freeipa/po/ko.po

# SOME DESCRIPTIVE TITLE.
# Copyright (C) YEAR FreeIPA Contributors
# This file is distributed under the same license as the freeipa package.
# 김인수 <simmon@nplob.com>, 2022.
msgid ""
msgstr ""
"Project-Id-Version: freeipa 4.10.0.dev202206291425+git9a97f9b40\n"
"Report-Msgid-Bugs-To: https://pagure.io/freeipa/new_issue\n"
"POT-Creation-Date: 2022-06-29 16:26+0200\n"
"PO-Revision-Date: 2022-10-01 19:22+0000\n"
"Last-Translator: 김인수 <simmon@nplob.com>\n"
"Language-Team: Korean <https://translate.fedoraproject.org/projects/freeipa/"
"master/ko/>\n"
"Language: ko\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=1; plural=0;\n"
"X-Generator: Weblate 4.14.1\n"

#: client/config.c:56
#, c-format
msgid "cannot open configuration file %s\n"
msgstr "구성 파일 %s를 열 수 없습니다\n"

#: client/config.c:63
#, c-format
msgid "cannot stat() configuration file %s\n"
msgstr "구성 파일 %s을 stat() 할 수 없습니다\n"

#: client/config.c:69
#, c-format
msgid "out of memory\n"
msgstr "메모리 부족\n"

#: client/config.c:80
#, c-format
msgid "read error\n"
msgstr "읽기 오류\n"

#: client/ipa-rmkeytab.c:51
#, c-format
msgid "Unable to parse principal name\n"
msgstr "주요 이름을 구문 분석 할 수 없습니다\n"

#: client/ipa-rmkeytab.c:53
#, c-format
msgid "krb5_parse_name %1$d: %2$s\n"
msgstr "krb5_parse_name %1$d: %2$s\n"

#: client/ipa-rmkeytab.c:63
#, c-format
msgid "Removing principal %s\n"
msgstr "주체 %s를 제거하기\n"

#: client/ipa-rmkeytab.c:76
#, c-format
msgid "Failed to open keytab\n"
msgstr "키탭을 가져오는데 실패함\n"

#: client/ipa-rmkeytab.c:80
#, c-format
msgid "principal not found\n"
msgstr "주체를 찾을 수 없음\n"

#: client/ipa-rmkeytab.c:82
#, c-format
msgid "krb5_kt_get_entry %1$d: %2$s\n"
msgstr "krb5_kt_get_entry %1$d: %2$s\n"

#: client/ipa-rmkeytab.c:90
#, c-format
msgid "Unable to remove entry\n"
msgstr "항목을 제거 할 수 없음\n"

#: client/ipa-rmkeytab.c:92
#, c-format
msgid "kvno %d\n"
msgstr "kvno %d\n"

#: client/ipa-rmkeytab.c:93
#, c-format
msgid "krb5_kt_remove_entry %1$d: %2$s\n"
msgstr "krb5_kt_remove_entry %1$d: %2$s\n"

#: client/ipa-rmkeytab.c:124 client/ipa-rmkeytab.c:146
#: client/ipa-rmkeytab.c:160 client/ipa-rmkeytab.c:263
#, c-format
msgid "Failed to set cursor '%1$s'\n"
msgstr "커서 '%1$s' 설정에 실패함\n"

#: client/ipa-rmkeytab.c:133
#, c-format
msgid "Unable to parse principal\n"
msgstr "주체를 구문 분석 할 수 없습니다\n"

#: client/ipa-rmkeytab.c:135
#, c-format
msgid "krb5_unparse_name %1$d: %2$s\n"
msgstr "krb5_unparse_name %1$d: %2$s\n"

#: client/ipa-rmkeytab.c:169
#, c-format
msgid "realm not found\n"
msgstr "realm을 찾을 수 없음\n"

#: client/ipa-rmkeytab.c:195 client/ipa-getkeytab.c:942
msgid "Print debugging information"
msgstr "디버깅 정보 인쇄"

#: client/ipa-rmkeytab.c:195
msgid "Debugging output"
msgstr "디버깅 출력"

#: client/ipa-rmkeytab.c:197
msgid ""
"The principal to remove from the keytab (ex: ftp/ftp.example.com@EXAMPLE.COM)"
msgstr "keytab에서 제거 할 주체 (예제: ftp/ftp.example.com@EXAMPLE.COM)"

#: client/ipa-rmkeytab.c:198 client/ipa-getkeytab.c:948
msgid "Kerberos Service Principal Name"
msgstr "커버러스 서비스 주체 이름"

#: client/ipa-rmkeytab.c:200
msgid "The keytab file to remove the principcal(s) from"
msgstr "주체를 제거하는 키탭 파일"

#: client/ipa-rmkeytab.c:200 client/ipa-getkeytab.c:952
msgid "Keytab File Name"
msgstr "키탭 파일 이름"

#: client/ipa-rmkeytab.c:202
msgid "Remove all principals in this realm"
msgstr "이와 같은 영역에서 모든 주체를 제거합니다"

#: client/ipa-rmkeytab.c:202 ipaclient/remote_plugins/2_114/trust.py:111
msgid "Realm name"
msgstr "영역 이름"

#: client/ipa-rmkeytab.c:216 client/ipa-getkeytab.c:1001
#, c-format
msgid "Kerberos context initialization failed\n"
msgstr "커버러스 문맥 초기화에 실패함\n"

#: client/ipa-rmkeytab.c:256
#, c-format
msgid "Failed to open keytab '%1$s': %2$s\n"
msgstr "키탭을 여는데 실패함 '%1$s': %2$s\n"

#: client/ipa-rmkeytab.c:279
#, c-format
msgid "Closing keytab failed\n"
msgstr "키탭을 닫는데 실패함\n"

#: client/ipa-rmkeytab.c:281
#, c-format
msgid "krb5_kt_close %1$d: %2$s\n"
msgstr "krb5_kt_close %1$d: %2$s\n"

#: client/ipa-getkeytab.c:254
#, c-format
msgid "Kerberos context initialization failed: %1$s (%2$d)\n"
msgstr "커버러스 문맥을 초기화 하는데 실패함: %1$s (%2$d)\n"

#: client/ipa-getkeytab.c:265
#, c-format
msgid "Unable to parse principal: %1$s (%2$d)\n"
msgstr "주체를 구문 분석 할 수 없음: %1$s (%2$d)\n"

#: client/ipa-getkeytab.c:320
#, c-format
msgid "No keys accepted by KDC\n"
msgstr "KDC에 의해 허용하는 키가 없습니다\n"

#: client/ipa-getkeytab.c:338
#, c-format
msgid "Out of memory \n"
msgstr "메모리 부족 \n"

#: client/ipa-getkeytab.c:361
#, c-format
msgid "Unable to initialize ldap library!\n"
msgstr "ldap 라이브러리를 초기화 할 수 없습니다\n"

#: client/ipa-getkeytab.c:377
msgid "Simple bind failed\n"
msgstr "단순 바인드에 실패함\n"

#: client/ipa-getkeytab.c:391 client/ipa-join.c:260
msgid "SASL Bind failed\n"
msgstr "SASL 바인드가 실패했습니다\n"

#: client/ipa-getkeytab.c:422
#, c-format
msgid "Operation failed: %s\n"
msgstr "작업 실패: %s\n"

#: client/ipa-getkeytab.c:431
#, c-format
msgid "Failed to get result: %s\n"
msgstr "결과를 가져오는데 실패함: %s\n"

#: client/ipa-getkeytab.c:435
#, c-format
msgid "Timeout exceeded."
msgstr "제한시간이 초과 되었습니다."

#: client/ipa-getkeytab.c:441
#, c-format
msgid "Failed to parse extended result: %s\n"
msgstr "확장된 결과를 구문 분석하는데 실패함: %s\n"

#: client/ipa-getkeytab.c:448
#, c-format
msgid "Failed to parse result: %s\n"
msgstr "결과를 구문 분석하는데 실패함: %s\n"

#: client/ipa-getkeytab.c:467
#, c-format
msgid "Missing reply control list!\n"
msgstr "응답 제어 목록이 누락됨!\n"

#: client/ipa-getkeytab.c:477
#, c-format
msgid "Missing reply control!\n"
msgstr "응답 제어 누락!\n"

#: client/ipa-getkeytab.c:519
#, c-format
msgid "Out of Memory!\n"
msgstr "메모리 부족!\n"

#: client/ipa-getkeytab.c:526 client/ipa-getkeytab.c:688
#, c-format
msgid "Failed to create control!\n"
msgstr "제어를 생성하는데 실패함!\n"

#: client/ipa-getkeytab.c:532 client/ipa-getkeytab.c:696
#, c-format
msgid "Failed to bind to server!\n"
msgstr "서버로 바인드 하는데 실패함!\n"

#: client/ipa-getkeytab.c:539
#, c-format
msgid "Failed to get keytab!\n"
msgstr "키탭을 가져오는데 실패함!\n"

#: client/ipa-getkeytab.c:548
#, c-format
msgid "ber_init() failed, Invalid control ?!\n"
msgstr "ber_init() 실패하고, 잘못된 제어 ?!\n"

#: client/ipa-getkeytab.c:567
#, c-format
msgid "ber_scanf() failed, unable to find kvno ?!\n"
msgstr "ber_scanf() 실패하고, kvno 찾을 수 없음 ?!\n"

#: client/ipa-getkeytab.c:579
#, c-format
msgid "Failed to retrieve encryption type type #%d\n"
msgstr "암호화 형태 유형 #%d를 검색하는데 실패함\n"

#: client/ipa-getkeytab.c:583
#, c-format
msgid "Failed to retrieve encryption type %1$s (#%2$d)\n"
msgstr "암호화 유형 %1$s (#%2$d)를 검색하는데 실패함\n"

#: client/ipa-getkeytab.c:593
#, c-format
msgid "Failed to retrieve any keys"
msgstr "키를 검색하는데 실패함"

#: client/ipa-getkeytab.c:711
msgid "Failed to decode control reply!\n"
msgstr "제어 응답을 디코드 하는데 실패함\n"

#: client/ipa-getkeytab.c:773
#, c-format
msgid "Passwords do not match!\n"
msgstr "비밀번호가 일치하지 않습니다!\n"

#: client/ipa-getkeytab.c:803
#, c-format
msgid "Failed to open config file %s\n"
msgstr "구성 파일 %s를 여는데 실패함\n"

#: client/ipa-getkeytab.c:813
#, c-format
msgid "Failed to parse config file %s\n"
msgstr "구성 파일 %s를 구문 분석하는데 실패함\n"

#: client/ipa-getkeytab.c:896
msgid "Failed to resolve symlink to keytab.\n"
msgstr "심볼릭링크를 키탭으로 결정 하는데 실패함\n"

#: client/ipa-getkeytab.c:907
msgid "keytab is a dangling symlink and owned by another user.\n"
msgstr "키탭은 매달린 심볼릭 링크와 다른 사용자에 의해 소유됩니다\n"

#: client/ipa-getkeytab.c:940
msgid "Print as little as possible"
msgstr "가능한 작게 출력합니다"

#: client/ipa-getkeytab.c:940
msgid "Output only on errors"
msgstr "오류에서만 출력"

#: client/ipa-getkeytab.c:942
msgid "Output debug info"
msgstr ""

#: client/ipa-getkeytab.c:944
msgid "Contact this specific KDC Server"
msgstr "이와 같은 지정된 KDC 서버와 연락합니다"

#: client/ipa-getkeytab.c:945
msgid "Server Name"
msgstr "서버 이름"

#: client/ipa-getkeytab.c:947
msgid "The principal to get a keytab for (ex: ftp/ftp.example.com@EXAMPLE.COM)"
msgstr "(예제: ftp/ftp.example.com@EXAMPLE.COM)를 위해 키탭에서 가져올 주체"

#: client/ipa-getkeytab.c:950
msgid ""
"The keytab file to append the new key to (will be created if it does not "
"exist)."
msgstr "신규 키를 (만약 존재 한다면 생성 될 것임)로 확장하는 키탭 파일."

#: client/ipa-getkeytab.c:954
msgid "Encryption types to request"
msgstr "요청하는 암호화 유형"

#: client/ipa-getkeytab.c:955
msgid "Comma separated encryption types list"
msgstr "쉼표로 구분된 암호화 유형 목록"

#: client/ipa-getkeytab.c:957
msgid "Show the list of permitted encryption types and exit"
msgstr "허용된 암호화 유형의 목록을 표시하고 종료"

#: client/ipa-getkeytab.c:958
msgid "Permitted Encryption Types"
msgstr "허용되는 암호화 유형"

#: client/ipa-getkeytab.c:960
msgid "Asks for a non-random password to use for the principal"
msgstr "보안 주체에 사용 할 임의적이지 않은 비밀번호를 요청합니다"

#: client/ipa-getkeytab.c:962
msgid "LDAP DN"
msgstr "LDAP DN"

#: client/ipa-getkeytab.c:962
msgid "DN to bind as if not using kerberos"
msgstr "만약 커버러스를 사용하지 않는 것같이 바인드하는 DN"

#: client/ipa-getkeytab.c:964
msgid "LDAP password"
msgstr ""

#: client/ipa-getkeytab.c:964
msgid "password to use if not using kerberos"
msgstr "만약 커버러스를 사용하지 않는 것을 사용하려는 비밀번호"

#: client/ipa-getkeytab.c:966
msgid "Prompt for LDAP password"
msgstr "LDAP 비밀번호를 위한 프롬프트"

#: client/ipa-getkeytab.c:968
msgid "Path to the IPA CA certificate"
msgstr "IPA CA 인증서 경로"

#: client/ipa-getkeytab.c:968
msgid "IPA CA certificate"
msgstr "IPA CA 인증서"

#: client/ipa-getkeytab.c:970
msgid "LDAP uri to connect to. Mutually exclusive with --server"
msgstr "연결 할 LDAP URI입니다. --server와 상호 배타적"

#: client/ipa-getkeytab.c:971
msgid "url"
msgstr "url"

#: client/ipa-getkeytab.c:973
msgid "LDAP SASL bind mechanism if no bindd/bindpw"
msgstr "만약 bindd/bindpw가 없는 경우 LDAP SASL 바인드 동작원리"

#: client/ipa-getkeytab.c:974
msgid "GSSAPI|EXTERNAL"
msgstr ""

#: client/ipa-getkeytab.c:976
msgid "Retrieve current keys without changing them"
msgstr ""

#: client/ipa-getkeytab.c:1014 util/ipa_krb5.c:892
#, c-format
msgid "No system preferred enctypes ?!\n"
msgstr ""

#: client/ipa-getkeytab.c:1017
#, c-format
msgid "Supported encryption types:\n"
msgstr ""

#: client/ipa-getkeytab.c:1021
#, c-format
msgid "Warning: failed to convert type (#%d)\n"
msgstr ""

#: client/ipa-getkeytab.c:1039
#, c-format
msgid "Bind password already provided (-w).\n"
msgstr ""

#: client/ipa-getkeytab.c:1047
msgid "Enter LDAP password"
msgstr ""

#: client/ipa-getkeytab.c:1055
#, c-format
msgid "Bind password required when using a bind DN (-w or -W).\n"
msgstr ""

#: client/ipa-getkeytab.c:1062
#, c-format
msgid "Cannot specify both SASL mechanism and bind DN simultaneously.\n"
msgstr ""

#: client/ipa-getkeytab.c:1070
#, c-format
msgid "Invalid SASL bind mechanism\n"
msgstr ""

#: client/ipa-getkeytab.c:1081
#, c-format
msgid "Cannot specify server and LDAP uri simultaneously.\n"
msgstr ""

#: client/ipa-getkeytab.c:1094
#, c-format
msgid "DNS discovery for domain %s\n"
msgstr ""

#: client/ipa-getkeytab.c:1099
#, c-format
msgid "Discovered server %s\n"
msgstr ""

#: client/ipa-getkeytab.c:1105
#, c-format
msgid "Using discovered server %s\n"
msgstr ""

#: client/ipa-getkeytab.c:1114
#, c-format
msgid "DNS Discovery failed\n"
msgstr ""

#: client/ipa-getkeytab.c:1133
#, c-format
msgid "Using server from config %s\n"
msgstr ""

#: client/ipa-getkeytab.c:1136
#, c-format
msgid "Server name not provided and unavailable\n"
msgstr ""

#: client/ipa-getkeytab.c:1141
#, c-format
msgid "Using provided server %s\n"
msgstr ""

#: client/ipa-getkeytab.c:1156
#, c-format
msgid "Incompatible options provided (-r and -P)\n"
msgstr ""

#: client/ipa-getkeytab.c:1161
msgid "New Principal Password"
msgstr ""

#: client/ipa-getkeytab.c:1162
msgid "Verify Principal Password"
msgstr ""

#: client/ipa-getkeytab.c:1168
#, c-format
msgid ""
"Warning: salt types are not honored with randomized passwords (see opt. -P)\n"
msgstr ""

#: client/ipa-getkeytab.c:1175
#, c-format
msgid "Invalid Service Principal Name\n"
msgstr ""

#: client/ipa-getkeytab.c:1183
#, c-format
msgid "Kerberos Credential Cache not found. Do you have a Kerberos Ticket?\n"
msgstr ""

#: client/ipa-getkeytab.c:1191
#, c-format
msgid ""
"Kerberos User Principal not found. Do you have a valid Credential Cache?\n"
msgstr ""

#: client/ipa-getkeytab.c:1205
#, c-format
msgid "Failed to open Keytab\n"
msgstr ""

#: client/ipa-getkeytab.c:1223
#, c-format
msgid "Retrying with pre-4.0 keytab retrieval method...\n"
msgstr ""

#: client/ipa-getkeytab.c:1233
#, c-format
msgid "Failed to create key material\n"
msgstr ""

#: client/ipa-getkeytab.c:1243
#, c-format
msgid "Failed to get keytab\n"
msgstr ""

#: client/ipa-getkeytab.c:1257
#, c-format
msgid "Failed to add key to the keytab\n"
msgstr ""

#: client/ipa-getkeytab.c:1266
#, c-format
msgid "Failed to close the keytab\n"
msgstr ""

#: client/ipa-getkeytab.c:1272
#, c-format
msgid "Keytab successfully retrieved and stored in: %s\n"
msgstr ""

#: client/ipa-join.c:65 client/ipa-join.c:420 client/ipa-join.c:440
#: client/ipa-join.c:538 client/ipa-join.c:1065 util/ipa_krb5.c:1024
#: util/ipa_krb5.c:1058
#, c-format
msgid "Out of memory!\n"
msgstr "메모리 부족!\n"

#: client/ipa-join.c:80 client/ipa-join.c:812
#, c-format
msgid "No permission to join this host to the IPA domain.\n"
msgstr "이 호스트를 IPA 도메인으로 가입 할 수 있는 권한이 없습니다.\n"

#: client/ipa-join.c:110 client/ipa-join.c:122
#, c-format
msgid "No write permissions on keytab file '%s'\n"
msgstr ""

#: client/ipa-join.c:127
#, c-format
msgid "access() on %1$s failed: errno = %2$d\n"
msgstr ""

#: client/ipa-join.c:151 client/ipa-join.c:180 client/ipa-join.c:231
#, c-format
msgid "Out of memory!"
msgstr ""

#: client/ipa-join.c:242
#, c-format
msgid "Unable to enable SSL in LDAP\n"
msgstr ""

#: client/ipa-join.c:334
#, c-format
msgid "Search for %1$s on rootdse failed with error %2$d\n"
msgstr ""

#: client/ipa-join.c:354
#, c-format
msgid "No values for %s"
msgstr ""

#: client/ipa-join.c:364
#, c-format
msgid "Search for IPA namingContext failed with error %d\n"
msgstr ""

#: client/ipa-join.c:370
#, c-format
msgid "IPA namingContext not found\n"
msgstr ""

#: client/ipa-join.c:426
#, c-format
msgid "Unable to determine root DN of %s\n"
msgstr ""

#: client/ipa-join.c:474
#, c-format
msgid "Enrollment failed. %s\n"
msgstr ""

#: client/ipa-join.c:592
#, c-format
msgid "principal not found in XML-RPC response\n"
msgstr ""

#: client/ipa-join.c:606 client/ipa-join.c:945
#, c-format
msgid "Host is already joined.\n"
msgstr ""

#: client/ipa-join.c:632
#, c-format
msgid "curl_slist_append() failed for value: '%s'\n"
msgstr ""

#: client/ipa-join.c:640
#, c-format
msgid "curl_easy_setopt() failed\n"
msgstr ""

#: client/ipa-join.c:652
#, c-format
msgid "Expanding buffer in jsonrpc_handle_response failed"
msgstr ""

#: client/ipa-join.c:680
#, c-format
msgid "curl_global_init() failed\n"
msgstr ""

#: client/ipa-join.c:687
#, c-format
msgid "curl_easy_init() failed\n"
msgstr ""

#: client/ipa-join.c:736
#, c-format
msgid "json_dumps() failed\n"
msgstr ""

#: client/ipa-join.c:743
#, c-format
msgid ""
"JSON-RPC request:\n"
"%s\n"
msgstr ""

#: client/ipa-join.c:749
#, c-format
msgid "JSON-RPC call failed: %s\n"
msgstr ""

#: client/ipa-join.c:760
#, c-format
msgid "JSON-RPC call was unauthorized. Check your credentials.\n"
msgstr ""

#: client/ipa-join.c:762
#, c-format
msgid "JSON-RPC call failed with status code: %li\n"
msgstr ""

#: client/ipa-join.c:769
#, c-format
msgid ""
"JSON-RPC response:\n"
"%s\n"
msgstr ""

#: client/ipa-join.c:804
#, c-format
msgid "Extracting the error from the JSON-RPC response failed: %s\n"
msgstr ""

#: client/ipa-join.c:837
#, c-format
msgid "Parsing JSON-RPC response failed: %s\n"
msgstr ""

#: client/ipa-join.c:852
#, c-format
msgid "Parsing JSON-RPC response failed: no 'result' value found.\n"
msgstr ""

#: client/ipa-join.c:884 client/ipa-join.c:973
#, c-format
msgid "Extracting the data from the JSON-RPC response failed: %s\n"
msgstr ""

#: client/ipa-join.c:927 client/ipa-join.c:1003
#, c-format
msgid "json_pack_ex() failed: %s\n"
msgstr ""

#: client/ipa-join.c:1019 client/ipa-join.c:1096
#, c-format
msgid "Unenrollment successful.\n"
msgstr "등록 취소 성공.\n"

#: client/ipa-join.c:1021 client/ipa-join.c:1098
#, c-format
msgid "Unenrollment failed.\n"
msgstr ""

#: client/ipa-join.c:1103
#, c-format
msgid "result not found in XML-RPC response\n"
msgstr ""

#: client/ipa-join.c:1145 client/ipa-join.c:1287
#, c-format
msgid "Unable to determine IPA server from %s\n"
msgstr ""

#: client/ipa-join.c:1157 client/ipa-join.c:1296
#, c-format
msgid "Unable to join host: Kerberos context initialization failed\n"
msgstr ""

#: client/ipa-join.c:1164
#, c-format
msgid "Unable to join host: Kerberos Credential Cache not found\n"
msgstr ""

#: client/ipa-join.c:1172
#, c-format
msgid ""
"Unable to join host: Kerberos User Principal not found and host password not "
"provided.\n"
msgstr ""

#: client/ipa-join.c:1191
#, c-format
msgid "fork() failed\n"
msgstr ""

#: client/ipa-join.c:1223
#, c-format
msgid "ipa-getkeytab not found\n"
msgstr ""

#: client/ipa-join.c:1226
#, c-format
msgid "ipa-getkeytab has bad permissions?\n"
msgstr ""

#: client/ipa-join.c:1229
#, c-format
msgid "executing ipa-getkeytab failed, errno %d\n"
msgstr ""

#: client/ipa-join.c:1241
#, c-format
msgid "child exited with %d\n"
msgstr ""

#: client/ipa-join.c:1304
#, c-format
msgid "Error resolving keytab: %s.\n"
msgstr ""

#: client/ipa-join.c:1312
#, c-format
msgid "Error getting default Kerberos realm: %s.\n"
msgstr ""

#: client/ipa-join.c:1322
#, c-format
msgid "Error parsing \"%1$s\": %2$s.\n"
msgstr ""

#: client/ipa-join.c:1340
#, c-format
msgid "Error obtaining initial credentials: %s.\n"
msgstr ""

#: client/ipa-join.c:1351 client/ipa-join.c:1358
#, c-format
msgid "Unable to generate Kerberos Credential Cache\n"
msgstr ""

#: client/ipa-join.c:1366
#, c-format
msgid "Error storing creds in credential cache: %s.\n"
msgstr ""

#: client/ipa-join.c:1422
msgid "Print the raw XML-RPC output in GSSAPI mode"
msgstr ""

#: client/ipa-join.c:1424
msgid "Quiet mode. Only errors are displayed."
msgstr ""

#: client/ipa-join.c:1426
msgid "Unenroll this host from IPA server"
msgstr ""

#: client/ipa-join.c:1428
msgid "Hostname of this server"
msgstr ""

#: client/ipa-join.c:1428 client/ipa-join.c:1430
msgid "hostname"
msgstr ""

#: client/ipa-join.c:1430
msgid "IPA Server to use"
msgstr ""

#: client/ipa-join.c:1432
msgid "Specifies where to store keytab information."
msgstr ""

#: client/ipa-join.c:1432
msgid "filename"
msgstr ""

#: client/ipa-join.c:1434
msgid "Force the host join. Rejoin even if already joined."
msgstr ""

#: client/ipa-join.c:1436
msgid "LDAP password (if not using Kerberos)"
msgstr ""

#: client/ipa-join.c:1436
msgid "password"
msgstr ""

#: client/ipa-join.c:1438
msgid "LDAP basedn"
msgstr ""

#: client/ipa-join.c:1438
msgid "basedn"
msgstr ""

#: client/ipa-join.c:1471
#, c-format
msgid "Cannot get host's FQDN!\n"
msgstr ""

#: client/ipa-join.c:1476
#, c-format
msgid "The hostname must be fully-qualified: %s\n"
msgstr ""

#: client/ipa-join.c:1480
#, c-format
msgid "The hostname must not be: %s\n"
msgstr ""

#: ipaclient/plugins/automember.py:33 ipaserver/plugins/automember.py:342
msgid "Failed to add"
msgstr ""

#: ipaclient/plugins/ca.py:19 ipaclient/plugins/cert.py:39
msgid "Write certificate (chain if --chain used) to file"
msgstr ""

#: ipaclient/plugins/cert.py:107
msgid "Unrevoked"
msgstr ""

#: ipaclient/plugins/cert.py:110 ipaserver/plugins/internal.py:294
msgid "Error"
msgstr ""

#: ipaclient/plugins/cert.py:120
msgid "Input filename"
msgstr ""

#: ipaclient/plugins/cert.py:121
msgid "File to load the certificate from."
msgstr ""

#: ipaclient/plugins/cert.py:130 ipaclient/plugins/certmap.py:41
msgid "cannot specify both raw certificate and file"
msgstr ""

#: ipaclient/plugins/certmap.py:19
msgid "Input file"
msgstr ""

#: ipaclient/plugins/certmap.py:20
msgid "File to load the certificate from"
msgstr ""

#: ipaclient/plugins/certprofile.py:25
#, python-format
msgid "Profile configuration stored in file '%(file)s'"
msgstr ""

#: ipaclient/plugins/dns.py:137 ipaserver/plugins/dns.py:3576
msgid "Split DNS record to parts"
msgstr "DNS 레코드를 부분으로 분할"

#: ipaclient/plugins/dns.py:237
msgid "Please choose a type of DNS resource record to be added"
msgstr ""

#: ipaclient/plugins/dns.py:238
#, python-format
msgid "The most common types for this type of zone are: %s\n"
msgstr ""

#: ipaclient/plugins/dns.py:243
msgid "DNS resource record type"
msgstr ""

#: ipaclient/plugins/dns.py:261
#, python-format
msgid "Invalid or unsupported type. Allowed values are: %s"
msgstr ""

#: ipaclient/plugins/dns.py:286
msgid "No option to modify specific record provided."
msgstr ""

#: ipaclient/plugins/dns.py:289 ipaclient/plugins/dns.py:355
msgid "Current DNS record contents:\n"
msgstr ""

#: ipaclient/plugins/dns.py:312
#, python-format
msgid "Modify %(name)s '%(value)s'?"
msgstr ""

#: ipaclient/plugins/dns.py:321
#, python-format
msgid ""
"%(count)d %(type)s record skipped. Only one value per DNS record type can be "
"modified at one time."
msgid_plural ""
"%(count)d %(type)s records skipped. Only one value per DNS record type can "
"be modified at one time."
msgstr[0] ""
msgstr[1] ""

#: ipaclient/plugins/dns.py:329 ipaserver/plugins/dns.py:3876
msgid ""
"Neither --del-all nor options to delete a specific record provided.\n"
"Command help may be consulted for all supported record types."
msgstr ""

#: ipaclient/plugins/dns.py:347
msgid "No option to delete specific record provided."
msgstr ""

#: ipaclient/plugins/dns.py:348
msgid "Delete all?"
msgstr ""

#: ipaclient/plugins/dns.py:376
#, python-format
msgid "Delete %(name)s '%(value)s'?"
msgstr ""

#: ipaclient/plugins/dns.py:392 ipaclient/plugins/dns.py:409
#: ipaclient/plugins/dns.py:421
msgid "Server will check DNS forwarder(s)."
msgstr ""

#: ipaclient/plugins/dns.py:394 ipaclient/plugins/dns.py:411
#: ipaclient/plugins/dns.py:423
msgid "This may take some time, please wait ..."
msgstr ""

#: ipaclient/plugins/dns.py:403
msgid "DNS forwarder"
msgstr ""

#: ipaclient/plugins/dns.py:434
msgid "file to store DNS records in nsupdate format"
msgstr ""

#: ipaclient/plugins/host.py:41 ipaclient/plugins/service.py:43
#: ipaclient/plugins/user.py:74
#, python-format
msgid "Certificate(s) stored in file '%(file)s'"
msgstr ""

#: ipaclient/plugins/location.py:23
msgid "Servers details:"
msgstr ""

#: ipaclient/plugins/migration.py:37
msgid ""
"Migration mode is disabled.\n"
"Use 'ipa config-mod --enable-migration=TRUE' to enable it."
msgstr ""

#: ipaclient/plugins/migration.py:41
msgid ""
"Passwords have been migrated in pre-hashed format.\n"
"IPA is unable to generate Kerberos keys unless provided\n"
"with clear text passwords. All migrated users need to\n"
"login at https://your.domain/ipa/migration/ before they\n"
"can use their Kerberos accounts."
msgstr ""

#: ipaclient/plugins/server.py:20
#, python-format
msgid "Removing %(servers)s from replication topology, please wait..."
msgstr ""

#: ipaclient/plugins/topology.py:25
#, python-format
msgid "Replication topology of suffix \"%(suffix)s\" is in order."
msgstr ""

#: ipaclient/plugins/topology.py:30
#, python-format
msgid "Replication topology of suffix \"%(suffix)s\" contains errors."
msgstr ""

#: ipaclient/plugins/topology.py:33
msgid "Topology is disconnected"
msgstr ""

#: ipaclient/plugins/topology.py:35
#, python-format
msgid "Server %(srv)s can't contact servers: %(replicas)s"
msgstr ""

#: ipaclient/plugins/topology.py:40
msgid "Recommended maximum number of agreements per replica exceeded"
msgstr ""

#: ipaclient/plugins/topology.py:43
msgid "Maximum number of agreements per replica"
msgstr ""

#: ipaclient/plugins/topology.py:47
#, python-format
msgid "Server \"%(srv)s\" has %(n)d agreements with servers:"
msgstr ""

#: ipaclient/plugins/user.py:40
msgid "Delete a user, keeping the entry available for future use"
msgstr ""

#: ipaclient/plugins/user.py:45
msgid "Delete a user"
msgstr ""

#: ipaclient/plugins/user.py:54
msgid "preserve and no-preserve cannot be both set"
msgstr ""

#: ipaclient/plugins/automount.py:101
msgid "maps not connected to /etc/auto.master:"
msgstr ""

#: ipaclient/plugins/automount.py:120
msgid "Import automount files for a specific location."
msgstr ""

#: ipaclient/plugins/automount.py:124
msgid "Master file"
msgstr ""

#: ipaclient/plugins/automount.py:125
msgid "Automount master file."
msgstr ""

#: ipaclient/plugins/automount.py:132
msgid ""
"Continuous operation mode. Errors are reported but the process continues."
msgstr ""

#: ipaclient/plugins/automount.py:150
#, python-format
msgid "File %(file)s not found"
msgstr ""

#: ipaclient/plugins/automount.py:200
#, python-format
msgid "key %(key)s already exists"
msgstr ""

#: ipaclient/plugins/automount.py:215
#, python-format
msgid "map %(map)s already exists"
msgstr ""

#: ipaclient/plugins/automount.py:264
msgid "Imported maps:"
msgstr ""

#: ipaclient/plugins/automount.py:267
#, python-format
msgid "Added %(map)s"
msgstr ""

#: ipaclient/plugins/automount.py:271
msgid "Imported keys:"
msgstr ""

#: ipaclient/plugins/automount.py:274
#, python-format
msgid "Added %(src)s to %(dst)s"
msgstr ""

#: ipaclient/plugins/automount.py:281
msgid "Ignored keys:"
msgstr ""

#: ipaclient/plugins/automount.py:284
#, python-format
msgid "Ignored %(src)s to %(dst)s"
msgstr ""

#: ipaclient/plugins/automount.py:292
msgid "Duplicate maps skipped:"
msgstr ""

#: ipaclient/plugins/automount.py:295
#, python-format
msgid "Skipped %(map)s"
msgstr ""

#: ipaclient/plugins/automount.py:301
msgid "Duplicate keys skipped:"
msgstr ""

#: ipaclient/plugins/automount.py:304
#, python-format
msgid "Skipped %(key)s"
msgstr ""

#: ipaclient/plugins/otptoken.py:66
msgid ""
"Unable to display QR code using the configured output encoding. Please use "
"the token URI to configure your OTP device"
msgstr ""

#: ipaclient/plugins/otptoken.py:82
msgid ""
"QR code width is greater than that of the output tty. Please resize your "
"terminal."
msgstr ""

#: ipaclient/plugins/otptoken.py:136
msgid "Synchronize an OTP token."
msgstr ""

#: ipaclient/plugins/otptoken.py:141
msgid "User ID"
msgstr ""

#: ipaclient/plugins/otptoken.py:142 ipaclient/remote_plugins/2_114/host.py:187
#: ipaserver/plugins/baseuser.py:289 ipaserver/plugins/internal.py:190
#: ipaserver/plugins/internal.py:409 ipaserver/plugins/internal.py:1725
#: ipaserver/plugins/migration.py:534
msgid "Password"
msgstr ""

#: ipaclient/plugins/otptoken.py:143
msgid "First Code"
msgstr ""

#: ipaclient/plugins/otptoken.py:144
msgid "Second Code"
msgstr ""

#: ipaclient/plugins/otptoken.py:148 ipaserver/plugins/internal.py:1735
msgid "Token ID"
msgstr ""

#: ipaclient/plugins/otptoken_yubikey.py:35
msgid "python-yubico is not installed."
msgstr ""

#: ipaclient/plugins/otptoken_yubikey.py:40
msgid ""
"\n"
"YubiKey Tokens\n"
msgstr ""

#: ipaclient/plugins/otptoken_yubikey.py:42
msgid ""
"\n"
"Manage YubiKey tokens.\n"
msgstr ""

#: ipaclient/plugins/otptoken_yubikey.py:44
msgid ""
"\n"
"This code is an extension to the otptoken plugin and provides support for\n"
"reading/writing YubiKey tokens directly.\n"
msgstr ""

#: ipaclient/plugins/otptoken_yubikey.py:47 ipaserver/plugins/dnsserver.py:39
#: ipaserver/plugins/location.py:37 ipaserver/plugins/otptoken.py:49
#: ipaserver/plugins/radiusproxy.py:43 ipaserver/plugins/serverrole.py:19
#: ipaserver/plugins/server.py:40 ipaserver/plugins/automember.py:63
#: ipaserver/plugins/permission.py:97 ipaserver/plugins/schema.py:28
#: ipaserver/plugins/vault.py:88 ipaserver/plugins/certmap.py:60
#: ipaserver/plugins/host.py:104 ipaserver/plugins/idp.py:31
#: ipaserver/plugins/ca.py:36 ipaserver/plugins/cert.py:99
#: ipaserver/plugins/sudorule.py:76
msgid ""
"\n"
"EXAMPLES:\n"
msgstr ""

#: ipaclient/plugins/otptoken_yubikey.py:49
msgid ""
"\n"
" Add a new token:\n"
"   ipa otptoken-add-yubikey --owner=jdoe --desc=\"My YubiKey\"\n"
msgstr ""

#: ipaclient/plugins/otptoken_yubikey.py:72
msgid "Add a new YubiKey OTP token."
msgstr "신규 Yubikey OTP 토큰 추가."

