgstr "新的kerberos主体别名" msgid "Remove Kerberos Alias" msgstr "删除Kerberos别名" #, python-brace-format msgid "Do you want to remove kerberos alias ${alias}?" msgstr "你要删除kerberos别名${alias}吗?" msgid "Inherited from server configuration" msgstr "继承了服务器配置" msgid "MS-PAC" msgstr "" msgid "Override inherited settings" msgstr "覆盖继承设置" msgid "PAD" msgstr "" #, fuzzy #| msgid "Authentication" msgid "Authenticating" msgstr "身份验证" msgid "Authentication with personal certificate failed" msgstr "" msgid "" " To log in with certificate, please make sure you have valid personal certificate. " msgstr "" msgid "Continue to next page" msgstr "" #, fuzzy #| msgid "" #| " One-Time-Password(OTP): Generate new OTP code for each OTP field." msgid "" " To log in with username and " "password, enter them in the corresponding fields, then click 'Log " "in'." msgstr "" " One-Time-Password(OTP): " "为每个OTP字段生成新的OTP码。" msgid "Login failed due to an unknown reason" msgstr "" msgid "Logged In As" msgstr "登录" #, fuzzy #| msgid "Authentication Indicators" msgid "Authentication with Kerberos failed" msgstr "认证指标" #, python-brace-format msgid "" " To log in with Kerberos, please make sure you have valid tickets (obtainable via kinit) and " "configured the " "browser correctly, then click 'Log in'." msgstr "" msgid "Loading" msgstr "" #, fuzzy #| msgid "Kerberos principal expiration" msgid "Kerberos Principal you entered is expired" msgstr "Kerberos主体过期" #, fuzzy #| msgid "Record data" msgid "Loading data" msgstr "记录数据" msgid "Log in" msgstr "" #, fuzzy #| msgid "Host Certificate" msgid "Log In Using Certificate" msgstr "主机证书" msgid "Log in using personal certificate" msgstr "" msgid "Log out" msgstr "" #, fuzzy #| msgid "Format error" msgid "Log out error" msgstr "格式错误" #, fuzzy #| msgid "Password or Password+One-Time-Password" msgid "Password or Password+One-Time Password" msgstr "密码或密码+一次性密码" #, fuzzy, python-brace-format #| msgid "You will be redirected to DNS Zone." msgid "You will be redirected in ${count}s" msgstr "你将会被重定向到DNS区域。" msgid "Sync OTP Token" msgstr "同步OTP令牌" #, fuzzy #| msgid "HOTP Synchronization Window" msgid "Synchronizing" msgstr "HOTP同步窗口" msgid "The user account you entered is locked" msgstr "" msgid "number of passwords" msgstr "密码数" msgid "seconds" msgstr "秒" #, fuzzy #| msgid "Configuration" msgid "Migrating" msgstr "配置" msgid "There was a problem with your request. Please, try again later." msgstr "" #, fuzzy #| msgid "Password reset was not successful." msgid "Password migration was not successful" msgstr "密码重置失败。" msgid "" "

Password Migration

If you have been sent here by your " "administrator, your personal information is being migrated to a new identity " "management solution (IPA).

Please, enter your credentials in the form " "to complete the process. Upon successful login your kerberos account will be " "activated.

" msgstr "" #, fuzzy #| msgid "The username, password or token codes are not correct" msgid "The password or username you entered is incorrect" msgstr "用户名,密码或令牌码不争取" #, fuzzy #| msgid "Password reset was not successful." msgid "Password migration was successful" msgstr "密码重置失败。" msgid "Attribute" msgstr "属性" #, fuzzy #| msgid "delegation" msgid "Add delegation" msgstr "授权" #, fuzzy #| msgid "delegations" msgid "Remove delegations" msgstr "授权" #, fuzzy #| msgid "permission" msgid "Add permission" msgstr "权限" #, python-brace-format msgid "Add privileges into permission '${primary_key}'" msgstr "" #, fuzzy #| msgid "Remove Permission" msgid "Remove permissions" msgstr "删除权限" #, fuzzy, python-brace-format #| msgid "Remove privileges from a role." msgid "Remove privileges from permission '${primary_key}'" msgstr "从一个角色中移除权限。" #, fuzzy #| msgid "privilege" msgid "Add privilege" msgstr "特权" #, python-brace-format msgid "Add privilege '${primary_key}' into permissions" msgstr "" #, python-brace-format msgid "Add roles into privilege '${primary_key}'" msgstr "" #, fuzzy #| msgid "member privilege" msgid "Remove privileges" msgstr "成员特权" #, fuzzy, python-brace-format #| msgid "Remove members from a permission." msgid "Remove privilege '${primary_key}' from permissions" msgstr "从一个权限中移除成员。" #, fuzzy, python-brace-format #| msgid "Remove members from a privilege" msgid "Remove roles from privilege '${primary_key}'" msgstr "从特权中移除成员" msgid "Role Settings" msgstr "角色设置" #, fuzzy #| msgid "Add a new role." msgid "Add role" msgstr "添加一个新角色。" #, python-brace-format msgid "Add user groups into role '${primary_key}'" msgstr "" #, python-brace-format msgid "Add hosts into role '${primary_key}'" msgstr "" #, fuzzy, python-brace-format #| msgid "host groups to remove" msgid "Add host groups into role '${primary_key}'" msgstr "待移除的主机组" #, fuzzy, python-brace-format #| msgid "${primary_key} overrides:" msgid "Add role '${primary_key}' into privileges" msgstr "${primary_key}覆盖:" #, fuzzy, python-brace-format #| msgid "Certificate for ${entity} ${primary_key}" msgid "Add services into role '${primary_key}'" msgstr "${entity} ${primary_key}证书" #, python-brace-format msgid "Add users into role '${primary_key}'" msgstr "" #, fuzzy #| msgid "Remove hold" msgid "Remove roles" msgstr "删除持有" #, fuzzy, python-brace-format #| msgid "Remove members from a privilege" msgid "Remove role '${primary_key}' from privileges" msgstr "从特权中移除成员" #, fuzzy, python-brace-format #| msgid "Remove users and groups from an HBAC rule." msgid "Remove user groups from role '${primary_key}'" msgstr "从一个HBAC规则中移除用户和用户组。" #, python-brace-format msgid "Remove hosts from role '${primary_key}'" msgstr "" #, python-brace-format msgid "Remove host groups from role '${primary_key}'" msgstr "" #, fuzzy, python-brace-format #| msgid "Remove services from a CA ACL." msgid "Remove services from role '${primary_key}'" msgstr "从一个CA ACL中移除服务。" #, fuzzy, python-brace-format #| msgid "Remove members from a role." msgid "Remove users from role '${primary_key}'" msgstr "从一个角色中移除成员。" #, fuzzy #| msgid "self service permission" msgid "Add self service permission" msgstr "自助服务权限" #, fuzzy #| msgid "self service permissions" msgid "Remove self service permissions" msgstr "自助服务权限" #, fuzzy #| msgid "HBAC rule" msgid "Add rule" msgstr "HBAC规则" #, python-brace-format msgid "Add inclusive condition into '${primary_key}'" msgstr "" #, python-brace-format msgid "Add exclusive condition into '${primary_key}'" msgstr "" #, fuzzy #| msgid "Are you sure you want to stage selected users?" msgid "Are you sure you want to change default group?" msgstr "你确定要呈现被选用户?" msgid "Default host group" msgstr "默认主机组" msgid "Default user group" msgstr "默认用户组" msgid "Exclusive" msgstr "独占的" msgid "Expression" msgstr "表达式" msgid "Host group rule" msgstr "主机组规则" msgid "Host group rules" msgstr "主机组规则" msgid "Inclusive" msgstr "兼容的" #, fuzzy #| msgid "Auto Membership Rule" msgid "Remove auto membership rules" msgstr "自动成员规则" #, python-brace-format msgid "Remove exclusive conditions from rule '${primary_key}'" msgstr "" #, python-brace-format msgid "Remove inclusive conditions from rule '${primary_key}'" msgstr "" msgid "User group rule" msgstr "用户组规则" msgid "User group rules" msgstr "用户组规则" #, fuzzy #| msgid "automount key" msgid "Add automount key" msgstr "自动挂载键" #, fuzzy #| msgid "automount keys" msgid "Remove automount keys" msgstr "自动挂载键" #, fuzzy #| msgid "automount location" msgid "Add automount location" msgstr "自动挂载位置" msgid "Automount Location Settings" msgstr "自动挂载位置设置" #, fuzzy #| msgid "automount locations" msgid "Remove automount locations" msgstr "自动挂载位置" #, fuzzy #| msgid "automount map" msgid "Add automount map" msgstr "自动挂载映射" msgid "Map Type" msgstr "映射类型" msgid "Direct" msgstr "直接的" msgid "Indirect" msgstr "间接的" #, fuzzy #| msgid "automount maps" msgid "Remove automount maps" msgstr "自动挂载映射" #, fuzzy #| msgid "Certificate Authority" msgid "Add certificate authority" msgstr "证书颁发机构" #, fuzzy #| msgid "Certificate Authorities" msgid "Remove certificate authorities" msgstr "证书颁发机构" #, fuzzy #| msgid "Add CAs to a CA ACL." msgid "Add CA ACL" msgstr "向一个CA ACL中添加CAs。" #, fuzzy, python-brace-format #| msgid "Certificate for ${entity} ${primary_key}" msgid "Add Certificate Authorities into CA ACL '${primary_key}'" msgstr "${entity} ${primary_key}证书" #, fuzzy, python-brace-format #| msgid "Add users and groups to a CA ACL." msgid "Add user groups into CA ACL '${primary_key}'" msgstr "向一个CA ACL中添加用户和用户组。" #, python-brace-format msgid "Add host groups into CA ACL '${primary_key}'" msgstr "" #, python-brace-format msgid "Add hosts into CA ACL '${primary_key}'" msgstr "" #, fuzzy, python-brace-format #| msgid "Certificate for ${entity} ${primary_key}" msgid "Add certificate profiles into CA ACL '${primary_key}'" msgstr "${entity} ${primary_key}证书" #, fuzzy, python-brace-format #| msgid "Add services to a CA ACL." msgid "Add services into CA ACL '${primary_key}'" msgstr "向一个CA ACL中添加服务。" #, python-brace-format msgid "Add users into CA ACL '${primary_key}'" msgstr "" msgid "All" msgstr "全部" msgid "Any CA" msgstr "任何CA" msgid "Any Host" msgstr "任何主机" msgid "Any Service" msgstr "任何服务" msgid "Any Profile" msgstr "任何配置文件" msgid "Anyone" msgstr "任何人" msgid "Rule status" msgstr "规则状态" msgid "If no CAs are specified, requests to the default CA are allowed." msgstr "如果没有指定CAs,那么允许请求默认CA。" #, fuzzy #| msgid "Remove from CRL" msgid "Remove CA ACLs" msgstr "从CRL中删除" #, fuzzy, python-brace-format #| msgid "Certificate for ${entity} ${primary_key}" msgid "Remove Certificate Authorities from CA ACL '${primary_key}'" msgstr "${entity} ${primary_key}证书" #, fuzzy, python-brace-format #| msgid "Remove users and groups from a CA ACL." msgid "Remove user groups from CA ACL '${primary_key}'" msgstr "从一个CA ACL中移除用户和用户组。" #, fuzzy, python-brace-format #| msgid "Remove users and groups from a CA ACL." msgid "Remove host groups from CA ACL '${primary_key}'" msgstr "从一个CA ACL中移除用户和用户组。" #, fuzzy, python-brace-format #| msgid "Remove CAs from a CA ACL." msgid "Remove hosts from CA ACL '${primary_key}'" msgstr "从一个CA ACL中移除CAs。" #, fuzzy, python-brace-format #| msgid "Remove certificates from a service" msgid "Remove certificate profiles from CA ACL '${primary_key}'" msgstr "从一个服务中移除证书" #, fuzzy, python-brace-format #| msgid "Remove services from a CA ACL." msgid "Remove services from CA ACL '${primary_key}'" msgstr "从一个CA ACL中移除服务。" #, fuzzy, python-brace-format #| msgid "Remove services from a CA ACL." msgid "Remove users from CA ACL '${primary_key}'" msgstr "从一个CA ACL中移除服务。" msgid "Specified CAs" msgstr "指定的CAs" msgid "Specified Hosts and Groups" msgstr "指定的主机和主机组" msgid "Specified Profiles" msgstr "指定的配置文件" msgid "Specified Services and Groups" msgstr "指定的服务和服务组" msgid "Specified Users and Groups" msgstr "指定的用户和用户组" msgid "Permitted to have certificates issued" msgstr "允许颁发证书" #, fuzzy #| msgid "member Certificate Profile" msgid "Remove certificate profiles" msgstr "成员证书配置文件" #, fuzzy #| msgid "Key Compromise" msgid "AA Compromise" msgstr "密钥泄露" msgid "Add principal" msgstr "添加主体" msgid "Affiliation Changed" msgstr "" #, fuzzy #| msgid "Key Compromise" msgid "CA Compromise" msgstr "密钥泄露" msgid "Certificates" msgstr "证书" #, fuzzy #| msgid "Certificate" msgid "Certificate Hold" msgstr "证书" #, fuzzy #| msgid "Replication configuration" msgid "Cessation of Operation" msgstr "复制配置" msgid "Common Name" msgstr "通用名" msgid "the certificate with serial number " msgstr "证书编号" msgid "Expires On" msgstr "有效期限" msgid "Issued on from" msgstr "发布于" msgid "Issued on to" msgstr "发布到" msgid "Maximum serial number" msgstr "最大序列号" msgid "Minimum serial number" msgstr "最小序列号" msgid "Revoked on from" msgstr "撤销于" msgid "Revoked on to" msgstr "撤销到" #, fuzzy #| msgid "Valid from" msgid "Valid not after from" msgstr "有效起始日期" #, fuzzy #| msgid "Valid from" msgid "Valid not after to" msgstr "有效起始日期" #, fuzzy #| msgid "Valid from" msgid "Valid not before from" msgstr "有效起始日期" #, fuzzy #| msgid "Valid from" msgid "Valid not before to" msgstr "有效起始日期" msgid "Fingerprints" msgstr "指纹" msgid "Get Certificate" msgstr "获取证书" msgid "Certificate Hold Removed" msgstr "证书持有已删除" #, fuzzy, python-brace-format #| msgid "Certificate for ${entity} ${primary_key}" msgid "Issue new certificate for host '${primary_key}'" msgstr "${entity} ${primary_key}证书" #, fuzzy, python-brace-format #| msgid "Certificate for ${entity} ${primary_key}" msgid "Issue new certificate for service '${primary_key}'" msgstr "${entity} ${primary_key}证书" #, fuzzy, python-brace-format #| msgid "Certificate for ${entity} ${primary_key}" msgid "Issue new certificate for user '${primary_key}'" msgstr "${entity} ${primary_key}证书" #, fuzzy #| msgid "New Certificate" msgid "Issue new certificate" msgstr "新证书" msgid "Issued By" msgstr "发布方" msgid "Issued On" msgstr "签发日期" msgid "Issued To" msgstr "颁发给" msgid "Key Compromise" msgstr "密钥泄露" msgid "No Valid Certificate" msgstr "无效的证书" msgid "New Certificate" msgstr "新证书" msgid "Certificate in base64 or PEM format" msgstr "base64或PEM格式的证书" msgid "Note" msgstr "概述" msgid "Organization" msgstr "组织" msgid "Organizational Unit" msgstr "组织单位" #, python-brace-format msgid "${count} certificate(s) present" msgstr "呈现${count}个证书" msgid "Privilege Withdrawn" msgstr "特权撤销" msgid "Reason for Revocation" msgstr "撤销理由" #, fuzzy #| msgid "Revoke a certificate." msgid "Remove certificate hold" msgstr "撤销证书。" msgid "Do you want to remove the certificate hold?" msgstr "你要删除证书持有吗?" msgid "Remove from CRL" msgstr "从CRL中删除" #, python-brace-format msgid "" "
  1. Create a certificate database or use an existing one. To create a " "new database:
    # certutil -N -d <database path>
    2. " "
  2. Create a CSR with subject CN=<${cn_name}>,O=<realm>, for example:
    # certutil -R -d <database path> -a -g " "<key size> -s 'CN=${cn},O=${realm}'${san}
  3. Copy and " "paste the CSR (from -----BEGIN NEW CERTIFICATE REQUEST----- to " "-----END NEW CERTIFICATE REQUEST-----) into the text area below:
" msgstr "" #, python-brace-format msgid " -8 '${cn}'" msgstr "" msgid "Certificate requested" msgstr "证书请求" #, fuzzy #| msgid "Revoke a certificate." msgid "Revoke certificate" msgstr "撤销证书。" msgid "" "Do you want to revoke this certificate? Select a reason from the pull-down " "list." msgstr "你要撤销该证书吗?从下拉列表中选择一个理由。" msgid "Certificate Revoked" msgstr "证书已撤销" msgid "REVOKED" msgstr "" msgid "SHA1 Fingerprint" msgstr "SHA1指纹" msgid "SHA256 Fingerprint" msgstr "SHA256指纹" msgid "Status" msgstr "状态" msgid "Superseded" msgstr "作废的" msgid "Unspecified" msgstr "未指定的" msgid "Valid Certificate Present" msgstr "有效证书展示" msgid "Valid from" msgstr "有效起始日期" msgid "Valid to" msgstr "有效终止日期" msgid "Validity" msgstr "有效性" #, python-brace-format msgid "Certificate for ${entity} ${primary_key}" msgstr "${entity} ${primary_key}证书" msgid "View Certificate" msgstr "新证书" #, fuzzy #| msgid "Certificate" msgid "Certificate Data" msgstr "证书" #, fuzzy #| msgid "Certificate Authority" msgid "Certificate For Match" msgstr "证书颁发机构" #, fuzzy #| msgid "Certificate Association Data" msgid "Certificate Mapping Match" msgstr "证书关联数据" #, fuzzy #| msgid "Matched rules" msgid "Matched Users" msgstr "已匹配规则" #, fuzzy #| msgid "User login" msgid "User Login" msgstr "用户登录名" #, fuzzy #| msgid "Add new certificates to a service" msgid "Add certificate identity mapping rule" msgstr "向一个服务中添加新证书" #, fuzzy #| msgid "TLSA Certificate Association Data" msgid "Add certificate mapping data" msgstr "TLSA证书关联数据" #, fuzzy #| msgid "Certificate Association Data" msgid "Certificate mapping data" msgstr "证书关联数据" #, fuzzy #| msgid "Configuration" msgid "Configuration string" msgstr "配置" #, fuzzy, python-brace-format #| msgid "Do you want to remove the certificate hold?" msgid "Do you want to remove certificate mapping data ${data}?" msgstr "你要删除证书持有吗?" #, fuzzy #| msgid "Remove certificates from a service" msgid "Remove certificate mapping data" msgstr "从一个服务中移除证书" #, fuzzy #| msgid "Issued on to" msgid "Issuer and subject" msgstr "发布到" #, fuzzy #| msgid "Remove certificates from a service" msgid "Remove certificate identity mapping rules" msgstr "从一个服务中移除证书" msgid "Group Options" msgstr "组选项" msgid "Search Options" msgstr "查找选项" msgid "SELinux Options" msgstr "SELinux选项" #, fuzzy #| msgid "Service Options" msgid "Server Options" msgstr "服务选项" msgid "Service Options" msgstr "服务选项" msgid "User Options" msgstr "用户选项" #, fuzzy #| msgid "Forwarders" msgid "Forward first" msgstr "转发器" msgid "Forwarding disabled" msgstr "禁止转发" #, fuzzy #| msgid "Forward policy" msgid "Forward only" msgstr "转发器策略" msgid "Options" msgstr "选项" msgid "Update System DNS Records" msgstr "更新系统DNS记录" msgid "Do you want to update system DNS records?" msgstr "你要更新系统DNS记录吗?" msgid "System DNS records updated" msgstr "系统DNS记录已更新" #, fuzzy #| msgid "DNS forward zone" msgid "Add DNS forward zone" msgstr "DNS正向区域" #, fuzzy #| msgid "DNS forward zones" msgid "Remove DNS forward zones" msgstr "DNS正向区域" #, fuzzy #| msgid "DNS resource record" msgid "Add DNS resource record" msgstr "DNS资源记录" msgid "DNS record was deleted because it contained no data." msgstr "DNS记录已删除因为它没有数据。" msgid "Other Record Types" msgstr "其他记录类型" msgid "Address not valid, can't redirect" msgstr "地址无效,不能重定向" msgid "Create dns record" msgstr "创建dns记录" msgid "Creating record." msgstr "创建记录。" msgid "Record creation failed." msgstr "记录创建失败。" msgid "Checking if record exists." msgstr "检查记录是否存在。" msgid "Record not found." msgstr "记录没有找到。" msgid "Redirection to PTR record" msgstr "重定向到PTR记录" #, python-brace-format msgid "Zone found: ${zone}" msgstr "找到区域:${zone}" msgid "Target reverse zone not found." msgstr "目标反向区域没有找到。" msgid "Fetching DNS zones." msgstr "抓取DNS区域。" msgid "An error occurred while fetching dns zones." msgstr "在抓取dns区域时发生错误。" msgid "You will be redirected to DNS Zone." msgstr "你将会被重定向到DNS区域。" #, fuzzy #| msgid "DNS resource records" msgid "Remove DNS resource records" msgstr "DNS资源记录" msgid "Standard Record Types" msgstr "标准记录类型" msgid "Records for DNS Zone" msgstr "DNS区域记录" msgid "Record Type" msgstr "记录类型" #, fuzzy #| msgid "DNS zone" msgid "Add DNS zone" msgstr "DNS区域" #, python-brace-format msgid "Are you sure you want to add permission for DNS Zone ${object}?" msgstr "你确定要为DNS区域${object}添加权限吗?" msgid "DNS Zone Settings" msgstr "DNS区域设置" #, fuzzy #| msgid "DNS zones" msgid "Remove DNS zones" msgstr "DNS区域" msgid "Remove Permission" msgstr "删除权限" #, python-brace-format msgid "Are you sure you want to remove permission for DNS Zone ${object}?" msgstr "你确定要为DNS区域${object}删除权限吗?" msgid "Skip DNS check" msgstr "忽略DNS检查" msgid "Skip overlap check" msgstr "忽略覆盖检查" msgid "Do you want to check if new authoritative nameserver address is in DNS" msgstr "你想要检查在DNS中是否有新的权威命名服务器地址" msgid "Authoritative nameserver change" msgstr "权威命名服务器改变" msgid "Level" msgstr "级别" msgid "Set Domain Level" msgstr "设置域级别" #, fuzzy #| msgid "User group" msgid "Add user group" msgstr "用户组" #, python-brace-format msgid "Add user groups into user group '${primary_key}'" msgstr "" #, python-brace-format msgid "Add user group '${primary_key}' into user groups" msgstr "" #, fuzzy, python-brace-format #| msgid "Add users and groups to an HBAC rule." msgid "Add user group '${primary_key}' into HBAC rules" msgstr "在一个HBAC规则中添加用户和用户组。" #, python-brace-format msgid "Add user group '${primary_key}' into netgroups" msgstr "" #, python-brace-format msgid "Add user group '${primary_key}' into roles" msgstr "" #, python-brace-format msgid "Add user group '${primary_key}' into sudo rules" msgstr "" #, python-brace-format msgid "Add services into user group '${primary_key}'" msgstr "" #, python-brace-format msgid "Add users into user group '${primary_key}'" msgstr "" #, python-brace-format msgid "Add groups as member managers for user group '${primary_key}'" msgstr "" #, python-brace-format msgid "Remove groups from member managers for user group '${primary_key}'" msgstr "" #, python-brace-format msgid "Add users as member managers for user group '${primary_key}'" msgstr "" #, python-brace-format msgid "Remove users from member managers for user group '${primary_key}'" msgstr "" #, fuzzy, python-brace-format #| msgid "Certificate for ${entity} ${primary_key}" msgid "Add user ID override into user group '${primary_key}'" msgstr "${entity} ${primary_key}证书" msgid "Group Settings" msgstr "组设置" msgid "External" msgstr "外部的" msgid "Groups" msgstr "用户组" #, fuzzy #| msgid "User categories" msgid "Group categories" msgstr "用户类别" msgid "Change to external group" msgstr "更改为外部组" msgid "Change to POSIX group" msgstr "更改为POSIX组" msgid "Non-POSIX" msgstr "非POSIX" #, fuzzy #| msgid "Non-POSIX" msgid "POSIX" msgstr "非POSIX" #, fuzzy #| msgid "Member service groups" msgid "Remove user groups" msgstr "成员服务组" #, python-brace-format msgid "Remove user group '${primary_key}' from user groups" msgstr "" #, fuzzy, python-brace-format #| msgid "Remove members from a netgroup." msgid "Remove user group '${primary_key}' from netgroups" msgstr "从一个网络组中移除成员。" #, python-brace-format msgid "Remove user group '${primary_key}' from roles" msgstr "" #, fuzzy, python-brace-format #| msgid "Remove users and groups from an HBAC rule." msgid "Remove user group '${primary_key}' from HBAC rules" msgstr "从一个HBAC规则中移除用户和用户组。" #, fuzzy, python-brace-format #| msgid "Remove users and groups from an HBAC rule." msgid "Remove user group '${primary_key}' from sudo rules" msgstr "从一个HBAC规则中移除用户和用户组。" #, fuzzy, python-brace-format #| msgid "Remove users and groups from an SELinux User Map rule." msgid "Remove user groups from user group '${primary_key}'" msgstr "向SELinux用户映射规则中移除用户和用户组。" #, fuzzy, python-brace-format #| msgid "Remove service and service groups from an HBAC rule." msgid "Remove services from user group '${primary_key}'" msgstr "从一个HBAC规则中移除服务和服务组。" #, fuzzy, python-brace-format #| msgid "Remove members from a group." msgid "Remove users from user group '${primary_key}'" msgstr "从一个组中移除成员。" #, fuzzy, python-brace-format #| msgid "Remove service and service groups from an HBAC rule." msgid "Remove user ID overrides from user group '${primary_key}'" msgstr "从一个HBAC规则中移除服务和服务组。" msgid "Group Type" msgstr "组类型" #, fuzzy #| msgid "HBAC rule" msgid "Add HBAC rule" msgstr "HBAC规则" #, fuzzy, python-brace-format #| msgid "Add users and groups to an HBAC rule." msgid "Add user groups into HBAC rule '${primary_key}'" msgstr "在一个HBAC规则中添加用户和用户组。" #, python-brace-format msgid "Add host groups into HBAC rule '${primary_key}'" msgstr "" #, python-brace-format msgid "Add hosts into HBAC rule '${primary_key}'" msgstr "" #, fuzzy, python-brace-format #| msgid "HBAC service groups to remove" msgid "Add HBAC service groups into HBAC rule '${primary_key}'" msgstr "待移除的HBAC服务组" #, fuzzy, python-brace-format #| msgid "Add services to an HBAC rule." msgid "Add HBAC services into HBAC rule '${primary_key}'" msgstr "在HBAC规则中添加服务" #, fuzzy, python-brace-format #| msgid "Add services to an HBAC rule." msgid "Add users into HBAC rule '${primary_key}'" msgstr "在HBAC规则中添加服务" msgid "Accessing" msgstr "访问" #, fuzzy #| msgid "HBAC rules" msgid "Remove HBAC rules" msgstr "HBAC规则" #, fuzzy, python-brace-format #| msgid "Remove users and groups from an HBAC rule." msgid "Remove user groups from HBAC rule '${primary_key}'" msgstr "从一个HBAC规则中移除用户和用户组。" #, fuzzy, python-brace-format #| msgid "Remove users and groups from an HBAC rule." msgid "Remove host groups from HBAC rule '${primary_key}'" msgstr "从一个HBAC规则中移除用户和用户组。" #, python-brace-format msgid "Remove hosts from HBAC rule '${primary_key}'" msgstr "" #, fuzzy, python-brace-format #| msgid "Remove service and service groups from an HBAC rule." msgid "Remove HBAC service groups from HBAC rule '${primary_key}'" msgstr "从一个HBAC规则中移除服务和服务组。" #, python-brace-format msgid "Remove HBAC services from HBAC rule '${primary_key}'" msgstr "" #, fuzzy, python-brace-format #| msgid "Remove users and groups from an HBAC rule." msgid "Remove users from HBAC rule '${primary_key}'" msgstr "从一个HBAC规则中移除用户和用户组。" msgid "Via Service" msgstr "通过服务" msgid "Who" msgstr "谁" #, fuzzy #| msgid "HBAC service" msgid "Add HBAC service" msgstr "HBAC服务" #, fuzzy, python-brace-format #| msgid "Add members to an HBAC service group." msgid "Add HBAC service '${primary_key}' into HBAC service groups" msgstr "在一个HBAC服务组中添加成员。" #, fuzzy #| msgid "Member HBAC service" msgid "Remove HBAC services" msgstr "成员HBAC服务" #, fuzzy, python-brace-format #| msgid "Remove members from an HBAC service group." msgid "Remove HBAC service '${primary_key}' from HBAC service groups" msgstr "从一个HBAC服务组中移除成员。" #, fuzzy #| msgid "HBAC service group" msgid "Add HBAC service group" msgstr "HBAC服务组" #, fuzzy, python-brace-format #| msgid "Add members to an HBAC service group." msgid "Add HBAC services into HBAC service group '${primary_key}'" msgstr "在一个HBAC服务组中添加成员。" #, fuzzy #| msgid "Member HBAC service groups" msgid "Remove HBAC service groups" msgstr "成员HBAC服务组" #, fuzzy, python-brace-format #| msgid "Remove members from an HBAC service group." msgid "Remove HBAC services from HBAC service group '${primary_key}'" msgstr "从一个HBAC服务组中移除成员。" msgid "Access Denied" msgstr "访问阻止" msgid "Access Granted" msgstr "访问允许" msgid "Include Disabled" msgstr "包含禁用的" msgid "Include Enabled" msgstr "包含启用的" msgid "HBAC Test" msgstr "HBAC测试" msgid "Matched" msgstr "匹配" msgid "Missing values: " msgstr "缺失值:" msgid "New Test" msgstr "新测试" msgid "Rules" msgstr "规则" msgid "Run Test" msgstr "允许测试" #, python-brace-format msgid "Specify external ${entity}" msgstr "指定外部的${entity}" msgid "Unmatched" msgstr "不匹配" #, fuzzy #| msgid "Add a new host." msgid "Add host" msgstr "添加一个新主机。" #, python-brace-format msgid "Add hosts managing host '${primary_key}'" msgstr "" #, python-brace-format msgid "Add host '${primary_key}' into host groups" msgstr "" #, fuzzy, python-brace-format #| msgid "Add services to an HBAC rule." msgid "Add host '${primary_key}' into HBAC rules" msgstr "在HBAC规则中添加服务" #, python-brace-format msgid "Add host '${primary_key}' into netgroups" msgstr "" #, fuzzy, python-brace-format #| msgid "${primary_key} overrides:" msgid "Add host '${primary_key}' into roles" msgstr "${primary_key}覆盖:" #, python-brace-format msgid "Add host '${primary_key}' into sudo rules" msgstr "" msgid "Host Certificate" msgstr "主机证书" msgid "Host Name" msgstr "主机名" msgid "Delete Key, Unprovision" msgstr "删除密钥,取消供应" msgid "Host Settings" msgstr "主机设置" msgid "Enrolled" msgstr "已注册" msgid "Enrollment" msgstr "注册" msgid "Fully Qualified Host Name" msgstr "完全限定的主机名" msgid "Generate OTP" msgstr "生成OTP" msgid "Generated OTP" msgstr "生成OTP" msgid "Kerberos Key" msgstr "Kerberos密钥" msgid "Kerberos Key Not Present" msgstr "没有找到Kerberos密钥" msgid "Kerberos Key Present, Host Provisioned" msgstr "找到Kerberos密钥,主机分配" #, fuzzy #| msgid "One-Time-Password" msgid "One-Time Password" msgstr "一次性密码" #, fuzzy #| msgid "One-Time-Password Not Present" msgid "One-Time Password Not Present" msgstr "没有找到一次性密码" #, fuzzy #| msgid "One-Time-Password Present" msgid "One-Time Password Present" msgstr "找到一次性密码" msgid "Reset OTP" msgstr "重置OTP" #, fuzzy #| msgid "Reset One-Time-Password" msgid "Reset One-Time Password" msgstr "重置一次性密码" msgid "Set OTP" msgstr "设置OTP" msgid "OTP set" msgstr "OTP设置" #, fuzzy #| msgid "Set One-Time-Password" msgid "Set One-Time Password" msgstr "设置一次性密码" #, fuzzy #| msgid "Remove hold" msgid "Remove hosts" msgstr "删除持有" #, python-brace-format msgid "Remove hosts managing host '${primary_key}'" msgstr "" #, fuzzy, python-brace-format #| msgid "Remove members from a hostgroup." msgid "Remove host '${primary_key}' from host groups" msgstr "从一个主机组中移除成员。" #, fuzzy, python-brace-format #| msgid "Remove members from a netgroup." msgid "Remove host '${primary_key}' from netgroups" msgstr "从一个网络组中移除成员。" #, fuzzy, python-brace-format #| msgid "Remove privileges from a role." msgid "Remove host '${primary_key}' from roles" msgstr "从一个角色中移除权限。" #, fuzzy, python-brace-format #| msgid "Remove users and groups from an HBAC rule." msgid "Remove host '${primary_key}' from HBAC rules" msgstr "从一个HBAC规则中移除用户和用户组。" #, fuzzy, python-brace-format #| msgid "Remove an option from Sudo Rule." msgid "Remove host '${primary_key}' from sudo rules" msgstr "从Sudo规则中移除一个选项。" msgid "Unprovision" msgstr "取消供应" #, fuzzy #| msgid "Are you sure you want to proceed with the action?" msgid "Are you sure you want to unprovision this host?" msgstr "你确定要执行该操作吗?" #, fuzzy #| msgid "Unprovision" msgid "Unprovisioning host" msgstr "取消供应" msgid "Host unprovisioned" msgstr "主机未分配" #, fuzzy #| msgid "host group" msgid "Add host group" msgstr "主机组" #, fuzzy, python-brace-format #| msgid "%i hosts or hostgroups removed." msgid "Add hosts into host group '${primary_key}'" msgstr "%i主机或主机组已移除。" #, python-brace-format msgid "Add host groups into host group '${primary_key}'" msgstr "" #, python-brace-format msgid "Add host group '${primary_key}' into host groups" msgstr "" #, python-brace-format msgid "Add host group '${primary_key}' into HBAC rules" msgstr "" #, python-brace-format msgid "Add host group '${primary_key}' into netgroups" msgstr "" #, python-brace-format msgid "Add host group '${primary_key}' into sudo rules" msgstr "" #, python-brace-format msgid "Add groups as member managers for host group '${primary_key}'" msgstr "" #, python-brace-format msgid "Remove groups from member managers for host group '${primary_key}'" msgstr "" #, python-brace-format msgid "Add users as member managers for host group '${primary_key}'" msgstr "" #, python-brace-format msgid "Remove users from member managers for host group '${primary_key}'" msgstr "" msgid "Host Group Settings" msgstr "主机组设置" #, fuzzy #| msgid "member host group" msgid "Remove host groups" msgstr "成员主机组" #, python-brace-format msgid "Remove host group '${primary_key}' from host groups" msgstr "" #, python-brace-format msgid "Remove host group '${primary_key}' from netgroups" msgstr "" #, fuzzy, python-brace-format #| msgid "Remove users and groups from an HBAC rule." msgid "Remove host group '${primary_key}' from HBAC rules" msgstr "从一个HBAC规则中移除用户和用户组。" #, python-brace-format msgid "Remove host group '${primary_key}' from sudo rules" msgstr "" #, python-brace-format msgid "Remove hosts from host group '${primary_key}'" msgstr "" #, python-brace-format msgid "Remove host groups from host group '${primary_key}'" msgstr "" msgid "User to override" msgstr "待覆盖用户" msgid "" "Enter trusted or IPA user login. Note: search doesn't list users from " "trusted domains." msgstr "键入受信任的用户或IPA用户登录。