#: ipaclient/plugins/otptoken_yubikey.py:77
msgid "YubiKey slot"
msgstr ""

#: ipaclient/plugins/otptoken_yubikey.py:146
msgid "No free YubiKey slot!"
msgstr ""

#: ipaclient/plugins/vault.py:68 ipaclient/plugins/vault.py:874
#, python-format
msgid "Cannot read file '%(filename)s': %(exc)s"
msgstr ""

#: ipaclient/plugins/vault.py:75
#, python-format
msgid "Cannot decode file '%(filename)s': %(exc)s"
msgstr ""

#: ipaclient/plugins/vault.py:145 ipaclient/plugins/vault.py:164
#: ipaserver/plugins/passwd.py:149
msgid "Invalid credentials"
msgstr ""

#: ipaclient/plugins/vault.py:182
msgid "Create a new vault."
msgstr ""

#: ipaclient/plugins/vault.py:188 ipaclient/plugins/vault.py:769
#: ipaclient/plugins/vault.py:1011
msgid "Vault password"
msgstr ""

#: ipaclient/plugins/vault.py:193 ipaclient/plugins/vault.py:774
#: ipaclient/plugins/vault.py:1016
msgid "File containing the vault password"
msgstr ""

#: ipaclient/plugins/vault.py:198
msgid "File containing the vault public key"
msgstr ""

#: ipaclient/plugins/vault.py:258
msgid "Password can be specified only for symmetric vault"
msgstr ""

#: ipaclient/plugins/vault.py:264
msgid "Public key can be specified only for asymmetric vault"
msgstr ""

#: ipaclient/plugins/vault.py:284 ipaclient/plugins/vault.py:907
#: ipaclient/plugins/vault.py:1153
msgid "Password specified multiple times"
msgstr ""

#: ipaclient/plugins/vault.py:307
msgid "Public key specified multiple times"
msgstr ""

#: ipaclient/plugins/vault.py:323
msgid "Missing vault public key"
msgstr ""

#: ipaclient/plugins/vault.py:335
#, python-format
msgid "Invalid or unsupported vault public key: %s"
msgstr ""

#: ipaclient/plugins/vault.py:369 ipaserver/plugins/vault.py:933
msgid "Modify a vault."
msgstr ""

#: ipaclient/plugins/vault.py:374 ipaserver/plugins/internal.py:1742
msgid "Change password"
msgstr ""

#: ipaclient/plugins/vault.py:379
msgid "Old vault password"
msgstr ""

#: ipaclient/plugins/vault.py:384
msgid "File containing the old vault password"
msgstr ""

#: ipaclient/plugins/vault.py:389
msgid "New vault password"
msgstr "신규 저장소 비밀번호"

#: ipaclient/plugins/vault.py:394
msgid "File containing the new vault password"
msgstr ""

#: ipaclient/plugins/vault.py:399
msgid "Old vault private key"
msgstr ""

#: ipaclient/plugins/vault.py:404
msgid "File containing the old vault private key"
msgstr ""

#: ipaclient/plugins/vault.py:409
msgid "File containing the new vault public key"
msgstr ""

#: ipaclient/plugins/vault.py:515
msgid "New public key specified multiple times"
msgstr ""

#: ipaclient/plugins/vault.py:528
msgid "Missing new vault public key"
msgstr ""

#: ipaclient/plugins/vault.py:660 ipaserver/plugins/vault.py:659
#, python-brace-format
msgid "{algo} is not a supported vault wrapping algorithm"
msgstr ""

#: ipaclient/plugins/vault.py:755 ipaserver/plugins/vault.py:1033
msgid "Archive data into a vault."
msgstr ""

#: ipaclient/plugins/vault.py:760
msgid "Binary data to archive"
msgstr ""

#: ipaclient/plugins/vault.py:764
msgid "File containing data to archive"
msgstr ""

#: ipaclient/plugins/vault.py:778
msgid "Override existing password"
msgstr ""

#: ipaclient/plugins/vault.py:860
msgid "Input data specified multiple times"
msgstr ""

#: ipaclient/plugins/vault.py:865 ipaclient/plugins/vault.py:878
#, python-format
msgid ""
"Size of data exceeds the limit. Current vault data size limit is %(limit)d B"
msgstr ""

#: ipaclient/plugins/vault.py:961 ipaclient/plugins/vault.py:1203
msgid "Invalid vault type"
msgstr ""

#: ipaclient/plugins/vault.py:1001
msgid "Retrieve a data from a vault."
msgstr ""

#: ipaclient/plugins/vault.py:1006
msgid "File to store retrieved data"
msgstr ""

#: ipaclient/plugins/vault.py:1021
msgid "Vault private key"
msgstr ""

#: ipaclient/plugins/vault.py:1026
msgid "File containing the vault private key"
msgstr ""

#: ipaclient/plugins/vault.py:1033 ipaserver/plugins/internal.py:758
msgid "Data"
msgstr "자료"

#: ipaclient/plugins/vault.py:1179
msgid "Private key specified multiple times"
msgstr ""

#: ipaclient/plugins/vault.py:1192
msgid "Missing vault private key"
msgstr ""

#: ipaclient/plugins/sudorule.py:30
#, python-format
msgid "Enabled Sudo Rule \"%s\""
msgstr ""

#: ipaclient/plugins/sudorule.py:36
#, python-format
msgid "Disabled Sudo Rule \"%s\""
msgstr ""

#: ipaclient/plugins/sudorule.py:44
#, python-format
msgid "Added option \"%(option)s\" to Sudo Rule \"%(rule)s\""
msgstr ""

#: ipaclient/plugins/sudorule.py:57
#, python-format
msgid "Removed option \"%(option)s\" from Sudo Rule \"%(rule)s\""
msgstr ""

msgid ""
"\n"
"Directory Server Access Control Instructions (ACIs)\n"
"\n"
"ACIs are used to allow or deny access to information. This module is\n"
"currently designed to allow, not deny, access.\n"
"\n"
"The aci commands are designed to grant permissions that allow updating\n"
"existing entries or adding or deleting new ones. The goal of the ACIs\n"
"that ship with IPA is to provide a set of low-level permissions that\n"
"grant access to special groups called taskgroups. These low-level\n"
"permissions can be combined into roles that grant broader access. These\n"
"roles are another type of group, roles.\n"
"\n"
"For example, if you have taskgroups that allow adding and modifying users "
"you\n"
"could create a role, useradmin. You would assign users to the useradmin\n"
"role to allow them to do the operations defined by the taskgroups.\n"
"\n"
"You can create ACIs that delegate permission so users in group A can write\n"
"attributes on group B.\n"
"\n"
"The type option is a map that applies to all entries in the users, groups "
"or\n"
"host location. It is primarily designed to be used when granting add\n"
"permissions (to write new entries).\n"
"\n"
"An ACI consists of three parts:\n"
"1. target\n"
"2. permissions\n"
"3. bind rules\n"
"\n"
"The target is a set of rules that define which LDAP objects are being\n"
"targeted. This can include a list of attributes, an area of that LDAP\n"
"tree or an LDAP filter.\n"
"\n"
"The targets include:\n"
"- attrs: list of attributes affected\n"
"- type: an object type (user, group, host, service, etc)\n"
"- memberof: members of a group\n"
"- targetgroup: grant access to modify a specific group. This is primarily\n"
"  designed to enable users to add or remove members of a specific group.\n"
"- filter: A legal LDAP filter used to narrow the scope of the target.\n"
"- subtree: Used to apply a rule across an entire set of objects. For "
"example,\n"
"  to allow adding users you need to grant \"add\" permission to the subtree\n"
"  ldap://uid=*,cn=users,cn=accounts,dc=example,dc=com. The subtree option\n"
"  is a fail-safe for objects that may not be covered by the type option.\n"
"\n"
"The permissions define what the ACI is allowed to do, and are one or\n"
"more of:\n"
"1. write - write one or more attributes\n"
"2. read - read one or more attributes\n"
"3. add - add a new entry to the tree\n"
"4. delete - delete an existing entry\n"
"5. all - all permissions are granted\n"
"\n"
"Note the distinction between attributes and entries. The permissions are\n"
"independent, so being able to add a user does not mean that the user will\n"
"be editable.\n"
"\n"
"The bind rule defines who this ACI grants permissions to. The LDAP server\n"
"allows this to be any valid LDAP entry but we encourage the use of\n"
"taskgroups so that the rights can be easily shared through roles.\n"
"\n"
"For a more thorough description of access controls see\n"
"http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Managing_Access_Control."
"html\n"
"\n"
"EXAMPLES:\n"
"\n"
"NOTE: ACIs are now added via the permission plugin. These examples are to\n"
"demonstrate how the various options work but this is done via the "
"permission\n"
"command-line now (see last example).\n"
"\n"
" Add an ACI so that the group \"secretaries\" can update the address on any "
"user:\n"
"   ipa group-add --desc=\"Office secretaries\" secretaries\n"
"   ipa aci-add --attrs=streetAddress --memberof=ipausers --group=secretaries "
"--permissions=write --prefix=none \"Secretaries write addresses\"\n"
"\n"
" Show the new ACI:\n"
"   ipa aci-show --prefix=none \"Secretaries write addresses\"\n"
"\n"
" Add an ACI that allows members of the \"addusers\" permission to add new "
"users:\n"
"   ipa aci-add --type=user --permission=addusers --permissions=add --"
"prefix=none \"Add new users\"\n"
"\n"
" Add an ACI that allows members of the editors manage members of the admins "
"group:\n"
"   ipa aci-add --permissions=write --attrs=member --targetgroup=admins --"
"group=editors --prefix=none \"Editors manage admins\"\n"
"\n"
" Add an ACI that allows members of the admins group to manage the street and "
"zip code of those in the editors group:\n"
"   ipa aci-add --permissions=write --memberof=editors --group=admins --"
"attrs=street --attrs=postalcode --prefix=none \"admins edit the address of "
"editors\"\n"
"\n"
" Add an ACI that allows the admins group manage the street and zipcode of "
"those who work for the boss:\n"
"   ipa aci-add --permissions=write --group=admins --attrs=street --"
"attrs=postalcode --filter=\"(manager=uid=boss,cn=users,cn=accounts,"
"dc=example,dc=com)\" --prefix=none \"Edit the address of those who work for "
"the boss\"\n"
"\n"
" Add an entirely new kind of record to IPA that isn't covered by any of the "
"--type options, creating a permission:\n"
"   ipa permission-add  --permissions=add --subtree=\"cn=*,cn=orange,"
"cn=accounts,dc=example,dc=com\" --desc=\"Add Orange Entries\" add_orange\n"
"\n"
"\n"
"The show command shows the raw 389-ds ACI.\n"
"\n"
"IMPORTANT: When modifying the target attributes of an existing ACI you\n"
"must include all existing attributes as well. When doing an aci-mod the\n"
"targetattr REPLACES the current attributes, it does not add to them.\n"
msgstr ""

msgid "ACI name"
msgstr ""

#: ipaserver/plugins/permission.py:231
msgid "Permission"
msgstr ""

msgid "Permission ACI grants access to"
msgstr ""

#: ipaserver/plugins/delegation.py:97 ipaserver/plugins/aci.py:457
msgid "User group"
msgstr ""

#: ipaserver/plugins/delegation.py:98 ipaserver/plugins/aci.py:458
msgid "User group ACI grants access to"
msgstr ""

#: ipaserver/plugins/delegation.py:81 ipaserver/plugins/selfservice.py:84
#: ipaserver/plugins/aci.py:463 ipaserver/plugins/baseldap.py:74
#: ipaserver/plugins/permission.py:230
msgid "Permissions"
msgstr ""

msgid "Permissions to grant(read, write, add, delete, all)"
msgstr ""

msgid "Attributes to which the permission applies"
msgstr ""

#: ipaserver/plugins/delegation.py:86 ipaserver/plugins/selfservice.py:89
#: ipaserver/plugins/aci.py:472
msgid "Attributes"
msgstr ""

#: ipaserver/plugins/otptoken.py:165 ipaserver/plugins/aci.py:477
#: ipaserver/plugins/permission.py:346 ipaserver/plugins/schema.py:448
#: ipaserver/plugins/vault.py:598
msgid "Type"
msgstr ""

msgid "type of IPA object (user, group, host, hostgroup, service, netgroup)"
msgstr ""

msgid "Member of"
msgstr ""

msgid "Member of a group"
msgstr ""

#: ipaserver/plugins/internal.py:217 ipaserver/plugins/internal.py:1225
#: ipaserver/plugins/internal.py:1754
msgid "Filter"
msgstr ""

msgid "Legal LDAP filter (e.g. ou=Engineering)"
msgstr ""

#: ipaserver/plugins/permission.py:289
msgid "Subtree"
msgstr ""

msgid "Subtree to apply ACI to"
msgstr ""

#: ipaserver/plugins/permission.py:340
msgid "Target group"
msgstr ""

msgid "Group to apply ACI to"
msgstr ""

msgid "Target your own entry (self)"
msgstr ""

msgid "Apply ACI to your own entry (self)"
msgstr ""

msgid "Create new ACI."
msgstr ""

msgid "ACI prefix"
msgstr ""

msgid ""
"Prefix used to distinguish ACI types (permission, delegation, selfservice, "
"none)"
msgstr ""

msgid "Test the ACI syntax but don't write anything"
msgstr ""

msgid ""
"Retrieve and print all attributes from the server. Affects command output."
msgstr ""

msgid "Print entries as stored on the server. Only affects output format."
msgstr ""

msgid "User-friendly description of action performed"
msgstr "수행된 동작에 대한 사용자 친화적인 설명"

msgid "The primary_key value of the entry, e.g. 'jdoe' for a user"
msgstr ""

msgid "Delete ACI."
msgstr ""

#: ipalib/output.py:218 ipaserver/plugins/dns.py:354
msgid "True means the operation was successful"
msgstr ""

msgid ""
"\n"
"Search for ACIs.\n"
"\n"
"    Returns a list of ACIs\n"
"\n"
"    EXAMPLES:\n"
"\n"
"     To find all ACIs that apply directly to members of the group ipausers:\n"
"       ipa aci-find --memberof=ipausers\n"
"\n"
"     To find all ACIs that grant add access:\n"
"       ipa aci-find --permissions=add\n"
"\n"
"    Note that the find command only looks for the given text in the set of\n"
"    ACIs, it does not evaluate the ACIs to see if something would apply.\n"
"    For example, searching on memberof=ipausers will find all ACIs that\n"
"    have ipausers as a memberof. There may be other ACIs that apply to\n"
"    members of that group indirectly.\n"
"    "
msgstr ""

msgid "A string searched in all relevant object attributes"
msgstr ""

#: ipaserver/plugins/baseldap.py:1960 ipaserver/plugins/schema.py:121
#: ipaserver/plugins/cert.py:1564
msgid "Primary key only"
msgstr ""

msgid "Results should contain primary key attribute only (\"name\")"
msgstr ""

msgid "Number of entries returned"
msgstr ""

msgid "True if not all results were returned"
msgstr ""

msgid "Modify ACI."
msgstr ""

msgid "Rename an ACI."
msgstr ""

msgid "New ACI name"
msgstr ""

msgid "Display a single ACI given an ACI name."
msgstr ""

msgid "Location of the ACI"
msgstr ""

msgid ""
"\n"
"Auto Membership Rule.\n"
"\n"
"Bring clarity to the membership of hosts and users by configuring inclusive\n"
"or exclusive regex patterns, you can automatically assign a new entries "
"into\n"
"a group or hostgroup based upon attribute information.\n"
"\n"
"A rule is directly associated with a group by name, so you cannot create\n"
"a rule without an accompanying group or hostgroup.\n"
"\n"
"A condition is a regular expression used by 389-ds to match a new incoming\n"
"entry with an automember rule. If it matches an inclusive rule then the\n"
"entry is added to the appropriate group or hostgroup.\n"
"\n"
"A default group or hostgroup could be specified for entries that do not\n"
"match any rule. In case of user entries this group will be a fallback group\n"
"because all users are by default members of group specified in IPA config.\n"
"\n"
"The automember-rebuild command can be used to retroactively run automember "
"rules\n"
"against existing entries, thus rebuilding their membership.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add the initial group or hostgroup:\n"
"   ipa hostgroup-add --desc=\"Web Servers\" webservers\n"
"   ipa group-add --desc=\"Developers\" devel\n"
"\n"
" Add the initial rule:\n"
"   ipa automember-add --type=hostgroup webservers\n"
"   ipa automember-add --type=group devel\n"
"\n"
" Add a condition to the rule:\n"
"   ipa automember-add-condition --key=fqdn --type=hostgroup --inclusive-"
"regex=^web[1-9]+\\.example\\.com webservers\n"
"   ipa automember-add-condition --key=manager --type=group --inclusive-"
"regex=^uid=mscott devel\n"
"\n"
" Add an exclusive condition to the rule to prevent auto assignment:\n"
"   ipa automember-add-condition --key=fqdn --type=hostgroup --exclusive-"
"regex=^web5\\.example\\.com webservers\n"
"\n"
" Add a host:\n"
"    ipa host-add web1.example.com\n"
"\n"
" Add a user:\n"
"    ipa user-add --first=Tim --last=User --password tuser1 --manager=mscott\n"
"\n"
" Verify automembership:\n"
"    ipa hostgroup-show webservers\n"
"      Host-group: webservers\n"
"      Description: Web Servers\n"
"      Member hosts: web1.example.com\n"
"\n"
"    ipa group-show devel\n"
"      Group name: devel\n"
"      Description: Developers\n"
"      GID: 1004200000\n"
"      Member users: tuser\n"
"\n"
" Remove a condition from the rule:\n"
"   ipa automember-remove-condition --key=fqdn --type=hostgroup --inclusive-"
"regex=^web[1-9]+\\.example\\.com webservers\n"
"\n"
" Modify the automember rule:\n"
"    ipa automember-mod\n"
"\n"
" Set the default (fallback) target group:\n"
"    ipa automember-default-group-set --default-group=webservers --"
"type=hostgroup\n"
"    ipa automember-default-group-set --default-group=ipausers --type=group\n"
"\n"
" Remove the default (fallback) target group:\n"
"    ipa automember-default-group-remove --type=hostgroup\n"
"    ipa automember-default-group-remove --type=group\n"
"\n"
" Show the default (fallback) target group:\n"
"    ipa automember-default-group-show --type=hostgroup\n"
"    ipa automember-default-group-show --type=group\n"
"\n"
" Find all of the automember rules:\n"
"    ipa automember-find\n"
"\n"
" Display a automember rule:\n"
"    ipa automember-show --type=hostgroup webservers\n"
"    ipa automember-show --type=group devel\n"
"\n"
" Delete an automember rule:\n"
"    ipa automember-del --type=hostgroup webservers\n"
"    ipa automember-del --type=group devel\n"
"\n"
" Rebuild membership for all users:\n"
"    ipa automember-rebuild --type=group\n"
"\n"
" Rebuild membership for all hosts:\n"
"    ipa automember-rebuild --type=hostgroup\n"
"\n"
" Rebuild membership for specified users:\n"
"    ipa automember-rebuild --users=tuser1 --users=tuser2\n"
"\n"
" Rebuild membership for specified hosts:\n"
"    ipa automember-rebuild --hosts=web1.example.com --hosts=web2.example."
"com\n"
msgstr ""

#: ipaserver/plugins/automount.py:364 ipaserver/plugins/group.py:342
#: ipaserver/plugins/hbacsvc.py:108 ipaserver/plugins/hbacsvcgroup.py:120
#: ipaserver/plugins/hostgroup.py:193 ipaserver/plugins/location.py:111
#: ipaserver/plugins/netgroup.py:210 ipaserver/plugins/otptoken.py:174
#: ipaserver/plugins/radiusproxy.py:117 ipaserver/plugins/role.py:153
#: ipaserver/plugins/subid.py:143 ipaserver/plugins/sudocmd.py:128
#: ipaserver/plugins/sudocmdgroup.py:130 ipaserver/plugins/automember.py:257
#: ipaserver/plugins/privilege.py:159 ipaserver/plugins/vault.py:592
#: ipaserver/plugins/caacl.py:175 ipaserver/plugins/certmap.py:279
#: ipaserver/plugins/hbacrule.py:253 ipaserver/plugins/host.py:473
#: ipaserver/plugins/selinuxusermap.py:265 ipaserver/plugins/idviews.py:142
#: ipaserver/plugins/idviews.py:776 ipaserver/plugins/ca.py:91
#: ipaserver/plugins/sudorule.py:247
msgid "Description"
msgstr ""

#: ipaserver/plugins/automember.py:258
msgid "A description of this auto member rule"
msgstr ""

#: ipaserver/plugins/automember.py:262 ipaserver/plugins/automember.py:585
msgid "Default (fallback) Group"
msgstr ""

#: ipaserver/plugins/automember.py:263
msgid "Default group for entries to land"
msgstr ""

msgid "Add an automember rule."
msgstr ""

#: ipaserver/plugins/automember.py:249 ipaserver/plugins/automember.py:250
msgid "Automember Rule"
msgstr ""

#: ipaserver/plugins/baseldap.py:977
msgid ""
"Set an attribute to a name/value pair. Format is attr=value.\n"
"For multi-valued attributes, the command replaces the values already present."
msgstr ""

#: ipaserver/plugins/baseldap.py:983
msgid ""
"Add an attribute/value pair. Format is attr=value. The attribute\n"
"must be part of the schema."
msgstr ""

#: ipaserver/plugins/automember.py:184
msgid "Grouping Type"
msgstr ""

#: ipaserver/plugins/automember.py:185
msgid "Grouping to which the rule applies"
msgstr ""

msgid "Add conditions to an automember rule."
msgstr ""

#: ipaserver/plugins/automember.py:160 ipaserver/plugins/automember.py:161
msgid "Inclusive Regex"
msgstr ""

#: ipaserver/plugins/automember.py:167 ipaserver/plugins/automember.py:168
msgid "Exclusive Regex"
msgstr ""

#: ipaserver/plugins/automember.py:176
msgid "Attribute Key"
msgstr ""

#: ipaserver/plugins/automember.py:177
msgid ""
"Attribute to filter via regex. For example fqdn for a host, or manager for a "
"user"
msgstr ""

#: ipaserver/plugins/automember.py:357
msgid "Conditions that could not be added"
msgstr ""

#: ipaserver/plugins/automember.py:361
msgid "Number of conditions added"
msgstr ""

msgid "Remove default (fallback) group for all unmatched entries."
msgstr ""

msgid "Set default (fallback) group for all unmatched entries."
msgstr ""

#: ipaserver/plugins/automember.py:586
msgid "Default (fallback) group for entries to land"
msgstr ""

msgid "Display information about the default (fallback) automember groups."
msgstr ""

msgid "Delete an automember rule."
msgstr ""

#: ipalib/output.py:204
msgid "List of deletions that failed"
msgstr ""

msgid "Search for automember rules."
msgstr ""

msgid "Modify an automember rule."
msgstr ""

#: ipaserver/plugins/baseldap.py:989
msgid ""
"Delete an attribute/value pair. The option will be evaluated\n"
"last, after all sets and adds."
msgstr ""

#: ipaserver/plugins/baseldap.py:1402 ipaserver/plugins/baseldap.py:1477
msgid "Rights"
msgstr ""

#: ipaserver/plugins/baseldap.py:1403 ipaserver/plugins/baseldap.py:1478
msgid ""
"Display the access rights of this entry (requires --all). See ipa man page "
"for details."
msgstr ""

#: ipaserver/plugins/automember.py:683
msgid "Rebuild auto membership."
msgstr ""

#: ipaserver/plugins/automember.py:693
msgid "Rebuild membership for all members of a grouping"
msgstr ""

#: ipaserver/plugins/automember.py:697 ipaserver/plugins/baseuser.py:208
#: ipaserver/plugins/caacl.py:220 ipaserver/plugins/hbacrule.py:260
#: ipaserver/plugins/internal.py:1200 ipaserver/plugins/selinuxusermap.py:272
#: ipaserver/plugins/sudorule.py:291 ipaserver/plugins/user.py:162
msgid "Users"
msgstr ""

#: ipaserver/plugins/automember.py:698
msgid "Rebuild membership for specified users"
msgstr ""

#: ipaserver/plugins/automember.py:702 ipaserver/plugins/caacl.py:228
#: ipaserver/plugins/hbacrule.py:268 ipaserver/plugins/host.py:461
#: ipaserver/plugins/internal.py:1174 ipaserver/plugins/selinuxusermap.py:280
#: ipaserver/plugins/sudorule.py:304
msgid "Hosts"
msgstr ""

#: ipaserver/plugins/automember.py:703
msgid "Rebuild membership for specified hosts"
msgstr ""

#: ipaserver/plugins/automember.py:708
msgid "No wait"
msgstr ""

#: ipaserver/plugins/automember.py:709
msgid "Don't wait for rebuilding membership"
msgstr ""

msgid "Remove conditions from an automember rule."
msgstr ""

#: ipaserver/plugins/automember.py:441
msgid "Conditions that could not be removed"
msgstr ""

#: ipaserver/plugins/automember.py:445
msgid "Number of conditions removed"
msgstr ""

msgid "Display information about an automember rule."
msgstr ""

#: ipaserver/plugins/automount.py:41
msgid ""
"\n"
"Automount\n"
"\n"
"Stores automount(8) configuration for autofs(8) in IPA.\n"
"\n"
"The base of an automount configuration is the configuration file auto."
"master.\n"
"This is also the base location in IPA. Multiple auto.master configurations\n"
"can be stored in separate locations. A location is implementation-specific\n"
"with the default being a location named 'default'. For example, you can "
"have\n"
"locations by geographic region, by floor, by type, etc.\n"
"\n"
"Automount has three basic object types: locations, maps and keys.\n"
"\n"
"A location defines a set of maps anchored in auto.master. This allows you\n"
"to store multiple automount configurations. A location in itself isn't\n"
"very interesting, it is just a point to start a new automount map.\n"
"\n"
"A map is roughly equivalent to a discrete automount file and provides\n"
"storage for keys.\n"
"\n"
"A key is a mount point associated with a map.\n"
"\n"
"When a new location is created, two maps are automatically created for\n"
"it: auto.master and auto.direct. auto.master is the root map for all\n"
"automount maps for the location. auto.direct is the default map for\n"
"direct mounts and is mounted on /-.\n"
"\n"
"An automount map may contain a submount key. This key defines a mount\n"
"location within the map that references another map. This can be done\n"
"either using automountmap-add-indirect --parentmap or manually\n"
"with automountkey-add and setting info to \"-type=autofs :<mapname>\".\n"
"\n"
"EXAMPLES:\n"
"\n"
"Locations:\n"
"\n"
"  Create a named location, \"Baltimore\":\n"
"    ipa automountlocation-add baltimore\n"
"\n"
"  Display the new location:\n"
"    ipa automountlocation-show baltimore\n"
"\n"
"  Find available locations:\n"
"    ipa automountlocation-find\n"
"\n"
"  Remove a named automount location:\n"
"    ipa automountlocation-del baltimore\n"
"\n"
"  Show what the automount maps would look like if they were in the "
"filesystem:\n"
"    ipa automountlocation-tofiles baltimore\n"
"\n"
"  Import an existing configuration into a location:\n"
"    ipa automountlocation-import baltimore /etc/auto.master\n"
"\n"
"    The import will fail if any duplicate entries are found. For\n"
"    continuous operation where errors are ignored, use the --continue\n"
"    option.\n"
"\n"
"Maps:\n"
"\n"
"  Create a new map, \"auto.share\":\n"
"    ipa automountmap-add baltimore auto.share\n"
"\n"
"  Display the new map:\n"
"    ipa automountmap-show baltimore auto.share\n"
"\n"
"  Find maps in the location baltimore:\n"
"    ipa automountmap-find baltimore\n"
"\n"
"  Create an indirect map with auto.share as a submount:\n"
"    ipa automountmap-add-indirect baltimore --parentmap=auto.share --"
"mount=sub auto.man\n"
"\n"
"    This is equivalent to:\n"
"\n"
"    ipa automountmap-add-indirect baltimore --mount=/man auto.man\n"
"    ipa automountkey-add baltimore auto.man --key=sub --info=\"-"
"fstype=autofs ldap:auto.share\"\n"
"\n"
"  Remove the auto.share map:\n"
"    ipa automountmap-del baltimore auto.share\n"
"\n"
"Keys:\n"
"\n"
"  Create a new key for the auto.share map in location baltimore. This ties\n"
"  the map we previously created to auto.master:\n"
"    ipa automountkey-add baltimore auto.master --key=/share --info=auto."
"share\n"
"\n"
"  Create a new key for our auto.share map, an NFS mount for man pages:\n"
"    ipa automountkey-add baltimore auto.share --key=man --info=\"-ro,soft,"
"rsize=8192,wsize=8192 ipa.example.com:/shared/man\"\n"
"\n"
"  Find all keys for the auto.share map:\n"
"    ipa automountkey-find baltimore auto.share\n"
"\n"
"  Find all direct automount keys:\n"
"    ipa automountkey-find baltimore --key=/-\n"
"\n"
"  Remove the man key from the auto.share map:\n"
"    ipa automountkey-del baltimore auto.share --key=man\n"
msgstr ""

#: ipaserver/plugins/automount.py:465 ipaserver/plugins/automount.py:712
#: ipaserver/plugins/automount.py:819 ipaserver/plugins/otptoken.py:219
msgid "Key"
msgstr ""

#: ipaserver/plugins/automount.py:466 ipaserver/plugins/automount.py:713
#: ipaserver/plugins/automount.py:820
msgid "Automount key name."
msgstr ""

#: ipaserver/plugins/automount.py:471 ipaserver/plugins/automount.py:717
#: ipaserver/plugins/automount.py:824
msgid "Mount information"
msgstr ""

#: ipaserver/plugins/automount.py:474
msgid "description"
msgstr ""

#: ipaserver/plugins/server.py:132 ipaserver/plugins/host.py:483
msgid "Location"
msgstr ""

#: ipaserver/plugins/automount.py:253
msgid "Automount location name."
msgstr ""

#: ipaserver/plugins/automount.py:358
msgid "Map"
msgstr ""

#: ipaserver/plugins/automount.py:359
msgid "Automount map name."
msgstr ""

#: ipaserver/plugins/automount.py:623
msgid "Create a new automount key."
msgstr ""

#: ipaserver/plugins/automount.py:705
msgid "Delete an automount key."
msgstr ""

#: ipaserver/plugins/baseldap.py:1381
msgid "Continuous mode: Don't stop on errors."
msgstr ""

#: ipaserver/plugins/automount.py:804
msgid "Search for an automount key."
msgstr ""

#: ipaserver/plugins/serverrole.py:123 ipaserver/plugins/baseldap.py:1979
#: ipaserver/plugins/cert.py:1569
msgid "Time Limit"
msgstr ""

msgid "Time limit of search in seconds"
msgstr ""

#: ipaserver/plugins/serverrole.py:131 ipaserver/plugins/baseldap.py:1986
#: ipaserver/plugins/hbactest.py:304 ipaserver/plugins/cert.py:1574
msgid "Size Limit"
msgstr ""

msgid "Maximum number of entries returned"
msgstr ""

#: ipaserver/plugins/automount.py:746
msgid "Modify an automount key."
msgstr "자동 적재된 키를 수정합니다."