注意:查找不列举信任域中的用户。" msgid "Enter trusted user login." msgstr "键入受信任的用户登录。" #, fuzzy #| msgid "Profiles" msgid "Profile" msgstr "配置文件" msgid "Group to override" msgstr "待覆盖的组" msgid "" "Enter trusted or IPA group name. Note: search doesn't list groups from " "trusted domains." msgstr "键入受信任的组或IPA组登录。注意:查找不列举信任域中的组。" msgid "Enter trusted group name." msgstr "键入受信任的组名称。" #, fuzzy #| msgid "Add a new ID View." msgid "Add ID view" msgstr "添加一个新的ID视图。" #, fuzzy #| msgid "Group ID override" msgid "Add group ID override" msgstr "组ID覆盖" #, fuzzy #| msgid "User ID override" msgid "Add user ID override" msgstr "用户ID覆盖" #, python-brace-format msgid "${primary_key} applies to:" msgstr "${primary_key}适用于:" msgid "Applied to hosts" msgstr "适用的主机" msgid "Apply to host groups" msgstr "适用的主机组" #, fuzzy, python-brace-format #| msgid "Un-apply ID Views from hosts of hostgroups" msgid "Apply ID view '${primary_key}' on hosts of host groups" msgstr "不将ID视图应用到主机组中的主机" msgid "Apply to hosts" msgstr "适用的主机" #, python-brace-format msgid "Apply ID view '${primary_key}' on hosts" msgstr "" #, python-brace-format msgid "${primary_key} overrides:" msgstr "${primary_key}覆盖:" #, fuzzy #| msgid "system ID View" msgid "Remove ID views" msgstr "系统ID视图" #, fuzzy #| msgid "User ID overrides" msgid "Remove user ID overrides" msgstr "用户ID覆盖" #, fuzzy #| msgid "Group ID overrides" msgid "Remove group ID overrides" msgstr "组ID覆盖" msgid "Un-apply from host groups" msgstr "不适用的主机组" msgid "Un-apply ID Views from hosts of hostgroups" msgstr "不将ID视图应用到主机组中的主机" msgid "Un-apply" msgstr "不适用的" msgid "Un-apply from hosts" msgstr "不适用的主机" msgid "Un-apply ID Views from hosts" msgstr "不将ID视图应用到主机" msgid "Are you sure you want to un-apply ID view from selected entries?" msgstr "你确定要在选择的条目中不应用ID视图?" #, fuzzy, python-brace-format #| msgid "Un-apply ID Views from hosts" msgid "Un-apply ID view '${primary_key}' from hosts" msgstr "不将ID视图应用到主机" #, fuzzy #| msgid "netgroup" msgid "Add netgroup" msgstr "网络组" #, python-brace-format msgid "Add netgroup '${primary_key}' into netgroups" msgstr "" #, python-brace-format msgid "Add netgroups into netgroup '${primary_key}'" msgstr "" #, python-brace-format msgid "Add user groups into netgroup '${primary_key}'" msgstr "" #, python-brace-format msgid "Add hosts into netgroup '${primary_key}'" msgstr "" #, python-brace-format msgid "Add host groups into netgroup '${primary_key}'" msgstr "" #, python-brace-format msgid "Add users into netgroup '${primary_key}'" msgstr "" msgid "Netgroup Settings" msgstr "网络组设置" #, fuzzy #| msgid "Member netgroups" msgid "Remove netgroups" msgstr "成员网络组" #, fuzzy, python-brace-format #| msgid "Remove members from a netgroup." msgid "Remove netgroup '${primary_key}' from netgroups" msgstr "从一个网络组中移除成员。" #, fuzzy, python-brace-format #| msgid "Remove users and groups from an HBAC rule." msgid "Remove user groups from netgroup '${primary_key}'" msgstr "从一个HBAC规则中移除用户和用户组。" #, python-brace-format msgid "Remove hosts from netgroup '${primary_key}'" msgstr "" #, python-brace-format msgid "Remove host groups from netgroup '${primary_key}'" msgstr "" #, fuzzy, python-brace-format #| msgid "Remove members from a netgroup." msgid "Remove netgroups from netgroup '${primary_key}'" msgstr "从一个网络组中移除成员。" #, fuzzy, python-brace-format #| msgid "Remove members from a netgroup." msgid "Remove users from netgroup '${primary_key}'" msgstr "从一个网络组中移除成员。" #, fuzzy #| msgid "OTP token" msgid "Add OTP token" msgstr "OTP令牌" #, python-brace-format msgid "Add users managing OTP token '${primary_key}'" msgstr "" #, python-brace-format msgid "" "You can use FreeOTP as a software " "OTP token application." msgstr "" "你可以使用FreeOTP 来充当OTP令牌的一" "个应用软件。" msgid "Configure your token" msgstr "配置你的令牌" msgid "" "Configure your token by scanning the QR code below. Click on the QR code if " "you see this on the device you want to configure." msgstr "" "通过浏览下面的二维码来配置你的令牌。如果你想在你配置的设备上看到该二维码,请" "点击它。" msgid "OTP Token Settings" msgstr "OTP令牌设置" msgid "Disable token" msgstr "禁用令牌" msgid "Enable token" msgstr "启用令牌" #, fuzzy #| msgid "OTP tokens" msgid "Remove OTP tokens" msgstr "OTP令牌" #, python-brace-format msgid "Remove users managing OTP token '${primary_key}'" msgstr "" msgid "Show QR code" msgstr "显示二维码" msgid "Show configuration uri" msgstr "显示配置uri" msgid "Counter-based (HOTP)" msgstr "计数型(HOTP)" msgid "Time-based (TOTP)" msgstr "计时型(TOTP)" msgid "Add Custom Attribute" msgstr "添加自定义属性" msgid "Permission settings" msgstr "权限设置" msgid "Attribute breakdown" msgstr "属性分类" msgid "Privilege Settings" msgstr "特权设置" #, fuzzy #| msgid "Public key" msgid "Public key:" msgstr "公钥" #, fuzzy #| msgid "SSH public key" msgid "Set public key" msgstr "SSH公钥" msgid "Show/Set key" msgstr "显示/设置密钥" msgid "Modified: key not set" msgstr "已修改:密钥没有设置" msgid "Modified" msgstr "已修改" msgid "New: key not set" msgstr "新的:密钥没有设置" msgid "New: key set" msgstr "新的:密钥已设置" #, fuzzy #| msgid "password policy" msgid "Add password policy" msgstr "密码策略" #, fuzzy #| msgid "password policies" msgid "Remove password policies" msgstr "密码策略" #, fuzzy #| msgid "Modify ID range." msgid "Add ID range" msgstr "修改ID范围。" msgid "Range Settings" msgstr "范围设置" msgid "Base ID" msgstr "基ID" msgid "Primary RID base" msgstr "主要的RID基" msgid "Range size" msgstr "范围大小" msgid "Domain SID" msgstr "域SID" msgid "Secondary RID base" msgstr "次要的RID基" #, fuzzy #| msgid "ID Ranges" msgid "Remove ID ranges" msgstr "ID范围" msgid "Active Directory domain" msgstr "活动目录域" msgid "Active Directory domain with POSIX attributes" msgstr "带POSIX属性的活动目录域" msgid "Detect" msgstr "检测" msgid "Local domain" msgstr "本地域" msgid "IPA trust" msgstr "IPA信任" #, fuzzy #| msgid "Active Directory domain" msgid "Active Directory winsync" msgstr "活动目录域" #, fuzzy #| msgid "RADIUS Server" msgid "Add RADIUS server" msgstr "RADIUS代理服务器" msgid "RADIUS Proxy Server Settings" msgstr "RADIUS代理服务器设置" #, fuzzy #| msgid "RADIUS Servers" msgid "Remove RADIUS servers" msgstr "RADIUS代理服务器" msgid "Check DNS" msgstr "检测DNS" msgid "Do you also want to perform DNS check?" msgstr "你还想执行DNS检查吗?" msgid "Force Update" msgstr "强制更新" #, fuzzy #| msgid "SELinux User Map" msgid "Add SELinux user map" msgstr "SELinux用户映射规则" #, fuzzy, python-brace-format #| msgid "Add users and groups to an SELinux User Map rule." msgid "Add user groups into SELinux user map '${primary_key}'" msgstr "向SELinux用户映射规则中添加用户和用户组。" #, fuzzy, python-brace-format #| msgid "Add users and groups to an SELinux User Map rule." msgid "Add host groups into SELinux user map '${primary_key}'" msgstr "向SELinux用户映射规则中添加用户和用户组。" #, python-brace-format msgid "Add hosts into SELinux user map '${primary_key}'" msgstr "" #, fuzzy, python-brace-format #| msgid "Add users and groups to an SELinux User Map rule." msgid "Add users into SELinux user map '${primary_key}'" msgstr "向SELinux用户映射规则中添加用户和用户组。" msgid "Remove selinux user maps" msgstr "" #, fuzzy, python-brace-format #| msgid "Remove users and groups from an SELinux User Map rule." msgid "Remove user groups from SELinux user map '${primary_key}'" msgstr "向SELinux用户映射规则中移除用户和用户组。" #, fuzzy, python-brace-format #| msgid "Remove users and groups from an SELinux User Map rule." msgid "Remove host groups from SELinux user map '${primary_key}'" msgstr "向SELinux用户映射规则中移除用户和用户组。" #, fuzzy, python-brace-format #| msgid "Remove users and groups from an SELinux User Map rule." msgid "Remove hosts from SELinux user map '${primary_key}'" msgstr "向SELinux用户映射规则中移除用户和用户组。" #, fuzzy, python-brace-format #| msgid "Remove users and groups from an SELinux User Map rule." msgid "Remove users from SELinux user map '${primary_key}'" msgstr "向SELinux用户映射规则中移除用户和用户组。" msgid "Server Roles" msgstr "服务器角色" msgid "Server Role" msgstr "服务器角色" msgid "Warning: Consider service replication" msgstr "" msgid "" "It is strongly recommended to keep the following services installed on more " "than one server:" msgstr "" msgid "Delete Server" msgstr "删除服务器" msgid "" "Deleting a server removes it permanently from the topology. Note that this " "is a non-reversible action." msgstr "从拓扑中永久地删除一台服务器。注意这是一个不可逆的操作。" #, fuzzy #| msgid "HBAC service" msgid "Add service" msgstr "HBAC服务" #, python-brace-format msgid "Add hosts managing service '${primary_key}'" msgstr "" #, python-brace-format msgid "Add service '${primary_key}' into roles" msgstr "" msgid "Service Certificate" msgstr "服务证书" msgid "Service Settings" msgstr "服务设置" #, fuzzy #| msgid "Unprovision" msgid "Provisioning" msgstr "取消供应" #, fuzzy #| msgid "Member services" msgid "Remove services" msgstr "成员服务" #, fuzzy, python-brace-format #| msgid "Remove privileges from a role." msgid "Remove service '${primary_key}' from roles" msgstr "从一个角色中移除权限。" #, fuzzy, python-brace-format #| msgid "Remove hosts that can manage this service." msgid "Remove hosts managing service '${primary_key}'" msgstr "移除可以管理该服务的主机。" #, fuzzy #| msgid "Are you sure you want to restore selected users?" msgid "Are you sure you want to unprovision this service?" msgstr "你确定要恢复被选用户?" #, fuzzy #| msgid "Unprovision" msgid "Unprovisioning service" msgstr "取消供应" #, fuzzy #| msgid "Host unprovisioned" msgid "Service unprovisioned" msgstr "主机未分配" msgid "Kerberos Key Present, Service Provisioned" msgstr "找到Kerberos密钥,服务分配" msgid "SSH public keys" msgstr "SSH公钥" msgid "SSH public key:" msgstr "SSH公钥:" msgid "Set SSH key" msgstr "设置SSH公钥" msgid "Are you sure you want to activate selected users?" msgstr "你确定要激活被选用户?" #, python-brace-format msgid "Are you sure you want to activate ${object}?" msgstr "你确定要激活${object}?" #, python-brace-format msgid "${count} user(s) activated" msgstr "已激活${count}个用户" #, fuzzy #| msgid "stage user" msgid "Add stage user" msgstr "计划用户" msgid "Stage users" msgstr "计划用户" msgid "Preserved users" msgstr "备用用户" #, fuzzy #| msgid "Preserved users" msgid "Remove preserved users" msgstr "备用用户" #, fuzzy #| msgid "stage users" msgid "Remove stage users" msgstr "计划用户" msgid "Are you sure you want to stage selected users?" msgstr "你确定要呈现被选用户?" #, python-brace-format msgid "${count} users(s) staged" msgstr "已呈现${count}个用户" #, python-brace-format msgid "Are you sure you want to stage ${object}?" msgstr "你确定要呈现${object}?" msgid "Are you sure you want to restore selected users?" msgstr "你确定要恢复被选用户?" #, python-brace-format msgid "Are you sure you want to restore ${object}?" msgstr "你确定要恢复${object}?" #, python-brace-format msgid "${count} user(s) restored" msgstr "已恢复${count}个用户" msgid "User categories" msgstr "用户类别" #, fuzzy #| msgid "sudo command" msgid "Add sudo command" msgstr "sudo命令" #, fuzzy, python-brace-format #| msgid "comma-separated list of sudo command groups to add" msgid "Add sudo command '${primary_key}' into sudo command groups" msgstr "待添加的以逗号分隔的sudo命令组列表" #, fuzzy #| msgid "member sudo command" msgid "Remove sudo commands" msgstr "成员sudo命令" #, fuzzy, python-brace-format #| msgid "Remove members from Sudo Command Group." msgid "Remove sudo command '${primary_key}' from sudo command groups" msgstr "从Sudo命令组中移除成员。" #, fuzzy #| msgid "sudo command group" msgid "Add sudo command group" msgstr "sudo命令组" #, fuzzy, python-brace-format #| msgid "Add commands and sudo command groups affected by Sudo Rule." msgid "Add sudo commands into sudo command group '${primary_key}'" msgstr "添加受Sudo规则影响的命令和sudo命令组。" #, fuzzy #| msgid "member sudo command group" msgid "Remove sudo command groups" msgstr "成员sudo命令组" #, fuzzy, python-brace-format #| msgid "Remove commands and sudo command groups affected by Sudo Rule." msgid "Remove sudo commands from sudo command group '${primary_key}'" msgstr "移除受Sudo规则影响的命令和命令组。" #, fuzzy #| msgid "sudo rule" msgid "Add sudo rule" msgstr "sudo规则" #, fuzzy #| msgid "Sudo Option" msgid "Add sudo option" msgstr "Sudo选项" #, python-brace-format msgid "Add allow sudo commands into sudo rule '${primary_key}'" msgstr "" #, fuzzy, python-brace-format #| msgid "sudo command groups to remove" msgid "Add allow sudo command groups into sudo rule '${primary_key}'" msgstr "待移除的sudo命令组" #, python-brace-format msgid "Add deny sudo commands into sudo rule '${primary_key}'" msgstr "" #, fuzzy, python-brace-format #| msgid "sudo command groups to remove" msgid "Add deny sudo command groups into sudo rule '${primary_key}'" msgstr "待移除的sudo命令组" #, python-brace-format msgid "Add user groups into sudo rule '${primary_key}'" msgstr "" #, python-brace-format msgid "Add host groups into sudo rule '${primary_key}'" msgstr "" #, python-brace-format msgid "Add hosts into sudo rule '${primary_key}'" msgstr "" #, python-brace-format msgid "Add RunAs users into sudo rule '${primary_key}'" msgstr "" #, python-brace-format msgid "Add RunAs user groups into sudo rule '${primary_key}'" msgstr "" #, python-brace-format msgid "Add RunAs groups into sudo rule '${primary_key}'" msgstr "" #, python-brace-format msgid "Add users into sudo rule '${primary_key}'" msgstr "" msgid "Allow" msgstr "允许" msgid "Any Command" msgstr "任何命令" msgid "Any Group" msgstr "任何组" msgid "Run Commands" msgstr "允许命令" msgid "Deny" msgstr "阻止" msgid "Access this host" msgstr "访问该主机" msgid "Option added" msgstr "已添加选项" #, python-brace-format msgid "${count} option(s) removed" msgstr "已删除${count}个选项" #, fuzzy #| msgid "sudo rules" msgid "Remove sudo rules" msgstr "sudo规则" #, python-brace-format msgid "Remove allow sudo commands from sudo rule '${primary_key}'" msgstr "" #, fuzzy, python-brace-format #| msgid "Remove commands and sudo command groups affected by Sudo Rule." msgid "Remove allow sudo command groups from sudo rule '${primary_key}'" msgstr "移除受Sudo规则影响的命令和命令组。" #, python-brace-format msgid "Remove deny sudo commands from sudo rule '${primary_key}'" msgstr "" #, fuzzy, python-brace-format #| msgid "Remove commands and sudo command groups affected by Sudo Rule." msgid "Remove deny sudo command groups from sudo rule '${primary_key}'" msgstr "移除受Sudo规则影响的命令和命令组。" #, fuzzy, python-brace-format #| msgid "Remove users and groups from an HBAC rule." msgid "Remove user groups from sudo rule '${primary_key}'" msgstr "从一个HBAC规则中移除用户和用户组。" #, python-brace-format msgid "Remove host groups from sudo rule '${primary_key}'" msgstr "" #, python-brace-format msgid "Remove hosts from sudo rule '${primary_key}'" msgstr "" #, python-brace-format msgid "Remove RunAs users from sudo rule '${primary_key}'" msgstr "" #, python-brace-format msgid "Remove RunAs user groups from sudo rule '${primary_key}'" msgstr "" #, python-brace-format msgid "Remove RunAs groups from sudo rule '${primary_key}'" msgstr "" #, python-brace-format msgid "Remove users from sudo rule '${primary_key}'" msgstr "" msgid "As Whom" msgstr "作为谁" msgid "Specified Commands and Groups" msgstr "指定的命令和命令组" msgid "Specified Groups" msgstr "指定的组" #, fuzzy #| msgid "Remove Permission" msgid "Remove sudo options" msgstr "删除权限" msgid "Autogenerated" msgstr "自动生成" msgid "Segment details" msgstr "部分细节" msgid "Replication configuration" msgstr "复制配置" #, python-brace-format msgid "Managed topology requires minimal domain level ${domainlevel}" msgstr "管理拓扑需要最小的域级别${domainlevel}" #, fuzzy #| msgid "Add a new IPA location." msgid "Add IPA location" msgstr "添加一个新的IPA位置。" #, python-brace-format msgid "Add IPA server into IPA location '${primary_key}'" msgstr "" #, fuzzy #| msgid "" #| "\n" #| "IPA locations\n" msgid "Remove IPA locations" msgstr "" "\n" "IPA位置\n" #, python-brace-format msgid "Remove IPA servers from IPA location '${primary_key}'" msgstr "" #, fuzzy #| msgid "Topology Segment" msgid "Add topology segment" msgstr "拓扑段" #, fuzzy #| msgid "Search for topology segments." msgid "Remove topology segments" msgstr "查找拓扑段。" msgid "Account" msgstr "账户" #, fuzzy #| msgid "IPA trust" msgid "Add trust" msgstr "IPA信任" msgid "Administrative account" msgstr "管理员账户" #, fuzzy #| msgid "SID blacklists" msgid "SID blocklists" msgstr "SID黑名单" msgid "Trust Settings" msgstr "信任设置" msgid "Establish using" msgstr "建立使用" msgid "Fetch domains" msgstr "获取域名" msgid "Pre-shared password" msgstr "预先共享的密码" #, fuzzy #| msgid "Remove Permission" msgid "Remove trusts" msgstr "删除权限" #, fuzzy #| msgid "Realm domains" msgid "Remove domains" msgstr "Realm域" msgid "Trust direction" msgstr "信任方向" msgid "Trust status" msgstr "信任状态" msgid "Trust type" msgstr "信任类型" msgid "Alternative UPN suffixes" msgstr "可供选择的UPN后缀" #, fuzzy #| msgid "Search for HBAC services." msgid "User attributes for SMB services" msgstr "查找HBAC服务。" msgid "Path to a script executed on a Windows system at logon" msgstr "" msgid "Path to a user profile, in UNC format \\\\server\\share\\" msgstr "" msgid "Path to a user home directory, in UNC format" msgstr "" #, fuzzy #| msgid "Default location of home directories" msgid "Drive to mount a home directory" msgstr "主目录的默认位置" msgid "Account Settings" msgstr "账户设置" msgid "Account Status" msgstr "账户状态" msgid "Active users" msgstr "活跃用户" #, fuzzy #| msgid "Add a new user." msgid "Add user" msgstr "添加一个新用户。" #, python-brace-format msgid "Add user '${primary_key}' into user groups" msgstr "" #, fuzzy, python-brace-format #| msgid "Add services to an HBAC rule." msgid "Add user '${primary_key}' into HBAC rules" msgstr "在HBAC规则中添加服务" #, python-brace-format msgid "Add user '${primary_key}' into netgroups" msgstr "" #, fuzzy, python-brace-format #| msgid "${primary_key} overrides:" msgid "Add user '${primary_key}' into roles" msgstr "${primary_key}覆盖:" #, python-brace-format msgid "Add user '${primary_key}' into sudo rules" msgstr "" msgid "Contact Settings" msgstr "联系方式设置" msgid "Delete mode" msgstr "删除模式" msgid "Employee Information" msgstr "员工信息" msgid "Error changing account status" msgstr "错误更改帐户状态" msgid "Password expiration" msgstr "密码过期" msgid "Mailing Address" msgstr "邮件地址" msgid "Misc. Information" msgstr "杂项信息" msgid "delete" msgstr "删除" msgid "preserve" msgstr "保存" msgid "No private group" msgstr "没有私有组" #, fuzzy #| msgid "Member users" msgid "Remove users" msgstr "成员用户" #, fuzzy, python-brace-format #| msgid "Remove members from a group." msgid "Remove user '${primary_key}' from user groups" msgstr "从一个组中移除成员。" #, fuzzy, python-brace-format #| msgid "Remove members from a netgroup." msgid "Remove user '${primary_key}' from netgroups" msgstr "从一个网络组中移除成员。" #, fuzzy, python-brace-format #| msgid "Remove privileges from a role." msgid "Remove user '${primary_key}' from roles" msgstr "从一个角色中移除权限。" #, fuzzy, python-brace-format #| msgid "Remove users and groups from an HBAC rule." msgid "Remove user '${primary_key}' from HBAC rules" msgstr "从一个HBAC规则中移除用户和用户组。" #, fuzzy, python-brace-format #| msgid "Remove an option from Sudo Rule." msgid "Remove user '${primary_key}' from sudo rules" msgstr "从Sudo规则中移除一个选项。" #, python-brace-format msgid "" "Are you sure you want to ${action} the user?
The change will take effect " "immediately." msgstr "你确定要${action}用户?
改变会立即生效。" #, python-brace-format msgid "Click to ${action}" msgstr "点击${action}" msgid "Unlock" msgstr "解锁" #, python-brace-format msgid "Are you sure you want to unlock user ${object}?" msgstr "你确定要解锁用户${object}?" #, fuzzy #| msgid "vault" msgid "Add vault" msgstr "库" #, python-brace-format msgid "Add user groups into members of vault '${primary_key}'" msgstr "" #, python-brace-format msgid "Add services into members of vault '${primary_key}'" msgstr "" #, python-brace-format msgid "Add users into members of vault '${primary_key}'" msgstr "" #, python-brace-format msgid "Add user groups into owners of vault '${primary_key}'" msgstr "" #, python-brace-format msgid "Add services into owners of vault '${primary_key}'" msgstr "" #, python-brace-format msgid "Add users into owners of vault '${primary_key}'" msgstr "" msgid "" "Secrets can be added/retrieved to vault only by using vault-archive and " "vault-retrieve from CLI." msgstr "" msgid "" "Content of 'standard' vaults can be seen by users with higher privileges " "(admins)." msgstr "" msgid "Asymmetric" msgstr "" #, fuzzy #| msgid "Vault Container" msgid "Vaults Config" msgstr "库容器" #, fuzzy #| msgid "Member Host" msgid "Members" msgstr "成员主机" #, fuzzy #| msgid "Vaults" msgid "My User Vaults" msgstr "库" #, fuzzy #| msgid "Owner" msgid "Owners" msgstr "所有者" #, fuzzy #| msgid "Remove hold" msgid "Remove vaults" msgstr "删除持有" #, python-brace-format msgid "Remove user groups from members of vault '${primary_key}'" msgstr "" #, python-brace-format msgid "Remove services from members of vault '${primary_key}'" msgstr "" #, python-brace-format msgid "Remove users from members of vault '${primary_key}'" msgstr "" #, fuzzy, python-brace-format #| msgid "Remove users and groups from an HBAC rule." msgid "Remove user groups from owners of vault '${primary_key}'" msgstr "从一个HBAC规则中移除用户和用户组。" #, python-brace-format msgid "Remove services from owners of vault '${primary_key}'" msgstr "" #, python-brace-format msgid "Remove users from owners of vault '${primary_key}'" msgstr "" #, fuzzy #| msgid "Services" msgid "Service Vaults" msgstr "服务" #, fuzzy #| msgid "Shared vault" msgid "Shared" msgstr "共享库" #, fuzzy #| msgid "Shared vault" msgid "Shared Vaults" msgstr "共享库" msgid "Standard" msgstr "" msgid "Symmetric" msgstr "" #, fuzzy #| msgid "Vault type" msgid "Vault Type" msgstr "库类型" msgid "" "Only standard vaults can be created in WebUI, use CLI for other types of " "vaults." msgstr "" #, fuzzy #| msgid "Vaults" msgid "User Vaults" msgstr "库" msgid "Current password is required" msgstr "需要当前密码" #, python-brace-format msgid "Your password expires in ${days} days." msgstr "你的密码将在${days}天到期。" msgid "First OTP" msgstr "第一个OTP" msgid "New password is required" msgstr "需要新密码" #, fuzzy #| msgid "" #| " One-Time-Password(OTP): Generate new OTP code for each OTP field." msgid "" " OTP (One-Time Password):Generate new OTP code for each OTP field." msgstr "" " One-Time-Password(OTP): " "为每个OTP字段生成新的OTP码。" #, fuzzy #| msgid "" #| " One-Time-Password(OTP): Generate new OTP code for each OTP field." msgid "" " OTP (One-Time Password):Leave blank if you are not using OTP tokensfor authentication." msgstr "" " One-Time-Password(OTP): " "为每个OTP字段生成新的OTP码。" msgid "Token synchronization failed" msgstr "令牌同步失败" msgid "The username, password or token codes are not correct" msgstr "用户名,密码或令牌码不争取" msgid "Token was synchronized" msgstr "令牌已同步" msgid "Password change complete" msgstr "完成密码更改" #, fuzzy #| msgid "Your password expires in ${days} days." msgid "Your password has expired. Please enter a new password." msgstr "你的密码将在${days}天到期。" msgid "Passwords must match" msgstr "密码必须匹配" msgid "Password reset was not successful." msgstr "密码重置失败。" msgid "Reset your password." msgstr "重置你的密码。" msgid "Second OTP" msgstr "第二个OTP" msgid "Verify Password" msgstr "验证密码" msgid "Are you sure you want to delete selected entries?" msgstr "你确定要删除被选条目?" #, python-brace-format msgid "${count} item(s) deleted" msgstr "已删除${count}个条目" msgid "Are you sure you want to disable selected entries?" msgstr "你确定要禁用被选条目?" #, python-brace-format msgid "${count} item(s) disabled" msgstr "已禁用${count}个条目" msgid "Are you sure you want to enable selected entries?" msgstr "你确定要启用被选条目?" #, python-brace-format msgid "${count} item(s) enabled" msgstr "已启用${count}个条目" msgid "Some entries were not deleted" msgstr "一些条目没有被删除" msgid "Quick Links" msgstr "快速链接" msgid "Select All" msgstr "选择全部" #, python-brace-format msgid "" "Query returned more results than the configured size limit. Displaying the " "first ${counter} results." msgstr "返回比配置大小限制更多的结果。显示第一个${counter}结果。" msgid "Unselect All" msgstr "取消选择全部" msgid "" "