#: ipaserver/plugins/automount.py:755
msgid "New mount information"
msgstr ""

#: ipaserver/plugins/baseldap.py:1487
msgid "Rename"
msgstr ""

msgid "Rename the automount key object"
msgstr ""

#: ipaserver/plugins/automount.py:814
msgid "Display an automount key."
msgstr ""

#: ipaserver/plugins/automount.py:261
msgid "Create a new automount location."
msgstr ""

#: ipaserver/plugins/automount.py:281
msgid "Delete an automount location."
msgstr ""

#: ipaserver/plugins/automount.py:293
msgid "Search for an automount location."
msgstr ""

msgid "Results should contain primary key attribute only (\"location\")"
msgstr ""

#: ipaserver/plugins/automount.py:288
msgid "Display an automount location."
msgstr ""

#: ipaserver/plugins/automount.py:303
msgid "Generate automount files for a specific location."
msgstr ""

#: ipaserver/plugins/automount.py:399
msgid "Create a new automount map."
msgstr ""

#: ipaserver/plugins/automount.py:652
msgid "Create a new indirect mount point."
msgstr ""

#: ipaserver/plugins/automount.py:659
msgid "Mount point"
msgstr ""

#: ipaserver/plugins/automount.py:663
msgid "Parent map"
msgstr ""

#: ipaserver/plugins/automount.py:664
msgid "Name of parent automount map (default: auto.master)."
msgstr ""

#: ipaserver/plugins/automount.py:406
msgid "Delete an automount map."
msgstr ""

#: ipaserver/plugins/automount.py:433
msgid "Search for an automount map."
msgstr ""

msgid "Results should contain primary key attribute only (\"map\")"
msgstr ""

#: ipaserver/plugins/automount.py:426
msgid "Modify an automount map."
msgstr ""

#: ipaserver/plugins/automount.py:443
msgid "Display an automount map."
msgstr ""

msgid ""
"\n"
"Plugin to make multiple ipa calls via one remote procedure call\n"
"\n"
"To run this code in the lite-server\n"
"\n"
"curl   -H \"Content-Type:application/json\"          -H \"Accept:application/"
"json\" -H \"Accept-Language:en\"        --negotiate -u :          --cacert /"
"etc/ipa/ca.crt           -d  @batch_request.json -X POST       http://"
"localhost:8888/ipa/json\n"
"\n"
"where the contents of the file batch_request.json follow the below example\n"
"\n"
"{\"method\":\"batch\",\"params\":[[\n"
"        {\"method\":\"group_find\",\"params\":[[],{}]},\n"
"        {\"method\":\"user_find\",\"params\":[[],{\"whoami\":\"true\","
"\"all\":\"true\"}]},\n"
"        {\"method\":\"user_show\",\"params\":[[\"admin\"],{\"all\":true}]}\n"
"        ],{}],\"id\":1}\n"
"\n"
"The format of the response is nested the same way.  At the top you will see\n"
"  \"error\": null,\n"
"    \"id\": 1,\n"
"    \"result\": {\n"
"        \"count\": 3,\n"
"            \"results\": [\n"
"\n"
"\n"
"And then a nested response for each IPA command method sent in the request\n"
msgstr ""

msgid "Nested Methods to execute"
msgstr ""

msgid ""
"\n"
"IPA certificate operations\n"
"\n"
"Implements a set of commands for managing server SSL certificates.\n"
"\n"
"Certificate requests exist in the form of a Certificate Signing Request "
"(CSR)\n"
"in PEM format.\n"
"\n"
"The dogtag CA uses just the CN value of the CSR and forces the rest of the\n"
"subject to values configured in the server.\n"
"\n"
"A certificate is stored with a service principal and a service principal\n"
"needs a host.\n"
"\n"
"In order to request a certificate:\n"
"\n"
"* The host must exist\n"
"* The service must exist (or you use the --add option to automatically add "
"it)\n"
"\n"
"SEARCHING:\n"
"\n"
"Certificates may be searched on by certificate subject, serial number,\n"
"revocation reason, validity dates and the issued date.\n"
"\n"
"When searching on dates the _from date does a >= search and the _to date\n"
"does a <= search. When combined these are done as an AND.\n"
"\n"
"Dates are treated as GMT to match the dates in the certificates.\n"
"\n"
"The date format is YYYY-mm-dd.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Request a new certificate and add the principal:\n"
"   ipa cert-request --add --principal=HTTP/lion.example.com example.csr\n"
"\n"
" Retrieve an existing certificate:\n"
"   ipa cert-show 1032\n"
"\n"
" Revoke a certificate (see RFC 5280 for reason details):\n"
"   ipa cert-revoke --revocation-reason=6 1032\n"
"\n"
" Remove a certificate from revocation hold status:\n"
"   ipa cert-remove-hold 1032\n"
"\n"
" Check the status of a signing request:\n"
"   ipa cert-status 10\n"
"\n"
" Search for certificates by hostname:\n"
"   ipa cert-find --subject=ipaserver.example.com\n"
"\n"
" Search for revoked certificates by reason:\n"
"   ipa cert-find --revocation-reason=5\n"
"\n"
" Search for certificates based on issuance date\n"
"   ipa cert-find --issuedon-from=2013-02-01 --issuedon-to=2013-02-07\n"
"\n"
"IPA currently immediately issues (or declines) all certificate requests so\n"
"the status of a request is not normally useful. This is for future use\n"
"or the case where a CA does not immediately issue a certificate.\n"
"\n"
"The following revocation reasons are supported:\n"
"\n"
"    * 0 - unspecified\n"
"    * 1 - keyCompromise\n"
"    * 2 - cACompromise\n"
"    * 3 - affiliationChanged\n"
"    * 4 - superseded\n"
"    * 5 - cessationOfOperation\n"
"    * 6 - certificateHold\n"
"    * 8 - removeFromCRL\n"
"    * 9 - privilegeWithdrawn\n"
"    * 10 - aACompromise\n"
"\n"
"Note that reason code 7 is not used.  See RFC 5280 for more details:\n"
"\n"
"http://www.ietf.org/rfc/rfc5280.txt\n"
msgstr ""

msgid "Checks if any of the servers has the CA service enabled."
msgstr ""

msgid "Search for existing certificates."
msgstr ""

msgid "Match cn attribute in subject"
msgstr "주제에서 cn 속성을 일치합니다"

msgid "Reason"
msgstr ""

msgid "Reason for revoking the certificate (0-10)"
msgstr ""

msgid "minimum serial number"
msgstr ""

msgid "maximum serial number"
msgstr ""

msgid "match the common name exactly"
msgstr ""

msgid "Valid not after from this date (YYYY-mm-dd)"
msgstr ""

msgid "Valid not after to this date (YYYY-mm-dd)"
msgstr ""

msgid "Valid not before from this date (YYYY-mm-dd)"
msgstr ""

msgid "Valid not before to this date (YYYY-mm-dd)"
msgstr ""

msgid "Issued on from this date (YYYY-mm-dd)"
msgstr ""

msgid "Issued on to this date (YYYY-mm-dd)"
msgstr ""

msgid "Revoked on from this date (YYYY-mm-dd)"
msgstr ""

msgid "Revoked on to this date (YYYY-mm-dd)"
msgstr ""

msgid "Maximum number of certs returned"
msgstr ""

msgid "Take a revoked certificate off hold."
msgstr ""

msgid "Serial number"
msgstr ""

msgid "Serial number in decimal or if prefixed with 0x in hexadecimal"
msgstr ""

msgid "Submit a certificate signing request."
msgstr ""

msgid "CSR"
msgstr ""

msgid "Principal"
msgstr ""

msgid "Service principal for this certificate (e.g. HTTP/test.example.com)"
msgstr ""

msgid "automatically add the principal if it doesn't exist"
msgstr ""

msgid "Dictionary mapping variable name to value"
msgstr ""

msgid "Revoke a certificate."
msgstr ""

msgid "Retrieve an existing certificate."
msgstr ""

msgid "Output filename"
msgstr ""

msgid "File to store the certificate in."
msgstr ""

msgid "Check the status of a certificate signing request."
msgstr ""

msgid "Request id"
msgstr ""

msgid ""
"\n"
"Server configuration\n"
"\n"
"Manage the default values that IPA uses and some of its tuning parameters.\n"
"\n"
"NOTES:\n"
"\n"
"The password notification value (--pwdexpnotify) is stored here so it will\n"
"be replicated. It is not currently used to notify users in advance of an\n"
"expiring password.\n"
"\n"
"Some attributes are read-only, provided only for information purposes. "
"These\n"
"include:\n"
"\n"
"Certificate Subject base: the configured certificate subject base,\n"
"  e.g. O=EXAMPLE.COM.  This is configurable only at install time.\n"
"Password plug-in features: currently defines additional hashes that the\n"
"  password will generate (there may be other conditions).\n"
"\n"
"When setting the order list for mapping SELinux users you may need to\n"
"quote the value so it isn't interpreted by the shell.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Show basic server configuration:\n"
"   ipa config-show\n"
"\n"
" Show all configuration options:\n"
"   ipa config-show --all\n"
"\n"
" Change maximum username length to 99 characters:\n"
"   ipa config-mod --maxusername=99\n"
"\n"
" Increase default time and size limits for maximum IPA server search:\n"
"   ipa config-mod --searchtimelimit=10 --searchrecordslimit=2000\n"
"\n"
" Set default user e-mail domain:\n"
"   ipa config-mod --emaildomain=example.com\n"
"\n"
" Enable migration mode to make \"ipa migrate-ds\" command operational:\n"
"   ipa config-mod --enable-migration=TRUE\n"
"\n"
" Define SELinux user map order:\n"
"   ipa config-mod --ipaselinuxusermaporder='guest_u:s0$xguest_u:s0$user_u:s0-"
"s0:c0.c1023$staff_u:s0-s0:c0.c1023$unconfined_u:s0-s0:c0.c1023'\n"
msgstr ""

msgid "Maximum username length"
msgstr ""

msgid "Home directory base"
msgstr ""

msgid "Default location of home directories"
msgstr ""

msgid "Default shell"
msgstr ""

msgid "Default shell for new users"
msgstr ""

msgid "Default users group"
msgstr ""

msgid "Default group for new users"
msgstr ""

#: ipaserver/plugins/config.py:193
msgid "Default e-mail domain"
msgstr ""

msgid "Search time limit"
msgstr ""

msgid ""
"Maximum amount of time (seconds) for a search (> 0, or -1 for unlimited)"
msgstr ""

msgid "Search size limit"
msgstr ""

msgid "Maximum number of records to search (-1 is unlimited)"
msgstr ""

msgid "User search fields"
msgstr ""

msgid "A comma-separated list of fields to search in when searching for users"
msgstr ""

msgid "Group search fields"
msgstr ""

msgid "A comma-separated list of fields to search in when searching for groups"
msgstr ""

#: ipaserver/plugins/config.py:220
msgid "Enable migration mode"
msgstr ""

msgid "Certificate Subject base"
msgstr ""

msgid "Base for certificate subjects (OU=Test,O=Example)"
msgstr ""

msgid "Default group objectclasses"
msgstr ""

msgid "Default group objectclasses (comma-separated list)"
msgstr ""

msgid "Default user objectclasses"
msgstr ""

msgid "Default user objectclasses (comma-separated list)"
msgstr ""

msgid "Password Expiration Notification (days)"
msgstr ""

msgid "Number of days's notice of impending password expiration"
msgstr ""

msgid "Password plugin features"
msgstr ""

msgid "Extra hashes to generate in password plug-in"
msgstr "비밀번호 플러그-인에서 생성 할 추가 해쉬"

msgid "SELinux user map order"
msgstr ""

msgid "Order in increasing priority of SELinux users, delimited by $"
msgstr ""

msgid "Default SELinux user"
msgstr ""

msgid "Default SELinux user when no match is found in SELinux map rule"
msgstr ""

msgid "Default PAC types"
msgstr ""

msgid "Default types of PAC supported for services"
msgstr ""

msgid "Default user authentication types"
msgstr ""

msgid "Default types of supported user authentication"
msgstr ""

msgid "Modify configuration options."
msgstr ""

msgid "Show the current configuration."
msgstr ""

#: ipaserver/plugins/delegation.py:29
msgid ""
"\n"
"Group to Group Delegation\n"
"\n"
"A permission enables fine-grained delegation of permissions. Access Control\n"
"Rules, or instructions (ACIs), grant permission to permissions to perform\n"
"given tasks such as adding a user, modifying a group, etc.\n"
"\n"
"Group to Group Delegations grants the members of one group to update a set\n"
"of attributes of members of another group.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a delegation rule to allow managers to edit employee's addresses:\n"
"   ipa delegation-add --attrs=street --group=managers --"
"membergroup=employees \"managers edit employees' street\"\n"
"\n"
" When managing the list of attributes you need to include all attributes\n"
" in the list, including existing ones. Add postalCode to the list:\n"
"   ipa delegation-mod --attrs=street --attrs=postalCode --group=managers --"
"membergroup=employees \"managers edit employees' street\"\n"
"\n"
" Display our updated rule:\n"
"   ipa delegation-show \"managers edit employees' street\"\n"
"\n"
" Delete a rule:\n"
"   ipa delegation-del \"managers edit employees' street\"\n"
msgstr ""

#: ipaserver/plugins/delegation.py:75 ipaserver/plugins/delegation.py:76
#: ipaserver/plugins/servicedelegation.py:162
msgid "Delegation name"
msgstr ""

#: ipaserver/plugins/delegation.py:82 ipaserver/plugins/selfservice.py:85
msgid "Permissions to grant (read, write). Default is write."
msgstr ""

#: ipaserver/plugins/delegation.py:87
msgid "Attributes to which the delegation applies"
msgstr ""

#: ipaserver/plugins/delegation.py:92
msgid "Member user group"
msgstr ""

#: ipaserver/plugins/delegation.py:93
msgid "User group to apply delegation to"
msgstr ""

#: ipaserver/plugins/delegation.py:130
msgid "Add a new delegation."
msgstr ""

#: ipaserver/plugins/delegation.py:150
msgid "Delete a delegation."
msgstr ""

#: ipaserver/plugins/delegation.py:186
msgid "Search for delegations."
msgstr ""

#: ipaserver/plugins/delegation.py:168
msgid "Modify a delegation."
msgstr ""

#: ipaserver/plugins/delegation.py:211
msgid "Display information about a delegation."
msgstr ""

msgid ""
"\n"
"Domain Name System (DNS)\n"
"\n"
"Manage DNS zone and resource records.\n"
"\n"
"SUPPORTED ZONE TYPES\n"
"\n"
" * Master zone (dnszone-*), contains authoritative data.\n"
" * Forward zone (dnsforwardzone-*), forwards queries to configured "
"forwarders\n"
" (a set of DNS servers).\n"
"\n"
"USING STRUCTURED PER-TYPE OPTIONS\n"
"\n"
"There are many structured DNS RR types where DNS data stored in LDAP server\n"
"is not just a scalar value, for example an IP address or a domain name, but\n"
"a data structure which may be often complex. A good example is a LOC record\n"
"[RFC1876] which consists of many mandatory and optional parts (degrees,\n"
"minutes, seconds of latitude and longitude, altitude or precision).\n"
"\n"
"It may be difficult to manipulate such DNS records without making a mistake\n"
"and entering an invalid value. DNS module provides an abstraction over "
"these\n"
"raw records and allows to manipulate each RR type with specific options. "
"For\n"
"each supported RR type, DNS module provides a standard option to manipulate\n"
"a raw records with format --<rrtype>-rec, e.g. --mx-rec, and special "
"options\n"
"for every part of the RR structure with format --<rrtype>-<partname>, e.g.\n"
"--mx-preference and --mx-exchanger.\n"
"\n"
"When adding a record, either RR specific options or standard option for a "
"raw\n"
"value can be used, they just should not be combined in one add operation. "
"When\n"
"modifying an existing entry, new RR specific options can be used to change\n"
"one part of a DNS record, where the standard option for raw value is used\n"
"to specify the modified value. The following example demonstrates\n"
"a modification of MX record preference from 0 to 1 in a record without\n"
"modifying the exchanger:\n"
"ipa dnsrecord-mod --mx-rec=\"0 mx.example.com.\" --mx-preference=1\n"
"\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add new zone:\n"
"   ipa dnszone-add example.com --admin-email=admin@example.com\n"
"\n"
" Add system permission that can be used for per-zone privilege delegation:\n"
"   ipa dnszone-add-permission example.com\n"
"\n"
" Modify the zone to allow dynamic updates for hosts own records in realm "
"EXAMPLE.COM:\n"
"   ipa dnszone-mod example.com --dynamic-update=TRUE\n"
"\n"
"   This is the equivalent of:\n"
"     ipa dnszone-mod example.com --dynamic-update=TRUE       --update-"
"policy=\"grant EXAMPLE.COM krb5-self * A; grant EXAMPLE.COM krb5-self * "
"AAAA; grant EXAMPLE.COM krb5-self * SSHFP;\"\n"
"\n"
" Modify the zone to allow zone transfers for local network only:\n"
"   ipa dnszone-mod example.com --allow-transfer=192.0.2.0/24\n"
"\n"
" Add new reverse zone specified by network IP address:\n"
"   ipa dnszone-add --name-from-ip=192.0.2.0/24\n"
"\n"
" Add second nameserver for example.com:\n"
"   ipa dnsrecord-add example.com @ --ns-rec=nameserver2.example.com\n"
"\n"
" Add a mail server for example.com:\n"
"   ipa dnsrecord-add example.com @ --mx-rec=\"10 mail1\"\n"
"\n"
" Add another record using MX record specific options:\n"
"  ipa dnsrecord-add example.com @ --mx-preference=20 --mx-exchanger=mail2\n"
"\n"
" Add another record using interactive mode (started when dnsrecord-add, "
"dnsrecord-mod,\n"
" or dnsrecord-del are executed with no options):\n"
"  ipa dnsrecord-add example.com @\n"
"  Please choose a type of DNS resource record to be added\n"
"  The most common types for this type of zone are: NS, MX, LOC\n"
"\n"
"  DNS resource record type: MX\n"
"  MX Preference: 30\n"
"  MX Exchanger: mail3\n"
"    Record name: example.com\n"
"    MX record: 10 mail1, 20 mail2, 30 mail3\n"
"    NS record: nameserver.example.com., nameserver2.example.com.\n"
"\n"
" Delete previously added nameserver from example.com:\n"
"   ipa dnsrecord-del example.com @ --ns-rec=nameserver2.example.com.\n"
"\n"
" Add LOC record for example.com:\n"
"   ipa dnsrecord-add example.com @ --loc-rec=\"49 11 42.4 N 16 36 29.6 E "
"227.64m\"\n"
"\n"
" Add new A record for www.example.com. Create a reverse record in "
"appropriate\n"
" reverse zone as well. In this case a PTR record \"2\" pointing to www."
"example.com\n"
" will be created in zone 2.0.192.in-addr.arpa.\n"
"   ipa dnsrecord-add example.com www --a-rec=192.0.2.2 --a-create-reverse\n"
"\n"
" Add new PTR record for www.example.com\n"
"   ipa dnsrecord-add 2.0.192.in-addr.arpa. 2 --ptr-rec=www.example.com.\n"
"\n"
" Add new SRV records for LDAP servers. Three quarters of the requests\n"
" should go to fast.example.com, one quarter to slow.example.com. If neither\n"
" is available, switch to backup.example.com.\n"
"   ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"0 3 389 fast.example."
"com\"\n"
"   ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"0 1 389 slow.example."
"com\"\n"
"   ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"1 1 389 backup."
"example.com\"\n"
"\n"
" The interactive mode can be used for easy modification:\n"
"  ipa dnsrecord-mod example.com _ldap._tcp\n"
"  No option to modify specific record provided.\n"
"  Current DNS record contents:\n"
"\n"
"  SRV record: 0 3 389 fast.example.com, 0 1 389 slow.example.com, 1 1 389 "
"backup.example.com\n"
"\n"
"  Modify SRV record '0 3 389 fast.example.com'? Yes/No (default No):\n"
"  Modify SRV record '0 1 389 slow.example.com'? Yes/No (default No): y\n"
"  SRV Priority [0]:                     (keep the default value)\n"
"  SRV Weight [1]: 2                     (modified value)\n"
"  SRV Port [389]:                       (keep the default value)\n"
"  SRV Target [slow.example.com]:        (keep the default value)\n"
"  1 SRV record skipped. Only one value per DNS record type can be modified "
"at one time.\n"
"    Record name: _ldap._tcp\n"
"    SRV record: 0 3 389 fast.example.com, 1 1 389 backup.example.com, 0 2 "
"389 slow.example.com\n"
"\n"
" After this modification, three fifths of the requests should go to\n"
" fast.example.com and two fifths to slow.example.com.\n"
"\n"
" An example of the interactive mode for dnsrecord-del command:\n"
"   ipa dnsrecord-del example.com www\n"
"   No option to delete specific record provided.\n"
"   Delete all? Yes/No (default No):     (do not delete all records)\n"
"   Current DNS record contents:\n"
"\n"
"   A record: 192.0.2.2, 192.0.2.3\n"
"\n"
"   Delete A record '192.0.2.2'? Yes/No (default No):\n"
"   Delete A record '192.0.2.3'? Yes/No (default No): y\n"
"     Record name: www\n"
"     A record: 192.0.2.2               (A record 192.0.2.3 has been "
"deleted)\n"
"\n"
" Show zone example.com:\n"
"   ipa dnszone-show example.com\n"
"\n"
" Find zone with \"example\" in its domain name:\n"
"   ipa dnszone-find example\n"
"\n"
" Find records for resources with \"www\" in their name in zone example.com:\n"
"   ipa dnsrecord-find example.com www\n"
"\n"
" Find A records with value 192.0.2.2 in zone example.com\n"
"   ipa dnsrecord-find example.com --a-rec=192.0.2.2\n"
"\n"
" Show records for resource www in zone example.com\n"
"   ipa dnsrecord-show example.com www\n"
"\n"
" Delegate zone sub.example to another nameserver:\n"
"   ipa dnsrecord-add example.com ns.sub --a-rec=203.0.113.1\n"
"   ipa dnsrecord-add example.com sub --ns-rec=ns.sub.example.com.\n"
"\n"
" Delete zone example.com with all resource records:\n"
"   ipa dnszone-del example.com\n"
"\n"
" If a global forwarder is configured, all queries for which this server is "
"not\n"
" authoritative (e.g. sub.example.com) will be routed to the global "
"forwarder.\n"
" Global forwarding configuration can be overridden per-zone.\n"
"\n"
" Semantics of forwarding in IPA matches BIND semantics and depends on the "
"type\n"
" of zone:\n"
"   * Master zone: local BIND replies authoritatively to queries for data in\n"
"   the given zone (including authoritative NXDOMAIN answers) and forwarding\n"
"   affects only queries for names below zone cuts (NS records) of locally\n"
"   served zones.\n"
"\n"
"   * Forward zone: forward zone contains no authoritative data. BIND "
"forwards\n"
"   queries, which cannot be answered from its local cache, to configured\n"
"   forwarders.\n"
"\n"
" Semantics of the --forward-policy option:\n"
"   * none - disable forwarding for the given zone.\n"
"   * first - forward all queries to configured forwarders. If they fail,\n"
"   do resolution using DNS root servers.\n"
"   * only - forward all queries to configured forwarders and if they fail,\n"
"   return failure.\n"
"\n"
" Disable global forwarding for given sub-tree:\n"
"   ipa dnszone-mod example.com --forward-policy=none\n"
"\n"
" This configuration forwards all queries for names outside the example.com\n"
" sub-tree to global forwarders. Normal recursive resolution process is used\n"
" for names inside the example.com sub-tree (i.e. NS records are followed "
"etc.).\n"
"\n"
" Forward all requests for the zone external.example.com to another "
"forwarder\n"
" using a \"first\" policy (it will send the queries to the selected "
"forwarder\n"
" and if not answered it will use global root servers):\n"
"   ipa dnsforwardzone-add external.example.com --forward-"
"policy=first                                --forwarder=203.0.113.1\n"
"\n"
" Change forward-policy for external.example.com:\n"
"   ipa dnsforwardzone-mod external.example.com --forward-policy=only\n"
"\n"
" Show forward zone external.example.com:\n"
"   ipa dnsforwardzone-show external.example.com\n"
"\n"
" List all forward zones:\n"
"   ipa dnsforwardzone-find\n"
"\n"
" Delete forward zone external.example.com:\n"
"   ipa dnsforwardzone-del external.example.com\n"
"\n"
" Resolve a host name to see if it exists (will add default IPA domain\n"
" if one is not included):\n"
"   ipa dns-resolve www.example.com\n"
"   ipa dns-resolve www\n"
"\n"
"\n"
"GLOBAL DNS CONFIGURATION\n"
"\n"
"DNS configuration passed to command line install script is stored in a "
"local\n"
"configuration file on each IPA server where DNS service is configured. "
"These\n"
"local settings can be overridden with a common configuration stored in LDAP\n"
"server:\n"
"\n"
" Show global DNS configuration:\n"
"   ipa dnsconfig-show\n"
"\n"
" Modify global DNS configuration and set a list of global forwarders:\n"
"   ipa dnsconfig-mod --forwarder=203.0.113.113\n"
msgstr ""

msgid "Global forwarders"
msgstr ""

msgid ""
"Global forwarders. A custom port can be specified for each forwarder using a "
"standard format \"IP_ADDRESS port PORT\""
msgstr ""

#: ipaserver/plugins/dns.py:2049 ipaserver/plugins/dns.py:4124
msgid "Forward policy"
msgstr ""

msgid ""
"Global forwarding policy. Set to \"none\" to disable any configured global "
"forwarders."
msgstr ""

#: ipaserver/plugins/dns.py:4131
msgid "Allow PTR sync"
msgstr ""

msgid "Allow synchronization of forward (A, AAAA) and reverse (PTR) records"
msgstr ""

msgid "Zone refresh interval"
msgstr ""

msgid "Zone name"
msgstr ""

msgid "Zone name (FQDN)"
msgstr ""

msgid "Reverse zone IP network"
msgstr ""

msgid "IP network to create reverse zone name from"
msgstr ""

msgid "Active zone"
msgstr ""

msgid "Is zone active?"
msgstr ""

msgid "Zone forwarders"
msgstr ""

msgid ""
"Per-zone forwarders. A custom port can be specified for each forwarder using "
"a standard format \"IP_ADDRESS port PORT\""
msgstr ""

msgid ""
"Per-zone conditional forwarding policy. Set to \"none\" to disable "
"forwarding to global forwarder for this zone. In that case, conditional zone "
"forwarders are disregarded."
msgstr ""

#: ipaserver/plugins/dns.py:3059
msgid "Record name"
msgstr ""

#: ipaserver/plugins/dns.py:3064 ipaserver/plugins/dns.py:3065
msgid "Time to live"
msgstr ""

msgid "Records"
msgstr ""

msgid "Record type"
msgstr ""

#: ipaserver/plugins/dns.py:1556
msgid "Record data"
msgstr ""

msgid "A record"
msgstr ""

msgid "Raw A records"
msgstr ""

msgid "A IP Address"
msgstr ""

#: ipaserver/plugins/dns.py:983 ipaserver/plugins/host.py:682
msgid "IP Address"
msgstr ""

msgid "A Create reverse"
msgstr ""

msgid "Create reverse record for this IP Address"
msgstr ""

msgid "AAAA record"
msgstr ""

msgid "Raw AAAA records"
msgstr ""

msgid "AAAA IP Address"
msgstr ""

msgid "AAAA Create reverse"
msgstr ""

msgid "A6 record"
msgstr ""

msgid "Raw A6 records"
msgstr ""

msgid "A6 Record data"
msgstr ""

msgid "AFSDB record"
msgstr ""

msgid "Raw AFSDB records"
msgstr ""

msgid "AFSDB Subtype"
msgstr ""

msgid "Subtype"
msgstr ""

msgid "AFSDB Hostname"
msgstr ""

#: ipaserver/plugins/dns.py:1034 ipaserver/plugins/dns.py:1283
#: ipaserver/plugins/dns.py:1346
msgid "Hostname"
msgstr ""

msgid "APL record"
msgstr ""

msgid "Raw APL records"
msgstr "단순 APL 레코드"

msgid "CERT record"
msgstr ""

msgid "Raw CERT records"
msgstr ""

msgid "CERT Certificate Type"
msgstr ""

msgid "Certificate Type"
msgstr ""

msgid "CERT Key Tag"
msgstr ""

#: ipaserver/plugins/dns.py:1058
msgid "Key Tag"
msgstr ""

msgid "CERT Algorithm"
msgstr ""

#: ipaserver/plugins/dns.py:1020 ipaserver/plugins/dns.py:1063
#: ipaserver/plugins/dns.py:1412
msgid "Algorithm"
msgstr "알고리즘"

msgid "CERT Certificate/CRL"
msgstr ""

msgid "Certificate/CRL"
msgstr ""

msgid "CNAME record"
msgstr ""

msgid "Raw CNAME records"
msgstr ""

msgid "CNAME Hostname"
msgstr "CNAME 호스트이름"

msgid "A hostname which this alias hostname points to"
msgstr ""

msgid "DHCID record"
msgstr ""

msgid "Raw DHCID records"
msgstr ""

msgid "DLV record"
msgstr ""

msgid "Raw DLV records"
msgstr ""

msgid "DLV Key Tag"
msgstr ""

msgid "DLV Algorithm"
msgstr ""

msgid "DLV Digest Type"
msgstr ""

msgid "Digest Type"
msgstr ""

msgid "DLV Digest"
msgstr ""

msgid "Digest"
msgstr ""

msgid "DNAME record"
msgstr ""

msgid "Raw DNAME records"
msgstr ""

msgid "DNAME Target"
msgstr ""

#: ipaserver/plugins/dns.py:1379 ipaserver/plugins/internal.py:1228
msgid "Target"
msgstr ""

msgid "DNSKEY record"
msgstr ""

msgid "Raw DNSKEY records"
msgstr ""

msgid "DS record"
msgstr ""

msgid "Raw DS records"
msgstr ""

msgid "DS Key Tag"
msgstr ""

msgid "DS Algorithm"
msgstr ""

msgid "DS Digest Type"
msgstr ""

msgid "DS Digest"
msgstr ""

msgid "HIP record"
msgstr ""

msgid "Raw HIP records"
msgstr ""

msgid "IPSECKEY record"
msgstr ""

msgid "Raw IPSECKEY records"
msgstr ""

msgid "KEY record"
msgstr ""

msgid "Raw KEY records"
msgstr ""

msgid "KX record"
msgstr ""

msgid "Raw KX records"
msgstr ""

msgid "KX Preference"
msgstr ""

#: ipaserver/plugins/dns.py:1267
msgid "Preference given to this exchanger. Lower values are more preferred"
msgstr "이와 같은 교환기에 주어진 우선권. 낮은 값이 더 선호됩니다"

msgid "KX Exchanger"
msgstr ""

msgid "A host willing to act as a key exchanger"
msgstr ""

msgid "LOC record"
msgstr ""

msgid "Raw LOC records"
msgstr ""

msgid "LOC Degrees Latitude"
msgstr ""

msgid "Degrees Latitude"
msgstr ""

msgid "LOC Minutes Latitude"
msgstr ""

msgid "Minutes Latitude"
msgstr ""

msgid "LOC Seconds Latitude"
msgstr ""

msgid "Seconds Latitude"
msgstr ""

msgid "LOC Direction Latitude"
msgstr ""

msgid "Direction Latitude"
msgstr ""

msgid "LOC Degrees Longitude"
msgstr ""

msgid "Degrees Longitude"
msgstr "도 위도"

msgid "LOC Minutes Longitude"
msgstr "LOC 분 위도"

msgid "Minutes Longitude"
msgstr ""

msgid "LOC Seconds Longitude"
msgstr ""

msgid "Seconds Longitude"
msgstr ""

msgid "LOC Direction Longitude"
msgstr ""

msgid "Direction Longitude"
msgstr ""

msgid "LOC Altitude"
msgstr ""

msgid "Altitude"
msgstr ""

msgid "LOC Size"
msgstr ""

msgid "Size"
msgstr ""

msgid "LOC Horizontal Precision"
msgstr ""

msgid "Horizontal Precision"
msgstr ""

msgid "LOC Vertical Precision"
msgstr ""

msgid "Vertical Precision"
msgstr ""

msgid "MX record"
msgstr ""

msgid "Raw MX records"
msgstr ""

msgid "MX Preference"
msgstr ""

msgid "MX Exchanger"
msgstr ""

msgid "A host willing to act as a mail exchanger"
msgstr ""

msgid "NAPTR record"
msgstr ""

msgid "Raw NAPTR records"
msgstr ""

msgid "NAPTR Order"
msgstr ""

msgid "Order"
msgstr ""

msgid "NAPTR Preference"
msgstr ""

#: ipaserver/plugins/dns.py:1266 ipaserver/plugins/dns.py:1314
msgid "Preference"
msgstr ""

msgid "NAPTR Flags"
msgstr ""

msgid "Flags"
msgstr ""

msgid "NAPTR Service"
msgstr ""

#: ipaserver/plugins/hbactest.py:285 ipaserver/plugins/dns.py:1324
#: ipaserver/plugins/internal.py:1343 ipaserver/plugins/internal.py:1687
#: ipaserver/plugins/service.py:494
msgid "Service"
msgstr ""

msgid "NAPTR Regular Expression"
msgstr ""

msgid "Regular Expression"
msgstr ""

msgid "NAPTR Replacement"
msgstr ""

msgid "Replacement"
msgstr ""

msgid "NS record"
msgstr ""

msgid "Raw NS records"
msgstr ""

msgid "NS Hostname"
msgstr ""

msgid "NSEC record"
msgstr ""

msgid "Raw NSEC records"
msgstr ""

msgid "NSEC3 record"
msgstr ""

msgid "Raw NSEC3 records"
msgstr ""

msgid "PTR record"
msgstr ""

msgid "Raw PTR records"
msgstr ""

msgid "PTR Hostname"
msgstr ""

msgid "The hostname this reverse record points to"
msgstr ""

msgid "RRSIG record"
msgstr ""

msgid "Raw RRSIG records"
msgstr ""

msgid "RP record"
msgstr ""

msgid "Raw RP records"
msgstr ""

msgid "SIG record"
msgstr ""

msgid "Raw SIG records"
msgstr ""

msgid "SPF record"
msgstr ""

msgid "Raw SPF records"
msgstr ""

msgid "SRV record"
msgstr ""

msgid "Raw SRV records"
msgstr ""

msgid "SRV Priority"
msgstr ""

#: ipaserver/plugins/certmap.py:304 ipaserver/plugins/pwpolicy.py:345
msgid "Priority"
msgstr ""

msgid "SRV Weight"
msgstr ""

#: ipaserver/plugins/dns.py:1498
msgid "Weight"
msgstr ""

msgid "SRV Port"
msgstr ""

msgid "Port"
msgstr ""

msgid "SRV Target"
msgstr ""

msgid ""
"The domain name of the target host or '.' if the service is decidedly not "
"available at this domain"
msgstr ""

msgid "SSHFP record"
msgstr ""

msgid "Raw SSHFP records"
msgstr ""

msgid "SSHFP Algorithm"
msgstr ""

msgid "SSHFP Fingerprint Type"
msgstr ""

msgid "Fingerprint Type"
msgstr ""

msgid "SSHFP Fingerprint"
msgstr ""

msgid "Fingerprint"
msgstr ""

msgid "TA record"
msgstr ""

msgid "Raw TA records"
msgstr ""

msgid "TLSA record"
msgstr ""

msgid "Raw TLSA records"
msgstr ""

msgid "TLSA Certificate Usage"
msgstr ""

msgid "Certificate Usage"
msgstr ""

msgid "TLSA Selector"
msgstr ""

msgid "Selector"
msgstr ""

msgid "TLSA Matching Type"
msgstr ""

msgid "Matching Type"
msgstr ""

msgid "TLSA Certificate Association Data"
msgstr ""

msgid "Certificate Association Data"
msgstr ""

msgid "TKEY record"
msgstr ""

msgid "Raw TKEY records"
msgstr ""

msgid "TSIG record"
msgstr ""

msgid "Raw TSIG records"
msgstr ""

msgid "TXT record"
msgstr ""

msgid "Raw TXT records"
msgstr ""

msgid "TXT Text Data"
msgstr ""

msgid "Text Data"
msgstr ""

msgid "Authoritative nameserver"
msgstr ""

msgid "Authoritative nameserver domain name"
msgstr ""

#: ipaserver/plugins/dns.py:2429
msgid "Administrator e-mail address"
msgstr "관리자 전자우편 주소"

msgid "SOA serial"
msgstr ""

msgid "SOA record serial number"
msgstr ""

msgid "SOA refresh"
msgstr ""

msgid "SOA record refresh time"
msgstr ""

msgid "SOA retry"
msgstr ""

msgid "SOA record retry time"
msgstr ""

msgid "SOA expire"
msgstr ""

msgid "SOA record expire time"
msgstr ""

msgid "SOA minimum"
msgstr ""

msgid "How long should negative responses be cached"
msgstr ""

msgid "Time to live for records at zone apex"
msgstr ""

#: ipaserver/plugins/dns.py:2504
msgid "BIND update policy"
msgstr ""

msgid "Dynamic update"
msgstr ""

msgid "Allow dynamic updates."
msgstr ""

msgid "Allow query"
msgstr ""

msgid ""
"Semicolon separated list of IP addresses or networks which are allowed to "
"issue queries"
msgstr ""

msgid "Allow transfer"
msgstr ""

msgid ""
"Semicolon separated list of IP addresses or networks which are allowed to "
"transfer the zone"
msgstr ""

msgid ""
"Allow synchronization of forward (A, AAAA) and reverse (PTR) records in the "
"zone"
msgstr ""

msgid "Allow in-line DNSSEC signing"
msgstr ""

msgid "Allow inline DNSSEC signing of records in the zone"
msgstr ""

msgid "NSEC3PARAM record"
msgstr ""

msgid ""
"NSEC3PARAM record for zone in format: hash_algorithm flags iterations salt"
msgstr ""

msgid "Checks if any of the servers has the DNS service enabled."
msgstr ""

msgid "Resolve a host name in DNS."
msgstr ""

msgid "Modify global DNS configuration."
msgstr ""

msgid "Show the current global DNS configuration."
msgstr ""

msgid "Create new DNS forward zone."
msgstr ""

msgid "Add a permission for per-forward zone access delegation."
msgstr ""

msgid "Permission value"
msgstr ""

msgid "Delete DNS forward zone."
msgstr ""

msgid "Disable DNS Forward Zone."
msgstr ""

msgid "Enable DNS Forward Zone."
msgstr ""

msgid "Search for DNS forward zones."
msgstr ""

msgid "Modify DNS forward zone."
msgstr ""

msgid "Remove a permission for per-forward zone access delegation."
msgstr ""

msgid "Display information about a DNS forward zone."
msgstr ""

msgid "Add new DNS resource record."
msgstr ""

#: ipaserver/plugins/realmdomains.py:151 ipaserver/plugins/permission.py:1061
#: ipaserver/plugins/dns.py:2898 ipaserver/plugins/dns.py:3597
#: ipaserver/plugins/host.py:674 ipaserver/plugins/service.py:655
msgid "Force"
msgstr ""

msgid "force NS record creation even if its hostname is not in DNS"
msgstr ""

msgid "Structured"
msgstr ""

msgid "Parse all raw DNS records and return them in a structured way"
msgstr ""

msgid "Delete DNS resource record."
msgstr ""

msgid "Delete all associated records"
msgstr ""

msgid "Delete DNS record entry."
msgstr ""

msgid "Search for DNS resources."
msgstr ""

msgid "Modify a DNS resource record."
msgstr ""

msgid "Rename the DNS resource record object"
msgstr ""

msgid "Display DNS resource."
msgstr ""

msgid "Create new DNS zone (SOA record)."
msgstr ""

msgid "Force DNS zone creation even if nameserver is not resolvable."
msgstr ""

msgid "Add a permission for per-zone access delegation."
msgstr ""

msgid "Delete DNS zone (SOA record)."
msgstr ""

msgid "Disable DNS Zone."
msgstr ""

msgid "Enable DNS Zone."
msgstr ""

#: ipaserver/plugins/dns.py:2948
msgid "Search for DNS zones (SOA records)."
msgstr "DNS 존을 위한 검사 (SOA 레코드)."

msgid "Forward zones only"
msgstr ""

msgid "Search for forward zones only"
msgstr ""

msgid "Modify DNS zone (SOA record)."
msgstr ""

msgid "Force nameserver change even if nameserver not in DNS"
msgstr ""

msgid "Remove a permission for per-zone access delegation."
msgstr ""

msgid "Display information about a DNS zone (SOA record)."
msgstr ""

msgid ""
"\n"
"Groups of users\n"
"\n"
"Manage groups of users. By default, new groups are POSIX groups. You\n"
"can add the --nonposix option to the group-add command to mark a new group\n"
"as non-POSIX. You can use the --posix argument with the group-mod command\n"
"to convert a non-POSIX group into a POSIX group. POSIX groups cannot be\n"
"converted to non-POSIX groups.\n"
"\n"
"Every group must have a description.\n"
"\n"
"POSIX groups must have a Group ID (GID) number. Changing a GID is\n"
"supported but can have an impact on your file permissions. It is not "
"necessary\n"
"to supply a GID when creating a group. IPA will generate one automatically\n"
"if it is not provided.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a new group:\n"
"   ipa group-add --desc='local administrators' localadmins\n"
"\n"
" Add a new non-POSIX group:\n"
"   ipa group-add --nonposix --desc='remote administrators' remoteadmins\n"
"\n"
" Convert a non-POSIX group to posix:\n"
"   ipa group-mod --posix remoteadmins\n"
"\n"
" Add a new POSIX group with a specific Group ID number:\n"
"   ipa group-add --gid=500 --desc='unix admins' unixadmins\n"
"\n"
" Add a new POSIX group and let IPA assign a Group ID number:\n"
"   ipa group-add --desc='printer admins' printeradmins\n"
"\n"
" Remove a group:\n"
"   ipa group-del unixadmins\n"
"\n"
" To add the \"remoteadmins\" group to the \"localadmins\" group:\n"
"   ipa group-add-member --groups=remoteadmins localadmins\n"
"\n"
" Add multiple users to the \"localadmins\" group:\n"
"   ipa group-add-member --users=test1 --users=test2 localadmins\n"
"\n"
" Remove a user from the \"localadmins\" group:\n"
"   ipa group-remove-member --users=test2 localadmins\n"
"\n"
" Display information about a named group.\n"
"   ipa group-show localadmins\n"
"\n"
"External group membership is designed to allow users from trusted domains\n"
"to be mapped to local POSIX groups in order to actually use IPA resources.\n"
"External members should be added to groups that specifically created as\n"
"external and non-POSIX. Such group later should be included into one of "
"POSIX\n"
"groups.\n"
"\n"
"An external group member is currently a Security Identifier (SID) as defined "
"by\n"
"the trusted domain. When adding external group members, it is possible to\n"
"specify them in either SID, or DOM\\name, or name@domain format. IPA will "
"attempt\n"
"to resolve passed name to SID with the use of Global Catalog of the trusted "
"domain.\n"
"\n"
"Example:\n"
"\n"
"1. Create group for the trusted domain admins' mapping and their local POSIX "
"group:\n"
"\n"
"   ipa group-add --desc='<ad.domain> admins external map' ad_admins_external "
"--external\n"
"   ipa group-add --desc='<ad.domain> admins' ad_admins\n"
"\n"
"2. Add security identifier of Domain Admins of the <ad.domain> to the "
"ad_admins_external\n"
"   group:\n"
"\n"
"   ipa group-add-member ad_admins_external --external 'AD\\Domain Admins'\n"
"\n"
"3. Allow members of ad_admins_external group to be associated with ad_admins "
"POSIX group:\n"
"\n"
"   ipa group-add-member ad_admins --groups ad_admins_external\n"
"\n"
"4. List members of external members of ad_admins_external group to see their "
"SIDs:\n"
"\n"
"   ipa group-show ad_admins_external\n"
msgstr ""

#: ipaserver/plugins/idviews.py:1127
msgid "Group name"
msgstr ""

#: ipaserver/plugins/group.py:343 ipaserver/plugins/sudocmdgroup.py:131
msgid "Group description"
msgstr ""

#: ipaserver/plugins/baseuser.py:311 ipaserver/plugins/idviews.py:1037
#: ipaserver/plugins/idviews.py:1132
msgid "GID"
msgstr ""

msgid "GID (use this option to set it manually)"
msgstr ""

msgid "Member users"
msgstr ""

msgid "Member groups"
msgstr ""

msgid "Member of groups"
msgstr ""

#: ipaserver/plugins/baseldap.py:80
msgid "Roles"
msgstr ""

msgid "Member of netgroups"
msgstr ""

msgid "Member of Sudo rule"
msgstr ""

msgid "Member of HBAC rule"
msgstr ""

msgid "Indirect Member users"
msgstr ""

msgid "Indirect Member groups"
msgstr ""

msgid "Indirect Member of group"
msgstr ""

msgid "Indirect Member of netgroup"
msgstr ""

msgid "Indirect Member of role"
msgstr ""

msgid "Indirect Member of Sudo rule"
msgstr ""

msgid "Indirect Member of HBAC rule"
msgstr ""

msgid "Create a new group."
msgstr ""

msgid "Create as a non-POSIX group"
msgstr ""

msgid "Allow adding external non-IPA members from trusted domains"
msgstr ""

#: ipaserver/plugins/baseldap.py:1227 ipaserver/plugins/cert.py:1341
msgid "Suppress processing of membership attributes."
msgstr ""

msgid "Add members to a group."
msgstr ""

msgid "External member"
msgstr ""

msgid "Members of a trusted domain in DOM\\name or name@domain form"
msgstr ""

msgid "member user"
msgstr ""

msgid "users to add"
msgstr ""

msgid "member group"
msgstr ""

msgid "groups to add"
msgstr ""

#: ipaserver/plugins/role.py:255 ipaserver/plugins/baseldap.py:1770
#: ipaserver/plugins/baseldap.py:2257 ipaserver/plugins/privilege.py:226
#: ipaserver/plugins/privilege.py:257
msgid "Members that could not be added"
msgstr ""

#: ipaserver/plugins/baseldap.py:1774 ipaserver/plugins/baseldap.py:2261
msgid "Number of members added"
msgstr ""

msgid "Delete group."
msgstr ""

msgid "Detach a managed group from a user."
msgstr ""

msgid "Search for groups."
msgstr ""

msgid "search for private groups"
msgstr ""

msgid "search for POSIX groups"
msgstr ""

msgid ""
"search for groups with support of external non-IPA members from trusted "
"domains"
msgstr ""

msgid "search for non-POSIX groups"
msgstr ""

msgid "Results should contain primary key attribute only (\"group-name\")"
msgstr ""

#: ipaserver/plugins/sudorule.py:442 ipaserver/plugins/user.py:164
msgid "user"
msgstr ""

msgid "Search for groups with these member users."
msgstr ""

msgid "Search for groups without these member users."
msgstr ""

#: ipaserver/plugins/group.py:417 ipaserver/plugins/group.py:678
#: ipaserver/plugins/user.py:152
msgid "group"
msgstr ""

msgid "Search for groups with these member groups."
msgstr ""

msgid "Search for groups without these member groups."
msgstr ""

msgid "Search for groups with these member of groups."
msgstr ""

msgid "Search for groups without these member of groups."
msgstr ""

msgid "netgroup"
msgstr ""

msgid "Search for groups with these member of netgroups."
msgstr ""

msgid "Search for groups without these member of netgroups."
msgstr ""

#: ipaserver/plugins/serverrole.py:185
msgid "role"
msgstr ""

msgid "Search for groups with these member of roles."
msgstr ""

msgid "Search for groups without these member of roles."
msgstr ""

msgid "HBAC rule"
msgstr ""

msgid "Search for groups with these member of HBAC rules."
msgstr ""

msgid "Search for groups without these member of HBAC rules."
msgstr ""

msgid "sudo rule"
msgstr ""

msgid "Search for groups with these member of sudo rules."
msgstr ""

msgid "Search for groups without these member of sudo rules."
msgstr ""

msgid "Modify a group."
msgstr ""

msgid "change to a POSIX group"
msgstr ""

msgid "change to support external non-IPA members from trusted domains"
msgstr ""

msgid "Rename the group object"
msgstr ""

msgid "Remove members from a group."
msgstr ""

msgid "users to remove"
msgstr ""

msgid "groups to remove"
msgstr ""

#: ipaserver/plugins/baseldap.py:1868 ipaserver/plugins/baseldap.py:2356
msgid "Members that could not be removed"
msgstr ""

#: ipaserver/plugins/baseldap.py:1872 ipaserver/plugins/baseldap.py:2360
msgid "Number of members removed"
msgstr ""

msgid "Display information about a named group."
msgstr ""

#: ipaserver/plugins/hbacrule.py:39
msgid ""
"\n"
"Host-based access control\n"
"\n"
"Control who can access what services on what hosts. You\n"
"can use HBAC to control which users or groups can\n"
"access a service, or group of services, on a target host.\n"
"\n"
"You can also specify a category of users and target hosts.\n"
"This is currently limited to \"all\", but might be expanded in the\n"
"future.\n"
"\n"
"Target hosts in HBAC rules must be hosts managed by IPA.\n"
"\n"
"The available services and groups of services are controlled by the\n"
"hbacsvc and hbacsvcgroup plug-ins respectively.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Create a rule, \"test1\", that grants all users access to the host "
"\"server\" from\n"
" anywhere:\n"
"   ipa hbacrule-add --usercat=all test1\n"
"   ipa hbacrule-add-host --hosts=server.example.com test1\n"
"\n"
" Display the properties of a named HBAC rule:\n"
"   ipa hbacrule-show test1\n"
"\n"
" Create a rule for a specific service. This lets the user john access\n"
" the sshd service on any machine from any machine:\n"
"   ipa hbacrule-add --hostcat=all john_sshd\n"
"   ipa hbacrule-add-user --users=john john_sshd\n"
"   ipa hbacrule-add-service --hbacsvcs=sshd john_sshd\n"
"\n"
" Create a rule for a new service group. This lets the user john access\n"
" the FTP service on any machine from any machine:\n"
"   ipa hbacsvcgroup-add ftpers\n"
"   ipa hbacsvc-add sftp\n"
"   ipa hbacsvcgroup-add-member --hbacsvcs=ftp --hbacsvcs=sftp ftpers\n"
"   ipa hbacrule-add --hostcat=all john_ftp\n"
"   ipa hbacrule-add-user --users=john john_ftp\n"
"   ipa hbacrule-add-service --hbacsvcgroups=ftpers john_ftp\n"
"\n"
" Disable a named HBAC rule:\n"
"   ipa hbacrule-disable test1\n"
"\n"
" Remove a named HBAC rule:\n"
"   ipa hbacrule-del allow_server\n"
msgstr ""

#: ipaserver/plugins/certmap.py:273 ipaserver/plugins/hbacrule.py:207
#: ipaserver/plugins/selinuxusermap.py:239 ipaserver/plugins/sudorule.py:242
msgid "Rule name"
msgstr ""

#: ipaserver/plugins/hbacrule.py:213
msgid "Rule type"
msgstr ""

#: ipaserver/plugins/hbacrule.py:212
msgid "Rule type (allow)"
msgstr ""

#: ipaserver/plugins/netgroup.py:227 ipaserver/plugins/caacl.py:195
#: ipaserver/plugins/hbacrule.py:223 ipaserver/plugins/selinuxusermap.py:253
#: ipaserver/plugins/sudorule.py:255
msgid "User category"
msgstr ""

#: ipaserver/plugins/netgroup.py:228 ipaserver/plugins/hbacrule.py:224
#: ipaserver/plugins/selinuxusermap.py:254 ipaserver/plugins/sudorule.py:256
msgid "User category the rule applies to"
msgstr ""

#: ipaserver/plugins/netgroup.py:233 ipaserver/plugins/caacl.py:201
#: ipaserver/plugins/hbacrule.py:229 ipaserver/plugins/selinuxusermap.py:259
#: ipaserver/plugins/sudorule.py:261
msgid "Host category"
msgstr ""

#: ipaserver/plugins/netgroup.py:234 ipaserver/plugins/hbacrule.py:230
#: ipaserver/plugins/selinuxusermap.py:260 ipaserver/plugins/sudorule.py:262
msgid "Host category the rule applies to"
msgstr ""

#: ipaserver/plugins/hbacrule.py:243
msgid "Service category"
msgstr ""

#: ipaserver/plugins/hbacrule.py:244
msgid "Service category the rule applies to"
msgstr ""

#: ipaserver/plugins/certmap.py:310 ipaserver/plugins/hbacrule.py:256
#: ipaserver/plugins/internal.py:1946 ipaserver/plugins/selinuxusermap.py:268
#: ipaserver/plugins/sudorule.py:250
msgid "Enabled"
msgstr ""

#: ipaserver/plugins/caacl.py:224 ipaserver/plugins/hbacrule.py:264
#: ipaserver/plugins/internal.py:879 ipaserver/plugins/internal.py:1199
#: ipaserver/plugins/selinuxusermap.py:276 ipaserver/plugins/sudorule.py:295
msgid "User Groups"
msgstr ""

#: ipaserver/plugins/hostgroup.py:178 ipaserver/plugins/caacl.py:232
#: ipaserver/plugins/hbacrule.py:272 ipaserver/plugins/internal.py:1073
#: ipaserver/plugins/internal.py:1173 ipaserver/plugins/selinuxusermap.py:284
#: ipaserver/plugins/sudorule.py:308
msgid "Host Groups"
msgstr ""

#: ipaserver/plugins/internal.py:956 ipaserver/plugins/service.py:493
msgid "Services"
msgstr ""

msgid "Service Groups"
msgstr ""

#: ipaserver/plugins/baseldap.py:333
msgid "External host"
msgstr ""

#: ipaserver/plugins/hbacrule.py:300
msgid "Create a new HBAC rule."
msgstr ""

#: ipaserver/plugins/hbacrule.py:534
msgid "Add target hosts and hostgroups to an HBAC rule."
msgstr ""

msgid "member host"
msgstr ""

msgid "hosts to add"
msgstr ""

msgid "member host group"
msgstr ""

msgid "host groups to add"
msgstr ""

#: ipaserver/plugins/hbacrule.py:591
msgid "Add services to an HBAC rule."
msgstr ""

msgid "member HBAC service"
msgstr ""

msgid "HBAC services to add"
msgstr ""

msgid "member HBAC service group"
msgstr ""

msgid "HBAC service groups to add"
msgstr ""

#: ipaserver/plugins/hbacrule.py:503
msgid "Add users and groups to an HBAC rule."
msgstr ""

#: ipaserver/plugins/hbacrule.py:314
msgid "Delete an HBAC rule."
msgstr "HBAC 규칙을 삭제합니다."

#: ipaserver/plugins/hbacrule.py:411
msgid "Disable an HBAC rule."
msgstr ""

#: ipaserver/plugins/hbacrule.py:381
msgid "Enable an HBAC rule."
msgstr ""

#: ipaserver/plugins/hbacrule.py:365
msgid "Search for HBAC rules."
msgstr ""

#: ipaserver/plugins/hbacrule.py:331
msgid "Modify an HBAC rule."
msgstr ""

#: ipaserver/plugins/hbacrule.py:556
msgid "Remove target hosts and hostgroups from an HBAC rule."
msgstr ""

msgid "hosts to remove"
msgstr ""

msgid "host groups to remove"
msgstr ""

#: ipaserver/plugins/hbacrule.py:613
msgid "Remove service and service groups from an HBAC rule."
msgstr ""

msgid "HBAC services to remove"
msgstr ""

msgid "HBAC service groups to remove"
msgstr ""

#: ipaserver/plugins/hbacrule.py:525
msgid "Remove users and groups from an HBAC rule."
msgstr ""

#: ipaserver/plugins/hbacrule.py:375
msgid "Display the properties of an HBAC rule."
msgstr ""

msgid ""
"\n"
"HBAC Services\n"
"\n"
"The PAM services that HBAC can control access to. The name used here\n"
"must match the service name that PAM is evaluating.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a new HBAC service:\n"
"   ipa hbacsvc-add tftp\n"
"\n"
" Modify an existing HBAC service:\n"
"   ipa hbacsvc-mod --desc=\"TFTP service\" tftp\n"
"\n"
" Search for HBAC services. This example will return two results, the FTP\n"
" service and the newly-added tftp service:\n"
"   ipa hbacsvc-find ftp\n"
"\n"
" Delete an HBAC service:\n"
"   ipa hbacsvc-del tftp\n"
msgstr ""

#: ipaserver/plugins/hbacsvc.py:101
msgid "Service name"
msgstr ""

#: ipaserver/plugins/hbacsvc.py:102
msgid "HBAC service"
msgstr ""

#: ipaserver/plugins/hbacsvc.py:109
msgid "HBAC service description"
msgstr ""

msgid "Member of HBAC service groups"
msgstr ""

msgid "Add a new HBAC service."
msgstr ""

#: ipaserver/plugins/hbacsvc.py:125
msgid "Delete an existing HBAC service."
msgstr ""

#: ipaserver/plugins/hbacsvc.py:141
msgid "Search for HBAC services."
msgstr ""

msgid "Results should contain primary key attribute only (\"service\")"
msgstr ""

#: ipaserver/plugins/hbacsvc.py:133
msgid "Modify an HBAC service."
msgstr ""

#: ipaserver/plugins/hbacsvc.py:151
msgid "Display information about an HBAC service."
msgstr ""

#: ipaserver/plugins/hbacsvcgroup.py:33
msgid ""
"\n"
"HBAC Service Groups\n"
"\n"
"HBAC service groups can contain any number of individual services,\n"
"or \"members\". Every group must have a description.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a new HBAC service group:\n"
"   ipa hbacsvcgroup-add --desc=\"login services\" login\n"
"\n"
" Add members to an HBAC service group:\n"
"   ipa hbacsvcgroup-add-member --hbacsvcs=sshd --hbacsvcs=login login\n"
"\n"
" Display information about a named group:\n"
"   ipa hbacsvcgroup-show login\n"
"\n"
" Delete an HBAC service group:\n"
"   ipa hbacsvcgroup-del login\n"
msgstr ""

#: ipaserver/plugins/hbacsvcgroup.py:114
msgid "Service group name"
msgstr ""

#: ipaserver/plugins/hbacsvcgroup.py:121
msgid "HBAC service group description"
msgstr ""

#: ipaserver/plugins/baseldap.py:107
msgid "Member HBAC service"
msgstr ""

#: ipaserver/plugins/hbacsvcgroup.py:129
msgid "Add a new HBAC service group."
msgstr ""

#: ipaserver/plugins/hbacsvcgroup.py:169
msgid "Add members to an HBAC service group."
msgstr ""

#: ipaserver/plugins/hbacsvcgroup.py:137
msgid "Delete an HBAC service group."
msgstr ""

#: ipaserver/plugins/hbacsvcgroup.py:153
msgid "Search for an HBAC service group."
msgstr ""

#: ipaserver/plugins/hbacsvcgroup.py:145
msgid "Modify an HBAC service group."
msgstr ""

#: ipaserver/plugins/hbacsvcgroup.py:175
msgid "Remove members from an HBAC service group."
msgstr ""

#: ipaserver/plugins/hbacsvcgroup.py:163
msgid "Display information about an HBAC service group."
msgstr ""

msgid ""
"\n"
"Simulate use of Host-based access controls\n"
"\n"
"HBAC rules control who can access what services on what hosts.\n"
"You can use HBAC to control which users or groups can access a service,\n"
"or group of services, on a target host.\n"
"\n"
"Since applying HBAC rules implies use of a production environment,\n"
"this plugin aims to provide simulation of HBAC rules evaluation without\n"
"having access to the production environment.\n"
"\n"
" Test user coming to a service on a named host against\n"
" existing enabled rules.\n"
"\n"
" ipa hbactest --user= --host= --service=\n"
"              [--rules=rules-list] [--nodetail] [--enabled] [--disabled]\n"
"              [--sizelimit= ]\n"
"\n"
" --user, --host, and --service are mandatory, others are optional.\n"
"\n"
" If --rules is specified simulate enabling of the specified rules and test\n"
" the login of the user using only these rules.\n"
"\n"
" If --enabled is specified, all enabled HBAC rules will be added to "
"simulation\n"
"\n"
" If --disabled is specified, all disabled HBAC rules will be added to "
"simulation\n"
"\n"
" If --nodetail is specified, do not return information about rules matched/"
"not matched.\n"
"\n"
" If both --rules and --enabled are specified, apply simulation to --rules "
"_and_\n"
" all IPA enabled rules.\n"
"\n"
" If no --rules specified, simulation is run against all IPA enabled rules.\n"
" By default there is a IPA-wide limit to number of entries fetched, you can "
"change it\n"
" with --sizelimit option.\n"
"\n"
"EXAMPLES:\n"
"\n"
"    1. Use all enabled HBAC rules in IPA database to simulate:\n"
"    $ ipa  hbactest --user=a1a --host=bar --service=sshd\n"
"    --------------------\n"
"    Access granted: True\n"
"    --------------------\n"
"      Not matched rules: my-second-rule\n"
"      Not matched rules: my-third-rule\n"
"      Not matched rules: myrule\n"
"      Matched rules: allow_all\n"
"\n"
"    2. Disable detailed summary of how rules were applied:\n"
"    $ ipa hbactest --user=a1a --host=bar --service=sshd --nodetail\n"
"    --------------------\n"
"    Access granted: True\n"
"    --------------------\n"
"\n"
"    3. Test explicitly specified HBAC rules:\n"
"    $ ipa hbactest --user=a1a --host=bar --service=sshd \\\n"
"          --rules=myrule --rules=my-second-rule\n"
"    ---------------------\n"
"    Access granted: False\n"
"    ---------------------\n"
"      Not matched rules: my-second-rule\n"
"      Not matched rules: myrule\n"
"\n"
"    4. Use all enabled HBAC rules in IPA database + explicitly specified "
"rules:\n"
"    $ ipa hbactest --user=a1a --host=bar --service=sshd \\\n"
"          --rules=myrule --rules=my-second-rule --enabled\n"
"    --------------------\n"
"    Access granted: True\n"
"    --------------------\n"
"      Not matched rules: my-second-rule\n"
"      Not matched rules: my-third-rule\n"
"      Not matched rules: myrule\n"
"      Matched rules: allow_all\n"
"\n"
"    5. Test all disabled HBAC rules in IPA database:\n"
"    $ ipa hbactest --user=a1a --host=bar --service=sshd --disabled\n"
"    ---------------------\n"
"    Access granted: False\n"
"    ---------------------\n"
"      Not matched rules: new-rule\n"
"\n"
"    6. Test all disabled HBAC rules in IPA database + explicitly specified "
"rules:\n"
"    $ ipa hbactest --user=a1a --host=bar --service=sshd \\\n"
"          --rules=myrule --rules=my-second-rule --disabled\n"
"    ---------------------\n"
"    Access granted: False\n"
"    ---------------------\n"
"      Not matched rules: my-second-rule\n"
"      Not matched rules: my-third-rule\n"
"      Not matched rules: myrule\n"
"\n"
"    7. Test all (enabled and disabled) HBAC rules in IPA database:\n"
"    $ ipa hbactest --user=a1a --host=bar --service=sshd \\\n"
"          --enabled --disabled\n"
"    --------------------\n"
"    Access granted: True\n"
"    --------------------\n"
"      Not matched rules: my-second-rule\n"
"      Not matched rules: my-third-rule\n"
"      Not matched rules: myrule\n"
"      Not matched rules: new-rule\n"
"      Matched rules: allow_all\n"
"\n"
"\n"
"HBACTEST AND TRUSTED DOMAINS\n"
"\n"
"When an external trusted domain is configured in IPA, HBAC rules are also "
"applied\n"
"on users accessing IPA resources from the trusted domain. Trusted domain "
"users and\n"
"groups (and their SIDs) can be then assigned to external groups which can "
"be\n"
"members of POSIX groups in IPA which can be used in HBAC rules and thus "
"allowing\n"
"access to resources protected by the HBAC system.\n"
"\n"
"hbactest plugin is capable of testing access for both local IPA users and "
"users\n"
"from the trusted domains, either by a fully qualified user name or by user "
"SID.\n"
"Such user names need to have a trusted domain specified as a short name\n"
"(DOMAIN\\Administrator) or with a user principal name (UPN), "
"Administrator@ad.test.\n"
"\n"
"Please note that hbactest executed with a trusted domain user as --user "
"parameter\n"
"can be only run by members of \"trust admins\" group.\n"
"\n"
"EXAMPLES:\n"
"\n"
"    1. Test if a user from a trusted domain specified by its shortname "
"matches any\n"
"       rule:\n"
"\n"
"    $ ipa hbactest --user 'DOMAIN\\Administrator' --host `hostname` --"
"service sshd\n"
"    --------------------\n"
"    Access granted: True\n"
"    --------------------\n"
"      Matched rules: allow_all\n"
"      Matched rules: can_login\n"
"\n"
"    2. Test if a user from a trusted domain specified by its domain name "
"matches\n"
"       any rule:\n"
"\n"
"    $ ipa hbactest --user 'Administrator@domain.com' --host `hostname` --"
"service sshd\n"
"    --------------------\n"
"    Access granted: True\n"
"    --------------------\n"
"      Matched rules: allow_all\n"
"      Matched rules: can_login\n"
"\n"
"    3. Test if a user from a trusted domain specified by its SID matches any "
"rule:\n"
"\n"
"    $ ipa hbactest --user S-1-5-21-3035198329-144811719-1378114514-500 \\\n"
"            --host `hostname` --service sshd\n"
"    --------------------\n"
"    Access granted: True\n"
"    --------------------\n"
"      Matched rules: allow_all\n"
"      Matched rules: can_login\n"
"\n"
"    4. Test if other user from a trusted domain specified by its SID matches "
"any rule:\n"
"\n"
"    $ ipa hbactest --user S-1-5-21-3035198329-144811719-1378114514-1203 \\\n"
"            --host `hostname` --service sshd\n"
"    --------------------\n"
"    Access granted: True\n"
"    --------------------\n"
"      Matched rules: allow_all\n"
"      Not matched rules: can_login\n"
"\n"
"   5. Test if other user from a trusted domain specified by its shortname "
"matches\n"
"       any rule:\n"
"\n"
"    $ ipa hbactest --user 'DOMAIN\\Otheruser' --host `hostname` --service "
"sshd\n"
"    --------------------\n"
"    Access granted: True\n"
"    --------------------\n"
"      Matched rules: allow_all\n"
"      Not matched rules: can_login\n"
msgstr ""