Browser Kerberos Setup

\n" "\n" msgstr "" msgid "" "

Firefox

\n" "\n" "

\n" " You can configure Firefox to use Kerberos for Single Sign-on. " "The following instructions will guide you in configuring your web browser to " "send your Kerberos credentials to the appropriate Key Distribution Center " "which enables Single Sign-on.\n" "

\n" "\n" msgstr "" msgid "" "
    \n" "
  1. \n" "

    \n" "Import " "Certificate Authority certificate\n" "

    \n" "

    \n" " Make sure you select all three checkboxes.\n" "

    \n" "
    2. \n" "
  2. \n" " In the address bar of Firefox, type about:config to display the list of current configuration options.\n" "
    3. \n" "
  3. \n" " In the Filter field, type negotiate to restrict " "the list of options.\n" "
    4. \n" "
  4. \n" " Double-click the network.negotiate-auth.trusted-uris entry to display the Enter string value dialog box.\n" "
    5. \n" "
  5. \n" " Enter the name of the domain against which you want to " "authenticate, for example, .example.com.\n" "
    6. \n" "
  6. Return to Web UI
    7. \n" "
\n" "\n" msgstr "" msgid "" "

Chrome

\n" "\n" "

\n" " You can configure Chrome to use Kerberos for Single Sign-on. The " "following instructions will guide you in configuring your web browser to " "send your Kerberos credentials to the appropriate Key Distribution Center " "which enables Single Sign-on.\n" "

\n" "\n" msgstr "" msgid "" "

Import CA Certificate

\n" "
    \n" "
  1. \n" " Download the CA certificate. " "Alternatively, if the host is also an IdM client, you can find the " "certificate in /etc/ipa/ca.crt.\n" "
    2. \n" "
  2. \n" " Click the menu button with the Customize and control " "Google Chrome tooltip, which is by default in the top right-hand corner " "of Chrome, and click Settings.\n" "
    3. \n" "
  3. \n" " Click Show advanced settings to display more " "options, and then click the Manage certificates button located " "under the HTTPS/SSL heading.\n" "
    4. \n" "
  4. \n" " In the Authorities tab, click the Import " "button at the bottom.\n" "
    5. \n" "
  5. Select the CA certificate file that you downloaded in the first step.\n" "
\n" "\n" msgstr "" msgid "" "

\n" " Enable SPNEGO (Simple and Protected GSSAPI Negotiation " "Mechanism) to Use Kerberos Authentication\n" " in Chrome\n" "

\n" "
    \n" "
  1. \n" " Make sure you have the necessary directory created by " "running:\n" "
    \n" " [root@client]# mkdir -p /etc/opt/chrome/policies/" "managed/\n" "
    \n" "
    2. \n" "
  2. \n" " Create a new /etc/opt/chrome/policies/managed/mydomain." "json file with write privileges limited to the system administrator " "or root, and include the following line:\n" "
    \n" " { \"AuthServerWhitelist\": \"*.example.com\" }\n" "
    \n" "
    \n" " You can do this by running:\n" "
    \n" "
    \n" " [root@server]# echo '{ \"AuthServerWhitelist\": \"*.example.com\" }' > /etc/opt/chrome/policies/" "managed/mydomain.json\n" "
    \n" "
    3. \n" "
\n" "
    \n" "

    \n" "Note: If using Chromium, use /etc/chromium/policies/" "managed/ instead of /etc/opt/chrome/policies/managed/ " "for the two SPNEGO Chrome configuration steps above.\n" "

    \n" "
\n" "\n" msgstr "" msgid "" "

Internet Explorer

\n" "

WARNING: Internet Explorer is no longer a supported " "browser.

\n" "

\n" " Once you are able to log into the workstation with your kerberos " "key you are now able to use that ticket in Internet Explorer.\n" "

\n" "

\n" msgstr "" msgid "" "Log into the Windows machine using an account of your Kerberos realm " "(administrative domain)\n" "

\n" "

\n" "In Internet Explorer, click Tools, and then click Internet Options.\n" "

\n" "
\n" "
    \n" "
  1. Click the Security tab
    2. \n" "
  2. Click Local intranet
    3. \n" "
  3. Click Sites
    4. \n" "
  4. Click Advanced
    5. \n" "
  5. Add your domain to the list
    6. \n" "
\n" "
    \n" "
  1. Click the Security tab
    2. \n" "
  2. Click Local intranet
    3. \n" "
  3. Click Custom Level
    4. \n" "
  4. Select Automatic logon only in Intranet zone
    5. \n" "
\n" "\n" "
    \n" "
  1. Visit a kerberized web site using IE (You must use the fully-qualified " "Domain Name in the URL)
    2. \n" "
  2. You are all set.
    3. \n" "
\n" "
\n" "\n" msgstr "" msgid "Working" msgstr "工作中" msgid "Audit" msgstr "审计" msgid "Authentication" msgstr "身份验证" msgid "Automember" msgstr "自动成员" msgid "Automount" msgstr "自动挂载" msgid "DNS" msgstr "DNS" #, fuzzy #| msgid "Host-based access control commands" msgid "Host-Based Access Control" msgstr "基于主机访问控制命令" msgid "Identity" msgstr "身份" msgid "Network Services" msgstr "网络服务" msgid "Policy" msgstr "策略" #, fuzzy #| msgid "Host-based access control commands" msgid "Role-Based Access Control" msgstr "基于主机访问控制命令" #, fuzzy #| msgid "Sudo Rule" msgid "Sudo" msgstr "Sudo规则" msgid "Topology" msgstr "拓扑" msgid "Trusts" msgstr "信任" msgid "True" msgstr "" msgid "" "

Unable to verify your Kerberos credentials

\n" "

\n" " Please make sure that you have valid Kerberos tickets " "(obtainable via kinit), and that you have configured your " "browser correctly.\n" "

\n" "\n" "

Browser configuration

\n" "\n" "
\n" "

\n" " If this is your first time, please configure your browser.\n" "