#: ipaserver/plugins/hbactest.py:256
msgid "Simulate use of Host-based access controls"
msgstr ""

#: ipaserver/plugins/hbactest.py:270 ipaserver/plugins/krbtpolicy.py:134
msgid "User name"
msgstr ""

#: ipaserver/plugins/hbactest.py:281
msgid "Target host"
msgstr ""

#: ipaserver/plugins/hbactest.py:289
msgid "Rules to test. If not specified, --enabled is assumed"
msgstr ""

#: ipaserver/plugins/hbactest.py:293
msgid "Hide details which rules are matched, not matched, or invalid"
msgstr ""

#: ipaserver/plugins/hbactest.py:297
msgid "Include all enabled IPA rules into test [default]"
msgstr ""

#: ipaserver/plugins/hbactest.py:301
msgid "Include all disabled IPA rules into test"
msgstr ""

#: ipaserver/plugins/hbactest.py:305
msgid "Maximum number of rules to process when no --rules is specified"
msgstr ""

#: ipaserver/plugins/hbactest.py:260
msgid "Warning"
msgstr ""

#: ipaserver/plugins/hbactest.py:261
msgid "Matched rules"
msgstr ""

#: ipaserver/plugins/hbactest.py:262
msgid "Not matched rules"
msgstr ""

#: ipaserver/plugins/hbactest.py:263
msgid "Non-existent or invalid rules"
msgstr ""

#: ipaserver/plugins/hbactest.py:264
msgid "Result of simulation"
msgstr ""

msgid ""
"\n"
"Hosts/Machines\n"
"\n"
"A host represents a machine. It can be used in a number of contexts:\n"
"- service entries are associated with a host\n"
"- a host stores the host/ service principal\n"
"- a host can be used in Host-based Access Control (HBAC) rules\n"
"- every enrolled client generates a host entry\n"
"\n"
"ENROLLMENT:\n"
"\n"
"There are three enrollment scenarios when enrolling a new client:\n"
"\n"
"1. You are enrolling as a full administrator. The host entry may exist\n"
"   or not. A full administrator is a member of the hostadmin role\n"
"   or the admins group.\n"
"2. You are enrolling as a limited administrator. The host must already\n"
"   exist. A limited administrator is a member a role with the\n"
"   Host Enrollment privilege.\n"
"3. The host has been created with a one-time password.\n"
"\n"
"RE-ENROLLMENT:\n"
"\n"
"Host that has been enrolled at some point, and lost its configuration (e.g. "
"VM\n"
"destroyed) can be re-enrolled.\n"
"\n"
"For more information, consult the manual pages for ipa-client-install.\n"
"\n"
"A host can optionally store information such as where it is located,\n"
"the OS that it runs, etc.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a new host:\n"
"   ipa host-add --location=\"3rd floor lab\" --locality=Dallas test.example."
"com\n"
"\n"
" Delete a host:\n"
"   ipa host-del test.example.com\n"
"\n"
" Add a new host with a one-time password:\n"
"   ipa host-add --os='Fedora 12' --password=Secret123 test.example.com\n"
"\n"
" Add a new host with a random one-time password:\n"
"   ipa host-add --os='Fedora 12' --random test.example.com\n"
"\n"
" Modify information about a host:\n"
"   ipa host-mod --os='Fedora 12' test.example.com\n"
"\n"
" Remove SSH public keys of a host and update DNS to reflect this change:\n"
"   ipa host-mod --sshpubkey= --updatedns test.example.com\n"
"\n"
" Disable the host Kerberos key, SSL certificate and all of its services:\n"
"   ipa host-disable test.example.com\n"
"\n"
" Add a host that can manage this host's keytab and certificate:\n"
"   ipa host-add-managedby --hosts=test2 test\n"
"\n"
" Allow user to create a keytab:\n"
"   ipa host-allow-create-keytab test2 --users=tuser1\n"
msgstr ""

#: ipaserver/plugins/service.py:725
msgid "Host name"
msgstr ""

msgid "A description of this host"
msgstr ""

msgid "Locality"
msgstr ""

msgid "Host locality (e.g. \"Baltimore, MD\")"
msgstr ""

msgid "Host location (e.g. \"Lab 2\")"
msgstr ""

msgid "Platform"
msgstr ""

msgid "Host hardware platform (e.g. \"Lenovo T61\")"
msgstr ""

msgid "Operating system"
msgstr "운영 체제"

msgid "Host operating system and version (e.g. \"Fedora 9\")"
msgstr ""

msgid "User password"
msgstr ""

msgid "Password used in bulk enrollment"
msgstr ""

msgid "Generate a random password to be used in bulk enrollment"
msgstr ""

#: ipaserver/plugins/host.py:508
msgid "Random password"
msgstr ""

#: ipaserver/plugins/baseuser.py:420 ipaserver/plugins/baseuser.py:886
#: ipaserver/plugins/certmap.py:605 ipaserver/plugins/host.py:513
#: ipaserver/plugins/internal.py:639 ipaserver/plugins/internal.py:723
#: ipaserver/plugins/service.py:519 ipaserver/plugins/idviews.py:1060
#: ipaserver/plugins/ca.py:114 ipaserver/plugins/cert.py:353
msgid "Certificate"
msgstr ""

msgid "Base-64 encoded server certificate"
msgstr "Base-64로 인코딩된 서버 인증서"

#: ipaserver/plugins/host.py:555 ipaserver/plugins/service.py:501
msgid "Principal name"
msgstr ""

msgid "MAC address"
msgstr ""

msgid "Hardware MAC address(es) on this host"
msgstr ""

#: ipaserver/plugins/host.py:576 ipaserver/plugins/idviews.py:1054
msgid "SSH public key"
msgstr ""

#: ipaserver/plugins/host.py:586
msgid "Class"
msgstr ""

msgid ""
"Host category (semantics placed on this attribute are for local "
"interpretation)"
msgstr ""

#: ipaserver/plugins/internal.py:1131
msgid "Assigned ID View"
msgstr ""

#: ipaserver/plugins/service.py:168
msgid "Requires pre-authentication"
msgstr ""

#: ipaserver/plugins/service.py:169
msgid "Pre-authentication is required for the service"
msgstr ""

#: ipaserver/plugins/service.py:174
msgid "Trusted for delegation"
msgstr ""

#: ipaserver/plugins/service.py:175
msgid "Client credentials may be delegated to the service"
msgstr ""

#: ipaserver/plugins/baseldap.py:71
msgid "Member of host-groups"
msgstr ""

msgid "Indirect Member of host-group"
msgstr ""

#: ipaserver/plugins/service.py:128
msgid "Keytab"
msgstr ""

msgid "Managed by"
msgstr ""

msgid "Managing"
msgstr ""

#: ipaserver/plugins/service.py:134
msgid "Users allowed to retrieve keytab"
msgstr ""

#: ipaserver/plugins/service.py:137
msgid "Groups allowed to retrieve keytab"
msgstr ""

#: ipaserver/plugins/service.py:140
msgid "Hosts allowed to retrieve keytab"
msgstr ""

#: ipaserver/plugins/service.py:143
msgid "Host Groups allowed to retrieve keytab"
msgstr ""

#: ipaserver/plugins/service.py:146
msgid "Users allowed to create keytab"
msgstr ""

#: ipaserver/plugins/service.py:149
msgid "Groups allowed to create keytab"
msgstr ""

#: ipaserver/plugins/service.py:152
msgid "Hosts allowed to create keytab"
msgstr "키탭을 생성하는데 허용된 호스트"

#: ipaserver/plugins/service.py:155
msgid "Host Groups allowed to create keytab"
msgstr ""

msgid "Add a new host."
msgstr ""

msgid "force host name even if not in DNS"
msgstr ""

msgid "skip reverse DNS detection"
msgstr ""

msgid "Add the host to DNS with this IP address"
msgstr ""

msgid "Add hosts that can manage this host."
msgstr ""

msgid ""
"Allow users, groups, hosts or host groups to create a keytab of this host."
msgstr ""

msgid ""
"Allow users, groups, hosts or host groups to retrieve a keytab of this host."
msgstr ""

msgid "Delete a host."
msgstr ""

msgid "Remove entries from DNS"
msgstr ""

msgid "Disable the Kerberos key, SSL certificate and all services of a host."
msgstr ""

msgid ""
"Disallow users, groups, hosts or host groups to create a keytab of this host."
msgstr ""

msgid ""
"Disallow users, groups, hosts or host groups to retrieve a keytab of this "
"host."
msgstr ""

msgid "Search for hosts."
msgstr ""

msgid "Results should contain primary key attribute only (\"hostname\")"
msgstr ""

#: ipaserver/plugins/hostgroup.py:106
msgid "host group"
msgstr ""

msgid "Search for hosts with these member of host groups."
msgstr ""

msgid "Search for hosts without these member of host groups."
msgstr ""

msgid "Search for hosts with these member of netgroups."
msgstr ""

msgid "Search for hosts without these member of netgroups."
msgstr ""

msgid "Search for hosts with these member of roles."
msgstr "역할의 이들 구성원과 함께 호스트를 위한 검색."

msgid "Search for hosts without these member of roles."
msgstr ""

msgid "Search for hosts with these member of HBAC rules."
msgstr ""

msgid "Search for hosts without these member of HBAC rules."
msgstr ""

msgid "Search for hosts with these member of sudo rules."
msgstr ""

msgid "Search for hosts without these member of sudo rules."
msgstr ""

msgid "Search for hosts with these enrolled by users."
msgstr ""

msgid "Search for hosts without these enrolled by users."
msgstr ""

#: ipaserver/plugins/cert.py:1025 ipaserver/plugins/sudorule.py:447
msgid "host"
msgstr ""

msgid "Search for hosts with these managed by hosts."
msgstr ""

msgid "Search for hosts without these managed by hosts."
msgstr ""

msgid "Search for hosts with these managing hosts."
msgstr ""

msgid "Search for hosts without these managing hosts."
msgstr ""

msgid "Modify information about a host."
msgstr ""

msgid "Kerberos principal name for this host"
msgstr ""

msgid "Update DNS entries"
msgstr ""

msgid "Remove hosts that can manage this host."
msgstr ""

msgid "Display information about a host."
msgstr ""

#: ipaserver/plugins/service.py:987 ipaserver/plugins/user.py:940
msgid "file to store certificate in"
msgstr ""

msgid ""
"\n"
"Groups of hosts.\n"
"\n"
"Manage groups of hosts. This is useful for applying access control to a\n"
"number of hosts by using Host-based Access Control.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a new host group:\n"
"   ipa hostgroup-add --desc=\"Baltimore hosts\" baltimore\n"
"\n"
" Add another new host group:\n"
"   ipa hostgroup-add --desc=\"Maryland hosts\" maryland\n"
"\n"
" Add members to the hostgroup (using Bash brace expansion):\n"
"   ipa hostgroup-add-member --hosts={box1,box2,box3} baltimore\n"
"\n"
" Add a hostgroup as a member of another hostgroup:\n"
"   ipa hostgroup-add-member --hostgroups=baltimore maryland\n"
"\n"
" Remove a host from the hostgroup:\n"
"   ipa hostgroup-remove-member --hosts=box2 baltimore\n"
"\n"
" Display a host group:\n"
"   ipa hostgroup-show baltimore\n"
"\n"
" Delete a hostgroup:\n"
"   ipa hostgroup-del baltimore\n"
msgstr ""

#: ipaserver/plugins/hostgroup.py:186
msgid "Host-group"
msgstr ""

#: ipaserver/plugins/hostgroup.py:187
msgid "Name of host-group"
msgstr ""

#: ipaserver/plugins/hostgroup.py:194
msgid "A description of this host-group"
msgstr ""

msgid "Member hosts"
msgstr ""

msgid "Member host-groups"
msgstr ""

#: ipaserver/plugins/baseldap.py:137
msgid "Indirect Member hosts"
msgstr ""

#: ipaserver/plugins/baseldap.py:140
msgid "Indirect Member host-groups"
msgstr ""

#: ipaserver/plugins/hostgroup.py:220
msgid "Add a new hostgroup."
msgstr ""

#: ipaserver/plugins/hostgroup.py:330
msgid "Add members to a hostgroup."
msgstr "구성원을 호스트그룹에 추가."

#: ipaserver/plugins/hostgroup.py:260
msgid "Delete a hostgroup."
msgstr ""

#: ipaserver/plugins/hostgroup.py:298
msgid "Search for hostgroups."
msgstr ""

msgid "Results should contain primary key attribute only (\"hostgroup-name\")"
msgstr ""

msgid "Search for host groups with these member hosts."
msgstr ""

msgid "Search for host groups without these member hosts."
msgstr ""

msgid "Search for host groups with these member host groups."
msgstr ""

msgid "Search for host groups without these member host groups."
msgstr ""

msgid "Search for host groups with these member of host groups."
msgstr ""

msgid "Search for host groups without these member of host groups."
msgstr ""

msgid "Search for host groups with these member of netgroups."
msgstr ""

msgid "Search for host groups without these member of netgroups."
msgstr ""

msgid "Search for host groups with these member of HBAC rules."
msgstr ""

msgid "Search for host groups without these member of HBAC rules."
msgstr ""

msgid "Search for host groups with these member of sudo rules."
msgstr ""

msgid "Search for host groups without these member of sudo rules."
msgstr ""

#: ipaserver/plugins/hostgroup.py:275
msgid "Modify a hostgroup."
msgstr ""

#: ipaserver/plugins/hostgroup.py:340
msgid "Remove members from a hostgroup."
msgstr ""

#: ipaserver/plugins/hostgroup.py:316
msgid "Display information about a hostgroup."
msgstr ""

msgid ""
"\n"
"ID ranges\n"
"\n"
"Manage ID ranges  used to map Posix IDs to SIDs and back.\n"
"\n"
"There are two type of ID ranges which are both handled by this utility:\n"
"\n"
" - the ID ranges of the local domain\n"
" - the ID ranges of trusted remote domains\n"
"\n"
"Both types have the following attributes in common:\n"
"\n"
" - base-id: the first ID of the Posix ID range\n"
" - range-size: the size of the range\n"
"\n"
"With those two attributes a range object can reserve the Posix IDs starting\n"
"with base-id up to but not including base-id+range-size exclusively.\n"
"\n"
"Additionally an ID range of the local domain may set\n"
" - rid-base: the first RID(*) of the corresponding RID range\n"
" - secondary-rid-base: first RID of the secondary RID range\n"
"\n"
"and an ID range of a trusted domain must set\n"
" - rid-base: the first RID of the corresponding RID range\n"
" - sid: domain SID of the trusted domain\n"
"\n"
"\n"
"\n"
"EXAMPLE: Add a new ID range for a trusted domain\n"
"\n"
"Since there might be more than one trusted domain the domain SID must be "
"given\n"
"while creating the ID range.\n"
"\n"
"  ipa idrange-add --base-id=1200000 --range-size=200000 --rid-"
"base=0                   --dom-sid=S-1-5-21-123-456-789 trusted_dom_range\n"
"\n"
"This ID range is then used by the IPA server and the SSSD IPA provider to\n"
"assign Posix UIDs to users from the trusted domain.\n"
"\n"
"If e.g. a range for a trusted domain is configured with the following "
"values:\n"
" base-id = 1200000\n"
" range-size = 200000\n"
" rid-base = 0\n"
"the RIDs 0 to 199999 are mapped to the Posix ID from 1200000 to 13999999. "
"So\n"
"RID 1000 <-> Posix ID 1201000\n"
"\n"
"\n"
"\n"
"EXAMPLE: Add a new ID range for the local domain\n"
"\n"
"To create an ID range for the local domain it is not necessary to specify a\n"
"domain SID. But since it is possible that a user and a group can have the "
"same\n"
"value as Posix ID a second RID interval is needed to handle conflicts.\n"
"\n"
"  ipa idrange-add --base-id=1200000 --range-size=200000 --rid-"
"base=1000                   --secondary-rid-base=1000000 local_range\n"
"\n"
"The data from the ID ranges of the local domain are used by the IPA server\n"
"internally to assign SIDs to IPA users and groups. The SID will then be "
"stored\n"
"in the user or group objects.\n"
"\n"
"If e.g. the ID range for the local domain is configured with the values "
"from\n"
"the example above then a new user with the UID 1200007 will get the RID "
"1007.\n"
"If this RID is already used by a group the RID will be 1000007. This can "
"only\n"
"happen if a user or a group object was created with a fixed ID because the\n"
"automatic assignment will not assign the same ID twice. Since there are "
"only\n"
"users and groups sharing the same ID namespace it is sufficient to have "
"only\n"
"one fallback range to handle conflicts.\n"
"\n"
"To find the Posix ID for a given RID from the local domain it has to be\n"
"checked first if the RID falls in the primary or secondary RID range and\n"
"the rid-base or the secondary-rid-base has to be subtracted, respectively,\n"
"and the base-id has to be added to get the Posix ID.\n"
"\n"
"Typically the creation of ID ranges happens behind the scenes and this CLI\n"
"must not be used at all. The ID range for the local domain will be created\n"
"during installation or upgrade from an older version. The ID range for a\n"
"trusted domain will be created together with the trust by 'ipa trust-"
"add ...'.\n"
"\n"
"USE CASES:\n"
"\n"
"  Add an ID range from a transitively trusted domain\n"
"\n"
"    If the trusted domain (A) trusts another domain (B) as well and this "
"trust\n"
"    is transitive 'ipa trust-add domain-A' will only create a range for\n"
"    domain A.  The ID range for domain B must be added manually.\n"
"\n"
"  Add an additional ID range for the local domain\n"
"\n"
"    If the ID range of the local domain is exhausted, i.e. no new IDs can "
"be\n"
"    assigned to Posix users or groups by the DNA plugin, a new range has to "
"be\n"
"    created to allow new users and groups to be added. (Currently there is "
"no\n"
"    connection between this range CLI and the DNA plugin, but a future "
"version\n"
"    might be able to modify the configuration of the DNS plugin as well)\n"
"\n"
"In general it is not necessary to modify or delete ID ranges. If there is "
"no\n"
"other way to achieve a certain configuration than to modify or delete an ID\n"
"range it should be done with great care. Because UIDs are stored in the "
"file\n"
"system and are used for access control it might be possible that users are\n"
"allowed to access files of other users if an ID range got deleted and "
"reused\n"
"for a different domain.\n"
"\n"
"(*) The RID is typically the last integer of a user or group SID which "
"follows\n"
"the domain SID. E.g. if the domain SID is S-1-5-21-123-456-789 and a user "
"from\n"
"this domain has the SID S-1-5-21-123-456-789-1010 then 1010 is the RID of "
"the\n"
"user. RIDs are unique in a domain, 32bit values and are used for users and\n"
"groups.\n"
"\n"
"WARNING:\n"
"\n"
"DNA plugin in 389-ds will allocate IDs based on the ranges configured for "
"the\n"
"local domain. Currently the DNA plugin *cannot* be reconfigured itself "
"based\n"
"on the local ranges set via this family of commands.\n"
"\n"
"Manual configuration change has to be done in the DNA plugin configuration "
"for\n"
"the new local range. Specifically, The dnaNextRange attribute of 'cn=Posix\n"
"IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has to "
"be\n"
"modified to match the new range.\n"
msgstr ""

#: ipaserver/plugins/idrange.py:219
msgid "Range name"
msgstr ""

#: ipaserver/plugins/idrange.py:224
msgid "First Posix ID of the range"
msgstr ""

#: ipaserver/plugins/idrange.py:230
msgid "Number of IDs in the range"
msgstr ""

#: ipaserver/plugins/idrange.py:236
msgid "First RID of the corresponding RID range"
msgstr ""

#: ipaserver/plugins/idrange.py:240
msgid "First RID of the secondary RID range"
msgstr ""

#: ipaserver/plugins/idrange.py:245 ipaserver/plugins/idrange.py:655
msgid "Domain SID of the trusted domain"
msgstr ""

#: ipaserver/plugins/idrange.py:250 ipaserver/plugins/idrange.py:663
msgid "Name of the trusted domain"
msgstr ""

#: ipaserver/plugins/idrange.py:253 ipaserver/plugins/trust.py:711
#: ipaserver/plugins/internal.py:1257
msgid "Range type"
msgstr ""

msgid "ID range type, one of ipa-ad-trust-posix, ipa-ad-trust, ipa-local"
msgstr ""

msgid ""
"\n"
"Add new ID range.\n"
"\n"
"    To add a new ID range you always have to specify\n"
"\n"
"        --base-id\n"
"        --range-size\n"
"\n"
"    Additionally\n"
"\n"
"        --rid-base\n"
"        --secondary-rid-base\n"
"\n"
"    may be given for a new ID range for the local domain while\n"
"\n"
"        --rid-base\n"
"        --dom-sid\n"
"\n"
"    must be given to add a new range for a trusted AD domain.\n"
"\n"
"    WARNING:\n"
"\n"
"    DNA plugin in 389-ds will allocate IDs based on the ranges configured "
"for the\n"
"    local domain. Currently the DNA plugin *cannot* be reconfigured itself "
"based\n"
"    on the local ranges set via this family of commands.\n"
"\n"
"    Manual configuration change has to be done in the DNA plugin "
"configuration for\n"
"    the new local range. Specifically, The dnaNextRange attribute of "
"'cn=Posix\n"
"    IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has "
"to be\n"
"    modified to match the new range.\n"
"    "
msgstr ""

#: ipaserver/plugins/idrange.py:556
msgid "Delete an ID range."
msgstr ""

#: ipaserver/plugins/idrange.py:604
msgid "Search for ranges."
msgstr ""

msgid "Modify ID range."
msgstr ""

#: ipaserver/plugins/idrange.py:627
msgid "Display information about a range."
msgstr ""

msgid ""
"\n"
"ID Views\n"
"\n"
"Manage ID Views\n"
"\n"
"IPA allows to override certain properties of users and groups per each "
"host.\n"
"This functionality is primarily used to allow migration from older systems "
"or\n"
"other Identity Management solutions.\n"
msgstr ""

#: ipaserver/plugins/idviews.py:772
msgid "Anchor to override"
msgstr ""

#: ipaserver/plugins/idviews.py:1038 ipaserver/plugins/idviews.py:1133
msgid "Group ID Number"
msgstr ""

#: ipaserver/plugins/idviews.py:1024
msgid "User login"
msgstr ""

#: ipaserver/plugins/idviews.py:1029
msgid "UID"
msgstr ""

#: ipaserver/plugins/idviews.py:1030
msgid "User ID Number"
msgstr ""

#: ipaserver/plugins/baseuser.py:250 ipaserver/plugins/idviews.py:1034
msgid "GECOS"
msgstr ""

#: ipaserver/plugins/idviews.py:1043
msgid "Home directory"
msgstr ""

#: ipaserver/plugins/idviews.py:1047
msgid "Login shell"
msgstr ""

#: ipaserver/plugins/idviews.py:136
msgid "ID View Name"
msgstr ""

#: ipaserver/plugins/idviews.py:1288
msgid "Add a new Group ID override."
msgstr ""

#: ipaserver/plugins/idviews.py:1294
msgid "Delete an Group ID override."
msgstr ""

#: ipaserver/plugins/idviews.py:1306
msgid "Search for an Group ID override."
msgstr ""

msgid "Results should contain primary key attribute only (\"anchor\")"
msgstr ""

#: ipaserver/plugins/idviews.py:1300
msgid "Modify an Group ID override."
msgstr ""

msgid "Rename the Group ID override object"
msgstr ""

#: ipaserver/plugins/idviews.py:1322
msgid "Display information about an Group ID override."
msgstr ""

#: ipaserver/plugins/idviews.py:1189
msgid "Add a new User ID override."
msgstr ""

#: ipaserver/plugins/idviews.py:1214
msgid "Delete an User ID override."
msgstr ""

#: ipaserver/plugins/idviews.py:1252
msgid "Search for an User ID override."
msgstr ""

#: ipaserver/plugins/idviews.py:1220
msgid "Modify an User ID override."
msgstr ""

msgid "Rename the User ID override object"
msgstr ""

#: ipaserver/plugins/idviews.py:1276
msgid "Display information about an User ID override."
msgstr ""

#: ipaserver/plugins/idviews.py:196
msgid "Add a new ID View."
msgstr ""

msgid ""
"Applies ID View to specified hosts or current members of specified "
"hostgroups. If any other ID View is applied to the host, it is overriden."
msgstr ""

#: ipaserver/plugins/idviews.py:454 ipaserver/plugins/idviews.py:497
#: ipaserver/plugins/sudorule.py:447
msgid "hosts"
msgstr ""

#: ipaserver/plugins/idviews.py:453
msgid "Hosts to apply the ID View to"
msgstr ""

#: ipaserver/plugins/idviews.py:461 ipaserver/plugins/idviews.py:504
msgid "hostgroups"
msgstr ""

#: ipaserver/plugins/idviews.py:458
msgid ""
"Hostgroups to whose hosts apply the ID View to. Please note that view is not "
"applied automatically to any hosts added to the hostgroup after running the "
"idview-apply command."
msgstr ""

#: ipaserver/plugins/idviews.py:469
msgid "Hosts that this ID View was applied to."
msgstr ""

#: ipaserver/plugins/idviews.py:473
msgid "Hosts or hostgroups that this ID View could not be applied to."
msgstr ""

#: ipaserver/plugins/idviews.py:478
msgid "Number of hosts the ID View was applied to:"
msgstr "호스트 ID 보기의 수는 다음과 같이 적용됩니다:"

#: ipaserver/plugins/idviews.py:213
msgid "Delete an ID View."
msgstr ""

#: ipaserver/plugins/idviews.py:242
msgid "Search for an ID View."
msgstr ""

#: ipaserver/plugins/idviews.py:226
msgid "Modify an ID View."
msgstr ""

msgid "Rename the ID View object"
msgstr ""

#: ipaserver/plugins/idviews.py:249
msgid "Display information about an ID View."
msgstr ""

#: ipaserver/plugins/idviews.py:254
msgid "Enumerate all the hosts the view applies to."
msgstr ""

#: ipaserver/plugins/idviews.py:485
msgid ""
"Clears ID View from specified hosts or current members of specified "
"hostgroups."
msgstr ""

#: ipaserver/plugins/idviews.py:496
msgid "Hosts to clear (any) ID View from."
msgstr ""

#: ipaserver/plugins/idviews.py:501
msgid ""
"Hostgroups whose hosts should have ID Views cleared. Note that view is not "
"cleared automatically from any host added to the hostgroup after running "
"idview-unapply command."
msgstr ""

#: ipaserver/plugins/idviews.py:512
msgid "Hosts that ID View was cleared from."
msgstr ""

#: ipaserver/plugins/idviews.py:516
msgid "Hosts or hostgroups that ID View could not be cleared from."
msgstr ""

#: ipaserver/plugins/idviews.py:521
msgid "Number of hosts that had a ID View was unset:"
msgstr ""

#: ipaserver/plugins/internal.py:30
msgid ""
"\n"
"Plugins not accessible directly through the CLI, commands used internally\n"
msgstr ""

#: ipaserver/plugins/internal.py:2018
msgid "Dict of I18N messages"
msgstr ""

#: ipaserver/plugins/internal.py:38
msgid "Export plugin meta-data for the webUI."
msgstr ""

#: ipaserver/plugins/internal.py:44 ipaserver/plugins/internal.py:53
msgid "Name of object to export"
msgstr ""

#: ipaserver/plugins/internal.py:47 ipaserver/plugins/internal.py:56
msgid "Name of method to export"
msgstr ""

#: ipaserver/plugins/internal.py:59
msgid "Name of command to export"
msgstr ""

#: ipaserver/plugins/internal.py:64
msgid "Dict of JSON encoded IPA Objects"
msgstr ""

#: ipaserver/plugins/internal.py:65
msgid "Dict of JSON encoded IPA Methods"
msgstr ""

#: ipaserver/plugins/internal.py:66
msgid "Dict of JSON encoded IPA Commands"
msgstr ""

msgid ""
"\n"
"Joining an IPA domain\n"
msgstr ""

msgid "Join an IPA domain"
msgstr ""

msgid "The hostname to register as"
msgstr ""

msgid "The IPA realm"
msgstr ""

msgid "Hardware platform of the host (e.g. Lenovo T61)"
msgstr ""

msgid "Operating System and version of the host (e.g. Fedora 9)"
msgstr ""

#: ipaserver/plugins/krbtpolicy.py:27
msgid ""
"\n"
"Kerberos ticket policy\n"
"\n"
"There is a single Kerberos ticket policy. This policy defines the\n"
"maximum ticket lifetime and the maximum renewal age, the period during\n"
"which the ticket is renewable.\n"
"\n"
"You can also create a per-user ticket policy by specifying the user login.\n"
"\n"
"For changes to the global policy to take effect, restarting the KDC service\n"
"is required, which can be achieved using:\n"
"\n"
"service krb5kdc restart\n"
"\n"
"Changes to per-user policies take effect immediately for newly requested\n"
"tickets (e.g. when the user next runs kinit).\n"
"\n"
"EXAMPLES:\n"
"\n"
" Display the current Kerberos ticket policy:\n"
"  ipa krbtpolicy-show\n"
"\n"
" Reset the policy to the default:\n"
"  ipa krbtpolicy-reset\n"
"\n"
" Modify the policy to 8 hours max life, 1-day max renewal:\n"
"  ipa krbtpolicy-mod --maxlife=28800 --maxrenew=86400\n"
"\n"
" Display effective Kerberos ticket policy for user 'admin':\n"
"  ipa krbtpolicy-show admin\n"
"\n"
" Reset per-user policy for user 'admin':\n"
"  ipa krbtpolicy-reset admin\n"
"\n"
" Modify per-user policy for user 'admin':\n"
"  ipa krbtpolicy-mod admin --maxlife=3600\n"
msgstr ""

#: ipaserver/plugins/krbtpolicy.py:135
msgid "Manage ticket policy for specific user"
msgstr ""

#: ipaserver/plugins/krbtpolicy.py:140
msgid "Max life"
msgstr ""

#: ipaserver/plugins/krbtpolicy.py:141
msgid "Maximum ticket life (seconds)"
msgstr ""

#: ipaserver/plugins/krbtpolicy.py:146
msgid "Max renew"
msgstr ""

#: ipaserver/plugins/krbtpolicy.py:147
msgid "Maximum renewable age (seconds)"
msgstr ""

#: ipaserver/plugins/krbtpolicy.py:233
msgid "Modify Kerberos ticket policy."
msgstr ""

#: ipaserver/plugins/krbtpolicy.py:312
msgid "Reset Kerberos ticket policy to the default values."
msgstr ""

#: ipaserver/plugins/krbtpolicy.py:258
msgid "Display the current Kerberos ticket policy."
msgstr ""

msgid ""
"\n"
"Migration to IPA\n"
"\n"
"Migrate users and groups from an LDAP server to IPA.\n"
"\n"
"This performs an LDAP query against the remote server searching for\n"
"users and groups in a container. In order to migrate passwords you need\n"
"to bind as a user that can read the userPassword attribute on the remote\n"
"server. This is generally restricted to high-level admins such as\n"
"cn=Directory Manager in 389-ds (this is the default bind user).\n"
"\n"
"The default user container is ou=People.\n"
"\n"
"The default group container is ou=Groups.\n"
"\n"
"Users and groups that already exist on the IPA server are skipped.\n"
"\n"
"Two LDAP schemas define how group members are stored: RFC2307 and\n"
"RFC2307bis. RFC2307bis uses member and uniquemember to specify group\n"
"members, RFC2307 uses memberUid. The default schema is RFC2307bis.\n"
"\n"
"The schema compat feature allows IPA to reformat data for systems that\n"
"do not support RFC2307bis. It is recommended that this feature is disabled\n"
"during migration to reduce system overhead. It can be re-enabled after\n"
"migration. To migrate with it enabled use the \"--with-compat\" option.\n"
"\n"
"Migrated users do not have Kerberos credentials, they have only their\n"
"LDAP password. To complete the migration process, users need to go\n"
"to http://ipa.example.com/ipa/migration and authenticate using their\n"
"LDAP password in order to generate their Kerberos credentials.\n"
"\n"
"Migration is disabled by default. Use the command ipa config-mod to\n"
"enable it:\n"
"\n"
" ipa config-mod --enable-migration=TRUE\n"
"\n"
"If a base DN is not provided with --basedn then IPA will use either\n"
"the value of defaultNamingContext if it is set or the first value\n"
"in namingContexts set in the root of the remote LDAP server.\n"
"\n"
"Users are added as members to the default user group. This can be a\n"
"time-intensive task so during migration this is done in a batch\n"
"mode for every 100 users. As a result there will be a window in which\n"
"users will be added to IPA but will not be members of the default\n"
"user group.\n"
"\n"
"EXAMPLES:\n"
"\n"
" The simplest migration, accepting all defaults:\n"
"   ipa migrate-ds ldap://ds.example.com:389\n"
"\n"
" Specify the user and group container. This can be used to migrate user\n"
" and group data from an IPA v1 server:\n"
"   ipa migrate-ds --user-container='cn=users,cn=accounts'        --group-"
"container='cn=groups,cn=accounts'        ldap://ds.example.com:389\n"
"\n"
" Since IPA v2 server already contain predefined groups that may collide "
"with\n"
" groups in migrated (IPA v1) server (for example admins, ipausers), users\n"
" having colliding group as their primary group may happen to belong to\n"
" an unknown group on new IPA v2 server.\n"
" Use --group-overwrite-gid option to overwrite GID of already existing "
"groups\n"
" to prevent this issue:\n"
"    ipa migrate-ds --group-overwrite-gid         --user-container='cn=users,"
"cn=accounts'         --group-container='cn=groups,cn=accounts'         "
"ldap://ds.example.com:389\n"
"\n"
" Migrated users or groups may have object class and accompanied attributes\n"
" unknown to the IPA v2 server. These object classes and attributes may be\n"
" left out of the migration process:\n"
"    ipa migrate-ds --user-container='cn=users,cn=accounts'        --group-"
"container='cn=groups,cn=accounts'        --user-ignore-"
"objectclass=radiusprofile        --user-ignore-"
"attribute=radiusgroupname        ldap://ds.example.com:389\n"
"\n"
"LOGGING\n"
"\n"
"Migration will log warnings and errors to the Apache error log. This\n"
"file should be evaluated post-migration to correct or investigate any\n"
"issues that were discovered.\n"
"\n"
"For every 100 users migrated an info-level message will be displayed to\n"
"give the current progress and duration to make it possible to track\n"
"the progress of migration.\n"
"\n"
"If the log level is debug, either by setting debug = True in\n"
"/etc/ipa/default.conf or /etc/ipa/server.conf, then an entry will be "
"printed\n"
"for each user added plus a summary when the default user group is\n"
"updated.\n"
msgstr ""

#: ipaserver/plugins/migration.py:482
msgid "Migrate users and groups from DS to IPA."
msgstr ""

#: ipaserver/plugins/migration.py:529
msgid "LDAP URI"
msgstr ""

#: ipaserver/plugins/migration.py:530
msgid "LDAP URI of DS server to migrate from"
msgstr ""

#: ipaserver/plugins/migration.py:536
msgid "bind password"
msgstr ""

#: ipaserver/plugins/migration.py:543
msgid "Bind DN"
msgstr ""

#: ipaserver/plugins/migration.py:549
msgid "User container"
msgstr ""

#: ipaserver/plugins/migration.py:550
msgid "DN of container for users in DS relative to base DN"
msgstr ""

#: ipaserver/plugins/migration.py:556
msgid "Group container"
msgstr ""

#: ipaserver/plugins/migration.py:557
msgid "DN of container for groups in DS relative to base DN"
msgstr ""

#: ipaserver/plugins/migration.py:563
msgid "User object class"
msgstr ""

#: ipaserver/plugins/migration.py:564
msgid "Objectclasses used to search for user entries in DS"
msgstr ""

#: ipaserver/plugins/migration.py:570
msgid "Group object class"
msgstr ""

#: ipaserver/plugins/migration.py:571
msgid "Objectclasses used to search for group entries in DS"
msgstr ""

#: ipaserver/plugins/migration.py:577
msgid "Ignore user object class"
msgstr ""

#: ipaserver/plugins/migration.py:578
msgid "Objectclasses to be ignored for user entries in DS"
msgstr ""

#: ipaserver/plugins/migration.py:584
msgid "Ignore user attribute"
msgstr ""

#: ipaserver/plugins/migration.py:585
msgid "Attributes to be ignored for user entries in DS"
msgstr ""

#: ipaserver/plugins/migration.py:591
msgid "Ignore group object class"
msgstr ""

#: ipaserver/plugins/migration.py:592
msgid "Objectclasses to be ignored for group entries in DS"
msgstr ""

#: ipaserver/plugins/migration.py:598
msgid "Ignore group attribute"
msgstr ""

#: ipaserver/plugins/migration.py:599
msgid "Attributes to be ignored for group entries in DS"
msgstr ""

#: ipaserver/plugins/migration.py:605
msgid "Overwrite GID"
msgstr ""

#: ipaserver/plugins/migration.py:606
msgid ""
"When migrating a group already existing in IPA domain overwrite the group "
"GID and report as success"
msgstr ""

#: ipaserver/plugins/migration.py:611
msgid "LDAP schema"
msgstr ""

#: ipaserver/plugins/migration.py:612
msgid ""
"The schema used on the LDAP server. Supported values are RFC2307 and "
"RFC2307bis. The default is RFC2307bis"
msgstr ""

#: ipaserver/plugins/migration.py:618
msgid "Continue"
msgstr ""

#: ipaserver/plugins/migration.py:619
msgid ""
"Continuous operation mode. Errors are reported but the process continues"
msgstr ""

#: ipaserver/plugins/migration.py:624
msgid "Base DN"
msgstr ""

#: ipaserver/plugins/migration.py:625
msgid "Base DN on remote LDAP server"
msgstr ""

#: ipaserver/plugins/migration.py:629
msgid "Ignore compat plugin"
msgstr ""

#: ipaserver/plugins/migration.py:630
msgid "Allows migration despite the usage of compat plugin"
msgstr ""

#: ipaserver/plugins/migration.py:635
msgid "CA certificate"
msgstr ""

#: ipaserver/plugins/migration.py:636
msgid "Load CA certificate of LDAP server from FILE"
msgstr ""

msgid "groups to exclude from migration"
msgstr ""

msgid "users to exclude from migration"
msgstr ""

#: ipaserver/plugins/migration.py:662
msgid "Lists of objects migrated; categorized by type."
msgstr ""

#: ipaserver/plugins/migration.py:666
msgid "Lists of objects that could not be migrated; categorized by type."
msgstr ""

#: ipaserver/plugins/migration.py:670
msgid "False if migration mode was disabled."
msgstr ""

#: ipaserver/plugins/migration.py:674
msgid "False if migration fails because the compatibility plug-in is enabled."
msgstr ""

msgid ""
"\n"
"Misc plug-ins\n"
msgstr ""

msgid "Show environment variables."
msgstr ""

msgid "Forward to server instead of running locally"
msgstr ""

#: ipalib/misc.py:103
msgid ""
"retrieve and print all attributes from the server. Affects command output."
msgstr ""

msgid "Total number of variables env (>= count)"
msgstr ""

msgid "Number of variables returned (<= total)"
msgstr ""

msgid "Show all loaded plugins."
msgstr ""

msgid "Dictionary mapping plugin names to bases"
msgstr ""

msgid "Number of plugins loaded"
msgstr ""

#: ipaserver/plugins/netgroup.py:46
msgid ""
"\n"
"Netgroups\n"
"\n"
"A netgroup is a group used for permission checking. It can contain both\n"
"user and host values.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a new netgroup:\n"
"   ipa netgroup-add --desc=\"NFS admins\" admins\n"
"\n"
" Add members to the netgroup:\n"
"   ipa netgroup-add-member --users=tuser1 --users=tuser2 admins\n"
"\n"
" Remove a member from the netgroup:\n"
"   ipa netgroup-remove-member --users=tuser2 admins\n"
"\n"
" Display information about a netgroup:\n"
"   ipa netgroup-show admins\n"
"\n"
" Delete a netgroup:\n"
"   ipa netgroup-del admins\n"
msgstr ""

#: ipaserver/plugins/netgroup.py:204
msgid "Netgroup name"
msgstr ""

#: ipaserver/plugins/netgroup.py:211
msgid "Netgroup description"
msgstr ""

#: ipaserver/plugins/netgroup.py:217
msgid "NIS domain name"
msgstr ""

#: ipaserver/plugins/netgroup.py:222
msgid "IPA unique ID"
msgstr ""

#: ipaserver/plugins/baseldap.py:92
msgid "Member netgroups"
msgstr ""

#: ipaserver/plugins/baseldap.py:155
msgid "Indirect Member netgroups"
msgstr ""

msgid "Member User"
msgstr ""

msgid "Member Group"
msgstr ""

#: ipaserver/plugins/netgroup.py:88
msgid "Member Host"
msgstr ""

msgid "Member Hostgroup"
msgstr ""

#: ipaserver/plugins/netgroup.py:263
msgid "Add a new netgroup."
msgstr ""

#: ipaserver/plugins/netgroup.py:378
msgid "Add members to a netgroup."
msgstr ""

msgid "member netgroup"
msgstr ""

msgid "netgroups to add"
msgstr "추가하려는 넷그룹"

#: ipaserver/plugins/netgroup.py:299
msgid "Delete a netgroup."
msgstr ""

#: ipaserver/plugins/netgroup.py:334
msgid "Search for a netgroup."
msgstr ""

#: ipaserver/plugins/netgroup.py:349
msgid "search for managed groups"
msgstr ""

msgid "Search for netgroups with these member netgroups."
msgstr ""

msgid "Search for netgroups without these member netgroups."
msgstr ""

msgid "Search for netgroups with these member users."
msgstr ""

msgid "Search for netgroups without these member users."
msgstr ""

msgid "Search for netgroups with these member groups."
msgstr ""

msgid "Search for netgroups without these member groups."
msgstr "이들 구성원 그룹이 없이 넷그룹를 위한 검색."

msgid "Search for netgroups with these member hosts."
msgstr ""

msgid "Search for netgroups without these member hosts."
msgstr ""

msgid "Search for netgroups with these member host groups."
msgstr ""

msgid "Search for netgroups without these member host groups."
msgstr ""

msgid "Search for netgroups with these member of netgroups."
msgstr ""

msgid "Search for netgroups without these member of netgroups."
msgstr ""

#: ipaserver/plugins/netgroup.py:307
msgid "Modify a netgroup."
msgstr ""

#: ipaserver/plugins/netgroup.py:400
msgid "Remove members from a netgroup."
msgstr ""

msgid "netgroups to remove"
msgstr ""

#: ipaserver/plugins/netgroup.py:371
msgid "Display information about a netgroup."
msgstr ""

#: ipaserver/plugins/otpconfig.py:24
msgid ""
"\n"
"OTP configuration\n"
"\n"
"Manage the default values that IPA uses for OTP tokens.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Show basic OTP configuration:\n"
"   ipa otpconfig-show\n"
"\n"
" Show all OTP configuration options:\n"
"   ipa otpconfig-show --all\n"
"\n"
" Change maximum TOTP authentication window to 10 minutes:\n"
"   ipa otpconfig-mod --totp-auth-window=600\n"
"\n"
" Change maximum TOTP synchronization window to 12 hours:\n"
"   ipa otpconfig-mod --totp-sync-window=43200\n"
"\n"
" Change maximum HOTP authentication window to 5:\n"
"   ipa hotpconfig-mod --hotp-auth-window=5\n"
"\n"
" Change maximum HOTP synchronization window to 50:\n"
"   ipa hotpconfig-mod --hotp-sync-window=50\n"
msgstr ""

#: ipaserver/plugins/otpconfig.py:86
msgid "TOTP authentication Window"
msgstr ""

#: ipaserver/plugins/otpconfig.py:87
msgid "TOTP authentication time variance (seconds)"
msgstr ""

#: ipaserver/plugins/otpconfig.py:92
msgid "TOTP Synchronization Window"
msgstr ""

#: ipaserver/plugins/otpconfig.py:93
msgid "TOTP synchronization time variance (seconds)"
msgstr ""

#: ipaserver/plugins/otpconfig.py:98
msgid "HOTP Authentication Window"
msgstr ""

#: ipaserver/plugins/otpconfig.py:99
msgid "HOTP authentication skip-ahead"
msgstr ""

#: ipaserver/plugins/otpconfig.py:104
msgid "HOTP Synchronization Window"
msgstr ""

#: ipaserver/plugins/otpconfig.py:105
msgid "HOTP synchronization skip-ahead"
msgstr ""

#: ipaserver/plugins/otpconfig.py:116
msgid "Modify OTP configuration options."
msgstr ""

#: ipaserver/plugins/otpconfig.py:121
msgid "Show the current OTP configuration."
msgstr ""

msgid ""
"\n"
"OTP Tokens\n"
"\n"
"Manage OTP tokens.\n"
"\n"
"IPA supports the use of OTP tokens for multi-factor authentication. This\n"
"code enables the management of OTP tokens.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a new token:\n"
"   ipa otptoken-add --type=totp --owner=jdoe --desc=\"My soft token\"\n"
"\n"
" Examine the token:\n"
"   ipa otptoken-show a93db710-a31a-4639-8647-f15b2c70b78a\n"
"\n"
" Change the vendor:\n"
"   ipa otptoken-mod a93db710-a31a-4639-8647-f15b2c70b78a --vendor=\"Red "
"Hat\"\n"
"\n"
" Delete a token:\n"
"   ipa otptoken-del a93db710-a31a-4639-8647-f15b2c70b78a\n"
msgstr ""

#: ipaserver/plugins/otptoken.py:160 ipaserver/plugins/subid.py:136
msgid "Unique ID"
msgstr ""

#: ipaserver/plugins/otptoken.py:166
msgid "Type of the token"
msgstr ""

#: ipaserver/plugins/otptoken.py:175
msgid "Token description (informational only)"
msgstr ""

#: ipaserver/plugins/otptoken.py:179 ipaserver/plugins/subid.py:149
#: ipaserver/plugins/subid.py:467 ipaserver/plugins/internal.py:1383
msgid "Owner"
msgstr "소유자"

#: ipaserver/plugins/otptoken.py:180
msgid "Assigned user of the token (default: self)"
msgstr ""

#: ipaserver/plugins/baseuser.py:353
msgid "Manager"
msgstr ""

#: ipaserver/plugins/otptoken.py:184
msgid "Assigned manager of the token (default: self)"
msgstr ""

#: ipaserver/plugins/otptoken.py:189 ipaserver/plugins/internal.py:1944
msgid "Disabled"
msgstr "사용불가"

#: ipaserver/plugins/otptoken.py:190
msgid "Mark the token as disabled (default: false)"
msgstr ""

#: ipaserver/plugins/otptoken.py:194
msgid "Validity start"
msgstr ""

#: ipaserver/plugins/otptoken.py:195
msgid "First date/time the token can be used"
msgstr ""

#: ipaserver/plugins/otptoken.py:199
msgid "Validity end"
msgstr ""

#: ipaserver/plugins/otptoken.py:200
msgid "Last date/time the token can be used"
msgstr ""

#: ipaserver/plugins/otptoken.py:204
msgid "Vendor"
msgstr ""

#: ipaserver/plugins/otptoken.py:205
msgid "Token vendor name (informational only)"
msgstr ""

#: ipaserver/plugins/otptoken.py:209
msgid "Model"
msgstr ""

#: ipaserver/plugins/otptoken.py:210
msgid "Token model (informational only)"
msgstr ""

#: ipaserver/plugins/otptoken.py:214
msgid "Serial"
msgstr ""

#: ipaserver/plugins/otptoken.py:215
msgid "Token serial (informational only)"
msgstr ""

#: ipaserver/plugins/otptoken.py:220
msgid "Token secret (Base32; default: random)"
msgstr ""

#: ipaserver/plugins/otptoken.py:230
msgid "Token hash algorithm"
msgstr ""

#: ipaserver/plugins/otptoken.py:238
msgid "Digits"
msgstr ""

#: ipaserver/plugins/otptoken.py:239
msgid "Number of digits each token code will have"
msgstr ""

#: ipaserver/plugins/otptoken.py:247
msgid "Clock offset"
msgstr ""

#: ipaserver/plugins/otptoken.py:248
msgid "TOTP token / IPA server time difference"
msgstr ""

#: ipaserver/plugins/otptoken.py:255
msgid "Clock interval"
msgstr ""

#: ipaserver/plugins/otptoken.py:256
msgid "Length of TOTP token code validity"
msgstr "TOTP 토큰 코드 유효성의 길이"

#: ipaserver/plugins/otptoken.py:264
msgid "Counter"
msgstr ""

#: ipaserver/plugins/otptoken.py:265
msgid "Initial counter for the HOTP token"
msgstr ""

#: ipaserver/plugins/otptoken.py:280
msgid "Add a new OTP token."
msgstr ""

#: ipaserver/plugins/otptoken.py:284
msgid "(deprecated)"
msgstr ""

#: ipaserver/plugins/otptoken.py:285
msgid "Do not display QR code"
msgstr ""

#: ipaserver/plugins/otptoken.py:463
msgid "Add users that can manage this token."
msgstr ""

#: ipaserver/plugins/otptoken.py:366
msgid "Delete an OTP token."
msgstr ""

#: ipaserver/plugins/otptoken.py:421
msgid "Search for OTP token."
msgstr ""

msgid "Results should contain primary key attribute only (\"id\")"
msgstr ""

#: ipaserver/plugins/otptoken.py:372
msgid "Modify a OTP token."
msgstr ""

msgid "Rename the OTP token object"
msgstr ""

#: ipaserver/plugins/otptoken.py:450
msgid "Display information about an OTP token."
msgstr ""

msgid ""
"\n"
"YubiKey Tokens\n"
"\n"
"Manage YubiKey tokens.\n"
"\n"
"This code is an extension to the otptoken plugin and provides support for\n"
"reading/writing YubiKey tokens directly.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a new token:\n"
"   ipa otptoken-add-yubikey --owner=jdoe --desc=\"My YubiKey\"\n"
msgstr ""

msgid ""
"\n"
"Set a user's password\n"
"\n"
"If someone other than a user changes that user's password (e.g., Helpdesk\n"
"resets it) then the password will need to be changed the first time it\n"
"is used. This is so the end-user is the only one who knows the password.\n"
"\n"
"The IPA password policy controls how often a password may be changed,\n"
"what strength requirements exist, and the length of the password history.\n"
"\n"
"EXAMPLES:\n"
"\n"
" To reset your own password:\n"
"   ipa passwd\n"
"\n"
" To change another user's password:\n"
"   ipa passwd tuser1\n"
msgstr ""

msgid "Set a user's password."
msgstr ""

#: ipaserver/plugins/internal.py:1709
msgid "New Password"
msgstr ""

#: ipaserver/plugins/internal.py:1703
msgid "Current Password"
msgstr ""

#: ipaserver/plugins/internal.py:188 ipaserver/plugins/internal.py:1711
msgid "OTP"
msgstr "OTP"

msgid "One Time Password"
msgstr ""

msgid ""
"\n"
"Permissions\n"
"\n"
"A permission enables fine-grained delegation of rights. A permission is\n"
"a human-readable wrapper around a 389-ds Access Control Rule,\n"
"or instruction (ACI).\n"
"A permission grants the right to perform a specific task such as adding a\n"
"user, modifying a group, etc.\n"
"\n"
"A permission may not contain other permissions.\n"
"\n"
"* A permission grants access to read, write, add, delete, read, search,\n"
"  or compare.\n"
"* A privilege combines similar permissions (for example all the permissions\n"
"  needed to add a user).\n"
"* A role grants a set of privileges to users, groups, hosts or hostgroups.\n"
"\n"
"A permission is made up of a number of different parts:\n"
"\n"
"1. The name of the permission.\n"
"2. The target of the permission.\n"
"3. The rights granted by the permission.\n"
"\n"
"Rights define what operations are allowed, and may be one or more\n"
"of the following:\n"
"1. write - write one or more attributes\n"
"2. read - read one or more attributes\n"
"3. search - search on one or more attributes\n"
"4. compare - compare one or more attributes\n"
"5. add - add a new entry to the tree\n"
"6. delete - delete an existing entry\n"
"7. all - all permissions are granted\n"
"\n"
"Note the distinction between attributes and entries. The permissions are\n"
"independent, so being able to add a user does not mean that the user will\n"
"be editable.\n"
"\n"
"There are a number of allowed targets:\n"
"1. subtree: a DN; the permission applies to the subtree under this DN\n"
"2. target filter: an LDAP filter\n"
"3. target: DN with possible wildcards, specifies entries permission applies "
"to\n"
"\n"
"Additionally, there are the following convenience options.\n"
"Setting one of these options will set the corresponding attribute(s).\n"
"1. type: a type of object (user, group, etc); sets subtree and target "
"filter.\n"
"2. memberof: apply to members of a group; sets target filter\n"
"3. targetgroup: grant access to modify a specific group (such as granting\n"
"   the rights to manage group membership); sets target.\n"
"\n"
"Managed permissions\n"
"\n"
"Permissions that come with IPA by default can be so-called \"managed\"\n"
"permissions. These have a default set of attributes they apply to,\n"
"but the administrator can add/remove individual attributes to/from the set.\n"
"\n"
"Deleting or renaming a managed permission, as well as changing its target,\n"
"is not allowed.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a permission that grants the creation of users:\n"
"   ipa permission-add --type=user --permissions=add \"Add Users\"\n"
"\n"
" Add a permission that grants the ability to manage group membership:\n"
"   ipa permission-add --attrs=member --permissions=write --type=group "
"\"Manage Group Members\"\n"
msgstr ""

#: ipaserver/plugins/permission.py:236
msgid "Permission name"
msgstr ""

#: ipaserver/plugins/permission.py:245
msgid "Granted rights"
msgstr ""

#: ipaserver/plugins/permission.py:246
msgid "Rights to grant (read, search, compare, write, add, delete, all)"
msgstr ""

#: ipaserver/plugins/permission.py:253
msgid "Effective attributes"
msgstr ""

#: ipaserver/plugins/permission.py:254
msgid "All attributes to which the permission applies"
msgstr ""

#: ipaserver/plugins/permission.py:259
msgid "Included attributes"
msgstr ""

#: ipaserver/plugins/permission.py:260
msgid "User-specified attributes to which the permission applies"
msgstr ""

#: ipaserver/plugins/permission.py:265
msgid "Excluded attributes"
msgstr ""

#: ipaserver/plugins/permission.py:266
msgid ""
"User-specified attributes to which the permission explicitly does not apply"
msgstr ""

#: ipaserver/plugins/permission.py:272
msgid "Default attributes"
msgstr ""

#: ipaserver/plugins/permission.py:273
msgid "Attributes to which the permission applies by default"
msgstr ""

#: ipaserver/plugins/permission.py:279 ipaserver/plugins/permission.py:280
msgid "Bind rule type"
msgstr ""

#: ipaserver/plugins/permission.py:290
msgid "Subtree to apply permissions to"
msgstr ""

#: ipaserver/plugins/permission.py:298 ipaserver/plugins/permission.py:299
msgid "Extra target filter"
msgstr ""

#: ipaserver/plugins/permission.py:305
msgid "Raw target filter"
msgstr ""

#: ipaserver/plugins/permission.py:306
msgid "All target filters, including those implied by type and memberof"
msgstr ""

#: ipaserver/plugins/permission.py:313
msgid "Target DN"
msgstr ""

#: ipaserver/plugins/permission.py:314
msgid ""
"Optional DN to apply the permission to (must be in the subtree, but may not "
"yet exist)"
msgstr ""

#: ipaserver/plugins/permission.py:335
msgid "Member of group"
msgstr ""

#: ipaserver/plugins/permission.py:336
msgid "Target members of a group (sets memberOf targetfilter)"
msgstr ""

#: ipaserver/plugins/permission.py:341
msgid "User group to apply permissions to (sets target)"
msgstr ""

#: ipaserver/plugins/permission.py:347
msgid "Type of IPA object (sets subtree and objectClass targetfilter)"
msgstr ""

msgid "Deprecated; use extratargetfilter"
msgstr ""

msgid "Deprecated; use ipapermlocation"
msgstr ""

msgid "Deprecated; use ipapermright"
msgstr ""

msgid "Granted to Privilege"
msgstr ""

#: ipaserver/plugins/baseldap.py:143
msgid "Indirect Member of roles"
msgstr ""

#: ipaserver/plugins/permission.py:987
msgid "Add a new permission."
msgstr ""

#: ipaserver/plugins/permission.py:1405
msgid "Add members to a permission."
msgstr ""

msgid "member privilege"
msgstr ""

msgid "privileges to add"
msgstr ""

#: ipaserver/plugins/permission.py:959
msgid "Add a system permission without an ACI (internal command)"
msgstr ""

#: ipaserver/plugins/permission.py:169
msgid "Permission flags"
msgstr ""

#: ipaserver/plugins/permission.py:1055
msgid "Delete a permission."
msgstr ""

#: ipaserver/plugins/permission.py:1063
msgid "force delete of SYSTEM permissions"
msgstr ""

#: ipaserver/plugins/permission.py:1262
msgid "Search for permissions."
msgstr ""

#: ipaserver/plugins/permission.py:1090
msgid "Modify a permission."
msgstr ""

msgid "Rename the permission object"
msgstr ""

#: ipaserver/plugins/permission.py:1417
msgid "Remove members from a permission."
msgstr ""

msgid "privileges to remove"
msgstr ""

#: ipaserver/plugins/permission.py:1395
msgid "Display information about a permission."
msgstr ""

msgid ""
"\n"
"Ping the remote IPA server to ensure it is running.\n"
"\n"
"The ping command sends an echo request to an IPA server. The server\n"
"returns its version information. This is used by an IPA client\n"
"to confirm that the server is available and accepting requests.\n"
"\n"
"The server from xmlrpc_uri in /etc/ipa/default.conf is contacted first.\n"
"If it does not respond then the client will contact any servers defined\n"
"by ldap SRV records in DNS.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Ping an IPA server:\n"
"   ipa ping\n"
"   ------------------------------------------\n"
"   IPA server version 2.1.9. API version 2.20\n"
"   ------------------------------------------\n"
"\n"
" Ping an IPA server verbosely:\n"
"   ipa -v ping\n"
"   ipa: INFO: trying https://ipa.example.com/ipa/xml\n"
"   ipa: INFO: Forwarding 'ping' to server 'https://ipa.example.com/ipa/xml'\n"
"   -----------------------------------------------------\n"
"   IPA server version 2.1.9. API version 2.20\n"
"   -----------------------------------------------------\n"
msgstr ""

msgid "Ping a remote server."
msgstr ""

msgid ""
"\n"
"Kerberos pkinit options\n"
"\n"
"Enable or disable anonymous pkinit using the principal\n"
"WELLKNOWN/ANONYMOUS@REALM. The server must have been installed with\n"
"pkinit support.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Enable anonymous pkinit:\n"
"  ipa pkinit-anonymous enable\n"
"\n"
" Disable anonymous pkinit:\n"
"  ipa pkinit-anonymous disable\n"
"\n"
"For more information on anonymous pkinit see:\n"
"\n"
"http://k5wiki.kerberos.org/wiki/Projects/Anonymous_pkinit\n"
msgstr ""

msgid "Enable or Disable Anonymous PKINIT."
msgstr ""

#: ipaserver/plugins/privilege.py:37
msgid ""
"\n"
"Privileges\n"
"\n"
"A privilege combines permissions into a logical task. A permission provides\n"
"the rights to do a single task. There are some IPA operations that require\n"
"multiple permissions to succeed. A privilege is where permissions are\n"
"combined in order to perform a specific task.\n"
"\n"
"For example, adding a user requires the following permissions:\n"
" * Creating a new user entry\n"
" * Resetting a user password\n"
" * Adding the new user to the default IPA users group\n"
"\n"
"Combining these three low-level tasks into a higher level task in the\n"
"form of a privilege named \"Add User\" makes it easier to manage Roles.\n"
"\n"
"A privilege may not contain other privileges.\n"
"\n"
"See role and permission for additional information.\n"
msgstr ""

#: ipaserver/plugins/privilege.py:154
msgid "Privilege name"
msgstr ""

#: ipaserver/plugins/privilege.py:160
msgid "Privilege description"
msgstr ""

#: ipaserver/plugins/baseldap.py:89
msgid "Granting privilege to roles"
msgstr ""

#: ipaserver/plugins/privilege.py:167
msgid "Add a new privilege."
msgstr ""

#: ipaserver/plugins/privilege.py:202
msgid "Add members to a privilege."
msgstr ""

msgid "member role"
msgstr ""

msgid "roles to add"
msgstr ""

#: ipaserver/plugins/privilege.py:215
msgid "Add permissions to a privilege."
msgstr ""

#: ipaserver/plugins/permission.py:180
msgid "permission"
msgstr ""

#: ipaserver/plugins/permission.py:181
msgid "permissions"
msgstr ""

#: ipaserver/plugins/privilege.py:230
msgid "Number of permissions added"
msgstr ""

#: ipaserver/plugins/privilege.py:174
msgid "Delete a privilege."
msgstr ""

#: ipaserver/plugins/privilege.py:188
msgid "Search for privileges."
msgstr ""

#: ipaserver/plugins/privilege.py:181
msgid "Modify a privilege."
msgstr ""

msgid "Rename the privilege object"
msgstr ""

#: ipaserver/plugins/privilege.py:209
msgid "Remove members from a privilege"
msgstr ""

msgid "roles to remove"
msgstr ""

#: ipaserver/plugins/privilege.py:244
msgid "Remove permissions from a privilege."
msgstr ""

#: ipaserver/plugins/privilege.py:262
msgid "Number of permissions removed"
msgstr ""

#: ipaserver/plugins/privilege.py:197
msgid "Display information about a privilege."
msgstr ""

msgid ""
"\n"
"Password policy\n"
"\n"
"A password policy sets limitations on IPA passwords, including maximum\n"
"lifetime, minimum lifetime, the number of passwords to save in\n"
"history, the number of character classes required (for stronger passwords)\n"
"and the minimum password length.\n"
"\n"
"By default there is a single, global policy for all users. You can also\n"
"create a password policy to apply to a group. Each user is only subject\n"
"to one password policy, either the group policy or the global policy. A\n"
"group policy stands alone; it is not a super-set of the global policy plus\n"
"custom settings.\n"
"\n"
"Each group password policy requires a unique priority setting. If a user\n"
"is in multiple groups that have password policies, this priority determines\n"
"which password policy is applied. A lower value indicates a higher priority\n"
"policy.\n"
"\n"
"Group password policies are automatically removed when the groups they\n"
"are associated with are removed.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Modify the global policy:\n"
"   ipa pwpolicy-mod --minlength=10\n"
"\n"
" Add a new group password policy:\n"
"   ipa pwpolicy-add --maxlife=90 --minlife=1 --history=10 --minclasses=3 --"
"minlength=8 --priority=10 localadmins\n"
"\n"
" Display the global password policy:\n"
"   ipa pwpolicy-show\n"
"\n"
" Display a group password policy:\n"
"   ipa pwpolicy-show localadmins\n"
"\n"
" Display the policy that would be applied to a given user:\n"
"   ipa pwpolicy-show --user=tuser1\n"
"\n"
" Modify a group password policy:\n"
"   ipa pwpolicy-mod --minclasses=2 localadmins\n"
msgstr ""