\n" "
\n" msgstr "" msgid "API Browser" msgstr "API概述" msgid "First" msgstr "第一" msgid "Last" msgstr "最后" msgid "Next" msgstr "下一个" msgid "Page" msgstr "页" msgid "Prev" msgstr "上一个" msgid "Undo" msgstr "取消" msgid "Undo this change." msgstr "取消这个更改。" msgid "Undo All" msgstr "取消全部" msgid "Undo all changes in this field." msgstr "取消在这个字段做的所有更改。" msgid "Text does not match field pattern" msgstr "文本不匹配字段模式" msgid "Must be an UTC date/time value (e.g., \"2014-01-20 17:58:01Z\")" msgstr "必须是一个UTC时间值(例如:\"2014-01-20 17:58:01Z\")" msgid "Must be a decimal number" msgstr "必须是一个小数" msgid "Format error" msgstr "格式错误" msgid "Must be an integer" msgstr "必须是一个整数" msgid "Not a valid IP address" msgstr "不是一个有效的IP地址" msgid "Not a valid IPv4 address" msgstr "不是一个有效的IPv4地址" msgid "Not a valid IPv6 address" msgstr "不是一个有效的IPv6地址" #, python-brace-format msgid "Maximum value is ${value}" msgstr "最大值是${value}" #, python-brace-format msgid "Minimum value is ${value}" msgstr "最小值是${value}" msgid "Not a valid network address (examples: 2001:db8::/64, 192.0.2.0/24)" msgstr "不是一个有效的网络地址(例如:2001:db8::/64, 192.0.2.0/24)" msgid "Parse error" msgstr "解析错误" #, fuzzy #| msgid "Must be a decimal number" msgid "Must be a positive number" msgstr "必须是一个小数" #, python-brace-format msgid "'${port}' is not a valid port" msgstr "'${port}'不是一个有效的端口" msgid "Required field" msgstr "必需字段" msgid "Unsupported value" msgstr "不支持的值" msgid "pyhbac is not installed." msgstr "" msgid "" "\n" "Simulate use of Host-based access controls\n" "\n" "HBAC rules control who can access what services on what hosts.\n" "You can use HBAC to control which users or groups can access a service,\n" "or group of services, on a target host.\n" "\n" "Since applying HBAC rules implies use of a production environment,\n" "this plugin aims to provide simulation of HBAC rules evaluation without\n" "having access to the production environment.\n" "\n" " Test user coming to a service on a named host against\n" " existing enabled rules.\n" "\n" " ipa hbactest --user= --host= --service=\n" " [--rules=rules-list] [--nodetail] [--enabled] [--disabled]\n" " [--sizelimit= ]\n" "\n" " --user, --host, and --service are mandatory, others are optional.\n" "\n" " If --rules is specified simulate enabling of the specified rules and test\n" " the login of the user using only these rules.\n" "\n" " If --enabled is specified, all enabled HBAC rules will be added to " "simulation\n" "\n" " If --disabled is specified, all disabled HBAC rules will be added to " "simulation\n" "\n" " If --nodetail is specified, do not return information about rules matched/" "not matched.\n" "\n" " If both --rules and --enabled are specified, apply simulation to --rules " "_and_\n" " all IPA enabled rules.\n" "\n" " If no --rules specified, simulation is run against all IPA enabled rules.\n" " By default there is a IPA-wide limit to number of entries fetched, you can " "change it\n" " with --sizelimit option.\n" "\n" "EXAMPLES:\n" "\n" " 1. Use all enabled HBAC rules in IPA database to simulate:\n" " $ ipa hbactest --user=a1a --host=bar --service=sshd\n" " --------------------\n" " Access granted: True\n" " --------------------\n" " Not matched rules: my-second-rule\n" " Not matched rules: my-third-rule\n" " Not matched rules: myrule\n" " Matched rules: allow_all\n" "\n" " 2. Disable detailed summary of how rules were applied:\n" " $ ipa hbactest --user=a1a --host=bar --service=sshd --nodetail\n" " --------------------\n" " Access granted: True\n" " --------------------\n" "\n" " 3. Test explicitly specified HBAC rules:\n" " $ ipa hbactest --user=a1a --host=bar --service=sshd \\\\\n" " --rules=myrule --rules=my-second-rule\n" " ---------------------\n" " Access granted: False\n" " ---------------------\n" " Not matched rules: my-second-rule\n" " Not matched rules: myrule\n" "\n" " 4. Use all enabled HBAC rules in IPA database + explicitly specified " "rules:\n" " $ ipa hbactest --user=a1a --host=bar --service=sshd \\\\\n" " --rules=myrule --rules=my-second-rule --enabled\n" " --------------------\n" " Access granted: True\n" " --------------------\n" " Not matched rules: my-second-rule\n" " Not matched rules: my-third-rule\n" " Not matched rules: myrule\n" " Matched rules: allow_all\n" "\n" " 5. Test all disabled HBAC rules in IPA database:\n" " $ ipa hbactest --user=a1a --host=bar --service=sshd --disabled\n" " ---------------------\n" " Access granted: False\n" " ---------------------\n" " Not matched rules: new-rule\n" "\n" " 6. Test all disabled HBAC rules in IPA database + explicitly specified " "rules:\n" " $ ipa hbactest --user=a1a --host=bar --service=sshd \\\\\n" " --rules=myrule --rules=my-second-rule --disabled\n" " ---------------------\n" " Access granted: False\n" " ---------------------\n" " Not matched rules: my-second-rule\n" " Not matched rules: my-third-rule\n" " Not matched rules: myrule\n" "\n" " 7. Test all (enabled and disabled) HBAC rules in IPA database:\n" " $ ipa hbactest --user=a1a --host=bar --service=sshd \\\\\n" " --enabled --disabled\n" " --------------------\n" " Access granted: True\n" " --------------------\n" " Not matched rules: my-second-rule\n" " Not matched rules: my-third-rule\n" " Not matched rules: myrule\n" " Not matched rules: new-rule\n" " Matched rules: allow_all\n" "\n" "\n" "HBACTEST AND TRUSTED DOMAINS\n" "\n" "When an external trusted domain is configured in IPA, HBAC rules are also " "applied\n" "on users accessing IPA resources from the trusted domain. Trusted domain " "users and\n" "groups (and their SIDs) can be then assigned to external groups which can " "be\n" "members of POSIX groups in IPA which can be used in HBAC rules and thus " "allowing\n" "access to resources protected by the HBAC system.\n" "\n" "hbactest plugin is capable of testing access for both local IPA users and " "users\n" "from the trusted domains, either by a fully qualified user name or by user " "SID.\n" "Such user names need to have a trusted domain specified as a short name\n" "(DOMAIN\\Administrator) or with a user principal name (UPN), " "Administrator@ad.test.\n" "\n" "Please note that hbactest executed with a trusted domain user as --user " "parameter\n" "can be only run by members of \"trust admins\" group.\n" "\n" "EXAMPLES:\n" "\n" " 1. Test if a user from a trusted domain specified by its shortname " "matches any\n" " rule:\n" "\n" " $ ipa hbactest --user 'DOMAIN\\Administrator' --host `hostname` --" "service sshd\n" " --------------------\n" " Access granted: True\n" " --------------------\n" " Matched rules: allow_all\n" " Matched rules: can_login\n" "\n" " 2. Test if a user from a trusted domain specified by its domain name " "matches\n" " any rule:\n" "\n" " $ ipa hbactest --user 'Administrator@domain.com' --host `hostname` --" "service sshd\n" " --------------------\n" " Access granted: True\n" " --------------------\n" " Matched rules: allow_all\n" " Matched rules: can_login\n" "\n" " 3. Test if a user from a trusted domain specified by its SID matches any " "rule:\n" "\n" " $ ipa hbactest --user S-1-5-21-3035198329-144811719-1378114514-500 \\\\\n" " --host `hostname` --service sshd\n" " --------------------\n" " Access granted: True\n" " --------------------\n" " Matched rules: allow_all\n" " Matched rules: can_login\n" "\n" " 4. Test if other user from a trusted domain specified by its SID matches " "any rule:\n" "\n" " $ ipa hbactest --user S-1-5-21-3035198329-144811719-1378114514-1203 \\" "\\\n" " --host `hostname` --service sshd\n" " --------------------\n" " Access granted: True\n" " --------------------\n" " Matched rules: allow_all\n" " Not matched rules: can_login\n" "\n" " 5. Test if other user from a trusted domain specified by its shortname " "matches\n" " any rule:\n" "\n" " $ ipa hbactest --user 'DOMAIN\\Otheruser' --host `hostname` --service " "sshd\n" " --------------------\n" " Access granted: True\n" " --------------------\n" " Matched rules: allow_all\n" " Not matched rules: can_login\n" msgstr "" msgid "Unresolved rules in --rules" msgstr "在--rules中不能解析的规则" msgid "" "Cannot search in trusted domains without own domain configured. Make sure " "you have run ipa-adtrust-install on the IPA server first" msgstr "" "没有自己的域配置不能在信任域中查找。首先确认你已经在IPA服务器上运行了ipa-" "adtrust-install命令" #, python-format msgid "Access granted: %s" msgstr "访问授权:%s" msgid "" "\n" "OTP Tokens\n" msgstr "" "\n" "OTP令牌\n" msgid "" "\n" "Manage OTP tokens.\n" msgstr "" "\n" "管理OTP 令牌。\n" msgid "" "\n" "IPA supports the use of OTP tokens for multi-factor authentication. This\n" "code enables the management of OTP tokens.\n" msgstr "" "\n" "IPA支持使用OTP令牌来多因素认证。这个码能管理OTP令牌。\n" #, fuzzy #| msgid "" #| "\n" #| " Add a new token:\n" #| " ipa otptoken-add-yubikey --owner=jdoe --desc=\"My YubiKey\"\n" msgid "" "\n" " Add a new token:\n" " ipa otptoken-add --type=totp --owner=jdoe --desc=\"My soft token\"\n" msgstr "" "\n" " 增加一个新的令牌:\n" " ipa otptoken-add-yubikey --owner=jdoe --desc=\"My YubiKey\"\n" msgid "" "\n" " Examine the token:\n" " ipa otptoken-show a93db710-a31a-4639-8647-f15b2c70b78a\n" msgstr "" msgid "" "\n" " Change the vendor:\n" " ipa otptoken-mod a93db710-a31a-4639-8647-f15b2c70b78a --vendor=\"Red Hat" "\"\n" msgstr "" msgid "" "\n" " Delete a token:\n" " ipa otptoken-del a93db710-a31a-4639-8647-f15b2c70b78a\n" msgstr "" msgid "OTP token" msgstr "OTP令牌" msgid "OTP tokens" msgstr "OTP令牌" msgid "OTP Tokens" msgstr "OTP令牌" msgid "OTP Token" msgstr "OTP令牌" #, fuzzy #| msgid "UID" msgid "URI" msgstr "UID" #, python-format msgid "Added OTP token \"%(value)s\"" msgstr "已添加OTP令牌\"%(value)s\"" msgid "cannot be empty" msgstr "不能为空" #, python-format msgid "Deleted OTP token \"%(value)s\"" msgstr "已删除OTP令牌\"%(value)s\"" #, python-format msgid "Modified OTP token \"%(value)s\"" msgstr "已修改OTP令牌\"%(value)s\"" #, python-format msgid "%(count)d OTP token matched" msgid_plural "%(count)d OTP tokens matched" msgstr[0] "已匹配%(count)d个OTP令牌" msgid "" "\n" "Permissions\n" msgstr "" "\n" "权限\n" msgid "" "\n" "A permission enables fine-grained delegation of rights. A permission is\n" "a human-readable wrapper around a 389-ds Access Control Rule,\n" "or instruction (ACI).\n" "A permission grants the right to perform a specific task such as adding a\n" "user, modifying a group, etc.\n" msgstr "" msgid "" "\n" "A permission may not contain other permissions.\n" msgstr "" "\n" "一个权限可能不包含其他权限。\n" msgid "" "\n" "* A permission grants access to read, write, add, delete, read, search,\n" " or compare.\n" "* A privilege combines similar permissions (for example all the permissions\n" " needed to add a user).\n" "* A role grants a set of privileges to users, groups, hosts or hostgroups.\n" msgstr "" "\n" "* 权限允许访问读,写,添加,删除,读,查找或比价。\n" "* 特权结合了相似的权限(例如所有权限需要添加一个用户)\n" "* 角色为用户,用户组,主机或主机组授予一系列特权。\n" msgid "" "\n" "A permission is made up of a number of different parts:\n" "\n" "1. The name of the permission.\n" "2. The target of the permission.\n" "3. The rights granted by the permission.\n" msgstr "" "\n" "权限由许多不同部分组成:\n" "\n" "1. 权限名。\n" "2. 权限目标。\n" "3. 权限授予的权限。\n" msgid "" "\n" "Rights define what operations are allowed, and may be one or more\n" "of the following:\n" "1. write - write one or more attributes\n" "2. read - read one or more attributes\n" "3. search - search on one or more attributes\n" "4. compare - compare one or more attributes\n" "5. add - add a new entry to the tree\n" "6. delete - delete an existing entry\n" "7. all - all permissions are granted\n" msgstr "" "\n" "权限定义了允许哪些操作,可能是下面的一个或多个:\n" "1. 写 - 写一条或多条属性\n" "2. 读 - 读一条或多条属性\n" "3. 查找 - 查找一条或多条属性\n" "4. 比较 - 比较一条或多条属性\n" "5. 添加 - 添加一条新属性到树中\n" "6. 删除 - 删除一条已存在的条目\n" "7. 全部 - 授予的所有权限\n" msgid "" "\n" "Note the distinction between attributes and entries. The permissions are\n" "independent, so being able to add a user does not mean that the user will\n" "be editable.\n" msgstr "" "\n" "注意属性和条目之间的区别。权限是独立的,能添加一个用户并不代表该用户是可编辑" "的。\n" msgid "" "\n" "There are a number of allowed targets:\n" "1. subtree: a DN; the permission applies to the subtree under this DN\n" "2. target filter: an LDAP filter\n" "3. target: DN with possible wildcards, specifies entries permission applies " "to\n" msgstr "" "\n" "有许多允许的目标:\n" "1. 子树:一个DN;在该DN下应用权限的子树\n" "2. 目标过滤器:一个LDAP过滤器\n" "3. 目标:权限适用于带有可能通配符,指定条目的DN\n" msgid "" "\n" "Additionally, there are the following convenience options.\n" "Setting one of these options will set the corresponding attribute(s).\n" "1. type: a type of object (user, group, etc); sets subtree and target " "filter.\n" "2. memberof: apply to members of a group; sets target filter\n" "3. targetgroup: grant access to modify a specific group (such as granting\n" " the rights to manage group membership); sets target.\n" msgstr "" "\n" "同时,有以下合适的选项。设置其中一个选项将会设置相应的属性。\n" "1. 类型:对象(用户,用户组等)的类型;设置子树和目标过滤器。\n" "2. 组: 适用于一个组的成员;设置目标过滤器。\n" "3. 目标组:允许修改一个指定组(例如授予管理组成员的权限);设置目标。\n" msgid "" "\n" "Managed permissions\n" msgstr "" "\n" "管理权限\n" msgid "" "\n" "Permissions that come with IPA by default can be so-called \"managed\"\n" "permissions. These have a default set of attributes they apply to,\n" "but the administrator can add/remove individual attributes to/from the set.\n" msgstr "" msgid "" "\n" "Deleting or renaming a managed permission, as well as changing its target,\n" "is not allowed.\n" msgstr "" "\n" "删除或重命名一个管理权限,同时改变它的目标是不允许的。\n" msgid "" "\n" " Add a permission that grants the creation of users:\n" " ipa permission-add --type=user --permissions=add \"Add Users\"\n" msgstr "" msgid "" "\n" " Add a permission that grants the ability to manage group membership:\n" " ipa permission-add --attrs=member --permissions=write --type=group " "\"Manage Group Members\"\n" msgstr "" msgid "must be enclosed in parentheses" msgstr "必须括在括号里" #, python-format msgid "\"%s\" is not an object type" msgstr "\"%s\"不是一个对象类型" #, python-format msgid "\"%s\" is not a valid permission type" msgstr "\"%s\"不是一个有效的权限类型" #, python-format msgid "Deprecated; use %s" msgstr "已弃用;使用%s" #, python-format msgid "Permission with unknown flag %s may not be modified or removed" msgstr "带有标记%s的权限可能不能被修改或删除" msgid "A SYSTEM permission may not be modified or removed" msgstr "系统权限可能不能被修改或删除" #, python-format msgid "Entry %s not found" msgstr "条目%s没有找到" #, python-format msgid "The ACI for permission %(name)s was not found in %(dn)s " msgstr "ACI权限%(name)s在%(dn)s中没有找到" msgid "" "cannot specify full target filter and extra target filter simultaneously" msgstr "不能同时指定完整的目标滤波器和额外的目标滤波器" #, python-format msgid "option was renamed; use %s" msgstr "选项已被重命名;使用%s" #, python-format msgid "Cannot use %(old_name)s with %(new_name)s" msgstr "不能使用%(old_name)s和%(new_name)s" #, python-format msgid "%s: group not found" msgstr "%s:找不到组" msgid "target and targetgroup are mutually exclusive" msgstr "目标和目标组是互斥的" msgid "subtree and type are mutually exclusive" msgstr "子树和类型是互斥的" msgid "Bad search filter" msgstr "无效的搜索过滤器" #, python-format msgid "Entry %s does not exist" msgstr "条目%s不存在" msgid "" "there must be at least one target entry specifier (e.g. target, " "targetfilter, attrs)" msgstr "必须有至少一个目标条目说明符(例如:目标,目标过滤器,属性)" #, python-format msgid "Added permission \"%(value)s\"" msgstr "已添加权限\"%(value)s\"" msgid "attrs and included attributes are mutually exclusive" msgstr "属性和包含的属性是互斥的" #, python-format msgid "Cannot store permission ACI to %s" msgstr "不能存储权限ACI到%s" #, python-format msgid "Deleted permission \"%(value)s\"" msgstr "已删除权限\"%(value)s\"" msgid "cannot delete managed permissions" msgstr "不能删除管理权限" #, python-format msgid "ACI of permission %s was not found" msgstr "ACI权限%s没有找到" #, python-format msgid "Modified permission \"%(value)s\"" msgstr "已修改权限\"%(value)s\"" msgid "cannot rename managed permissions" msgstr "不能重命名管理权限" msgid "not modifiable on managed permissions" msgstr "管理权限没有修改" msgid "only available on managed permissions" msgstr "仅在管理权限中可用" msgid "attrs and included/excluded attributes are mutually exclusive" msgstr "属性和包含/排除属性是互斥的" msgid "cannot set bindtype for a permission that is assigned to a privilege" msgstr "不能为已分配一个特权的权限设置绑定类型" #, python-format msgid "%(count)d permission matched" msgid_plural "%(count)d permissions matched" msgstr[0] "已匹配%(count)d个权限" msgid "" "\n" "IPA servers\n" msgstr "" "\n" "IPA服务器\n" msgid "" "\n" "Get information about installed IPA servers.\n" msgstr "" "\n" "获取安装IPA服务器信息。\n" #, fuzzy #| msgid "Find a server role on a server(s)" msgid "" "\n" " Find all servers:\n" " ipa server-find\n" msgstr "在服务器上找到一个服务器角色" msgid "" "\n" " Show specific server:\n" " ipa server-show ipa.example.com\n" msgstr "" msgid "server" msgstr "服务器" msgid "servers" msgstr "服务器" msgid "IPA Servers" msgstr "IPA服务器" msgid "Server location" msgstr "服务器位置" #, fuzzy #| msgid "Service Settings" msgid "Service weight" msgstr "服务设置" msgid "Weight for server services" msgstr "服务器服务权重" #, fuzzy #| msgid "Service delegation target" msgid "Service relative weight" msgstr "服务授权目标" #, fuzzy #| msgid "Relative weight for entries with the same priority." msgid "Relative weight for server services (counts per location)" msgstr "拥有相同优先级条目的相对权重。" msgid "Enabled server roles" msgstr "已启用服务器角色" msgid "List of enabled roles" msgstr "已启用角色列表" msgid "Modify information about an IPA server." msgstr "修改一个IPA服务器信息。" #, python-format msgid "Modified IPA server \"%(value)s\"" msgstr "已修改IPA服务器\"%(value)s\"" #, python-format msgid "%(count)d IPA server matched" msgid_plural "%(count)d IPA servers matched" msgstr[0] "已匹配%(count)d个IPA服务器" #, python-format msgid "Deleted IPA server \"%(value)s\"" msgstr "已删除IPA服务器\"%(value)s\"" msgid "Ignore topology errors" msgstr "忽略拓扑错误" msgid "Ignore topology connectivity problems after removal" msgstr "删除后忽略拓扑连通性问题" msgid "Ignore check for last remaining CA or DNS server" msgstr "不检查最后的CA或DNS服务器" msgid "Skip a check whether the last CA master or DNS server is removed" msgstr "不检查最后一个CA主服务器或DNS服务器是否被删除了" msgid "Force server removal" msgstr "强制服务器删除" msgid "Force server removal even if it does not exist" msgstr "强制服务器删除即使它不存在" msgid "" "Replica is active DNSSEC key master. Uninstall could break your DNS system. " "Please disable or replace DNSSEC key master first." msgstr "" "副本是活跃的DNSSEC密钥主机。卸载会导致你DNS系统崩溃。首先请禁用或替代DNSSEC密" "钥主机。" msgid "Deleting this server will leave your installation without a DNS." msgstr "删除这台服务器将使得你的安装过程没有DNS。" #, fuzzy #| msgid "" #| "Deleting this server is not allowed as it would leave your installation " #| "without a CA." msgid "" "Deleting this server is not allowed as it would leave your installation " "without a KRA." msgstr "删除这台服务器是不允许的因为这将导致你的安装过程没有CA。" msgid "" "Deleting this server is not allowed as it would leave your installation " "without a CA." msgstr "删除这台服务器是不允许的因为这将导致你的安装过程没有CA。" msgid "Ignoring these warnings and proceeding with removal" msgstr "忽略这些警告并给予清除" #, python-format msgid "" "Failed to clean memberPrincipal %(principal)s from s4u2proxy entry %(dn)s: " "%(err)s" msgstr "从s4u2proxy条目%(dn)s中清除成员主体%(principal)s失败:%(err)s" #, python-format msgid "Failed to clean up DNA hostname entries for %(master)s: %(err)s" msgstr "为%(master)s清除DNA主机名条目失败:%(err)s" #, python-format msgid "Failed to remove server %(master)s from server list: %(err)s" msgstr "从服务器列表中删除服务器%(master)s失败:%(err)s" #, python-format msgid "Failed to clean up Custodia keys for %(master)s: %(err)s" msgstr "为%(master)s清除Custodia密钥失败:%(err)s" #, python-format msgid "Failed to cleanup server principals/keys: %(err)s" msgstr "清除服务器主体/密钥失败:%(err)s" #, python-format msgid "Failed to cleanup %(hostname)s DNS entries: %(err)s" msgstr "清除%(hostname)s DNS条目失败:%(err)s" msgid "You may need to manually remove them from the tree" msgstr "你可能需要从树中手动删除它们" #, python-format msgid "Forcing removal of %(hostname)s" msgstr "强制删除%(hostname)s" msgid "Ignoring topology connectivity errors." msgstr "忽略拓扑连通性错误。" msgid "Server has already been deleted" msgstr "服务器已被删除" msgid "Agreements deleted" msgstr "协议已删除" msgid "Following segments were not deleted:" msgstr "下面部分没有被删除:" #, python-format msgid "must be \"%s\"" msgstr "必须是\"%s\"" msgid "not allowed to perform server connection check" msgstr "不允许执行服务器连接检查" #, fuzzy #| msgid "Show role status on a server" msgid "Set enabled/hidden state of a server." msgstr "显示服务器角色状态" #, fuzzy #| msgid "Status" msgid "State" msgstr "状态" #, fuzzy #| msgid "Server Name" msgid "Server state" msgstr "服务器名" #, fuzzy, python-format #| msgid "Changed password for \"%(value)s\"" msgid "Changed server state of \"%(value)s\"." msgstr "已改变\"%(value)s\"的密码" #, fuzzy #| msgid "IPA CA renewal master" msgid "Cannot hide CA renewal master." msgstr "IPA CA更新主服务器" #, fuzzy #| msgid "IPA DNSSec key master" msgid "Cannot hide DNSSec key master." msgstr "IPA DNSSec密钥主机" #, python-format msgid "Cannot hide last enabled %(name)s server." msgstr "" msgid "self service permission" msgstr "自助服务权限" msgid "self service permissions" msgstr "自助服务权限" msgid "Self Service Permissions" msgstr "自助服务权限" msgid "Self Service Permission" msgstr "自助服务权限" #, python-format msgid "Added selfservice \"%(value)s\"" msgstr "已添加自助服务\"%(value)s\"" #, python-format msgid "Deleted selfservice \"%(value)s\"" msgstr "已删除自助服务\"%(value)s\"" #, python-format msgid "Modified selfservice \"%(value)s\"" msgstr "已修改自助服务\"%(value)s\"" #, python-format msgid "%(count)d selfservice matched" msgid_plural "%(count)d selfservices matched" msgstr[0] "已匹配%(count)d个自助服务" msgid "" "\n" "IPA server roles\n" msgstr "" "\n" "IPA服务器角色\n" msgid "" "\n" "Get status of roles (DNS server, CA, etc.) provided by IPA masters.\n" msgstr "" "\n" "获取由IPA主服务器提供的角色(DNS服务器,CA等)状态。\n" msgid "" "\n" "The status of a role is either enabled, configured, or absent.\n" msgstr "" msgid "" "\n" " Show status of 'DNS server' role on a server:\n" " ipa server-role-show ipa.example.com \"DNS server\"\n" msgstr "" msgid "" "\n" " Show status of all roles containing 'AD' on a server:\n" " ipa server-role-find --server ipa.example.com --role=\"AD trust " "controller\"\n" msgstr "" msgid "" "\n" " Show status of all configured roles on a server:\n" " ipa server-role-find ipa.example.com\n" msgstr "" msgid "" "\n" " Show implicit IPA master role:\n" " ipa server-role-find --include-master\n" msgstr "" msgid "server role" msgstr "服务器角色" msgid "server roles" msgstr "服务器角色" msgid "IPA Server Roles" msgstr "IPA服务器角色" msgid "IPA Server Role" msgstr "IPA服务器角色" msgid "IPA server role name" msgstr "IPA服务器角色名" msgid "Role status" msgstr "角色状态" msgid "Status of the role" msgstr "角色状态" msgid "Show role status on a server" msgstr "显示服务器角色状态" msgid "Find a server role on a server(s)" msgstr "在服务器上找到一个服务器角色" #, python-format msgid "%(count)s server role matched" msgid_plural "%(count)s server roles matched" msgstr[0] "已匹配%(count)s个服务器角色" #, fuzzy #| msgid "Included attributes" msgid "Include IPA master entries" msgstr "包含的属性" msgid "IPA role name" msgstr "IPA角色名" msgid "" "\n" "Cross-realm trusts\n" "\n" "Manage trust relationship between IPA and Active Directory domains.\n" "\n" "In order to allow users from a remote domain to access resources in IPA " "domain,\n" "trust relationship needs to be established. Currently IPA supports only " "trusts\n" "between IPA and Active Directory domains under control of Windows Server " "2008\n" "or later, with functional level 2008 or later.\n" "\n" "Please note that DNS on both IPA and Active Directory domain sides should " "be\n" "configured properly to discover each other. Trust relationship relies on\n" "ability to discover special resources in the other domain via DNS records.\n" "\n" "Examples:\n" "\n" "1. Establish cross-realm trust with Active Directory using AD administrator\n" " credentials:\n" "\n" " ipa trust-add --type=ad --admin --password\n" "\n" "2. List all existing trust relationships:\n" "\n" " ipa trust-find\n" "\n" "3. Show details of the specific trust relationship:\n" "\n" " ipa trust-show \n" "\n" "4. Delete existing trust relationship:\n" "\n" " ipa trust-del \n" "\n" "Once trust relationship is established, remote users will need to be mapped\n" "to local POSIX groups in order to actually use IPA resources. The mapping\n" "should be done via use of external membership of non-POSIX group and then\n" "this group should be included into one of local POSIX groups.\n" "\n" "Example:\n" "\n" "1. Create group for the trusted domain admins' mapping and their local " "POSIX\n" "group:\n" "\n" " ipa group-add --desc=' admins external map' " "ad_admins_external --external\n" " ipa group-add --desc=' admins' ad_admins\n" "\n" "2. Add security identifier of Domain Admins of the to the\n" " ad_admins_external group:\n" "\n" " ipa group-add-member ad_admins_external --external 'AD\\Domain Admins'\n" "\n" "3. Allow members of ad_admins_external group to be associated with\n" " ad_admins POSIX group:\n" "\n" " ipa group-add-member ad_admins --groups ad_admins_external\n" "\n" "4. List members of external members of ad_admins_external group to see\n" " their SIDs:\n" "\n" " ipa group-show ad_admins_external\n" "\n" "\n" "GLOBAL TRUST CONFIGURATION\n" "\n" "When IPA AD trust subpackage is installed and ipa-adtrust-install is run, a\n" "local domain configuration (SID, GUID, NetBIOS name) is generated. These\n" "identifiers are then used when communicating with a trusted domain of the\n" "particular type.\n" "\n" "1. Show global trust configuration for Active Directory type of trusts:\n" "\n" " ipa trustconfig-show --type ad\n" "\n" "2. Modify global configuration for all trusts of Active Directory type and " "set\n" " a different fallback primary group (fallback primary group GID is used as " "a\n" " primary user GID if user authenticating to IPA domain does not have any\n" " other primary GID already set):\n" "\n" " ipa trustconfig-mod --type ad --fallback-primary-group \"another AD group" "\"\n" "\n" "3. Change primary fallback group back to default hidden group (any group " "with\n" " posixGroup object class is allowed):\n" "\n" " ipa trustconfig-mod --type ad --fallback-primary-group \"Default SMB Group" "\"\n" msgstr "" #, python-format msgid "" " Alternatively, following servers are capable of running this command: " "%(masters)s" msgstr "另外,下面服务器可以运行该命令:%(masters)s" msgid "AD Trust setup" msgstr "AD信任设置" msgid "" "Cannot perform the selected command without Samba 4 support installed. Make " "sure you have installed server-trust-ad sub-package of IPA." msgstr "" "没有安装Samba 4不能执行被选命令。确认你已经在IPA上安装了server-trust-ad子包。" msgid "" "Cannot perform the selected command without Samba 4 instance configured on " "this machine. Make sure you have run ipa-adtrust-install on this server." msgstr "" "没有在该机器上进行Samba 4实例配置不能执行被选命令。确认你已经在该服务器上运行" "ipa-adtrust-install。" msgid "" "Fetching domains from trusted forest failed. See details in the error_log" msgstr "从信任森林中获取域失败。在error_log中查看详细信息" msgid "trust" msgstr "信任" msgid "trusts" msgstr "信任" msgid "Trust" msgstr "信任" #, fuzzy #| msgid "SID blacklist incoming" msgid "SID blocklist incoming" msgstr "进来的SID黑名单" #, fuzzy #| msgid "SID blacklist outgoing" msgid "SID blocklist outgoing" msgstr "出去的SID黑名单" msgid "UPN suffixes" msgstr "UPN后缀" #, fuzzy, python-brace-format #| msgid "invalid Profile ID" msgid "invalid SID: {SID}" msgstr "无效的配置文件ID" msgid "" "\n" "Add new trust to use.