#: ipaserver/plugins/internal.py:1664 ipaserver/plugins/pwpolicy.py:307
msgid "Group"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:308
msgid "Manage password policy for specific group"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:313
msgid "Max lifetime (days)"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:314
msgid "Maximum password lifetime (in days)"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:320
msgid "Min lifetime (hours)"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:321
msgid "Minimum password lifetime (in hours)"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:326
msgid "History size"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:327
msgid "Password history size"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:332
msgid "Character classes"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:333
msgid "Minimum number of character classes"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:339
msgid "Min length"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:340
msgid "Minimum length of password"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:346
msgid "Priority of the policy (higher number means lower priority"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:353
msgid "Max failures"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:354
msgid "Consecutive failures before lockout"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:360
msgid "Failure reset interval"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:361
msgid "Period after which failure count will be reset (seconds)"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:367
msgid "Lockout duration"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:368
msgid "Period for which lockout is enforced (seconds)"
msgstr ""

msgid "Results should contain primary key attribute only (\"cn\")"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:528
msgid "Add a new group password policy."
msgstr ""

#: ipaserver/plugins/pwpolicy.py:555
msgid "Delete a group password policy."
msgstr ""

#: ipaserver/plugins/pwpolicy.py:667
msgid "Search for group password policies."
msgstr ""

msgid "Results should contain primary key attribute only (\"group\")"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:582
msgid "Modify a group password policy."
msgstr ""

#: ipaserver/plugins/pwpolicy.py:635
msgid "Display information about password policy."
msgstr ""

#: ipaserver/plugins/baseuser.py:209 ipaserver/plugins/internal.py:1198
#: ipaserver/plugins/internal.py:1310 ipaserver/plugins/internal.py:1698
#: ipaserver/plugins/pwpolicy.py:639 ipaserver/plugins/user.py:163
msgid "User"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:640
msgid "Display effective policy for a specific user"
msgstr ""

msgid ""
"\n"
"RADIUS Proxy Servers\n"
"\n"
"Manage RADIUS Proxy Servers.\n"
"\n"
"IPA supports the use of an external RADIUS proxy server for krb5 OTP\n"
"authentications. This permits a great deal of flexibility when\n"
"integrating with third-party authentication services.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a new server:\n"
"   ipa radiusproxy-add MyRADIUS --server=radius.example.com:1812\n"
"\n"
" Find all servers whose entries include the string \"example.com\":\n"
"   ipa radiusproxy-find example.com\n"
"\n"
" Examine the configuration:\n"
"   ipa radiusproxy-show MyRADIUS\n"
"\n"
" Change the secret:\n"
"   ipa radiusproxy-mod MyRADIUS --secret\n"
"\n"
" Delete a configuration:\n"
"   ipa radiusproxy-del MyRADIUS\n"
msgstr ""

#: ipaserver/plugins/radiusproxy.py:112
msgid "RADIUS proxy server name"
msgstr ""

#: ipaserver/plugins/radiusproxy.py:118
msgid "A description of this RADIUS proxy server"
msgstr ""

#: ipaserver/plugins/radiusproxy.py:122 ipaserver/plugins/user.py:1177
msgid "Server"
msgstr ""

#: ipaserver/plugins/radiusproxy.py:123
msgid "The hostname or IP (with or without port)"
msgstr ""

#: ipaserver/plugins/radiusproxy.py:127 ipaserver/plugins/idp.py:151
msgid "Secret"
msgstr ""

#: ipaserver/plugins/radiusproxy.py:128
msgid "The secret used to encrypt data"
msgstr ""

#: ipaserver/plugins/radiusproxy.py:133
msgid "Timeout"
msgstr ""

#: ipaserver/plugins/radiusproxy.py:134
msgid "The total timeout across all retries (in seconds)"
msgstr ""

#: ipaserver/plugins/radiusproxy.py:139
msgid "Retries"
msgstr ""

#: ipaserver/plugins/radiusproxy.py:140
msgid "The number of times to retry authentication"
msgstr ""

#: ipaserver/plugins/radiusproxy.py:146
msgid "User attribute"
msgstr ""

#: ipaserver/plugins/radiusproxy.py:147
msgid "The username attribute on the user object"
msgstr ""

#: ipaserver/plugins/radiusproxy.py:171
msgid "Add a new RADIUS proxy server."
msgstr ""

#: ipaserver/plugins/radiusproxy.py:176
msgid "Delete a RADIUS proxy server."
msgstr ""

#: ipaserver/plugins/radiusproxy.py:186
msgid "Search for RADIUS proxy servers."
msgstr ""

#: ipaserver/plugins/radiusproxy.py:181
msgid "Modify a RADIUS proxy server."
msgstr ""

msgid "Rename the RADIUS proxy server object"
msgstr ""

#: ipaserver/plugins/radiusproxy.py:201
msgid "Display information about a RADIUS proxy server."
msgstr ""

msgid ""
"\n"
"Realm domains\n"
"\n"
"Manage the list of domains associated with IPA realm.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Display the current list of realm domains:\n"
"   ipa realmdomains-show\n"
"\n"
" Replace the list of realm domains:\n"
"   ipa realmdomains-mod --domain=example.com\n"
"   ipa realmdomains-mod --domain={example1.com,example2.com,example3.com}\n"
"\n"
" Add a domain to the list of realm domains:\n"
"   ipa realmdomains-mod --add-domain=newdomain.com\n"
"\n"
" Delete a domain from the list of realm domains:\n"
"   ipa realmdomains-mod --del-domain=olddomain.com\n"
msgstr ""

#: ipaserver/plugins/realmdomains.py:115 ipaserver/plugins/trust.py:1246
#: ipaserver/plugins/certmap.py:566 ipaserver/plugins/internal.py:715
#: ipaserver/plugins/internal.py:1545
msgid "Domain"
msgstr ""

#: ipaserver/plugins/realmdomains.py:121
msgid "Add domain"
msgstr ""

#: ipaserver/plugins/realmdomains.py:127
msgid "Delete domain"
msgstr ""

msgid "Modify realm domains."
msgstr ""

#: ipaserver/plugins/realmdomains.py:152
msgid "Force adding domain even if not in DNS"
msgstr ""

#: ipaserver/plugins/realmdomains.py:361
msgid "Display the list of realm domains."
msgstr ""

msgid ""
"\n"
"Roles\n"
"\n"
"A role is used for fine-grained delegation. A permission grants the ability\n"
"to perform given low-level tasks (add a user, modify a group, etc.). A\n"
"privilege combines one or more permissions into a higher-level abstraction\n"
"such as useradmin. A useradmin would be able to add, delete and modify "
"users.\n"
"\n"
"Privileges are assigned to Roles.\n"
"\n"
"Users, groups, hosts and hostgroups may be members of a Role.\n"
"\n"
"Roles can not contain other roles.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a new role:\n"
"   ipa role-add --desc=\"Junior-level admin\" junioradmin\n"
"\n"
" Add some privileges to this role:\n"
"   ipa role-add-privilege --privileges=addusers junioradmin\n"
"   ipa role-add-privilege --privileges=change_password junioradmin\n"
"   ipa role-add-privilege --privileges=add_user_to_default_group "
"junioradmin\n"
"\n"
" Add a group of users to this role:\n"
"   ipa group-add --desc=\"User admins\" useradmins\n"
"   ipa role-add-member --groups=useradmins junioradmin\n"
"\n"
" Display information about a role:\n"
"   ipa role-show junioradmin\n"
"\n"
" The result of this is that any users in the group 'junioradmin' can\n"
" add users, reset passwords or add a user to the default IPA user group.\n"
msgstr ""

#: ipaserver/plugins/serverrole.py:64 ipaserver/plugins/serverrole.py:191
msgid "Role name"
msgstr ""

msgid "A description of this role-group"
msgstr ""

msgid "Privileges"
msgstr ""

msgid "Member services"
msgstr ""

msgid "Add a new role."
msgstr ""

msgid "Add members to a role."
msgstr ""

msgid "member service"
msgstr ""

msgid "services to add"
msgstr ""

msgid "Add privileges to a role."
msgstr ""

msgid "privilege"
msgstr ""

#: ipaserver/plugins/privilege.py:107
msgid "privileges"
msgstr ""

msgid "Number of privileges added"
msgstr ""

msgid "Delete a role."
msgstr ""

msgid "Search for roles."
msgstr ""

msgid "Modify a role."
msgstr ""

msgid "Rename the role object"
msgstr ""

msgid "Remove members from a role."
msgstr ""

msgid "services to remove"
msgstr ""

msgid "Remove privileges from a role."
msgstr ""

msgid "Number of privileges removed"
msgstr ""

msgid "Display information about a role."
msgstr ""

#: ipaserver/plugins/selfservice.py:28
msgid ""
"\n"
"Self-service Permissions\n"
"\n"
"A permission enables fine-grained delegation of permissions. Access Control\n"
"Rules, or instructions (ACIs), grant permission to permissions to perform\n"
"given tasks such as adding a user, modifying a group, etc.\n"
"\n"
"A Self-service permission defines what an object can change in its own "
"entry.\n"
"\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a self-service rule to allow users to manage their address (using Bash\n"
" brace expansion):\n"
"   ipa selfservice-add --permissions=write --attrs={street,postalCode,l,c,"
"st} \"Users manage their own address\"\n"
"\n"
" When managing the list of attributes you need to include all attributes\n"
" in the list, including existing ones.\n"
" Add telephoneNumber to the list (using Bash brace expansion):\n"
"   ipa selfservice-mod --attrs={street,postalCode,l,c,st,telephoneNumber} "
"\"Users manage their own address\"\n"
"\n"
" Display our updated rule:\n"
"   ipa selfservice-show \"Users manage their own address\"\n"
"\n"
" Delete a rule:\n"
"   ipa selfservice-del \"Users manage their own address\"\n"
msgstr ""

#: ipaserver/plugins/selfservice.py:76 ipaserver/plugins/selfservice.py:77
msgid "Self-service name"
msgstr ""

#: ipaserver/plugins/selfservice.py:90
msgid "Attributes to which the permission applies."
msgstr ""

#: ipaserver/plugins/selfservice.py:122
msgid "Add a new self-service permission."
msgstr "신규 셀프-서비스 권한을 추가합니다."

#: ipaserver/plugins/selfservice.py:143
msgid "Delete a self-service permission."
msgstr "셀프-서비스 권한을 삭제합니다."

#: ipaserver/plugins/selfservice.py:182
msgid "Search for a self-service permission."
msgstr ""

#: ipaserver/plugins/selfservice.py:161
msgid "Modify a self-service permission."
msgstr ""

#: ipaserver/plugins/selfservice.py:208
msgid "Display information about a self-service permission."
msgstr ""

#: ipaserver/plugins/selinuxusermap.py:42
msgid ""
"\n"
"SELinux User Mapping\n"
"\n"
"Map IPA users to SELinux users by host.\n"
"\n"
"Hosts, hostgroups, users and groups can be either defined within\n"
"the rule or it may point to an existing HBAC rule. When using\n"
"--hbacrule option to selinuxusermap-find an exact match is made on the\n"
"HBAC rule name, so only one or zero entries will be returned.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Create a rule, \"test1\", that sets all users to xguest_u:s0 on the host "
"\"server\":\n"
"   ipa selinuxusermap-add --usercat=all --selinuxuser=xguest_u:s0 test1\n"
"   ipa selinuxusermap-add-host --hosts=server.example.com test1\n"
"\n"
" Create a rule, \"test2\", that sets all users to guest_u:s0 and uses an "
"existing HBAC rule for users and hosts:\n"
"   ipa selinuxusermap-add --usercat=all --hbacrule=webserver --"
"selinuxuser=guest_u:s0 test2\n"
"\n"
" Display the properties of a rule:\n"
"   ipa selinuxusermap-show test2\n"
"\n"
" Create a rule for a specific user. This sets the SELinux context for\n"
" user john to unconfined_u:s0-s0:c0.c1023 on any machine:\n"
"   ipa selinuxusermap-add --hostcat=all --selinuxuser=unconfined_u:s0-s0:c0."
"c1023 john_unconfined\n"
"   ipa selinuxusermap-add-user --users=john john_unconfined\n"
"\n"
" Disable a rule:\n"
"   ipa selinuxusermap-disable test1\n"
"\n"
" Enable a rule:\n"
"   ipa selinuxusermap-enable test1\n"
"\n"
" Find a rule referencing a specific HBAC rule:\n"
"   ipa selinuxusermap-find --hbacrule=allow_some\n"
"\n"
" Remove a rule:\n"
"   ipa selinuxusermap-del john_unconfined\n"
"\n"
"SEEALSO:\n"
"\n"
" The list controlling the order in which the SELinux user map is applied\n"
" and the default SELinux user are available in the config-show command.\n"
msgstr ""

#: ipaserver/plugins/selinuxusermap.py:244
msgid "SELinux User"
msgstr ""

#: ipaserver/plugins/hbacrule.py:202 ipaserver/plugins/selinuxusermap.py:248
msgid "HBAC Rule"
msgstr ""

#: ipaserver/plugins/selinuxusermap.py:249
msgid "HBAC Rule that defines the users, groups and hostgroups"
msgstr ""

#: ipaserver/plugins/selinuxusermap.py:328
msgid "Create a new SELinux User Map."
msgstr ""

#: ipaserver/plugins/selinuxusermap.py:590
msgid "Add target hosts and hostgroups to an SELinux User Map rule."
msgstr ""

#: ipaserver/plugins/selinuxusermap.py:557
msgid "Add users and groups to an SELinux User Map rule."
msgstr ""

#: ipaserver/plugins/selinuxusermap.py:366
msgid "Delete a SELinux User Map."
msgstr ""

#: ipaserver/plugins/selinuxusermap.py:527
msgid "Disable an SELinux User Map rule."
msgstr ""

#: ipaserver/plugins/selinuxusermap.py:497
msgid "Enable an SELinux User Map rule."
msgstr ""

#: ipaserver/plugins/selinuxusermap.py:446
msgid "Search for SELinux User Maps."
msgstr ""

#: ipaserver/plugins/selinuxusermap.py:374
msgid "Modify a SELinux User Map."
msgstr ""

#: ipaserver/plugins/selinuxusermap.py:614
msgid "Remove target hosts and hostgroups from an SELinux User Map rule."
msgstr ""

#: ipaserver/plugins/selinuxusermap.py:581
msgid "Remove users and groups from an SELinux User Map rule."
msgstr ""

#: ipaserver/plugins/selinuxusermap.py:486
msgid "Display the properties of a SELinux User Map rule."
msgstr ""

msgid ""
"\n"
"Services\n"
"\n"
"A IPA service represents a service that runs on a host. The IPA service\n"
"record can store a Kerberos principal, an SSL certificate, or both.\n"
"\n"
"An IPA service can be managed directly from a machine, provided that\n"
"machine has been given the correct permission. This is true even for\n"
"machines other than the one the service is associated with. For example,\n"
"requesting an SSL certificate using the host service principal credentials\n"
"of the host. To manage a service using host credentials you need to\n"
"kinit as the host:\n"
"\n"
" # kinit -kt /etc/krb5.keytab host/ipa.example.com@EXAMPLE.COM\n"
"\n"
"Adding an IPA service allows the associated service to request an SSL\n"
"certificate or keytab, but this is performed as a separate step; they\n"
"are not produced as a result of adding the service.\n"
"\n"
"Only the public aspect of a certificate is stored in a service record;\n"
"the private key is not stored.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a new IPA service:\n"
"   ipa service-add HTTP/web.example.com\n"
"\n"
" Allow a host to manage an IPA service certificate:\n"
"   ipa service-add-host --hosts=web.example.com HTTP/web.example.com\n"
"   ipa role-add-member --hosts=web.example.com certadmin\n"
"\n"
" Override a default list of supported PAC types for the service:\n"
"   ipa service-mod HTTP/web.example.com --pac-type=MS-PAC\n"
"\n"
"   A typical use case where overriding the PAC type is needed is NFS.\n"
"   Currently the related code in the Linux kernel can only handle Kerberos\n"
"   tickets up to a maximal size. Since the PAC data can become quite large "
"it\n"
"   is recommended to set --pac-type=NONE for NFS services.\n"
"\n"
" Delete an IPA service:\n"
"   ipa service-del HTTP/web.example.com\n"
"\n"
" Find all IPA services associated with a host:\n"
"   ipa service-find web.example.com\n"
"\n"
" Find all HTTP services:\n"
"   ipa service-find HTTP\n"
"\n"
" Disable the service Kerberos key and SSL certificate:\n"
"   ipa service-disable HTTP/web.example.com\n"
"\n"
" Request a certificate for an IPA service:\n"
"   ipa cert-request --principal=HTTP/web.example.com example.csr\n"
"\n"
" Allow user to create a keytab:\n"
"   ipa service-allow-create-keytab HTTP/web.example.com --users=tuser1\n"
"\n"
" Generate and retrieve a keytab for an IPA service:\n"
"   ipa-getkeytab -s ipa.example.com -p HTTP/web.example.com -k /etc/httpd/"
"httpd.keytab\n"
msgstr ""

#: ipaserver/plugins/service.py:502
msgid "Service principal"
msgstr ""

#: ipaserver/plugins/service.py:561
msgid "PAC type"
msgstr ""

#: ipaserver/plugins/service.py:562
msgid ""
"Override default list of supported PAC types. Use 'NONE' to disable PAC "
"support for this service, e.g. this might be necessary for NFS services."
msgstr ""

msgid "Add a new IPA new service."
msgstr ""

msgid "force principal name even if not in DNS"
msgstr ""

#: ipaserver/plugins/service.py:1019
msgid "Add hosts that can manage this service."
msgstr ""

#: ipaserver/plugins/service.py:1075
msgid ""
"Allow users, groups, hosts or host groups to create a keytab of this service."
msgstr ""

#: ipaserver/plugins/service.py:1036
msgid ""
"Allow users, groups, hosts or host groups to retrieve a keytab of this "
"service."
msgstr ""

#: ipaserver/plugins/service.py:845
msgid "Delete an IPA service."
msgstr ""

#: ipaserver/plugins/service.py:1114
msgid "Disable the Kerberos key and SSL certificate of a service."
msgstr ""

#: ipaserver/plugins/service.py:1095
msgid ""
"Disallow users, groups, hosts or host groups to create a keytab of this "
"service."
msgstr ""

#: ipaserver/plugins/service.py:1056
msgid ""
"Disallow users, groups, hosts or host groups to retrieve a keytab of this "
"service."
msgstr ""

#: ipaserver/plugins/service.py:915
msgid "Search for IPA services."
msgstr ""

msgid "Results should contain primary key attribute only (\"principal\")"
msgstr ""

msgid "Search for services with these managed by hosts."
msgstr ""

msgid "Search for services without these managed by hosts."
msgstr ""

#: ipaserver/plugins/service.py:865
msgid "Modify an existing IPA service."
msgstr ""

#: ipaserver/plugins/service.py:1028
msgid "Remove hosts that can manage this service."
msgstr ""

#: ipaserver/plugins/service.py:982
msgid "Display information about an IPA service."
msgstr ""

msgid ""
"\n"
"Session Support for IPA\n"
"John Dennis <jdennis@redhat.com>\n"
"\n"
"Goals\n"
"=====\n"
"\n"
"Provide per-user session data caching which persists between\n"
"requests. Desired features are:\n"
"\n"
"* Integrates cleanly with minimum impact on existing infrastructure.\n"
"\n"
"* Provides maximum security balanced against real-world performance\n"
"  demands.\n"
"\n"
"* Sessions must be able to be revoked (flushed).\n"
"\n"
"* Should be flexible and easy to use for developers.\n"
"\n"
"* Should leverage existing technology and code to the maximum extent\n"
"  possible to avoid re-invention, excessive implementation time and to\n"
"  benefit from robustness in field proven components commonly shared\n"
"  in the open source community.\n"
"\n"
"* Must support multiple independent processes which share session\n"
"  data.\n"
"\n"
"* System must function correctly if session data is available or not.\n"
"\n"
"* Must be high performance.\n"
"\n"
"* Should not be tied to specific web servers or browsers. Should\n"
"  integrate with our chosen WSGI model.\n"
"\n"
"Issues\n"
"======\n"
"\n"
"Cookies\n"
"-------\n"
"\n"
"Most session implementations are based on the use of cookies. Cookies\n"
"have some inherent problems.\n"
"\n"
"* User has the option to disable cookies.\n"
"\n"
"* User stored cookie data is not secure. Can be mitigated by setting\n"
"  flags indicating the cookie is only to be used with SSL secured HTTP\n"
"  connections to specific web resources and setting the cookie to\n"
"  expire at session termination. Most modern browsers enforce these.\n"
"\n"
"Where to store session data?\n"
"----------------------------\n"
"\n"
"Session data may be stored on either on the client or on the\n"
"server. Storing session data on the client addresses the problem of\n"
"session data availability when requests are serviced by independent web\n"
"servers because the session data travels with the request. However\n"
"there are data size limitations. Storing session data on the client\n"
"also exposes sensitive data but this can be mitigated by encrypting\n"
"the session data such that only the server can decrypt it.\n"
"\n"
"The more conventional approach is to bind session data to a unique\n"
"name, the session ID. The session ID is transmitted to the client and\n"
"the session data is paired with the session ID on the server in a\n"
"associative data store. The session data is retrieved by the server\n"
"using the session ID when the receiving the request. This eliminates\n"
"exposing sensitive session data on the client along with limitations\n"
"on data size. It however introduces the issue of session data\n"
"availability when requests are serviced by more than one server\n"
"process.\n"
"\n"
"Multi-process session data availability\n"
"---------------------------------------\n"
"\n"
"Apache (and other web servers) fork child processes to handle requests\n"
"in parallel. Also web servers may be deployed in a farm where requests\n"
"are load balanced in round robin fashion across different nodes. In\n"
"both cases session data cannot be stored in the memory of a server\n"
"process because it is not available to other processes, either sibling\n"
"children of a master server process or server processes on distinct\n"
"nodes.\n"
"\n"
"Typically this is addressed by storing session data in a SQL\n"
"database. When a request is received by a server process containing a\n"
"session ID in it's cookie data the session ID is used to perform a SQL\n"
"query and the resulting data is then attached to the request as it\n"
"proceeds through the request processing pipeline. This of course\n"
"introduces coherency issues.\n"
"\n"
"For IPA the introduction of a SQL database dependency is undesired and\n"
"should be avoided.\n"
"\n"
"Session data may also be shared by independent processes by storing\n"
"the session data in files.\n"
"\n"
"An alternative solution which has gained considerable popularity\n"
"recently is the use of a fast memory based caching server. Data is\n"
"stored in a single process memory and may be queried and set via a\n"
"light weight protocol using standard socket mechanisms, memcached is\n"
"one example. A typical use is to optimize SQL queries by storing a SQL\n"
"result in shared memory cache avoiding the more expensive SQL\n"
"operation. But the memory cache has distinct advantages in non-SQL\n"
"situations as well.\n"
"\n"
"Possible implementations for use by IPA\n"
"=======================================\n"
"\n"
"Apache Sessions\n"
"---------------\n"
"\n"
"Apache has 2.3 has implemented session support via these modules:\n"
"\n"
"  mod_session\n"
"    Overarching session support based on cookies.\n"
"\n"
"    See: http://httpd.apache.org/docs/2.3/mod/mod_session.html\n"
"\n"
"  mod_session_cookie\n"
"    Stores session data in the client.\n"
"\n"
"    See: http://httpd.apache.org/docs/2.3/mod/mod_session_cookie.html\n"
"\n"
"  mod_session_crypto\n"
"    Encrypts session data for security. Encryption key is shared\n"
"    configuration parameter visible to all Apache processes and is\n"
"    stored in a configuration file.\n"
"\n"
"    See: http://httpd.apache.org/docs/2.3/mod/mod_session_crypto.html\n"
"\n"
"  mod_session_dbd\n"
"    Stores session data in a SQL database permitting multiple\n"
"    processes to access and share the same session data.\n"
"\n"
"    See: http://httpd.apache.org/docs/2.3/mod/mod_session_dbd.html\n"
"\n"
"Issues with Apache sessions\n"
"~~~~~~~~~~~~~~~~~~~~~~~~~~~\n"
"\n"
"Although Apache has implemented generic session support and Apache is\n"
"our web server of preference it nonetheless introduces issues for IPA.\n"
"\n"
"  * Session support is only available in httpd >= 2.3 which at the\n"
"    time of this writing is currently only available as a Beta release\n"
"    from upstream. We currently only ship httpd 2.2, the same is true\n"
"    for other distributions.\n"
"\n"
"  * We could package and ship the sessions modules as a temporary\n"
"    package in httpd 2.2 environments. But this has the following\n"
"    consequences:\n"
"\n"
"      - The code has to be backported. the module API has changed\n"
"        slightly between httpd 2.2 and 2.3. The backporting is not\n"
"        terribly difficult and a proof of concept has been\n"
"        implemented.\n"
"\n"
"      - We would then be on the hook to package and maintain a special\n"
"        case Apache package. This is maintenance burden as well as a\n"
"        distribution packaging burden. Both of which would be best\n"
"        avoided if possible.\n"
"\n"
"  * The design of the Apache session modules is such that they can\n"
"    only be manipulated by other Apache modules. The ability of\n"
"    consumers of the session data to control the session data is\n"
"    simplistic, constrained and static during the period the request\n"
"    is processed. Request handlers which are not native Apache modules\n"
"    (e.g. IPA via WSGI) can only examine the session data\n"
"    via request headers and reset it in response headers.\n"
"\n"
"  * Shared session data is available exclusively via SQL.\n"
"\n"
"However using the 2.3 Apache session modules would give us robust\n"
"session support implemented in C based on standardized Apache\n"
"interfaces which are widely used.\n"
"\n"
"Python Web Frameworks\n"
"---------------------\n"
"\n"
"Virtually every Python web framework supports cookie based sessions,\n"
"e.g. Django, Twisted, Zope, Turbogears etc. Early on in IPA we decided\n"
"to avoid the use of these frameworks. Trying to pull in just one part\n"
"of these frameworks just to get session support would be problematic\n"
"because the code does not function outside it's framework.\n"
"\n"
"IPA implemented sessions\n"
"------------------------\n"
"\n"
"Originally it was believed the path of least effort was to utilize\n"
"existing session support, most likely what would be provided by\n"
"Apache. However there are enough basic modular components available in\n"
"native Python and other standard packages it should be possible to\n"
"provide session support meeting the aforementioned goals with a modest\n"
"implementation effort. Because we're leveraging existing components\n"
"the implementation difficulties are subsumed by other components which\n"
"have already been field proven and have community support. This is a\n"
"smart strategy.\n"
"\n"
"Proposed Solution\n"
"=================\n"
"\n"
"Our interface to the web server is via WSGI which invokes a callback\n"
"per request passing us an environmental context for the request. For\n"
"this discussion we'll name the WSGI callback \"application()\", a\n"
"conventional name in WSGI parlance.\n"
"\n"
"Shared session data will be handled by memcached. We will create one\n"
"instance of memcached on each server node dedicated to IPA\n"
"exclusively. Communication with memcached will be via a UNIX socket\n"
"located in the file system under /var/run/ipa_memcached. It will be\n"
"protected by file permissions and optionally SELinux policy.\n"
"\n"
"In application() we examine the request cookies and if there is an IPA\n"
"session cookie with a session ID we retrieve the session data from our\n"
"memcached instance.\n"
"\n"
"The session data will be a Python dict. IPA components will read or\n"
"write their session information by using a pre-agreed upon name\n"
"(e.g. key) in the dict. This is a very flexible system and consistent\n"
"with how we pass data in most parts of IPA.\n"
"\n"
"If the session data is not available an empty session data dict will\n"
"be created.\n"
"\n"
"How does this session data travel with the request in the IPA\n"
"pipeline? In IPA we use the HTTP request/response to implement RPC. In\n"
"application() we convert the request into a procedure call passing it\n"
"arguments derived from the HTTP request. The passed parameters are\n"
"specific to the RPC method being invoked. The context the RPC call is\n"
"executing in is not passed as an RPC parameter.\n"
"\n"
"How would the contextual information such as session data be bound to\n"
"the request and hence the RPC call?\n"
"\n"
"In IPA when a RPC invocation is being prepared from a request we\n"
"recognize this will only ever be processed serially by one Python\n"
"thread. A thread local dict called \"context\" is allocated for each\n"
"thread. The context dict is cleared in between requests (e.g. RPC method\n"
"invocations). The per-thread context dict is populated during the\n"
"lifetime of the request and is used as a global data structure unique to\n"
"the request that various IPA component can read from and write to with\n"
"the assurance the data is unique to the current request and/or method\n"
"call.\n"
"\n"
"The session data dict will be written into the context dict under the\n"
"session key before the RPC method begins execution. Thus session data\n"
"can be read and written by any IPA component by accessing\n"
"``context.session``.\n"
"\n"
"When the RPC method finishes execution the session data bound to the\n"
"request/method is retrieved from the context and written back to the\n"
"memcached instance. The session ID is set in the response sent back to\n"
"the client in the ``Set-Cookie`` header along with the flags\n"
"controlling it's usage.\n"
"\n"
"Issues and details\n"
"------------------\n"
"\n"
"IPA code cannot depend on session data being present, however it\n"
"should always update session data with the hope it will be available\n"
"in the future. Session data may not be available because:\n"
"\n"
"  * This is the first request from the user and no session data has\n"
"    been created yet.\n"
"\n"
"  * The user may have cookies disabled.\n"
"\n"
"  * The session data may have been flushed. memcached operates with\n"
"    a fixed memory allocation and will flush entries on a LRU basis,\n"
"    like with any cache there is no guarantee of persistence.\n"
"\n"
"    Also we may have have deliberately expired or deleted session\n"
"    data, see below.\n"
"\n"
"Cookie manipulation is done via the standard Python Cookie module.\n"
"\n"
"Session cookies will be set to only persist as long as the browser has\n"
"the session open. They will be tagged so the browser only returns\n"
"the session ID on SSL secured HTTP requests. They will not be visible\n"
"to Javascript in the browser.\n"
"\n"
"Session ID's will be created by using 48 bits of random data and\n"
"converted to 12 hexadecimal digits. Newly generated session ID's will\n"
"be checked for prior existence to handle the unlikely case the random\n"
"number repeats.\n"
"\n"
"memcached will have significantly higher performance than a SQL or file\n"
"based storage solution. Communication is effectively though a pipe\n"
"(UNIX socket) using a very simple protocol and the data is held\n"
"entirely in process memory. memcached also scales easily, it is easy\n"
"to add more memcached processes and distribute the load across them.\n"
"At this point in time we don't anticipate the need for this.\n"
"\n"
"A very nice feature of the Python memcached module is that when a data\n"
"item is written to the cache it is done with standard Python pickling\n"
"(pickling is a standard Python mechanism to marshal and unmarshal\n"
"Python objects). We adopt the convention the object written to cache\n"
"will be a dict to meet our internal data handling conventions. The\n"
"pickling code will recursively handle nested objects in the dict. Thus\n"
"we gain a lot of flexibility using standard Python data structures to\n"
"store and retrieve our session data without having to author and debug\n"
"code to marshal and unmarshal the data if some other storage mechanism\n"
"had been used. This is a significant implementation win. Of course\n"
"some common sense limitations need to observed when deciding on what\n"
"is written to the session cache keeping in mind the data is shared\n"
"between processes and it should not be excessively large (a\n"
"configurable option)\n"
"\n"
"We can set an expiration on memcached entries. We may elect to do that\n"
"to force session data to be refreshed periodically. For example we may\n"
"wish the client to present fresh credentials on a periodic basis even\n"
"if the cached credentials are otherwise within their validity period.\n"
"\n"
"We can explicitly delete session data if for some reason we believe it\n"
"is stale, invalid or compromised.\n"
"\n"
"memcached also gives us certain facilities to prevent race conditions\n"
"between different processes utilizing the cache. For example you can\n"
"check of the entry has been modified since you last read it or use CAS\n"
"(Check And Set) semantics. What has to be protected in terms of cache\n"
"coherency will likely have to be determined as the session support is\n"
"utilized and different data items are added to the cache. This is very\n"
"much data and context specific. Fortunately memcached operations are\n"
"atomic.\n"
"\n"
"Controlling the memcached process\n"
"---------------------------------\n"
"\n"
"We need a mechanism to start the memcached process and secure it so\n"
"that only IPA components can access it.\n"
"\n"
"Although memcached ships with both an initscript and systemd unit\n"
"files those are for generic instances. We want a memcached instance\n"
"dedicated exclusively to IPA usage. To accomplish this we would install\n"
"a systemd unit file or an SysV initscript to control the IPA specific\n"
"memcached service. ipactl would be extended to know about this\n"
"additional service. systemd's cgroup facility would give us additional\n"
"mechanisms to integrate the IPA memcached service within a larger IPA\n"
"process group.\n"
"\n"
"Protecting the memcached data would be done via file permissions (and\n"
"optionally SELinux policy) on the UNIX domain socket. Although recent\n"
"implementations of memcached support authentication via SASL this\n"
"introduces a performance and complexity burden not warranted when\n"
"cached is dedicated to our exclusive use and access controlled by OS\n"
"mechanisms.\n"
"\n"
"Conventionally daemons are protected by assigning a system uid and/or\n"
"gid to the daemon. A daemon launched by root will drop it's privileges\n"
"by assuming the effective uid:gid assigned to it. File system access\n"
"is controlled by the OS via the effective identity and SELinux policy\n"
"can be crafted based on the identity. Thus the memcached UNIX socket\n"
"would be protected by having it owned by a specific system user and/or\n"
"membership in a restricted system group (discounting for the moment\n"
"SELinux).\n"
"\n"
"Unfortunately we currently do not have an IPA system uid whose\n"
"identity our processes operate under nor do we have an IPA system\n"
"group. IPA does manage a collection of related processes (daemons) and\n"
"historically each has been assigned their own uid. When these\n"
"unrelated processes communicate they mutually authenticate via other\n"
"mechanisms. We do not have much of a history of using shared file\n"
"system objects across identities. When file objects are created they\n"
"are typically assigned the identity of daemon needing to access the\n"
"object and are not accessed by other daemons, or they carry root\n"
"identity.\n"
"\n"
"When our WSGI application runs in Apache it is run as a WSGI\n"
"daemon. This means when Apache starts up it forks off WSGI processes\n"
"for us and we are independent of other Apache processes. When WSGI is\n"
"run in this mode there is the ability to set the uid:gid of the WSGI\n"
"process hosting us, however we currently do not take advantage of this\n"
"option. WSGI can be run in other modes as well, only in daemon mode\n"
"can the uid:gid be independently set from the rest of Apache. All\n"
"processes started by Apache can be set to a common uid:gid specified\n"
"in the global Apache configuration, by default it's\n"
"apache:apache. Thus when our IPA code executes it is running as\n"
"apache:apache.\n"
"\n"
"To protect our memcached UNIX socket we can do one of two things:\n"
"\n"
"1. Assign it's uid:gid as apache:apache. This would limit access to\n"
"   our cache only to processes running under httpd. It's somewhat\n"
"   restricted but far from ideal. Any code running in the web server\n"
"   could potentially access our cache. It's difficult to control what the\n"
"   web server runs and admins may not understand the consequences of\n"
"   configuring httpd to serve other things besides IPA.\n"
"\n"
"2. Create an IPA specific uid:gid, for example ipa:ipa. We then configure\n"
"   our WSGI application to run as the ipa:ipa user and group. We also\n"
"   configure our memcached instance to run as the ipa:ipa user and\n"
"   group. In this configuration we are now fully protected, only our WSGI\n"
"   code can read & write to our memcached UNIX socket.\n"
"\n"
"However there may be unforeseen issues by converting our code to run as\n"
"something other than apache:apache. This would require some\n"
"investigation and testing.\n"
"\n"
"IPA is dependent on other system daemons, specifically Directory\n"
"Server (ds) and Certificate Server (cs). Currently we configure ds to\n"
"run under the dirsrv:dirsrv user and group, an identity of our\n"
"creation. We allow cs to default to it's pkiuser:pkiuser user and\n"
"group. Should these other cooperating daemons also run under the\n"
"common ipa:ipa user and group identities? At first blush there would\n"
"seem to be an advantage to coalescing all process identities under a\n"
"common IPA user and group identity. However these other processes do\n"
"not depend on user and group permissions when working with external\n"
"agents, processes, etc. Rather they are designed to be stand-alone\n"
"network services which authenticate their clients via other\n"
"mechanisms. They do depend on user and group permission to manage\n"
"their own file system objects. If somehow the ipa user and/or group\n"
"were compromised or malicious code somehow executed under the ipa\n"
"identity there would be an advantage in having the cooperating\n"
"processes cordoned off under their own identities providing one extra\n"
"layer of protection. (Note, these cooperating daemons may not even be\n"
"co-located on the same node in which case the issue is moot)\n"
"\n"
"The UNIX socket behavior (ldapi) with Directory Server is as follows:\n"
"\n"
"  * The socket ownership is: root:root\n"
"\n"
"  * The socket permissions are: 0666\n"
"\n"
"  * When connecting via ldapi you must authenticate as you would\n"
"    normally with a TCP socket, except ...\n"
"\n"
"  * If autobind is enabled and the uid:gid is available via\n"
"    SO_PEERCRED and the uid:gid can be found in the set of users known\n"
"    to the Directory Server then that connection will be bound as that\n"
"    user.\n"
"\n"
"  * Otherwise an anonymous bind will occur.\n"
"\n"
"memcached UNIX socket behavior is as follows:\n"
"\n"
"  * memcached can be invoked with a user argument, no group may be\n"
"    specified. The effective uid is the uid of the user argument and\n"
"    the effective gid is the primary group of the user, let's call\n"
"    this euid:egid\n"
"\n"
"  * The socket ownership is: euid:egid\n"
"\n"
"  * The socket permissions are 0700 by default, but this can be\n"
"    modified by the -a mask command line arg which sets the umask\n"
"    (defaults to 0700).\n"
"\n"
"Overview of authentication in IPA\n"
"=================================\n"
"\n"
"This describes how we currently authenticate and how we plan to\n"
"improve authentication performance. First some definitions.\n"
"\n"
"There are 4 major players:\n"
"\n"
"  1. client\n"
"  2. mod_auth_kerb (in Apache process)\n"
"  3. wsgi handler (in IPA wsgi python process)\n"
"  4. ds (directory server)\n"
"\n"
"There are several resources:\n"
"\n"
"  1. /ipa/ui (unprotected, web UI static resources)\n"
"  2. /ipa/xml (protected, xmlrpc RPC used by command line clients)\n"
"  3. /ipa/json (protected, json RPC used by javascript in web UI)\n"
"  4. ds (protected, wsgi acts as proxy, our LDAP server)\n"
"\n"
"Current Model\n"
"-------------\n"
"\n"
"This describes how things work in our current system for the web UI.\n"
"\n"
"  1. Client requests /ipa/ui, this is unprotected, is static and\n"
"     contains no sensitive information. Apache replies with html and\n"
"     javascript. The javascript requests /ipa/json.\n"
"\n"
"  2. Client sends post to /ipa/json.\n"
"\n"
"  3. mod_auth_kerb is configured to protect /ipa/json, replies 401\n"
"     authenticate negotiate.\n"
"\n"
"  4. Client resends with credentials\n"
"\n"
"  5. mod_auth_kerb validates credentials\n"
"\n"
"     a. if invalid replies 403 access denied (stops here)\n"
"\n"
"     b. if valid creates temporary ccache, adds KRB5CCNAME to request\n"
"        headers\n"
"\n"
"  6. Request passed to wsgi handler\n"
"\n"
"     a. validates request, KRB5CCNAME must be present, referrer, etc.\n"
"\n"
"     b. ccache saved and used to bind to ds\n"
"\n"
"     c. routes to specified RPC handler.\n"
"\n"
"  7. wsgi handler replies to client\n"
"\n"
"Proposed new session based optimization\n"
"---------------------------------------\n"
"\n"
"The round trip negotiate and credential validation in steps 3,4,5 is\n"
"expensive. This can be avoided if we can cache the client\n"
"credentials. With client sessions we can store the client credentials\n"
"in the session bound to the client.\n"
"\n"
"A few notes about the session implementation.\n"
"\n"
"  * based on session cookies, cookies must be enabled\n"
"\n"
"  * session cookie is secure, only passed on secure connections, only\n"
"    passed to our URL resource, never visible to client javascript\n"
"    etc.\n"
"\n"
"  * session cookie has a session id which is used by wsgi handler to\n"
"    retrieve client session data from shared multi-process cache.\n"
"\n"
"Changes to Apache's resource protection\n"
"---------------------------------------\n"
"\n"
"  * /ipa/json is no longer protected by mod_auth_kerb. This is\n"
"    necessary to avoid the negotiate expense in steps 3,4,5\n"
"    above. Instead the /ipa/json resource will be protected in our wsgi\n"
"    handler via the session cookie.\n"
"\n"
"  * A new protected URI is introduced, /ipa/login. This resource\n"
"    does no serve any data, it is used exclusively for authentication.\n"
"\n"
"The new sequence is:\n"
"\n"
"  1. Client requests /ipa/ui, this is unprotected. Apache replies with\n"
"     html and javascript. The javascript requests /ipa/json.\n"
"\n"
"  2. Client sends post to /ipa/json, which is unprotected.\n"
"\n"
"  3. wsgi handler obtains session data from session cookie.\n"
"\n"
"     a. if ccache is present in session data and is valid\n"
"\n"
"        - request is further validated\n"
"\n"
"        - ccache is established for bind to ds\n"
"\n"
"        - request is routed to RPC handler\n"
"\n"
"        - wsgi handler eventually replies to client\n"
"\n"
"     b. if ccache is not present or not valid processing continues ...\n"
"\n"
"  4. wsgi handler replies with 401 Unauthorized\n"
"\n"
"  5. client sends request to /ipa/login to obtain session credentials\n"
"\n"
"  6. mod_auth_kerb replies 401 negotiate on /ipa/login\n"
"\n"
"  7. client sends credentials to /ipa/login\n"
"\n"
"  8. mod_auth_kerb validates credentials\n"
"\n"
"     a. if valid\n"
"\n"
"        - mod_auth_kerb permits access to /ipa/login. wsgi handler is\n"
"          invoked and does the following:\n"
"\n"
"          * establishes session for client\n"
"\n"
"          * retrieves the ccache from KRB5CCNAME and stores it\n"
"\n"
"     a. if invalid\n"
"\n"
"        - mod_auth_kerb sends 403 access denied (processing stops)\n"
"\n"
"  9. client now posts the same data again to /ipa/json including\n"
"     session cookie. Processing repeats starting at step 2 and since\n"
"     the session data now contains a valid ccache step 3a executes, a\n"
"     successful reply is sent to client.\n"
"\n"
"Command line client using xmlrpc\n"
"--------------------------------\n"
"\n"
"The above describes the web UI utilizing the json RPC mechanism. The\n"
"IPA command line tools utilize a xmlrpc RPC mechanism on the same\n"
"HTTP server. Access to the xmlrpc is via the /ipa/xml URI. The json\n"
"and xmlrpc API's are the same, they differ only on how their procedure\n"
"calls are marshalled and unmarshalled.\n"
"\n"
"Under the new scheme /ipa/xml will continue to be Kerberos protected\n"
"at all times. Apache's mod_auth_kerb will continue to require the\n"
"client provides valid Kerberos credentials.\n"
"\n"
"When the WSGI handler routes to /ipa/xml the Kerberos credentials will\n"
"be extracted from the KRB5CCNAME environment variable as provided by\n"
"mod_auth_kerb. Everything else remains the same.\n"
msgstr ""