\n" "\n" "This command establishes trust relationship to another domain\n" "which becomes 'trusted'. As result, users of the trusted domain\n" "may access resources of this domain.\n" "\n" "Only trusts to Active Directory domains are supported right now.\n" "\n" "The command can be safely run multiple times against the same domain,\n" "this will cause change to trust relationship credentials on both\n" "sides.\n" "\n" "Note that if the command was previously run with a specific range type,\n" "or with automatic detection of the range type, and you want to configure a\n" "different range type, you may need to delete first the ID range using\n" "ipa idrange-del before retrying the command with the desired range type.\n" " " msgstr "" #, fuzzy #| msgid "" #| "Type of trusted domain ID range, one of ipa-ad-trust-posix, ipa-ad-trust" msgid "Type of trusted domain ID range, one of allowed values" msgstr "信任域ID范围的类型,是ipa-ad-trust-posix和ipa-ad-trust中的一个" msgid "External trust" msgstr "外部的信任" msgid "" "Establish external trust to a domain in another forest. The trust is not " "transitive beyond the domain." msgstr "建立外部信任到另一个森林域中。信任不会在域外传递。" #, python-format msgid "Added Active Directory trust for realm \"%(value)s\"" msgstr "已添加活动目录域\"%(value)s\"" #, python-format msgid "Re-established trust to domain \"%(value)s\"" msgstr "重建信任域\"%(value)s\"" msgid "missing base_id" msgstr "缺少base_id" msgid "pysss_murmur is not available on the server and no base-id is given." msgstr "pysss_murmur在服务器上不可用并没有提供base-id。" msgid "trust type" msgstr "信任类型" msgid "only \"ad\" is supported" msgstr "仅支持\"ad\"" msgid "domain" msgstr "域" msgid "" "Cannot establish a trust to AD deployed in the same domain as IPA. Such " "setup is not supported." msgstr "不能建立一个信任到部署在IPA同一域中的AD。这样的设置不支持。" msgid "Realm-domain mismatch" msgstr "Realm-domain不匹配" msgid "" "To establish trust with Active Directory, the domain name and the realm name " "of the IPA server must match" msgstr "为了建立信任活动目录,IPA服务器的域名和realm名必须匹配" #, python-format msgid "" "Trusted domain %(domain)s is included among IPA realm domains. It needs to " "be removed prior to establishing the trust. See the \"ipa realmdomains-mod --" "del-domain\" command." msgstr "" "信任域%(domain)s包含在IPArealm域中。建立信任需要删除之前的。查看\"ipa " "realmdomains-mod --del-domain\"命令。" msgid "Trusted domain and administrator account use different realms" msgstr "信任域和管理员账户使用不同域" msgid "Realm administrator password should be specified" msgstr "域管理员密码应该被指定" msgid "id range type" msgstr "id范围类型" msgid "" "Only the ipa-ad-trust and ipa-ad-trust-posix are allowed values for --range-" "type when adding an AD trust." msgstr "" "当添加一个AD信任时仅有ipa-ad-trust和ipa-ad-trust-posix允许--range-type值。" msgid "id range" msgstr "id范围" msgid "" "An id range already exists for this trust. You should either delete the old " "range, or exclude --base-id/--range-size options from the command." msgstr "" "id范围已在该域中存在。你要么删除旧的范围,要么从命令中排除--base-id/--range-" "size选项。" msgid "range exists" msgstr "范围内存在" msgid "" "ID range with the same name but different domain SID already exists. The ID " "range for the new trusted domain must be created manually." msgstr "同名但不同域SID的ID范围已存在。新信任域的ID范围必须手动创建。" msgid "range type change" msgstr "范围类型改变" msgid "" "ID range for the trusted domain already exists, but it has a different type. " "Please remove the old range manually, or do not enforce type via --range-" "type option." msgstr "" "信任域的ID范围已存在,但它有一个不同类型。请手动删除旧的范围,或者通过--" "range-type选项不强制类型。" #, python-brace-format msgid "Unable to resolve domain controller for {domain} domain. " msgstr "" msgid "" "Forward policy is defined for it in IPA DNS, perhaps forwarder points to " "incorrect host?" msgstr "在IPA DNS中转发器策略阻止了它,也许是转发器指向了不正确的主机?" #, python-brace-format msgid "" "IPA manages DNS, please verify your DNS configuration and make sure that " "service records of the '{domain}' domain can be resolved. Examples how to " "configure DNS with CLI commands or the Web UI can be found in the " "documentation. " msgstr "" #, python-brace-format msgid "" "Since IPA does not manage DNS records, ensure DNS is configured to resolve " "'{domain}' domain from IPA hosts and back." msgstr "" msgid "Unable to verify write permissions to the AD" msgstr "不能在AD中验证写权限" msgid "Not enough arguments specified to perform trust setup" msgstr "执行信任设置时没有指定足够的参数" #, python-format msgid "Deleted trust \"%(value)s\"" msgstr "已删除信任\"%(value)s\"" msgid "" "\n" " Modify a trust (for future use).\n" "\n" " Currently only the default option to modify the LDAP attributes is\n" " available. More specific options will be added in coming releases.\n" " " msgstr "" #, python-format msgid "Modified trust \"%(value)s\" (change will be effective in 60 seconds)" msgstr "已修改信任\"%(value)s\"(改变将在60s内生效)" #, python-format msgid "%(count)d trust matched" msgid_plural "%(count)d trusts matched" msgstr[0] "已匹配%(count)d个信任" msgid "trust configuration" msgstr "信任配置" msgid "Global Trust Configuration" msgstr "全局信任配置" msgid "IPA AD trust agents" msgstr "IPA AD信任代理" msgid "IPA servers configured as AD trust agents" msgstr "IPA服务器配置为AD信任代理" msgid "IPA AD trust controllers" msgstr "IPA AD信任控制器" msgid "IPA servers configured as AD trust controllers" msgstr "IPA服务器配置为AD信任控制器" msgid "unsupported trust type" msgstr "不支持的信任类型" #, python-format msgid "Modified \"%(value)s\" trust configuration" msgstr "已修改\"%(value)s\"信任配置" #, fuzzy #| msgid "GID" msgid "SID" msgstr "GID" msgid "sidgen_was_run" msgstr "" msgid "" "This command relies on the existence of the \"editors\" group, but this " "group was not found." msgstr "该命令依赖于\"editors\"组的存在,但是该组没有找到。" msgid "trust domain" msgstr "信任域" msgid "trust domains" msgstr "信任域" msgid "Trusted domains" msgstr "已信任的域" msgid "Trusted domain" msgstr "已信任的域" msgid "Domain enabled" msgstr "域已启用" #, python-format msgid "Removed information about the trusted domain \"%(value)s\"" msgstr "删除信任域\"%(value)s\"的信息" msgid "" "cannot delete root domain of the trust, use trust-del to delete the trust " "itself" msgstr "不能删除信任的根域,使用trust-del来删除它自己的信任" msgid "" "List of trust domains successfully refreshed. Use trustdomain-find command " "to list them." msgstr "信任域列表更新成功。使用trustdomain-find命令来列举它们。" #, fuzzy #| msgid "IPA servers configured as AD trust agents" msgid "Configure this server as a trust agent." msgstr "IPA服务器配置为AD信任代理" msgid "Enable support for trusted domains for old clients" msgstr "" #, fuzzy #| msgid "not allowed to modify user entries" msgid "not allowed to remotely add agent" msgstr "不允许修改用户条目" #, python-format msgid "Enabled trust domain \"%(value)s\"" msgstr "已启用信任域\"%(value)s\"" msgid "Root domain of the trust is always enabled for the existing trust" msgstr "信任的根域总是支持现有的信任" #, python-format msgid "Disabled trust domain \"%(value)s\"" msgstr "已禁用信任域\"%(value)s\"" msgid "" "cannot disable root domain of the trust, use trust-del to delete the trust " "itself" msgstr "不能禁用信任的根域,使用trust-del来删除它自己的信任" msgid "A list of ACI values" msgstr "ACI值列表" msgid "type, filter, subtree and targetgroup are mutually exclusive" msgstr "类型,过滤器,子树和目标组是互斥的" msgid "ACI prefix is required" msgstr "需要ACI前缀" msgid "" "at least one of: type, filter, subtree, targetgroup, attrs or memberof are " "required" msgstr "至少需要其中一个:类型,过滤器,子树,目标组,属性或它的成员" msgid "filter and memberof are mutually exclusive" msgstr "过滤器和它的成员是互斥的" msgid "group, permission and self are mutually exclusive" msgstr "组,权限和它们自己是互斥的" msgid "One of group, permission or self is required" msgstr "需要组,权限或它们自己中的一个" #, python-format msgid "Group '%s' does not exist" msgstr "组 '%s' 不存在" msgid "empty filter" msgstr "空的过滤器" #, python-format msgid "Syntax Error: %(error)s" msgstr "语法错误:%(error)s" #, python-format msgid "invalid DN (%s)" msgstr "无效的DN(%s)" #, python-format msgid "ACI with name \"%s\" not found" msgstr "ACI名\"%s\"没有找到" #, fuzzy #| msgid "IPA object" msgid "ACI object." msgstr "IPA对象" msgid "ACIs" msgstr "ACIs" #, python-format msgid "Created ACI \"%(value)s\"" msgstr "已创建ACI\"%(value)s\"" #, python-format msgid "Deleted ACI \"%(value)s\"" msgstr "已删除ACI\"%(value)s\"" #, python-format msgid "Modified ACI \"%(value)s\"" msgstr "已修改ACI\"%(value)s\"" #, python-format msgid "%(count)d ACI matched" msgid_plural "%(count)d ACIs matched" msgstr[0] "%(count)d个ACI已匹配" #, python-format msgid "Renamed ACI to \"%(value)s\"" msgstr "已重命名ACI为\"%(value)s\"" msgid "" "\n" "Plugin to make multiple ipa calls via one remote procedure call\n" "\n" "To run this code in the lite-server\n" "\n" "curl -H \"Content-Type:application/json\" -H \"Accept:application/" "json\" -H \"Accept-Language:en\" --negotiate -u : --cacert /" "etc/ipa/ca.crt -d @batch_request.json -X POST http://" "localhost:8888/ipa/json\n" "\n" "where the contents of the file batch_request.json follow the below example\n" "\n" "{\"method\":\"batch\",\"params\":[[\n" " {\"method\":\"group_find\",\"params\":[[],{}]},\n" " {\"method\":\"user_find\",\"params\":[[],{\"whoami\":\"true\",\"all" "\":\"true\"}]},\n" " {\"method\":\"user_show\",\"params\":[[\"admin\"],{\"all\":true}]}\n" " ],{}],\"id\":1}\n" "\n" "The format of the response is nested the same way. At the top you will see\n" " \"error\": null,\n" " \"id\": 1,\n" " \"result\": {\n" " \"count\": 3,\n" " \"results\": [\n" "\n" "\n" "And then a nested response for each IPA command method sent in the request\n" "\n" msgstr "" msgid "Make multiple ipa calls via one remote procedure call" msgstr "" msgid "must contain a tuple (list, dict)" msgstr "必须包含一个元组(列表,字典)" #, fuzzy #| msgid "Certificate Authority" msgid "" "\n" "Certificate Identity Mapping\n" msgstr "证书颁发机构" msgid "" "\n" "Manage Certificate Identity Mapping configuration and rules.\n" msgstr "" msgid "" "\n" "IPA supports the use of certificates for authentication. Certificates can\n" "either be stored in the user entry (full certificate in the usercertificate\n" "attribute), or simply linked to the user entry through a mapping.\n" "This code enables the management of the rules allowing to link a\n" "certificate to a user entry.\n" msgstr "" msgid "" "\n" " Display the Certificate Identity Mapping global configuration:\n" " ipa certmapconfig-show\n" msgstr "" msgid "" "\n" " Modify Certificate Identity Mapping global configuration:\n" " ipa certmapconfig-mod --promptusername=TRUE\n" msgstr "" msgid "" "\n" " Create a new Certificate Identity Mapping Rule:\n" " ipa certmaprule-add rule1 --desc=\"Link certificate with subject and " "issuer\"\n" msgstr "" msgid "" "\n" " Modify a Certificate Identity Mapping Rule:\n" " ipa certmaprule-mod rule1 --maprule=\"\"\n" msgstr "" msgid "" "\n" " Disable a Certificate Identity Mapping Rule:\n" " ipa certmaprule-disable rule1\n" msgstr "" msgid "" "\n" " Enable a Certificate Identity Mapping Rule:\n" " ipa certmaprule-enable rule1\n" msgstr "" #, fuzzy #| msgid "Display information about a named service delegation rule." msgid "" "\n" " Display information about a Certificate Identity Mapping Rule:\n" " ipa certmaprule-show rule1\n" msgstr "显示一个命名服务授权规则信息。" msgid "" "\n" " Find all Certificate Identity Mapping Rules with the specified domain:\n" " ipa certmaprule-find --domain example.com\n" msgstr "" msgid "" "\n" " Delete a Certificate Identity Mapping Rule:\n" " ipa certmaprule-del rule1\n" msgstr "" #, python-format msgid "" "The domain(s) \"%s\" cannot be used to apply altSecurityIdentities check." msgstr "" msgid "" "The mapping rule with altSecurityIdentities should be applied to a trusted " "Active Directory domain but no domain was associated with the rule." msgstr "" #, python-format msgid "The domain %s is neither IPA domain nor a trusteddomain." msgstr "" #, fuzzy #| msgid "Modify configuration options." msgid "Certificate Identity Mapping configuration options" msgstr "修改配置选项" #, fuzzy #| msgid "Modify Certificate Profile configuration." msgid "Certificate Identity Mapping Global Configuration" msgstr "修改证书配置文件配置。" #, fuzzy #| msgid "Prompt to set the user password" msgid "Prompt for the username" msgstr "提示设置用户密码" msgid "" "Prompt for the username when multiple identities are mapped to a certificate" msgstr "" #, fuzzy #| msgid "Modify Certificate Profile configuration." msgid "Modify Certificate Identity Mapping configuration." msgstr "修改证书配置文件配置。" #, fuzzy #| msgid "Show the current configuration." msgid "Show the current Certificate Identity Mapping configuration." msgstr "显示当前配置。" #, fuzzy #| msgid "Certificate Authorities" msgid "Certificate Identity Mapping Rules" msgstr "证书颁发机构" #, fuzzy #| msgid "Certificate Type" msgid "Certificate Identity Mapping Rule" msgstr "证书类型" #, fuzzy #| msgid "Certificate profiles cannot be renamed" msgid "Certificate Identity Mapping Rule name" msgstr "证书配置文件不能被重命名" msgid "Certificate Identity Mapping Rule description" msgstr "" msgid "Mapping rule" msgstr "" #, fuzzy #| msgid "Remove one or more certificates to the user entry" msgid "Rule used to map the certificate with a user entry" msgstr "向用户条目中移除一个或多个证书" #, fuzzy #| msgid "Matching Type" msgid "Matching rule" msgstr "匹配类型" msgid "Rule used to check if a certificate can be used for authentication" msgstr "" msgid "Domain where the user entry will be searched" msgstr "" #, fuzzy #| msgid "Priority of the policy (higher number means lower priority" msgid "Priority of the rule (higher number means lower priority" msgstr "策略优先级(数字越大意味着优先级越低" #, fuzzy #| msgid "Create a new service delegation rule." msgid "Create a new Certificate Identity Mapping Rule." msgstr "创建一个新的服务授权规则。" #, fuzzy, python-format #| msgid "Added certificates to user \"%(value)s\"" msgid "Added Certificate Identity Mapping Rule \"%(value)s\"" msgstr "已为用户\"%(value)s\"添加证书" #, fuzzy #| msgid "Modify Certificate Profile configuration." msgid "Modify a Certificate Identity Mapping Rule." msgstr "修改证书配置文件配置。" #, fuzzy, python-format #| msgid "Modified Certificate Profile \"%(value)s\"" msgid "Modified Certificate Identity Mapping Rule \"%(value)s\"" msgstr "已修改配置文件\"%(value)s\"" #, fuzzy #| msgid "Search for Certificate Profiles." msgid "Search for Certificate Identity Mapping Rules." msgstr "查找证书配置文件。" #, fuzzy, python-format #| msgid "%(count)d service delegation rule matched" #| msgid_plural "%(count)d service delegation rules matched" msgid "%(count)d Certificate Identity Mapping Rule matched" msgid_plural "%(count)d Certificate Identity Mapping Rules matched" msgstr[0] "已匹配%(count)d个服务授权规则" #, fuzzy #| msgid "Display information about a named service delegation rule." msgid "Display information about a Certificate Identity Mapping Rule." msgstr "显示一个命名服务授权规则信息。" #, fuzzy #| msgid "Delete a Certificate Profile." msgid "Delete a Certificate Identity Mapping Rule." msgstr "删除一个证书配置文件。" #, fuzzy, python-format #| msgid "Deleted service delegation target \"%(value)s\"" msgid "Deleted Certificate Identity Mapping Rule \"%(value)s\"" msgstr "已删除服务授权目标\"%(value)s\"" msgid "Enable a Certificate Identity Mapping Rule." msgstr "" #, fuzzy, python-format #| msgid "Added certificates to user \"%(value)s\"" msgid "Enabled Certificate Identity Mapping Rule \"%(value)s\"" msgstr "已为用户\"%(value)s\"添加证书" #, fuzzy #| msgid "Delete a Certificate Profile." msgid "Disable a Certificate Identity Mapping Rule." msgstr "删除一个证书配置文件。" #, fuzzy, python-format #| msgid "Modified Certificate Profile \"%(value)s\"" msgid "Disabled Certificate Identity Mapping Rule \"%(value)s\"" msgstr "已修改配置文件\"%(value)s\"" #, fuzzy #| msgid "" #| "Fetching domains from trusted forest failed. See details in the error_log" msgid "Failed to connect to sssd over SystemBus. See details in the error_log" msgstr "从信任森林中获取域失败。在error_log中查看详细信息" #, fuzzy #| msgid "" #| "Fetching domains from trusted forest failed. See details in the error_log" msgid "Failed to find users over SystemBus. See details in the error_log" msgstr "从信任森林中获取域失败。在error_log中查看详细信息" #, fuzzy #| msgid "User login" msgid "User logins" msgstr "用户登录名" msgid "" "\n" " Search for users matching the provided certificate.\n" "\n" " This command relies on SSSD to retrieve the list of matching users and\n" " may return cached data. For more information on purging SSSD cache,\n" " please refer to sss_cache documentation.\n" " " msgstr "" #, fuzzy, python-format #| msgid "%(count)d user matched" #| msgid_plural "%(count)d users matched" msgid "%(count)s user matched" msgid_plural "%(count)s users matched" msgstr[0] "已匹配%(count)d个用户" msgid "" "\n" "Manage Certificate Profiles\n" "\n" "Certificate Profiles are used by Certificate Authority (CA) in the signing " "of\n" "certificates to determine if a Certificate Signing Request (CSR) is " "acceptable,\n" "and if so what features and extensions will be present on the certificate.\n" "\n" "The Certificate Profile format is the property-list format understood by " "the\n" "Dogtag or Red Hat Certificate System CA.\n" "\n" "PROFILE ID SYNTAX:\n" "\n" "A Profile ID is a string without spaces or punctuation starting with a " "letter\n" "and followed by a sequence of letters, digits or underscore (\"_\").\n" "\n" "EXAMPLES:\n" "\n" " Import a profile that will not store issued certificates:\n" " ipa certprofile-import ShortLivedUserCert \\\n" " --file UserCert.profile --desc \"User Certificates\" \\\n" " --store=false\n" "\n" " Delete a certificate profile:\n" " ipa certprofile-del ShortLivedUserCert\n" "\n" " Show information about a profile:\n" " ipa certprofile-show ShortLivedUserCert\n" "\n" " Save profile configuration to a file:\n" " ipa certprofile-show caIPAserviceCert --out caIPAserviceCert.cfg\n" "\n" " Search for profiles that do not store certificates:\n" " ipa certprofile-find --store=false\n" "\n" "PROFILE CONFIGURATION FORMAT:\n" "\n" "The profile configuration format is the raw property-list format\n" "used by Dogtag Certificate System. The XML format is not supported.\n" "\n" "The following restrictions apply to profiles managed by FreeIPA:\n" "\n" "- When importing a profile the \"profileId\" field, if present, must\n" " match the ID given on the command line.\n" "\n" "- The \"classId\" field must be set to \"caEnrollImpl\"\n" "\n" "- The \"auth.instance_id\" field must be set to \"raCertAuth\"\n" "\n" "- The \"certReqInputImpl\" input class and \"certOutputImpl\" output\n" " class must be used.\n" "\n" msgstr "" msgid "CA is not configured" msgstr "CA没有配置" msgid "invalid Profile ID" msgstr "无效的配置文件ID" msgid "Certificate Profile" msgstr "证书配置文件" msgid "Certificate Profiles" msgstr "证书配置文件" msgid "Profile configuration" msgstr "配置文件配置" #, python-format msgid "%(count)d profile matched" msgid_plural "%(count)d profiles matched" msgstr[0] "已匹配%(count)d个配置文件" #, python-format msgid "Imported profile \"%(value)s\"" msgstr "已导入配置文件\"%(value)s\"" #, fuzzy, python-format #| msgid "Input data specified multiple times" msgid "Profile data specifies profileId multiple times: %(values)s" msgstr "多次指定输入数据" #, python-format msgid "Profile ID '%(cli_value)s' does not match profile data '%(file_value)s'" msgstr "配置文件ID '%(cli_value)s'与配置文件数据'%(file_value)s'不匹配" #, python-format msgid "Deleted profile \"%(value)s\"" msgstr "已删除配置文件\"%(value)s\"" #, python-format msgid "Predefined profile '%(profile_id)s' cannot be deleted" msgstr "预定义的配置文件'%(profile_id)s'不能被删除" #, python-format msgid "Modified Certificate Profile \"%(value)s\"" msgstr "已修改配置文件\"%(value)s\"" msgid "Certificate profiles cannot be renamed" msgstr "证书配置文件不能被重命名" #, fuzzy #| msgid "" #| "Insufficient privilege to create a certificate with subject alt name '%s'." msgid "Insufficient privilege to modify a certificate profile." msgstr "没有权限创建主题alt名为'%s'的证书。" msgid "" "\n" "Domain Name System (DNS)\n" msgstr "" "\n" "域名系统(DNS)\n" msgid "" "\n" "Manage DNS zone and resource records.\n" msgstr "" "\n" "管理DNS区域和资源记录。\n" msgid "" "\n" "SUPPORTED ZONE TYPES\n" "\n" " * Master zone (dnszone-*), contains authoritative data.\n" " * Forward zone (dnsforwardzone-*), forwards queries to configured " "forwarders\n" " (a set of DNS servers).\n" msgstr "" msgid "" "\n" "USING STRUCTURED PER-TYPE OPTIONS\n" msgstr "" msgid "" "\n" "There are many structured DNS RR types where DNS data stored in LDAP server\n" "is not just a scalar value, for example an IP address or a domain name, but\n" "a data structure which may be often complex. A good example is a LOC record\n" "[RFC1876] which consists of many mandatory and optional parts (degrees,\n" "minutes, seconds of latitude and longitude, altitude or precision).\n" msgstr "" msgid "" "\n" "It may be difficult to manipulate such DNS records without making a mistake\n" "and entering an invalid value. DNS module provides an abstraction over " "these\n" "raw records and allows to manipulate each RR type with specific options. " "For\n" "each supported RR type, DNS module provides a standard option to manipulate\n" "a raw records with format ---rec, e.g. --mx-rec, and special " "options\n" "for every part of the RR structure with format ---, e.g.\n" "--mx-preference and --mx-exchanger.\n" msgstr "" msgid "" "\n" "When adding a record, either RR specific options or standard option for a " "raw\n" "value can be used, they just should not be combined in one add operation. " "When\n" "modifying an existing entry, new RR specific options can be used to change\n" "one part of a DNS record, where the standard option for raw value is used\n" "to specify the modified value. The following example demonstrates\n" "a modification of MX record preference from 0 to 1 in a record without\n" "modifying the exchanger:\n" "ipa dnsrecord-mod --mx-rec=\"0 mx.example.com.\" --mx-preference=1\n" msgstr "" msgid "" "\n" "\n" "EXAMPLES:\n" msgstr "" "\n" "\n" "例如:\n" msgid "" "\n" " Add new zone:\n" " ipa dnszone-add example.com --admin-email=admin@example.com\n" msgstr "" msgid "" "\n" " Add system permission that can be used for per-zone privilege delegation:\n" " ipa dnszone-add-permission example.com\n" msgstr "" msgid "" "\n" " Modify the zone to allow dynamic updates for hosts own records in realm " "EXAMPLE.COM:\n" " ipa dnszone-mod example.com --dynamic-update=TRUE\n" msgstr "" msgid "" "\n" " This is the equivalent of:\n" " ipa dnszone-mod example.com --dynamic-update=TRUE \\\n" " --update-policy=\"grant EXAMPLE.COM krb5-self * A; grant EXAMPLE.COM " "krb5-self * AAAA; grant EXAMPLE.COM krb5-self * SSHFP;\"\n" msgstr "" msgid "" "\n" " Modify the zone to allow zone transfers for local network only:\n" " ipa dnszone-mod example.com --allow-transfer=192.0.2.0/24\n" msgstr "" msgid "" "\n" " Add new reverse zone specified by network IP address:\n" " ipa dnszone-add --name-from-ip=192.0.2.0/24\n" msgstr "" msgid "" "\n" " Add second nameserver for example.com:\n" " ipa dnsrecord-add example.com @ --ns-rec=nameserver2.example.com\n" msgstr "" msgid "" "\n" " Add a mail server for example.com:\n" " ipa dnsrecord-add example.com @ --mx-rec=\"10 mail1\"\n" msgstr "" msgid "" "\n" " Add another record using MX record specific options:\n" " ipa dnsrecord-add example.com @ --mx-preference=20 --mx-exchanger=mail2\n" msgstr "" msgid "" "\n" " Add another record using interactive mode (started when dnsrecord-add, " "dnsrecord-mod,\n" " or dnsrecord-del are executed with no options):\n" " ipa dnsrecord-add example.com @\n" " Please choose a type of DNS resource record to be added\n" " The most common types for this type of zone are: NS, MX, LOC\n" "\n" " DNS resource record type: MX\n" " MX Preference: 30\n" " MX Exchanger: mail3\n" " Record name: example.com\n" " MX record: 10 mail1, 20 mail2, 30 mail3\n" " NS record: nameserver.example.com., nameserver2.example.com.\n" msgstr "" msgid "" "\n" " Delete previously added nameserver from example.com:\n" " ipa dnsrecord-del example.com @ --ns-rec=nameserver2.example.com.\n" msgstr "" msgid "" "\n" " Add LOC record for example.com:\n" " ipa dnsrecord-add example.com @ --loc-rec=\"49 11 42.4 N 16 36 29.6 E " "227.64m\"\n" msgstr "" msgid "" "\n" " Add new A record for www.example.com. Create a reverse record in " "appropriate\n" " reverse zone as well. In this case a PTR record \"2\" pointing to www." "example.com\n" " will be created in zone 2.0.192.in-addr.arpa.\n" " ipa dnsrecord-add example.com www --a-rec=192.0.2.2 --a-create-reverse\n" msgstr "" msgid "" "\n" " Add new PTR record for www.example.com\n" " ipa dnsrecord-add 2.0.192.in-addr.arpa. 2 --ptr-rec=www.example.com.\n" msgstr "" msgid "" "\n" " Add new SRV records for LDAP servers. Three quarters of the requests\n" " should go to fast.example.com, one quarter to slow.example.com. If neither\n" " is available, switch to backup.example.com.\n" " ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"0 3 389 fast.example." "com\"\n" " ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"0 1 389 slow.example." "com\"\n" " ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"1 1 389 backup." "example.com\"\n" msgstr "" msgid "" "\n" " The interactive mode can be used for easy modification:\n" " ipa dnsrecord-mod example.com _ldap._tcp\n" " No option to modify specific record provided.\n" " Current DNS record contents:\n" "\n" " SRV record: 0 3 389 fast.example.com, 0 1 389 slow.example.com, 1 1 389 " "backup.example.com\n" "\n" " Modify SRV record '0 3 389 fast.example.com'? Yes/No (default No):\n" " Modify SRV record '0 1 389 slow.example.com'? Yes/No (default No): y\n" " SRV Priority [0]: (keep the default value)\n" " SRV Weight [1]: 2 (modified value)\n" " SRV Port [389]: (keep the default value)\n" " SRV Target [slow.example.com]: (keep the default value)\n" " 1 SRV record skipped. Only one value per DNS record type can be modified " "at one time.\n" " Record name: _ldap._tcp\n" " SRV record: 0 3 389 fast.example.com, 1 1 389 backup.example.com, 0 2 " "389 slow.example.com\n" msgstr "" msgid "" "\n" " After this modification, three fifths of the requests should go to\n" " fast.example.com and two fifths to slow.example.com.\n" msgstr "" msgid "" "\n" " An example of the interactive mode for dnsrecord-del command:\n" " ipa dnsrecord-del example.com www\n" " No option to delete specific record provided.\n" " Delete all? Yes/No (default No): (do not delete all records)\n" " Current DNS record contents:\n" "\n" " A record: 192.0.2.2, 192.0.2.3\n" "\n" " Delete A record '192.0.2.2'? Yes/No (default No):\n" " Delete A record '192.0.2.3'? Yes/No (default No): y\n" " Record name: www\n" " A record: 192.0.2.2 (A record 192.0.2.3 has been " "deleted)\n" msgstr "" msgid "" "\n" " Show zone example.com:\n" " ipa dnszone-show example.com\n" msgstr "" msgid "" "\n" " Find zone with \"example\" in its domain name:\n" " ipa dnszone-find example\n" msgstr "" msgid "" "\n" " Find records for resources with \"www\" in their name in zone example.com:\n" " ipa dnsrecord-find example.com www\n" msgstr "" msgid "" "\n" " Find A records with value 192.0.2.2 in zone example.com\n" " ipa dnsrecord-find example.com --a-rec=192.0.2.2\n" msgstr "" msgid "" "\n" " Show records for resource www in zone example.com\n" " ipa dnsrecord-show example.com www\n" msgstr "" msgid "" "\n" " Delegate zone sub.example to another nameserver:\n" " ipa dnsrecord-add example.com ns.sub --a-rec=203.0.113.1\n" " ipa dnsrecord-add example.com sub --ns-rec=ns.sub.example.com.\n" msgstr "" msgid "" "\n" " Delete zone example.com with all resource records:\n" " ipa dnszone-del example.com\n" msgstr "" msgid "" "\n" " If a global forwarder is configured, all queries for which this server is " "not\n" " authoritative (e.g. sub.example.com) will be routed to the global " "forwarder.\n" " Global forwarding configuration can be overridden per-zone.\n" msgstr "" msgid "" "\n" " Semantics of forwarding in IPA matches BIND semantics and depends on the " "type\n" " of zone:\n" " * Master zone: local BIND replies authoritatively to queries for data in\n" " the given zone (including authoritative NXDOMAIN answers) and forwarding\n" " affects only queries for names below zone cuts (NS records) of locally\n" " served zones.\n" "\n" " * Forward zone: forward zone contains no authoritative data. BIND " "forwards\n" " queries, which cannot be answered from its local cache, to configured\n" " forwarders.\n" msgstr "" msgid "" "\n" " Semantics of the --forward-policy option:\n" " * none - disable forwarding for the given zone.\n" " * first - forward all queries to configured forwarders. If they fail,\n" " do resolution using DNS root servers.\n" " * only - forward all queries to configured forwarders and if they fail,\n" " return failure.\n" msgstr "" msgid "" "\n" " Disable global forwarding for given sub-tree:\n" " ipa dnszone-mod example.com --forward-policy=none\n" msgstr "" msgid "" "\n" " This configuration forwards all queries for names outside the example.com\n" " sub-tree to global forwarders. Normal recursive resolution process is used\n" " for names inside the example.com sub-tree (i.e. NS records are followed " "etc.).\n" msgstr "" msgid "" "\n" " Forward all requests for the zone external.example.com to another " "forwarder\n" " using a \"first\" policy (it will send the queries to the selected " "forwarder\n" " and if not answered it will use global root servers):\n" " ipa dnsforwardzone-add external.example.com --forward-policy=first \\\n" " --forwarder=203.0.113.1\n" msgstr "" msgid "" "\n" " Change forward-policy for external.example.com:\n" " ipa dnsforwardzone-mod external.example.com --forward-policy=only\n" msgstr "" msgid "" "\n" " Show forward zone external.example.com:\n" " ipa dnsforwardzone-show external.example.com\n" msgstr "" msgid "" "\n" " List all forward zones:\n" " ipa dnsforwardzone-find\n" msgstr "" msgid "" "\n" " Delete forward zone external.example.com:\n" " ipa dnsforwardzone-del external.example.com\n" msgstr "" msgid "" "\n" " Resolve a host name to see if it exists (will add default IPA domain\n" " if one is not included):\n" " ipa dns-resolve www.example.com\n" " ipa dns-resolve www\n" msgstr "" msgid "" "\n" "\n" "GLOBAL DNS CONFIGURATION\n" msgstr "" msgid "" "\n" "DNS configuration passed to command line install script is stored in a " "local\n" "configuration file on each IPA server where DNS service is configured. " "These\n" "local settings can be overridden with a common configuration stored in LDAP\n" "server:\n" msgstr "" msgid "" "\n" " Show global DNS configuration:\n" " ipa dnsconfig-show\n" msgstr "" msgid "" "\n" " Modify global DNS configuration and set a list of global forwarders:\n" " ipa dnsconfig-mod --forwarder=203.0.113.113\n" msgstr "" msgid "invalid IP network format" msgstr "无效的IP网络格式" msgid "each ACL element must be terminated with a semicolon" msgstr "每个ACL元素必须以分好结束" msgid "invalid address format" msgstr "无效的地址格式" msgid "" "expected format: <0-255> <0-255> <0-65535> even-" "length_hexadecimal_digits_or_hyphen" msgstr "期望的格式: <0-255> <0-255> <0-65535> 每个长度是十六进制数字或连字符" msgid "algorithm value: allowed interval 0-255" msgstr "算法值:允许间隔0-255" msgid "flags value: allowed interval 0-255" msgstr "标记值:允许间隔0-255" msgid "iterations value: allowed interval 0-65535" msgstr "迭代值:允许间隔0-65535" #, python-format msgid "salt value: %(err)s" msgstr "盐值:%(err)s" msgid "invalid domain-name: not fully qualified" msgstr "无效的域名:没有完全限制" msgid "should not be a wildcard domain name (RFC 4592 section 4)" msgstr "不应该是一个通配符域名(RFC 4592 第四节)" #, python-format msgid "" "All nameservers failed to answer the query for DNS reverse zone %(revdns)s" msgstr "" #, python-format msgid "" "DNS reverse zone %(revzone)s for IP address %(addr)s is not managed by this " "server" msgstr "IP地址为%(addr)s的DNS反向区域%(revzone)s没有被该服务器管理" #, python-format msgid "DNS zone %(zone)s not found" msgstr "DNS区域%(zone)s没有找到" #, python-format msgid "IP address %(ip)s is already assigned in domain %(domain)s." msgstr "IP地址%(ip)s在域%(domain)s中已分配。" #, python-format msgid "" "Reverse record for IP address %(ip)s already exists in reverse zone %(zone)s." msgstr "在反向区域%(zone)s中IP地址为%(ip)s的反向记录已存在。" #, python-format msgid "%s record" msgstr "%s记录" #, python-format msgid "Raw %s records" msgstr "原始的%s记录" #, python-format msgid "%s Record" msgstr "%s记录" #, python-format msgid "(see RFC %s for details)" msgstr "(查阅RFC %s 来获取详细信息)" #, python-format msgid "'%s' is a required part of DNS record" msgstr "'%s'是DNS记录的必要部分" msgid "Invalid number of parts!" msgstr "无效的部分!" #, python-format msgid "DNS RR type \"%s\" is not supported by bind-dyndb-ldap plugin" msgstr "DNS RR类型\"%s\"在bind-dyndb-ldap插件中不被支持" #, python-format msgid "format must be specified as \"%(format)s\" %(rfcs)s" msgstr "格式必须被指定为\"%(format)s\" %(rfcs)s" msgid "Create reverse" msgstr "创建反向" #, python-format msgid "Cannot create reverse record for \"%(value)s\": %(exc)s" msgstr "不能创建反向记录\"%(value)s\":%(exc)s" msgid "Exchanger" msgstr "交换器" msgid "" "format must be specified as\n" " \"d1 [m1 [s1]] {\"N\"|\"S\"} d2 [m2 [s2]] {\"E\"|\"W\"} alt[\"m\"] " "[siz[\"m\"] [hp[\"m\"] [vp[\"m\"]]]]\"\n" " where:\n" " d1: [0 .. 90] (degrees latitude)\n" " d2: [0 .. 180] (degrees longitude)\n" " m1, m2: [0 .. 59] (minutes latitude/longitude)\n" " s1, s2: [0 .. 59.999] (seconds latitude/longitude)\n" " alt: [-100000.00 .. 42849672.95] BY .01 (altitude in meters)\n" " siz, hp, vp: [0 .. 90000000.00] (size/precision in meters)\n" " See RFC 1876 for details" msgstr "" #, python-format msgid "'%(required)s' must not be empty when '%(name)s' is set" msgstr "当'%(name)s'被设置时'%(required)s'必须不能为空" msgid "flags must be one of \"S\", \"A\", \"U\", or \"P\"" msgstr "标记必须是\"S\",\"A\",\"U\"或\"P\"中的一个" msgid "Priority (order)" msgstr "优先级(顺序)" msgid "" "Lower number means higher priority. Clients will attempt to contact the " "server with the lowest-numbered priority they can reach." msgstr "" "数字越低代表优先级越高。客户端尝试用它们可以得到的最低数字优先级区访问服务" "器。" msgid "Relative weight for entries with the same priority." msgstr "拥有相同优先级条目的相对权重。" msgid "the value does not follow \"YYYYMMDDHHMMSS\" time format" msgstr "值不是\"YYYYMMDDHHMMSS\"时间格式" msgid "" "Lower number means higher priority. Clients will attempt to contact the URI " "with the lowest-numbered priority they can reach." msgstr "" "数字越低代表优先级越高。客户端尝试用它们可以得到的最低数字优先级区访问URI。" msgid "Target Uniform Resource Identifier" msgstr "目标统一资源标识符" msgid "Target Uniform Resource Identifier according to RFC 3986" msgstr "目标统一资源标识符依据RFC 3986" #, python-format msgid "Nameserver '%(host)s' does not have a corresponding A/AAAA record" msgstr "命名服务器'%(host)s'没有相配的DNS A/AAAA记录" #, fuzzy #| msgid "" #| "\n" #| "Managed permissions\n" msgid "Managedby permission" msgstr "" "\n" "管理权限\n" msgid "Only one zone type is allowed per zone name" msgstr "每个区域名只允许一种区域类型" #, python-format msgid "Added system permission \"%(value)s\"" msgstr "已添加系统权限\"%(value)s\"" #, python-format msgid "permission \"%(value)s\" already exists" msgstr "权限\"%(value)s\"已存在" #, python-format msgid "Removed system permission \"%(value)s\"" msgstr "已移除系统权限\"%(value)s\"" msgid "DNS zone" msgstr "DNS区域" msgid "DNS zones" msgstr "DNS区域" msgid "DNS Zones" msgstr "DNS区域" msgid "DNS Zone" msgstr "DNS区域" msgid "Default time to live" msgstr "默认存活时间" msgid "Time to live for records without explicit TTL definition" msgstr "没有明确TTL定义的记录存活时间" msgid "setting Authoritative nameserver" msgstr "设置权威命名服务器" msgid "It is used only for setting the SOA MNAME attribute." msgstr "它仅被用来设置SOA MNAME属性。" msgid "NS record(s) can be edited in zone apex - '@'. " msgstr "NS记录可以在带'@'的区域被编辑。" #, fuzzy #| msgid "IPA DNS servers" msgid "" msgstr "IPA DNS服务器" msgid "Nameserver for reverse zone cannot be a relative DNS name" msgstr "命名服务器的反向区域不能是一个相对的DNS名" #, python-format msgid "Deleted DNS zone \"%(value)s\"" msgstr "已删除DNS区域\"%(value)s\"" msgid "is required" msgstr "是需要的" #, python-format msgid "Disabled DNS zone \"%(value)s\"" msgstr "已禁用DNS区域\"%(value)s\"" #, python-format msgid "Enabled DNS zone \"%(value)s\"" msgstr "已启用DNS区域\"%(value)s\"" msgid "DNS resource record" msgstr "DNS资源记录" msgid "DNS resource records" msgstr "DNS资源记录" msgid "DNS Resource Records" msgstr "DNS资源记录" msgid "DNS Resource Record" msgstr "DNS资源记录" msgid "DS record must not be in zone apex (RFC 4035 section 2.4)" msgstr "DS记录不得在区域顶点(RFC 4035第2.4节)" msgid "" "out-of-zone data: record name must be a subdomain of the zone or a relative " "name" msgstr "区域外数据:记录名必须是区域或相对名的一个子域" #, python-format msgid "" "owner of %(types)s records should not be a wildcard domain name (RFC 4592 " "section 4)" msgstr "%(types)s记录的所有者不应该是一个通配符域名(RFC 4592 第四节)" #, python-format msgid "" "Reverse zone for PTR record should be a sub-zone of one the following fully " "qualified domains: %s" msgstr "反向区域的PTR记录应该是下面完全其中一个限制域:%s的子区域" #, python-format msgid "" "Reverse zone %(name)s requires exactly %(count)d IP address components, " "%(user_count)d given" msgstr "反向区域%(name)s恰好需要%(count)d个IP地址组件,已给出%(user_count)d" msgid "only master zones can contain records" msgstr "仅有主区域才可以包含记录" msgid "only one CNAME record is allowed per name (RFC 2136, section 1.1.5)" msgstr "每个名称仅允许有一个CNAME记录(RFC 2136,第1.1.5节)" msgid "" "CNAME record is not allowed to coexist with any other record (RFC 1034, " "section 3.6.2)" msgstr "CNAME记录不允许与任何其他记录共存(RFC 1034,第3.6.2节)" msgid "only one DNAME record is allowed per name (RFC 6672, section 2.4)" msgstr "每个名称仅允许有一个DNAME记录(RFC 6672,第2.4节)" #, python-format msgid "" "NS record is not allowed to coexist with an %(type)s record except when " "located in a zone root record (RFC 2181, section 6.1)" msgstr "" "NS记录是不能和一个%(type)s记录共存的,除非它位于根区域记录(RFC 2181,第6." "节)" msgid "" "DS record requires to coexist with an NS record (RFC 4592 section 4.6, RFC " "4035 section 2.4)" msgstr "DS记录需要与一个NS记录共存(RFC 4592第4.6节,RFC 4035第2.4节)" #, python-format msgid "Raw value of a DNS record was already set by \"%(name)s\" option" msgstr "DNS记录的原始值已被设定为\"%(name)s\"选项" msgid "DNS zone root record cannot be renamed" msgstr "DNS根区域记录不能被重命名" msgid "DNS records can be only updated one at a time" msgstr "一次只能更新一条DNS记录" #, python-format msgid "Deleted record \"%(value)s\"" msgstr "已删除记录\"%(value)s\"" #, python-format msgid "Zone record '%s' cannot be deleted" msgstr "区域记录'%s'不能被删除" #, python-format msgid "Found '%(value)s'" msgstr "找到'%(value)s'" #, python-format msgid "Host '%(host)s' not found" msgstr "主机'%(host)s'没有找到" msgid "DNS configuration options" msgstr "DNS配置选项" msgid "DNS Global Configuration" msgstr "DNS全局配置" msgid "IPA DNS version" msgstr "IPA DNS版本" msgid "List of IPA masters configured as DNS servers" msgstr "IPA主服务器配置为DNS服务器列表" msgid "IPA server configured as DNSSec key master" msgstr "IPA服务器配置为DNSSec密钥主机" msgid "Global DNS configuration is empty" msgstr "全局DNS配置是空的" msgid "DNS forward zone" msgstr "DNS正向区域" msgid "DNS forward zones" msgstr "DNS正向区域" msgid "DNS Forward Zones" msgstr "DNS正向区域" msgid "DNS Forward Zone" msgstr "DNS正向区域" msgid "Please specify forwarders." msgstr "请指定转发器。" #, python-format msgid "Deleted DNS forward zone \"%(value)s\"" msgstr "已删除DNS正向区域\"%(value)s\"" #, python-format msgid "Disabled DNS forward zone \"%(value)s\"" msgstr "已禁用DNS正向区域\"%(value)s\"" #, python-format msgid "Enabled DNS forward zone \"%(value)s\"" msgstr "已启用DNS正向区域\"%(value)s\"" msgid "IPA DNS records" msgstr "IPA DNS记录" msgid "IPA location records" msgstr "IPA位置记录" msgid "Update location and IPA server DNS records" msgstr "更新位置和IPA服务器DNS记录" msgid "Result of the command" msgstr "命令返回值" msgid "Dry run" msgstr "" msgid "Do not update records only return expected records" msgstr "不更新记录只返回预期的记录" #, python-brace-format msgid "{role}: role not found" msgstr "{role}:角色没有找到" #, python-brace-format msgid "{attr}: no such attribute" msgstr "{attr}:没有这样的属性" msgid "" "\n" "Topology\n" "\n" "Management of a replication topology at domain level 1.\n" msgstr "" "\n" "拓扑\n" "\n" "域级别为1的复制拓扑的管理。\n" msgid "" "\n" "IPA server's data is stored in LDAP server in two suffixes:\n" "* domain suffix, e.g., 'dc=example,dc=com', contains all domain related " "data\n" "* ca suffix, 'o=ipaca', is present only on server with CA installed. It\n" " contains data for Certificate Server component\n" msgstr "" msgid "" "\n" "Data stored on IPA servers is replicated to other IPA servers. The way it " "is\n" "replicated is defined by replication agreements. Replication agreements " "needs\n" "to be set for both suffixes separately. On domain level 0 they are managed\n" "using ipa-replica-manage and ipa-csreplica-manage tools. With domain level " "1\n" "they are managed centrally using `ipa topology*` commands.\n" msgstr "" msgid "" "\n" "Agreements are represented by topology segments. By default topology " "segment\n" "represents 2 replication agreements - one for each direction, e.g., A to B " "and\n" "B to A. Creation of unidirectional segments is not allowed.\n" msgstr "" msgid "" "\n" "To verify that no server is disconnected in the topology of the given " "suffix,\n" "use:\n" " ipa topologysuffix-verify $suffix\n" msgstr "" msgid "" "\n" "\n" "Examples:\n" " Find all IPA servers:\n" " ipa server-find\n" msgstr "" msgid "" "\n" " Find all suffixes:\n" " ipa topologysuffix-find\n" msgstr "" msgid "" "\n" " Add topology segment to 'domain' suffix:\n" " ipa topologysegment-add domain --left IPA_SERVER_A --right IPA_SERVER_B\n" msgstr "" msgid "" "\n" " Add topology segment to 'ca' suffix:\n" " ipa topologysegment-add ca --left IPA_SERVER_A --right IPA_SERVER_B\n" msgstr "" msgid "" "\n" " List all topology segments in 'domain' suffix:\n" " ipa topologysegment-find domain\n" msgstr "" msgid "" "\n" " List all topology segments in 'ca' suffix:\n" " ipa topologysegment-find ca\n" msgstr "" msgid "" "\n" " Delete topology segment in 'domain' suffix:\n" " ipa topologysegment-del domain segment_name\n" msgstr "" msgid "" "\n" " Delete topology segment in 'ca' suffix:\n" " ipa topologysegment-del ca segment_name\n" msgstr "" msgid "" "\n" " Verify topology of 'domain' suffix:\n" " ipa topologysuffix-verify domain\n" msgstr "" msgid "" "\n" " Verify topology of 'ca' suffix:\n" " ipa topologysuffix-verify ca\n" msgstr "" #, python-brace-format msgid "Topology management requires minimum domain level {0} " msgstr "拓扑管理需要最小域级别{0}" msgid "segment" msgstr "段" msgid "segments" msgstr "段" msgid "Topology Segments" msgstr "拓扑段" msgid "Topology Segment" msgstr "拓扑段" #, python-format msgid "left node is not a topology node: %(leftnode)s" msgstr "左节点不是一个拓扑节点:%(leftnode)s" #, python-format msgid "right node is not a topology node: %(rightnode)s" msgstr "右节点不是一个拓扑节点:%(rightnode)s" msgid "left node and right node must not be the same" msgstr "左节点和右节点必须不同" #, python-brace-format msgid "left node ({host}) does not support suffix '{suff}'" msgstr "左节点({host})不支持后缀'{suff}'" #, python-brace-format msgid "right node ({host}) does not support suffix '{suff}'" msgstr "右节点({host})不支持后缀'{suff}'" #, python-format msgid "%(count)d segment matched" msgid_plural "%(count)d segments matched" msgstr[0] "已匹配%(count)d个段" #, python-format msgid "Added segment \"%(value)s\"" msgstr "已添加段\"%(value)s\"" #, python-format msgid "Deleted segment \"%(value)s\"" msgstr "已删除段\"%(value)s\"" #, python-format msgid "Modified segment \"%(value)s\"" msgstr "已修改段\"%(value)s\"" #, python-format msgid "%(value)s" msgstr "%(value)s" msgid "left or right node has to be specified" msgstr "左或右节点没有被指定" msgid "only one node can be specified" msgstr "仅有一个节点可以被指定" #, python-format msgid "Replication refresh for segment: \"%(pkey)s\" requested." msgstr "副本更新段:要求\"%(pkey)s\"。" #, python-format msgid "Stopping of replication refresh for segment: \"%(pkey)s\" requested." msgstr "停止副本更新段:要求\"%(pkey)s\"。" msgid "suffixes" msgstr "后缀" msgid "Topology suffixes" msgstr "拓扑后缀" msgid "Topology suffix" msgstr "拓扑后缀" #, python-format msgid "%(count)d topology suffix matched" msgid_plural "%(count)d topology suffixes matched" msgstr[0] "已匹配%(count)d个拓扑后缀" #, python-format msgid "Deleted topology suffix \"%(value)s\"" msgstr "已删除拓扑后缀\"%(value)s\"" #, python-format msgid "Added topology suffix \"%(value)s\"" msgstr "已添加拓扑后缀\"%(value)s\"" #, python-format msgid "Modified topology suffix \"%(value)s\"" msgstr "已修改拓扑后缀\"%(value)s\"" msgid "" "\n" "Verify replication topology for suffix.\n" "\n" "Checks done:\n" " 1. check if a topology is not disconnected. In other words if there are\n" " replication paths between all servers.\n" " 2. check if servers don't have more than the recommended number of\n" " replication agreements\n" msgstr "" "\n" "验证复制拓扑的后缀。\n" "检查完成:\n" " 1. 检查是否还有没有连接的拓扑。换句话说,是否在所有服务器之间存在复制路" "径。\n" " 2. 检查是否服务器没有超过推荐的副本协议数\n" msgid "" "\n" "IPA certificate operations\n" msgstr "" "\n" "IPA证书操作\n" msgid "" "\n" "Implements a set of commands for managing server SSL certificates.\n" msgstr "" "\n" "实现了一组命令来管理服务器的SSL证书。\n" msgid "" "\n" "Certificate requests exist in the form of a Certificate Signing Request " "(CSR)\n" "in PEM format.\n" msgstr "" "\n" "证书请求以PEM格式的证书签名请求(CSR)的形式存在。\n" msgid "" "\n" "The dogtag CA uses just the CN value of the CSR and forces the rest of the\n" "subject to values configured in the server.\n" msgstr "" "\n" "dogtag CA只是使用CSR的CN值,并强制主题的其他值在服务器中配置。\n" msgid "" "\n" "A certificate is stored with a service principal and a service principal\n" "needs a host.\n" msgstr "" "\n" "一个证书是以一个服务主体存储,并一个服务主体需要一个主机。\n" msgid "" "\n" "In order to request a certificate:\n" msgstr "" "\n" "为了请求一个证书:\n" msgid "" "\n" "* The host must exist\n" "* The service must exist (or you use the --add option to automatically add " "it)\n" msgstr "" "\n" "* 主机必须存在\n" "* 服务必须存在(或者你使用--add选项来自动添加它)\n" msgid "" "\n" "SEARCHING:\n" msgstr "" "\n" "查找:\n" msgid "" "\n" "Certificates may be searched on by certificate subject, serial number,\n" "revocation reason, validity dates and the issued date.\n" msgstr "" "\n" "证书可能通过证书主题,序列号,撤销原因,有效日期和发布日期来查询。\n" msgid "" "\n" "When searching on dates the _from date does a >= search and the _to date\n" "does a <= search. When combined these are done as an AND.\n" msgstr "" msgid "" "\n" "Dates are treated as GMT to match the dates in the certificates.\n" msgstr "" "\n" "GMT格式的日期用来匹配证书里的日期。\n" msgid "" "\n" "The date format is YYYY-mm-dd.\n" msgstr "" "\n" "日期格式是YYYY-mm-dd。\n" msgid "" "\n" " Request a new certificate and add the principal:\n" " ipa cert-request --add --principal=HTTP/lion.example.com example.csr\n" msgstr "" #, fuzzy #| msgid "Retrieve an existing certificate." msgid "" "\n" " Retrieve an existing certificate:\n" " ipa cert-show 1032\n" msgstr "检索一个已存在的证书。" msgid "" "\n" " Revoke a certificate (see RFC 5280 for reason details):\n" " ipa cert-revoke --revocation-reason=6 1032\n" msgstr "" msgid "" "\n" " Remove a certificate from revocation hold status:\n" " ipa cert-remove-hold 1032\n" msgstr "" #, fuzzy #| msgid "Check the status of a certificate signing request." msgid "" "\n" " Check the status of a signing request:\n" " ipa cert-status 10\n" msgstr "检查证书签名请求的状态。" msgid "" "\n" " Search for certificates by hostname:\n" " ipa cert-find --subject=ipaserver.example.com\n" msgstr "" #, fuzzy #| msgid "" #| "Reason for revoking the certificate (0-10). Type \"ipa help cert\" for " #| "revocation reason details. " msgid "" "\n" " Search for revoked certificates by reason:\n" " ipa cert-find --revocation-reason=5\n" msgstr "撤销证书的原因(0-10)。输入\"ipa help cert\"来查看详细撤销原因。" msgid "" "\n" " Search for certificates based on issuance date\n" " ipa cert-find --issuedon-from=2013-02-01 --issuedon-to=2013-02-07\n" msgstr "" msgid "" "\n" " Search for certificates owned by a specific user:\n" " ipa cert-find --user=user\n" msgstr "" msgid "" "\n" " Examine a certificate:\n" " ipa cert-find --file=cert.pem --all\n" msgstr "" msgid "" "\n" " Verify that a certificate is owned by a specific user:\n" " ipa cert-find --file=cert.pem --user=user\n" msgstr "" msgid "" "\n" "IPA currently immediately issues (or declines) all certificate requests so\n" "the status of a request is not normally useful. This is for future use\n" "or the case where a CA does not immediately issue a certificate.\n" msgstr "" msgid "" "\n" "The following revocation reasons are supported:\n" "\n" msgstr "" "\n" "支持下面的撤销原因:\n" #, fuzzy #| msgid "Unspecified" msgid " * 0 - unspecified\n" msgstr "未指定的" #, fuzzy #| msgid "Key Compromise" msgid " * 1 - keyCompromise\n" msgstr "密钥泄露" msgid " * 2 - cACompromise\n" msgstr "" msgid " * 3 - affiliationChanged\n" msgstr "" msgid " * 4 - superseded\n" msgstr "" msgid " * 5 - cessationOfOperation\n" msgstr "" #, fuzzy #| msgid "CA certificate" msgid " * 6 - certificateHold\n" msgstr "CA证书" msgid " * 8 - removeFromCRL\n" msgstr "" #, fuzzy #| msgid "Privilege Withdrawn" msgid " * 9 - privilegeWithdrawn\n" msgstr "特权撤销" msgid " * 10 - aACompromise\n" msgstr "" msgid "" "\n" "Note that reason code 7 is not used. See RFC 5280 for more details:\n" msgstr "" "\n" "注意没有使用原因码7。查看RFC 5280以获取更多详细信息:\n" msgid "" "\n" "http://www.ietf.org/rfc/rfc5280.txt\n" "\n" msgstr "" #, python-format msgid "" "Principal '%(principal)s' is not permitted to use CA '%(ca)s' with profile " "'%(profile_id)s' for certificate issuance." msgstr "" "主体'%(principal)s'不允许使用含配置文件'%(profile_id)s'的CA '%(ca)s'来发布证" "书。" msgid "enabledService/configuredService not in ipaConfigString kdc entry" msgstr "" #, fuzzy, python-format #| msgid "Host '%(host)s' not found" msgid "Host '%(hostname)s' is not an active KDC" msgstr "主机'%(host)s'没有找到" msgid "Issuing CA" msgstr "发行CA" msgid "Name of issuing CA" msgstr "签发的CA名称" msgid "Subject email address" msgstr "主题电子邮件地址" msgid "Subject DNS name" msgstr "主题DNS名" msgid "Subject X.400 address" msgstr "主题X.400地址" msgid "Subject directory name" msgstr "主题目录名" msgid "Subject EDI Party name" msgstr "主题EDI参与方名称" msgid "Subject URI" msgstr "主题URI" msgid "Subject IP Address" msgstr "主题IP地址" msgid "Subject OID" msgstr "主题OID" msgid "Subject UPN" msgstr "主题UPN" msgid "Subject Kerberos principal name" msgstr "主题Kerberos主体名" msgid "Subject Other Name" msgstr "主题别名" msgid "Serial number (hex)" msgstr "序列号(十六进制)" msgid "Request status" msgstr "请求状态" msgid "" "automatically add the principal if it doesn't exist (service principals only)" msgstr "如果主体不存在则自动添加它(仅对服务主体)" #, python-format msgid "krbtgt certs can use only the %s profile" msgstr "" msgid "No Common Name was found in subject of request." msgstr "在请求的主题中找不到通用名。" #, fuzzy, python-format #| msgid "" #| "hostname in subject of request '%(cn)s' does not match principal hostname " #| "'%(hostname)s'" msgid "" "hostname in subject of request '%(cn)s' does not match name or aliases of " "principal '%(principal)s'" msgstr "请求主题'%(cn)s'的主机名与主体主机名'%(hostname)s'不匹配" #, python-format msgid "" "hostname in subject of request '%(cn)s' does not match principal hostname " "'%(hostname)s'" msgstr "请求主题'%(cn)s'的主机名与主体主机名'%(hostname)s'不匹配" msgid "DN commonName does not match user's login" msgstr "DN通用名与用户登录名不匹配" msgid "DN emailAddress does not match any of user's email addresses" msgstr "DN电子邮件地址不匹配任何用户的电子邮件地址" #, python-format msgid "" "Insufficient 'write' privilege to the 'userCertificate' attribute of entry " "'%s'." msgstr "对条目'%s'的'userCertificate'属性没有'write'权限。" #, python-format msgid "subject alt name type %s is forbidden for user principals" msgstr "主题alt名称类型%s禁止用户主体" #, python-format msgid "" "The service principal for subject alt name %s in certificate request does " "not exist" msgstr "在证书请求中主题alt名为%s的服务主体不存在" #, python-format msgid "" "Insufficient privilege to create a certificate with subject alt name '%s'." msgstr "没有权限创建主题alt名为'%s'的证书。" #, python-format msgid "Principal '%s' in subject alt name does not match requested principal" msgstr "在主题alt名中的主体'%s'与请求的主体不匹配" msgid "RFC822Name does not match any of user's email addresses" msgstr "RFC822名称与任何用户的电子邮件地址都不匹配" #, python-format msgid "subject alt name type %s is forbidden for non-user principals" msgstr "主题alt名称类型%s禁止非用户主体" #, python-format msgid "Subject alt name type %s is forbidden" msgstr "主题alt名称类型%s被禁止" #, python-format msgid "CA '%s' is disabled" msgstr "CA'%s'被禁用" msgid "'add' option" msgstr "'add'选项" #, python-format msgid "IP address in subjectAltName (%s) unreachable from DNS names" msgstr "" #, python-format msgid "IP address in subjectAltName (%s) does not have PTR record" msgstr "" #, python-format msgid "PTR record for SAN IP (%s) does not match A/AAAA records" msgstr "" msgid "Revoked" msgstr "撤销" msgid "" "Reason for revoking the certificate (0-10). Type \"ipa help cert\" for " "revocation reason details. " msgstr "撤销证书的原因(0-10)。输入\"ipa help cert\"来查看详细撤销原因。" #, python-format msgid "Owner %s" msgstr "所有者%s" #, python-format msgid "" "Certificate with serial number %(serial)s issued by CA '%(ca)s' not found" msgstr "由CA'%(ca)s'发布序列号为%(serial)s的证书没有找到" msgid "7 is not a valid revocation reason" msgstr "7不是一个有效的撤销原因" msgid "Results should contain primary key attribute only (\"certificate\")" msgstr "结果应该只包括主键属性(\"certificate\")" #, python-format msgid "%(count)d certificate matched" msgid_plural "%(count)d certificates matched" msgstr[0] "已匹配%(count)d个证书" #, python-format msgid "Search for certificates with these owner %s." msgstr "查找含这些所有者%s的证书。" #, python-format msgid "Search for certificates without these owner %s." msgstr "查找不含这些所有者%s的证书。" msgid "" "\n" "Auto Membership Rule.\n" msgstr "" "\n" "自动成员规则。\n" msgid "" "\n" "Bring clarity to the membership of hosts and users by configuring inclusive\n" "or exclusive regex patterns, you can automatically assign a new entries " "into\n" "a group or hostgroup based upon attribute information.\n" msgstr "" msgid "" "\n" "A rule is directly associated with a group by name, so you cannot create\n" "a rule without an accompanying group or hostgroup.\n" msgstr "" "\n" "规则是和组名直接关联的,因此你不能创建一个没有组或主机组的规则。\n" msgid "" "\n" "A condition is a regular expression used by 389-ds to match a new incoming\n" "entry with an automember rule. If it matches an inclusive rule then the\n" "entry is added to the appropriate group or hostgroup.\n" msgstr "" "\n" "条件是一个用于389-ds的正则表达式来用一个自动成员规则区匹配一个新添加的条目。" "如果它匹配一个兼容规则,那么该条目被添加到合适的组或主机组中去。\n" msgid "" "\n" "A default group or hostgroup could be specified for entries that do not\n" "match any rule. In case of user entries this group will be a fallback group\n" "because all users are by default members of group specified in IPA config.\n" msgstr "" "\n" "一个默认组或主机组可以指定给不匹配任何规则的条目。万一是用户条目,则该组会是" "一个会退组,因为在IPA配置中所有用户默认是指定组的成员。\n" msgid "" "\n" "The automember-rebuild command can be used to retroactively run automember " "rules\n" "against existing entries, thus rebuilding their membership.\n" msgstr "" "\n" "automember-rebuild命令可以用来对现有条目跟踪运行自动成员规则,以此来重建它们" "的成员组。\n" msgid "" "\n" " Add the initial group or hostgroup:\n" " ipa hostgroup-add --desc=\"Web Servers\" webservers\n" " ipa group-add --desc=\"Developers\" devel\n" msgstr "" msgid "" "\n" " Add the initial rule:\n" " ipa automember-add --type=hostgroup webservers\n" " ipa automember-add --type=group devel\n" msgstr "" msgid "" "\n" " Add a condition to the rule:\n" " ipa automember-add-condition --key=fqdn --type=hostgroup --inclusive-" "regex=^web[1-9]+\\.example\\.com webservers\n" " ipa automember-add-condition --key=manager --type=group --inclusive-" "regex=^uid=mscott devel\n" msgstr "" msgid "" "\n" " Add an exclusive condition to the rule to prevent auto assignment:\n" " ipa automember-add-condition --key=fqdn --type=hostgroup --exclusive-" "regex=^web5\\.example\\.com webservers\n" msgstr "" msgid "" "\n" " Add a host:\n" " ipa host-add web1.example.com\n" msgstr "" msgid "" "\n" " Add a user:\n" " ipa user-add --first=Tim --last=User --password tuser1 --manager=mscott\n" msgstr "" msgid "" "\n" " Verify automembership:\n" " ipa hostgroup-show webservers\n" " Host-group: webservers\n" " Description: Web Servers\n" " Member hosts: web1.example.com\n" "\n" " ipa group-show devel\n" " Group name: devel\n" " Description: Developers\n" " GID: 1004200000\n" " Member users: tuser\n" msgstr "" msgid "" "\n" " Remove a condition from the rule:\n" " ipa automember-remove-condition --key=fqdn --type=hostgroup --inclusive-" "regex=^web[1-9]+\\.example\\.com webservers\n" msgstr "" msgid "" "\n" " Modify the automember rule:\n" " ipa automember-mod\n" msgstr "" msgid "" "\n" " Set the default (fallback) target group:\n" " ipa automember-default-group-set --default-group=webservers --" "type=hostgroup\n" " ipa automember-default-group-set --default-group=ipausers --type=group\n" msgstr "" msgid "" "\n" " Remove the default (fallback) target group:\n" " ipa automember-default-group-remove --type=hostgroup\n" " ipa automember-default-group-remove --type=group\n" msgstr "" msgid "" "\n" " Show the default (fallback) target group:\n" " ipa automember-default-group-show --type=hostgroup\n" " ipa automember-default-group-show --type=group\n" msgstr "" msgid "" "\n" " Find all of the automember rules:\n" " ipa automember-find\n" msgstr "" msgid "" "\n" " Find all of the orphan automember rules:\n" " ipa automember-find-orphans --type=hostgroup\n" " Find all of the orphan automember rules and remove them:\n" " ipa automember-find-orphans --type=hostgroup --remove\n" msgstr "" msgid "" "\n" " Display a automember rule:\n" " ipa automember-show --type=hostgroup webservers\n" " ipa automember-show --type=group devel\n" msgstr "" msgid "" "\n" " Delete an automember rule:\n" " ipa automember-del --type=hostgroup webservers\n" " ipa automember-del --type=group devel\n" msgstr "" msgid "" "\n" " Rebuild membership for all users:\n" " ipa automember-rebuild --type=group\n" msgstr "" msgid "" "\n" " Rebuild membership for all hosts:\n" " ipa automember-rebuild --type=hostgroup\n" msgstr "" msgid "" "\n" " Rebuild membership for specified users:\n" " ipa automember-rebuild --users=tuser1 --users=tuser2\n" msgstr "" msgid "" "\n" " Rebuild membership for specified hosts:\n" " ipa automember-rebuild --hosts=web1.example.com --hosts=web2.example." "com\n" msgstr "" msgid "Auto Membership Rule" msgstr "自动成员规则" #, python-format msgid "%(otype)s \"%(oname)s\" not found" msgstr "%(otype)s \"%(oname)s\"没有找到" #, python-format msgid "%s is not a valid attribute." msgstr "%s不是一个有效的属性。" #, fuzzy #| msgid "Add an automember rule." msgid "" "\n" " Add an automember rule.\n" " " msgstr "添加一个自动成员规则。" #, python-format msgid "Added automember rule \"%(value)s\"" msgstr "已添加自动成员规则\"%(value)s\"" msgid "Auto Membership is not configured" msgstr "自动成员没有配置" #, fuzzy #| msgid "Add conditions to an automember rule." msgid "" "\n" " Add conditions to an automember rule.\n" " " msgstr "添加条件到一个自动成员规则。" #, python-format msgid "Added condition(s) to \"%(value)s\"" msgstr "已在\"%(value)s\"上添加条件" #, python-format msgid "Auto member rule: %s not found!" msgstr "自动成员规则:%s没有找到!" msgid "" "\n" " Override this so we can add completed and failed to the return " "result.\n" " " msgstr "" #, fuzzy #| msgid "Remove conditions from an automember rule." msgid "" "\n" " Remove conditions from an automember rule.\n" " " msgstr "从一个自动成员规则中移除条件。" #, python-format msgid "Removed condition(s) from \"%(value)s\"" msgstr "已从\"%(value)s\"中移除条件" msgid "" "\n" " Override this so we can set completed and failed.\n" " " msgstr "" #, fuzzy #| msgid "Modify an automember rule." msgid "" "\n" " Modify an automember rule.\n" " " msgstr "修改一个自动成员规则。" #, python-format msgid "Modified automember rule \"%(value)s\"" msgstr "已修改自动成员规则\"%(value)s\"" #, fuzzy #| msgid "Delete an automember rule." msgid "" "\n" " Delete an automember rule.\n" " " msgstr "删除一个自动成员规则。" #, python-format msgid "Deleted automember rule \"%(value)s\"" msgstr "已删除自动成员规则\"%(value)s\"" #, fuzzy #| msgid "Search for automember rules." msgid "" "\n" " Search for automember rules.\n" " " msgstr "查找自动成员规则。" #, python-format msgid "%(count)d rules matched" msgid_plural "%(count)d rules matched" msgstr[0] "已匹配%(count)d个规则" #, fuzzy #| msgid "Display information about an automember rule." msgid "" "\n" " Display information about an automember rule.\n" " " msgstr "显示一个自动成员规则信息。" #, fuzzy #| msgid "Set default (fallback) group for all unmatched entries." msgid "" "\n" " Set default (fallback) group for all unmatched entries.\n" " " msgstr "对所有不匹配的条目设置默认(回退)组。" #, python-format msgid "Set default (fallback) group for automember \"%(value)s\"" msgstr "已为自动成员\"%(value)s\"设置默认(回滚)组" #, fuzzy #| msgid "Remove default (fallback) group for all unmatched entries." msgid "" "\n" " Remove default (fallback) group for all unmatched entries.\n" " " msgstr "对所有不匹配的条目移除默认(回退)组。" #, python-format msgid "Removed default (fallback) group for automember \"%(value)s\"" msgstr "已为自动成员\"%(value)s\"移除默认(回滚)组" msgid "No default (fallback) group set" msgstr "没有设置(回滚)组" #, fuzzy #| msgid "Display information about the default (fallback) automember groups." msgid "" "\n" " Display information about the default (fallback) automember groups.\n" " " msgstr "显示默认(回退)自动成员组的信息。" msgid "Task DN" msgstr "任务DN" msgid "DN of the started task" msgstr "已开始任务的DN" msgid "at least one of options: type, users, hosts must be specified" msgstr "至少指定其中一个选项:类型,用户,主机" msgid "users and hosts cannot both be set" msgstr "用户和主机不能被同时设置" msgid "hosts cannot be set when type is 'group'" msgstr "当类型是'group'是主机不能被设置" msgid "users cannot be set when type is 'hostgroup'" msgstr "当类型是'hostgroup'是用户不能被设置" msgid "Automember rebuild membership task started" msgstr "自动成员重建成员关系任务已开始" #, python-format msgid "Task DN = '%s'" msgstr "任务DN = '%s'" msgid "" "\n" " Search for orphan automember rules. The command might need to be run as\n" " a privileged user user to get all orphan rules.\n" " " msgstr "" #, fuzzy #| msgid "Remove conditions from an automember rule." msgid "Remove orphan automember rules" msgstr "从一个自动成员规则中移除条件。" msgid "Member service groups" msgstr "成员服务组" msgid "Member HBAC service groups" msgstr "成员HBAC服务组" #, fuzzy #| msgid "User ID overrides" msgid "Member ID user overrides" msgstr "用户ID覆盖" #, fuzzy #| msgid "Indirect Member users" msgid "Indirect Member ID user overrides" msgstr "间接成员用户" msgid "Indirect Member permissions" msgstr "间接成员权限" msgid "Indirect Member HBAC service" msgstr "间接成员HBAC服务" msgid "Indirect Member HBAC service group" msgstr "间接成员HBAC服务组" msgid "Invalid format. Should be name=value" msgstr "无效的格式。应该是“名称=值”" msgid "An IPA master host cannot be deleted or disabled" msgstr "IPA主主机不能被删除或禁用" msgid "entry" msgstr "条目" msgid "entries" msgstr "条目" msgid "Entry" msgstr "条目" #, python-format msgid "container entry (%(container)s) not found" msgstr "容器条目(%(container)s)没有找到" #, python-format msgid "%(parent)s: %(oname)s not found" msgstr "%(parent)s:%(oname)s没有找到" #, python-format msgid "%(oname)s with name \"%(pkey)s\" already exists" msgstr "名为\"%(pkey)s\"的%(oname)s已存在" #, python-format msgid "attribute \"%(attribute)s\" not allowed" msgstr "不支持属性\"%(attribute)s\"" #, fuzzy, python-format #| msgid "attribute \"%s\" not allowed" msgid "these attributes are not allowed: %(attrs)s" msgstr "不允许属性\"%s\"" msgid "attribute is not configurable" msgstr "属性没有配置" msgid "No such attribute on this entry" msgstr "该条目没有这样的属性" #, python-format msgid "Rename the %(ldap_obj_name)s object" msgstr "重命名%(ldap_obj_name)s对象" msgid "the entry was deleted while being modified" msgstr "正被修改的条目已被删除" #, python-format msgid "%s" msgstr "" #, python-format msgid "%s to add" msgstr "待添加的%s" #, python-format msgid "%s to remove" msgstr "待移除的%s" #, python-format msgid "" "Search for %(searched_object)s with these %(relationship)s %(ldap_object)s." msgstr "查找有这些%(relationship)s %(ldap_object)s的%(searched_object)s。" #, python-format msgid "" "Search for %(searched_object)s without these %(relationship)s " "%(ldap_object)s." msgstr "查找没有%(relationship)s %(ldap_object)s的%(searched_object)s。" #, fuzzy, python-format #| msgid "Added new aliases to user \"%(value)s\"" msgid "added attribute value to entry %(value)s" msgstr "已为用户\"%(value)s\"添加新别名" #, fuzzy, python-format #| msgid "Removed aliases from user \"%(value)s\"" msgid "removed attribute values from entry %(value)s" msgstr "已从用户\"%(value)s\"中删除别名" msgid "one or more values to remove" msgstr "待移除的一个或多个值" msgid "" "\n" "Baseuser\n" "\n" "This contains common definitions for user/stageuser\n" msgstr "" "\n" "基类用户\n" "\n" "这包含了用户/计划用户常见的定义\n" msgid "must be TRUE or FALSE" msgstr "必须是TRUE或FALSE" msgid "" "Object class ipaNTUserAttrs is missing, user entry cannot have SMB " "attributes." msgstr "" #, fuzzy #| msgid "Password expiration" msgid "User password expiration" msgstr "密码过期" msgid "SMB logon script path" msgstr "" #, fuzzy #| msgid "%i profile added." msgid "SMB profile path" msgstr "%i配置文件已添加。" #, fuzzy #| msgid "Home directory" msgid "SMB Home Directory" msgstr "主目录" #, fuzzy #| msgid "Home directory base" msgid "SMB Home Directory Drive" msgstr "主目录" #, python-format msgid "invalid e-mail format: %(email)s" msgstr "无效的电子邮件格式:%(email)s" #, python-format msgid "manager %(manager)s not found" msgstr "管理员%(manager)s没有找到" #, fuzzy #| msgid "file to store certificate in" msgid "Issuer of the certificate" msgstr "存储证书文件" #, fuzzy #| msgid "File to store the certificate in." msgid "Subject of the certificate" msgstr "存储证书文件。" #, fuzzy #| msgid "cannot be empty" msgid "cannot have an empty subject" msgstr "不能为空" #, fuzzy #| msgid "cannot specify both raw certificate and file" msgid "cannot specify both subject/issuer and certificate" msgstr "不能同时指定原始证书和文件" #, fuzzy #| msgid "cannot specify both raw certificate and file" msgid "cannot specify both subject/issuer and ipacertmapdata" msgstr "不能同时指定原始证书和文件" #, fuzzy, python-format #| msgid "Added certificates to user \"%(value)s\"" msgid "Added certificate mappings to user \"%(value)s\"" msgstr "已为用户\"%(value)s\"添加证书" #, fuzzy, python-format #| msgid "Removed certificates from user \"%(value)s\"" msgid "Removed certificate mappings from user \"%(value)s\"" msgstr "已为用户\"%(value)s\"删除证书" msgid "" "\n" "Groups of hosts.\n" "\n" "Manage groups of hosts. This is useful for applying access control to a\n" "number of hosts by using Host-based Access Control.\n" "\n" "EXAMPLES:\n" "\n" " Add a new host group:\n" " ipa hostgroup-add --desc=\"Baltimore hosts\" baltimore\n" "\n" " Add another new host group:\n" " ipa hostgroup-add --desc=\"Maryland hosts\" maryland\n" "\n" " Add members to the hostgroup (using Bash brace expansion):\n" " ipa hostgroup-add-member --hosts={box1,box2,box3} baltimore\n" "\n" " Add a hostgroup as a member of another hostgroup:\n" " ipa hostgroup-add-member --hostgroups=baltimore maryland\n" "\n" " Remove a host from the hostgroup:\n" " ipa hostgroup-remove-member --hosts=box2 baltimore\n" "\n" " Display a host group:\n" " ipa hostgroup-show baltimore\n" "\n" " Add a member manager:\n" " ipa hostgroup-add-member-manager --users=user1 baltimore\n" "\n" " Remove a member manager\n" " ipa hostgroup-remove-member-manager --users=user1 baltimore\n" "\n" " Delete a hostgroup:\n" " ipa hostgroup-del baltimore\n" msgstr "" msgid "host groups" msgstr "主机组" msgid "Host Group" msgstr "主机组" #, python-format msgid "Added hostgroup \"%(value)s\"" msgstr "已添加主机组\"%(value)s\"" #, python-format msgid "" "netgroup with name \"%s\" already exists. Hostgroups and netgroups share a " "common namespace" msgstr "网络组名\"%s\"已存在。主机组和网络组共享一个共同的名字空间" #, python-format msgid "Deleted hostgroup \"%(value)s\"" msgstr "已删除主机组\"%(value)s\"" msgid "hostgroup" msgstr "主机组" msgid "privileged hostgroup" msgstr "特权主机组" #, python-format msgid "Modified hostgroup \"%(value)s\"" msgstr "已修改主机组\"%(value)s\"" #, python-format msgid "%(count)d hostgroup matched" msgid_plural "%(count)d hostgroups matched" msgstr[0] "已匹配%(count)d个主机组" #, fuzzy #| msgid "Add users that can manage this token." msgid "Add users that can manage members of this hostgroup." msgstr "添加可以管理该令牌的用户" #, fuzzy #| msgid "Remove users that can manage this token." msgid "Remove users that can manage members of this hostgroup." msgstr "移除可以管理该令牌的用户。" msgid "" "\n" "Migration to IPA\n" "\n" "Migrate users and groups from an LDAP server to IPA.\n" "\n" "This performs an LDAP query against the remote server searching for\n" "users and groups in a container. In order to migrate passwords you need\n" "to bind as a user that can read the userPassword attribute on the remote\n" "server. This is generally restricted to high-level admins such as\n" "cn=Directory Manager in 389-ds (this is the default bind user).\n" "\n" "The default user container is ou=People.\n" "\n" "The default group container is ou=Groups.\n" "\n" "Users and groups that already exist on the IPA server are skipped.\n" "\n" "Two LDAP schemas define how group members are stored: RFC2307 and\n" "RFC2307bis. RFC2307bis uses member and uniquemember to specify group\n" "members, RFC2307 uses memberUid. The default schema is RFC2307bis.\n" "\n" "The schema compat feature allows IPA to reformat data for systems that\n" "do not support RFC2307bis. It is recommended that this feature is disabled\n" "during migration to reduce system overhead. It can be re-enabled after\n" "migration. To migrate with it enabled use the \"--with-compat\" option.\n" "\n" "Migrated users do not have Kerberos credentials, they have only their\n" "LDAP password. To complete the migration process, users need to go\n" "to http://ipa.example.com/ipa/migration and authenticate using their\n" "LDAP password in order to generate their Kerberos credentials.\n" "\n" "Migration is disabled by default. Use the command ipa config-mod to\n" "enable it:\n" "\n" " ipa config-mod --enable-migration=TRUE\n" "\n" "If a base DN is not provided with --basedn then IPA will use either\n" "the value of defaultNamingContext if it is set or the first value\n" "in namingContexts set in the root of the remote LDAP server.\n" "\n" "Users are added as members to the default user group. This can be a\n" "time-intensive task so during migration this is done in a batch\n" "mode for every 100 users. As a result there will be a window in which\n" "users will be added to IPA but will not be members of the default\n" "user group.\n" "\n" "EXAMPLES:\n" "\n" " The simplest migration, accepting all defaults:\n" " ipa migrate-ds ldap://ds.example.com:389\n" "\n" " Specify the user and group container. This can be used to migrate user\n" " and group data from an IPA v1 server:\n" " ipa migrate-ds --user-container='cn=users,cn=accounts' \\\n" " --group-container='cn=groups,cn=accounts' \\\n" " ldap://ds.example.com:389\n" "\n" " Since IPA v2 server already contain predefined groups that may collide " "with\n" " groups in migrated (IPA v1) server (for example admins, ipausers), users\n" " having colliding group as their primary group may happen to belong to\n" " an unknown group on new IPA v2 server.\n" " Use --group-overwrite-gid option to overwrite GID of already existing " "groups\n" " to prevent this issue:\n" " ipa migrate-ds --group-overwrite-gid \\\n" " --user-container='cn=users,cn=accounts' \\\n" " --group-container='cn=groups,cn=accounts' \\\n" " ldap://ds.example.com:389\n" "\n" " Migrated users or groups may have object class and accompanied attributes\n" " unknown to the IPA v2 server. These object classes and attributes may be\n" " left out of the migration process:\n" " ipa migrate-ds --user-container='cn=users,cn=accounts' \\\n" " --group-container='cn=groups,cn=accounts' \\\n" " --user-ignore-objectclass=radiusprofile \\\n" " --user-ignore-attribute=radiusgroupname \\\n" " ldap://ds.example.com:389\n" "\n" "LOGGING\n" "\n" "Migration will log warnings and errors to the Apache error log. This\n" "file should be evaluated post-migration to correct or investigate any\n" "issues that were discovered.\n" "\n" "For every 100 users migrated an info-level message will be displayed to\n" "give the current progress and duration to make it possible to track\n" "the progress of migration.\n" "\n" "If the log level is debug, either by setting debug = True in\n" "/etc/ipa/default.conf or /etc/ipa/server.conf, then an entry will be " "printed\n" "for each user added plus a summary when the default user group is\n" "updated.\n" msgstr "" #, python-format msgid "" "Kerberos principal %s already exists. Use 'ipa user-mod' to set it manually." msgstr "Kerberos主体%s已存在。使用'ipa user-mod'来手动设置它。" #, python-format msgid "" "Unable to determine if Kerberos principal %s already exists. Use 'ipa user-" "mod' to set it manually." msgstr "不能确定Kerberos主体%s是否存在。使用'ipa user-mod'来手动设置它。" msgid "" "Failed to add user to the default group. Use 'ipa group-add-member' to add " "manually." msgstr "添加用户到默认组失败。使用'ipa group-add-member'来手动添加。" msgid "Migration of LDAP search reference is not supported." msgstr "LDAP搜索帮助移植不支持。" msgid "Malformed DN" msgstr "" #, python-format msgid "%(user)s is not a POSIX user" msgstr "%(user)s不是一个POSIX用户" msgid "" ". Check GID of the existing group. Use --group-overwrite-gid option to " "overwrite the GID" msgstr "检查存在组的GID。使用--group-overwrite-gid选项来覆盖GID" msgid "Invalid LDAP URI." msgstr "无效的LDAP URI。" #, python-format msgid "%s to exclude from migration" msgstr "不移植%s" msgid "" "search results for objects to be migrated\n" "have been truncated by the server;\n" "migration process might be incomplete\n" msgstr "查询待移植对象的结果被服务器拦截;移植过程可能没有完成\n" #, python-format msgid "" "%(container)s LDAP search did not return any result (search base: " "%(search_base)s, objectclass: %(objectclass)s)" msgstr "" "%(container)s LDAP搜索没有返回任何结果(搜索基:%(search_base)s,对象类: " "%(objectclass)s)" msgid "Failed to authenticate to CA REST API" msgstr "CA REST API认证失败" msgid "REST API is not logged in." msgstr "REST API没有登录。" #, python-format msgid "Non-2xx response from CA REST API: %(status)d. %(explanation)s" msgstr "从CA REST API的Non-2xx响应:%(status)d. %(explanation)s" msgid "Unable to communicate with CMS" msgstr "不能与CMS通信" msgid "Response from CA was not valid JSON" msgstr "CA响应是无效的JSON" msgid "" "\n" "Classes to manage trust joins using DCE-RPC calls\n" "\n" "The code in this module relies heavily on samba4-python package\n" "and Samba4 python bindings.\n" msgstr "" msgid "CIFS server denied your credentials" msgstr "CIFS服务器阻止你的凭证" msgid "communication with CIFS server was unsuccessful" msgstr "域CIFS服务器通信失败" msgid "AD domain controller" msgstr "AD域控制器" msgid "unsupported functional level" msgstr "不支持的功能级" msgid "" "AD domain controller complains about communication sequence. It may mean " "unsynchronized time on both sides, for example" msgstr "AD域控制器抱怨通信序列。这可能意味着双方时间不同步,例如" msgid "Cannot find specified domain or server name" msgstr "找不到指定的域或服务器名称" msgid "" "AD DC was unable to reach any IPA domain controller. Most likely it is a DNS " "or firewall issue" msgstr "AD DC不能连接任何IPA域控制器。最有可能是一个DNS或者防火墙事件" msgid "At least the domain or IP address should be specified" msgstr "至少应该指定域或IP地址" #, python-format msgid "" "CIFS server communication error: code \"%(num)s\", message \"%(message)s" "\" (both may be \"None\")" msgstr "" "CIFS服务器通信错误:代码\"%(num)s\",消息\"%(message)s\"(两者都有可能没有任" "何信息)" msgid "no trusted domain is configured" msgstr "没有信任域配置" msgid "domain is not configured" msgstr "域没有配置" msgid "SID is not valid" msgstr "SID是无效的" msgid "SID does not match exactlywith any trusted domain's SID" msgstr "SID不能完全匹配任何信任域的SID" msgid "SID does not match any trusted domain" msgstr "SID不能匹配任何信任域" #, fuzzy #| msgid "AD Trust setup" msgid "Trust setup" msgstr "AD信任设置" msgid "Our domain is not configured" msgstr "我们的域没有配置" msgid "No trusted domain is not configured" msgstr "信任域已配置" msgid "trusted domain object" msgstr "信任域对象" msgid "domain is not trusted" msgstr "域是不受信任的" msgid "no trusted domain matched the specified flat name" msgstr "没有信任域匹配指定的固定名" msgid "trusted domain object not found" msgstr "信任域对象没有找到" #, fuzzy #| msgid "SID does not match any trusted domain" msgid "Object does not belong to a trusted domain" msgstr "SID不能匹配任何信任域" msgid "SSSD was unable to resolve the object to a valid SID" msgstr "SSSD不能将对象解析成一个有效的SID" msgid "Ambiguous search, user domain was not specified" msgstr "模糊查找,用户域没有指定" msgid "Trusted domain did not return a unique object" msgstr "信任域没有返回一个唯一的对象" msgid "Trusted domain did not return a valid SID for the object" msgstr "信任域没有为对象返回一个有效的SID" msgid "trusted domain user not found" msgstr "信任域用户没有找到" msgid "Cannot retrieve trusted domain GC list" msgstr "不能检索信任域GC列表" msgid "CIFS credentials object" msgstr "CIFS凭证对象" #, python-format msgid "CIFS server %(host)s denied your credentials" msgstr "CIFS服务器%(host)s阻止你的凭证" #, python-format msgid "Cannot establish LSA connection to %(host)s. Is CIFS server running?" msgstr "不能和%(host)s建立LSA连接。CIFS服务器是否在运行?" #, python-format msgid "" "the IPA server and the remote domain cannot share the same NetBIOS name: %s" msgstr "IPA服务器和远程域不能共享相同的NetBIOS名:%s" #, python-brace-format msgid "" "There is already a trust to {ipa_domain} with unsupported type {trust_type}. " "Please remove it manually on AD DC side." msgstr "" #, python-format msgid "" "IPA master denied trust validation requests from AD DC %(count)d times. Most " "likely AD DC contacted a replica that has no trust information replicated " "yet. Additionally, please check that AD DNS is able to resolve %(records)s " "SRV records to the correct IPA server." msgstr "" "IPA主服务器%(count)d次阻止来自AD DC的信任有效请求。最有可能是AD DC联系了一个" "没有信任信息副本的副本。同时,请检查AD DNS能将%(records)s SRV记录解析到正确的" "IPA服务器上。" #, fuzzy #| msgid "Invalid credentials" msgid "Credentials" msgstr "无效的证书" msgid "Missing credentials for cross-forest communication" msgstr "" msgid "Trusting forest" msgstr "信任森林" msgid "Trusted forest" msgstr "信任森林" msgid "Established and verified" msgstr "已建立和验证" msgid "Waiting for confirmation by remote side" msgstr "等待远程端的确认" msgid "Unknown" msgstr "未知的" msgid "Non-Active Directory domain" msgstr "非活动目录域" msgid "RFC4120-compliant Kerberos realm" msgstr "RFC4120-兼容的Kerberos域" msgid "" "Non-transitive external trust to a domain in another Active Directory forest" msgstr "不传递外部信任到另一个活动目录森林的域中" #, fuzzy #| msgid "" #| "Non-transitive external trust to a domain in another Active Directory " #| "forest" msgid "Non-transitive external trust to an RFC4120-compliant Kerberos realm" msgstr "不传递外部信任到另一个活动目录森林的域中" #, python-format msgid "" "\n" "Replication topology in suffix '%(suffix)s' is disconnected:\n" "%(errors)s" msgstr "" "\n" "复制拓扑后缀'%(suffix)s'已失去连接:%(errors)s" #, python-format msgid "" "\n" "Removal of '%(hostname)s' leads to disconnected topology in suffix " "'%(suffix)s':\n" "%(errors)s" msgstr "" "\n" "删除'%(hostname)s'导致在后缀'%(suffix)s'拓扑中失去连接:%(errors)s" #, python-format msgid "Topology does not allow server %(server)s to replicate with servers:" msgstr "拓扑不允许服务器%(server)s复制服务器:" msgid "Request must be a dict" msgstr "请求必须是一个字典" msgid "Request is missing \"method\"" msgstr "请求缺少\"method\"" msgid "Request is missing \"params\"" msgstr "请求缺少\"params\"" msgid "params must be a list" msgstr "参数必须是一个列表" msgid "params must contain [args, options]" msgstr "参数必须包含[args,options]" msgid "params[0] (aka args) must be a list" msgstr "params[0] (aka args)必须是一个列表" msgid "params[1] (aka options) must be a dict" msgstr "params[1] (aka options)必须是一个字典" #, python-format msgid "all masters must have %(role)s role enabled" msgstr "所有的主服务器必须已启用角色%(role)s" #, python-format msgid "must have %(role)s role enabled" msgstr "必须已启用角色%(role)s" #, fuzzy #| msgid "must be enclosed in parentheses" msgid "must be enabled only on a single master" msgstr "必须括在括号里" #, fuzzy, python-format #| msgid "must be \"%s\"" msgid "must equal %r" msgstr "必须是\"%s\"" msgid "Hello world" msgstr "" #, fuzzy, python-format #| msgid "RADIUS proxy server name" msgid "%s: RADIUS proxy server not found" msgstr "RADIUS代理服务器名称" #, fuzzy, python-format #| msgid "active user with name \"%(user)s\" already exists" msgid "RADIUS proxy server with name \"%s\" already exists" msgstr "活跃用户名\"%(user)s\"已存在" #, fuzzy #| msgid "must be at least %(minvalue)d" msgid "must be at least 1" msgstr "必须至少%(minvalue)d" msgid "Out of memory\n" msgstr "内存不足\n" msgid "Warning unrecognized encryption type.\n" msgstr "警告无法识别加密类型。\n" msgid "Warning unrecognized salt type.\n" msgstr "警告无法识别盐值类型。\n" msgid "Out of memory!?\n" msgstr "内存不足!?\n" msgid "Enctype comparison failed!\n" msgstr "加密类型比较失败!\n" #, fuzzy #| msgid "Password history size" msgid "Password is too long!\n" msgstr "密码历史大小" msgid "Failed to create random key!\n" msgstr "创建随机密钥失败!\n" msgid "Failed to create key!\n" msgstr "创建密钥失败!\n" msgid "Bad or unsupported salt type.\n" msgstr "错误的或不支持的盐值类型。\n" #, fuzzy, c-format #| msgid "Unable to initialize ldap library!\n" msgid "Unable to initialize connection to ldap server %1$s: %2$s\n" msgstr "不能初始化ldap库!\n" msgid "Unable to set LDAP_OPT_PROTOCOL_VERSION\n" msgstr "不能设置LDAP_OPT_PROTOCOL_VERSION\n" msgid "Unable to set LDAP_OPT_X_SASL_NOCANON\n" msgstr "不能设置LDAP_OPT_X_SASL_NOCANON\n" #, fuzzy #| msgid "Unable to set LDAP_OPT_X_SASL_NOCANON\n" msgid "Unable to set LDAP_OPT_X_TLS_CACERTFILE\n" msgstr "不能设置LDAP_OPT_X_SASL_NOCANON\n" #, fuzzy #| msgid "Unable to set LDAP_OPT_X_SASL_NOCANON\n" msgid "Unable to set LDAP_OPT_X_TLS_REQUIRE_CERT\n" msgstr "不能设置LDAP_OPT_X_SASL_NOCANON\n" #, fuzzy #| msgid "Unable to set LDAP_OPT_PROTOCOL_VERSION\n" msgid "Unable to set LDAP_OPT_X_TLS_PROTOCOL_MIN\n" msgstr "不能设置LDAP_OPT_PROTOCOL_VERSION\n" msgid "" "Unable to create new TLS context (OpenSSL failed to initialize or to load " "certificates)\n" msgstr "" #, fuzzy #| msgid "Unable to initialize ldap library!\n" msgid "Unable to initialize STARTTLS session\n" msgstr "不能初始化ldap库!\n" #~ msgid "Delete a CA." #~ msgstr "删除一个CA。"