msgid "RPC command used to log the current user out of their session."
msgstr ""

msgid ""
"\n"
"Sudo Commands\n"
"\n"
"Commands used as building blocks for sudo\n"
"\n"
"EXAMPLES:\n"
"\n"
" Create a new command\n"
"   ipa sudocmd-add --desc='For reading log files' /usr/bin/less\n"
"\n"
" Remove a command\n"
"   ipa sudocmd-del /usr/bin/less\n"
msgstr ""

#: ipaserver/plugins/sudocmd.py:118 ipaserver/plugins/sudocmd.py:123
msgid "Sudo Command"
msgstr ""

#: ipaserver/plugins/sudocmd.py:129
msgid "A description of this command"
msgstr ""

#: ipaserver/plugins/sudocmdgroup.py:118 ipaserver/plugins/sudocmdgroup.py:138
#: ipaserver/plugins/baseldap.py:83
msgid "Sudo Command Groups"
msgstr ""

msgid "Create new Sudo Command."
msgstr ""

#: ipaserver/plugins/sudocmd.py:158
msgid "Delete Sudo Command."
msgstr ""

#: ipaserver/plugins/sudocmd.py:198
msgid "Search for Sudo Commands."
msgstr ""

msgid "Results should contain primary key attribute only (\"command\")"
msgstr ""

#: ipaserver/plugins/sudocmd.py:191
msgid "Modify Sudo Command."
msgstr ""

#: ipaserver/plugins/sudocmd.py:207
msgid "Display Sudo Command."
msgstr ""

msgid ""
"\n"
"Groups of Sudo Commands\n"
"\n"
"Manage groups of Sudo Commands.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a new Sudo Command Group:\n"
"   ipa sudocmdgroup-add --desc='administrators commands' admincmds\n"
"\n"
" Remove a Sudo Command Group:\n"
"   ipa sudocmdgroup-del admincmds\n"
"\n"
" Manage Sudo Command Group membership, commands:\n"
"   ipa sudocmdgroup-add-member --sudocmds=/usr/bin/less --sudocmds=/usr/bin/"
"vim admincmds\n"
"\n"
" Manage Sudo Command Group membership, commands:\n"
"   ipa group-remove-member --sudocmds=/usr/bin/less admincmds\n"
"\n"
" Show a Sudo Command Group:\n"
"   ipa group-show localadmins\n"
msgstr ""

#: ipaserver/plugins/sudocmdgroup.py:119 ipaserver/plugins/sudocmdgroup.py:124
msgid "Sudo Command Group"
msgstr ""

#: ipaserver/plugins/sudocmdgroup.py:134 ipaserver/plugins/internal.py:1411
msgid "Commands"
msgstr ""

msgid "Member Sudo commands"
msgstr ""

#: ipaserver/plugins/sudocmdgroup.py:147
msgid "Create new Sudo Command Group."
msgstr ""

#: ipaserver/plugins/sudocmdgroup.py:188
msgid "Add members to Sudo Command Group."
msgstr ""

msgid "member sudo command"
msgstr ""

msgid "sudo commands to add"
msgstr ""

#: ipaserver/plugins/sudocmdgroup.py:155
msgid "Delete Sudo Command Group."
msgstr ""

#: ipaserver/plugins/sudocmdgroup.py:171
msgid "Search for Sudo Command Groups."
msgstr ""

msgid ""
"Results should contain primary key attribute only (\"sudocmdgroup-name\")"
msgstr ""

#: ipaserver/plugins/sudocmdgroup.py:163
msgid "Modify Sudo Command Group."
msgstr ""

#: ipaserver/plugins/sudocmdgroup.py:194
msgid "Remove members from Sudo Command Group."
msgstr ""

msgid "sudo commands to remove"
msgstr ""

#: ipaserver/plugins/sudocmdgroup.py:182
msgid "Display Sudo Command Group."
msgstr ""

msgid ""
"\n"
"Cross-realm trusts\n"
"\n"
"Manage trust relationship between IPA and Active Directory domains.\n"
"\n"
"In order to allow users from a remote domain to access resources in IPA\n"
"domain, trust relationship needs to be established. Currently IPA supports\n"
"only trusts between IPA and Active Directory domains under control of "
"Windows\n"
"Server 2008 or later, with functional level 2008 or later.\n"
"\n"
"Please note that DNS on both IPA and Active Directory domain sides should "
"be\n"
"configured properly to discover each other. Trust relationship relies on\n"
"ability to discover special resources in the other domain via DNS records.\n"
"\n"
"Examples:\n"
"\n"
"1. Establish cross-realm trust with Active Directory using AD administrator\n"
"   credentials:\n"
"\n"
"   ipa trust-add --type=ad <ad.domain> --admin <AD domain administrator> --"
"password\n"
"\n"
"2. List all existing trust relationships:\n"
"\n"
"   ipa trust-find\n"
"\n"
"3. Show details of the specific trust relationship:\n"
"\n"
"   ipa trust-show <ad.domain>\n"
"\n"
"4. Delete existing trust relationship:\n"
"\n"
"   ipa trust-del <ad.domain>\n"
"\n"
"Once trust relationship is established, remote users will need to be mapped\n"
"to local POSIX groups in order to actually use IPA resources. The mapping "
"should\n"
"be done via use of external membership of non-POSIX group and then this "
"group\n"
"should be included into one of local POSIX groups.\n"
"\n"
"Example:\n"
"\n"
"1. Create group for the trusted domain admins' mapping and their local POSIX "
"group:\n"
"\n"
"   ipa group-add --desc='<ad.domain> admins external map' ad_admins_external "
"--external\n"
"   ipa group-add --desc='<ad.domain> admins' ad_admins\n"
"\n"
"2. Add security identifier of Domain Admins of the <ad.domain> to the "
"ad_admins_external\n"
"   group:\n"
"\n"
"   ipa group-add-member ad_admins_external --external 'AD\\Domain Admins'\n"
"\n"
"3. Allow members of ad_admins_external group to be associated with ad_admins "
"POSIX group:\n"
"\n"
"   ipa group-add-member ad_admins --groups ad_admins_external\n"
"\n"
"4. List members of external members of ad_admins_external group to see their "
"SIDs:\n"
"\n"
"   ipa group-show ad_admins_external\n"
"\n"
"\n"
"GLOBAL TRUST CONFIGURATION\n"
"\n"
"When IPA AD trust subpackage is installed and ipa-adtrust-install is run,\n"
"a local domain configuration (SID, GUID, NetBIOS name) is generated. These\n"
"identifiers are then used when communicating with a trusted domain of the\n"
"particular type.\n"
"\n"
"1. Show global trust configuration for Active Directory type of trusts:\n"
"\n"
"   ipa trustconfig-show --type ad\n"
"\n"
"2. Modify global configuration for all trusts of Active Directory type and "
"set\n"
"   a different fallback primary group (fallback primary group GID is used "
"as\n"
"   a primary user GID if user authenticating to IPA domain does not have any "
"other\n"
"   primary GID already set):\n"
"\n"
"   ipa trustconfig-mod --type ad --fallback-primary-group \"alternative AD "
"group\"\n"
"\n"
"3. Change primary fallback group back to default hidden group (any group "
"with\n"
"   posixGroup object class is allowed):\n"
"\n"
"   ipa trustconfig-mod --type ad --fallback-primary-group \"Default SMB "
"Group\"\n"
msgstr ""

#: ipaserver/plugins/trust.py:1586 ipaserver/plugins/internal.py:1548
msgid "Domain NetBIOS name"
msgstr ""

#: ipaserver/plugins/trust.py:1589 ipaserver/plugins/internal.py:1549
msgid "Domain Security Identifier"
msgstr ""

msgid "SID blacklist incoming"
msgstr ""

msgid "SID blacklist outgoing"
msgstr ""

msgid "Security Identifier"
msgstr ""

msgid "NetBIOS name"
msgstr ""

msgid "Domain GUID"
msgstr ""

msgid "Fallback primary group"
msgstr ""

#: ipaserver/plugins/certmap.py:298
msgid "Domain name"
msgstr ""

msgid "Trusted domain partner"
msgstr ""

msgid "Determine whether ipa-adtrust-install has been run on this system"
msgstr ""

msgid ""
"Determine whether Schema Compatibility plugin is configured to serve trusted "
"domain users and groups"
msgstr ""

msgid "Determine whether ipa-adtrust-install has been run with sidgen task"
msgstr ""

msgid ""
"\n"
"Add new trust to use.\n"
"\n"
"This command establishes trust relationship to another domain\n"
"which becomes 'trusted'. As result, users of the trusted domain\n"
"may access resources of this domain.\n"
"\n"
"Only trusts to Active Directory domains are supported right now.\n"
"\n"
"The command can be safely run multiple times against the same domain,\n"
"this will cause change to trust relationship credentials on both\n"
"sides.\n"
"    "
msgstr ""

msgid "Trust type (ad for Active Directory, default)"
msgstr ""

#: ipaserver/plugins/trust.py:1799
msgid "Active Directory domain administrator"
msgstr ""

#: ipaserver/plugins/trust.py:1803
msgid "Active Directory domain administrator's password"
msgstr ""

#: ipaserver/plugins/trust.py:1808
msgid "Domain controller for the Active Directory domain (optional)"
msgstr ""

msgid "Shared secret for the trust"
msgstr ""

msgid "First Posix ID of the range reserved for the trusted domain"
msgstr ""

msgid "Size of the ID range reserved for the trusted domain"
msgstr ""

msgid ""
"Type of trusted domain ID range, one of ipa-ad-trust-posix, ipa-ad-trust"
msgstr ""

msgid "Delete a trust."
msgstr ""

msgid "Refresh list of the domains associated with the trust"
msgstr ""

msgid "Search for trusts."
msgstr ""

msgid "Results should contain primary key attribute only (\"realm\")"
msgstr ""

msgid ""
"\n"
"Modify a trust (for future use).\n"
"\n"
"    Currently only the default option to modify the LDAP attributes is\n"
"    available. More specific options will be added in coming releases.\n"
"    "
msgstr ""

msgid "Resolve security identifiers of users and groups in trusted domains"
msgstr ""

msgid "Security Identifiers (SIDs)"
msgstr ""

msgid "Display information about a trust."
msgstr ""

msgid "Modify global trust configuration."
msgstr "전역 신뢰 구성을 수정합니다."

msgid "Show global trust configuration."
msgstr ""

msgid "Allow access from the trusted domain"
msgstr ""

msgid "Remove information about the domain associated with the trust."
msgstr ""

msgid "Disable use of IPA resources by the domain of the trust"
msgstr ""

msgid "Allow use of IPA resources by the domain of the trust"
msgstr ""

msgid "Search domains of the trust"
msgstr ""

msgid "Results should contain primary key attribute only (\"domain\")"
msgstr ""

msgid "Modify trustdomain of the trust"
msgstr ""

msgid ""
"\n"
"Users\n"
"\n"
"Manage user entries. All users are POSIX users.\n"
"\n"
"IPA supports a wide range of username formats, but you need to be aware of "
"any\n"
"restrictions that may apply to your particular environment. For example,\n"
"usernames that start with a digit or usernames that exceed a certain length\n"
"may cause problems for some UNIX systems.\n"
"Use 'ipa config-mod' to change the username format allowed by IPA tools.\n"
"\n"
"Disabling a user account prevents that user from obtaining new Kerberos\n"
"credentials. It does not invalidate any credentials that have already\n"
"been issued.\n"
"\n"
"Password management is not a part of this module. For more information\n"
"about this topic please see: ipa help passwd\n"
"\n"
"Account lockout on password failure happens per IPA master. The user-status\n"
"command can be used to identify which master the user is locked out on.\n"
"It is on that master the administrator must unlock the user.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a new user:\n"
"   ipa user-add --first=Tim --last=User --password tuser1\n"
"\n"
" Find all users whose entries include the string \"Tim\":\n"
"   ipa user-find Tim\n"
"\n"
" Find all users with \"Tim\" as the first name:\n"
"   ipa user-find --first=Tim\n"
"\n"
" Disable a user account:\n"
"   ipa user-disable tuser1\n"
"\n"
" Enable a user account:\n"
"   ipa user-enable tuser1\n"
"\n"
" Delete a user:\n"
"   ipa user-del tuser1\n"
msgstr ""

msgid "First name"
msgstr ""

msgid "Last name"
msgstr ""

#: ipaserver/plugins/baseuser.py:231
msgid "Full name"
msgstr ""

msgid "Display name"
msgstr ""

msgid "Initials"
msgstr ""

msgid "Kerberos principal"
msgstr ""

#: ipaserver/plugins/baseuser.py:277
msgid "Kerberos principal expiration"
msgstr ""

msgid "Email address"
msgstr ""

msgid "Prompt to set the user password"
msgstr ""

msgid "Generate a random user password"
msgstr ""

msgid "User ID Number (system will assign one if not provided)"
msgstr ""

msgid "Street address"
msgstr ""

msgid "City"
msgstr ""

msgid "State/Province"
msgstr ""

msgid "ZIP"
msgstr ""

msgid "Telephone Number"
msgstr ""

msgid "Mobile Telephone Number"
msgstr ""

msgid "Pager Number"
msgstr ""

msgid "Fax Number"
msgstr ""

msgid "Org. Unit"
msgstr ""

msgid "Job Title"
msgstr ""

msgid "Car License"
msgstr ""

msgid "Account disabled"
msgstr ""

#: ipaserver/plugins/baseuser.py:371
msgid "User authentication types"
msgstr ""

#: ipaserver/plugins/baseuser.py:372
msgid "Types of supported user authentication"
msgstr ""

#: ipaserver/plugins/baseuser.py:379
msgid ""
"User category (semantics placed on this attribute are for local "
"interpretation)"
msgstr ""

#: ipaserver/plugins/baseuser.py:384
msgid "RADIUS proxy configuration"
msgstr ""

#: ipaserver/plugins/baseuser.py:388
msgid "RADIUS proxy username"
msgstr ""

#: ipaserver/plugins/baseuser.py:400
msgid "Department Number"
msgstr ""

#: ipaserver/plugins/baseuser.py:403
msgid "Employee Number"
msgstr ""

#: ipaserver/plugins/baseuser.py:406
msgid "Employee Type"
msgstr ""

#: ipaserver/plugins/baseuser.py:409
msgid "Preferred Language"
msgstr ""

msgid "Kerberos keys available"
msgstr ""

msgid "Add a new user."
msgstr ""

msgid "Don't create user private group"
msgstr ""

msgid "Delete a user."
msgstr ""

msgid "Disable a user account."
msgstr ""

msgid "Enable a user account."
msgstr ""

msgid "Search for users."
msgstr ""

msgid "Self"
msgstr ""

msgid "Display user record for current Kerberos principal"
msgstr ""

msgid "Results should contain primary key attribute only (\"login\")"
msgstr ""

msgid "Search for users with these member of groups."
msgstr ""

msgid "Search for users without these member of groups."
msgstr ""

msgid "Search for users with these member of netgroups."
msgstr ""

msgid "Search for users without these member of netgroups."
msgstr ""

msgid "Search for users with these member of roles."
msgstr ""

msgid "Search for users without these member of roles."
msgstr ""

msgid "Search for users with these member of HBAC rules."
msgstr ""

msgid "Search for users without these member of HBAC rules."
msgstr ""

msgid "Search for users with these member of sudo rules."
msgstr ""

msgid "Search for users without these member of sudo rules."
msgstr ""

msgid "Modify a user."
msgstr ""

msgid "Rename the user object"
msgstr ""

msgid "Display information about a user."
msgstr ""

msgid ""
"\n"
"Lockout status of a user account\n"
"\n"
"    An account may become locked if the password is entered incorrectly too\n"
"    many times within a specific time period as controlled by password\n"
"    policy. A locked account is a temporary condition and may be unlocked "
"by\n"
"    an administrator.\n"
"\n"
"    This connects to each IPA master and displays the lockout status on\n"
"    each one.\n"
"\n"
"    To determine whether an account is locked on a given server you need\n"
"    to compare the number of failed logins and the time of the last "
"failure.\n"
"    For an account to be locked it must exceed the maxfail failures within\n"
"    the failinterval duration as specified in the password policy "
"associated\n"
"    with the user.\n"
"\n"
"    The failed login counter is modified only when a user attempts a log in\n"
"    so it is possible that an account may appear locked but the last failed\n"
"    login attempt is older than the lockouttime of the password policy. "
"This\n"
"    means that the user may attempt a login again.\n"
"    "
msgstr ""

msgid ""
"\n"
"Unlock a user account\n"
"\n"
"    An account may become locked if the password is entered incorrectly too\n"
"    many times within a specific time period as controlled by password\n"
"    policy. A locked account is a temporary condition and may be unlocked "
"by\n"
"    an administrator.\n"
"    "
msgstr ""

msgid ""
"\n"
"Sudo Rules\n"
"\n"
"Sudo (su \"do\") allows a system administrator to delegate authority to\n"
"give certain users (or groups of users) the ability to run some (or all)\n"
"commands as root or another user while providing an audit trail of the\n"
"commands and their arguments.\n"
"\n"
"IPA provides a means to configure the various aspects of Sudo:\n"
"   Users: The user(s)/group(s) allowed to invoke Sudo.\n"
"   Hosts: The host(s)/hostgroup(s) which the user is allowed to to invoke "
"Sudo.\n"
"   Allow Command: The specific command(s) permitted to be run via Sudo.\n"
"   Deny Command: The specific command(s) prohibited to be run via Sudo.\n"
"   RunAsUser: The user(s) or group(s) of users whose rights Sudo will be "
"invoked with.\n"
"   RunAsGroup: The group(s) whose gid rights Sudo will be invoked with.\n"
"   Options: The various Sudoers Options that can modify Sudo's behavior.\n"
"\n"
"An order can be added to a sudorule to control the order in which they\n"
"are evaluated (if the client supports it). This order is an integer and\n"
"must be unique.\n"
"\n"
"IPA provides a designated binddn to use with Sudo located at:\n"
"uid=sudo,cn=sysaccounts,cn=etc,dc=example,dc=com\n"
"\n"
"To enable the binddn run the following command to set the password:\n"
"LDAPTLS_CACERT=/etc/ipa/ca.crt /usr/bin/ldappasswd -S -W \\\n"
"    -H ldap://ipa.example.com -ZZ -D \"cn=Directory Manager\" \\\n"
"    uid=sudo,cn=sysaccounts,cn=etc,dc=example,dc=com\n"
"\n"
"EXAMPLES:\n"
"\n"
" Create a new rule:\n"
"   ipa sudorule-add readfiles\n"
"\n"
" Add sudo command object and add it as allowed command in the rule:\n"
"   ipa sudocmd-add /usr/bin/less\n"
"   ipa sudorule-add-allow-command readfiles --sudocmds /usr/bin/less\n"
"\n"
" Add a host to the rule:\n"
"   ipa sudorule-add-host readfiles --hosts server.example.com\n"
"\n"
" Add a user to the rule:\n"
"   ipa sudorule-add-user readfiles --users jsmith\n"
"\n"
" Add a special Sudo rule for default Sudo server configuration:\n"
"   ipa sudorule-add defaults\n"
"\n"
" Set a default Sudo option:\n"
"   ipa sudorule-add-option defaults --sudooption '!authenticate'\n"
msgstr ""

#: ipaserver/plugins/sudorule.py:267
msgid "Command category"
msgstr ""

#: ipaserver/plugins/sudorule.py:268
msgid "Command category the rule applies to"
msgstr ""

#: ipaserver/plugins/sudorule.py:273
msgid "RunAs User category"
msgstr ""

#: ipaserver/plugins/sudorule.py:274
msgid "RunAs User category the rule applies to"
msgstr ""

#: ipaserver/plugins/sudorule.py:279
msgid "RunAs Group category"
msgstr ""

#: ipaserver/plugins/sudorule.py:280
msgid "RunAs Group category the rule applies to"
msgstr ""

#: ipaserver/plugins/sudorule.py:285
msgid "Sudo order"
msgstr ""

#: ipaserver/plugins/sudorule.py:286
msgid "integer to order the Sudo rules"
msgstr ""

#: ipaserver/plugins/sudorule.py:300
msgid "External User"
msgstr ""

#: ipaserver/plugins/sudorule.py:301
msgid "External User the rule applies to (sudorule-find only)"
msgstr ""

#: ipaserver/plugins/sudorule.py:313
msgid "Host Masks"
msgstr ""

#: ipaserver/plugins/sudorule.py:319
msgid "Sudo Allow Commands"
msgstr ""

#: ipaserver/plugins/sudorule.py:323
msgid "Sudo Deny Commands"
msgstr ""

#: ipaserver/plugins/sudorule.py:327
msgid "Sudo Allow Command Groups"
msgstr ""

#: ipaserver/plugins/sudorule.py:331
msgid "Sudo Deny Command Groups"
msgstr ""

#: ipaserver/plugins/sudorule.py:335
msgid "RunAs Users"
msgstr ""

#: ipaserver/plugins/sudorule.py:336
msgid "Run as a user"
msgstr ""

#: ipaserver/plugins/sudorule.py:340
msgid "Groups of RunAs Users"
msgstr ""

#: ipaserver/plugins/sudorule.py:341
msgid "Run as any user within a specified group"
msgstr ""

#: ipaserver/plugins/sudorule.py:346
msgid "RunAs External User"
msgstr ""

#: ipaserver/plugins/sudorule.py:347
msgid "External User the commands can run as (sudorule-find only)"
msgstr ""

#: ipaserver/plugins/sudorule.py:351
msgid "External Groups of RunAs Users"
msgstr ""

#: ipaserver/plugins/sudorule.py:352
msgid "External Groups of users that the command can run as"
msgstr ""

#: ipaserver/plugins/sudorule.py:356
msgid "RunAs Groups"
msgstr ""

#: ipaserver/plugins/sudorule.py:357
msgid "Run with the gid of a specified POSIX group"
msgstr ""

#: ipaserver/plugins/sudorule.py:362
msgid "RunAs External Group"
msgstr ""

#: ipaserver/plugins/sudorule.py:363
msgid "External Group the commands can run as (sudorule-find only)"
msgstr ""

#: ipaserver/plugins/sudorule.py:366 ipaserver/plugins/sudorule.py:1003
#: ipaserver/plugins/sudorule.py:1052
msgid "Sudo Option"
msgstr ""

#: ipaserver/plugins/sudorule.py:394
msgid "Create new Sudo Rule."
msgstr ""

#: ipaserver/plugins/sudorule.py:541 ipaserver/plugins/sudorule.py:572
msgid "Add commands and sudo command groups affected by Sudo Rule."
msgstr ""

msgid "member sudo command group"
msgstr ""

msgid "sudo command groups to add"
msgstr ""

#: ipaserver/plugins/sudorule.py:691
msgid "Add hosts and hostgroups affected by Sudo Rule."
msgstr ""

#: ipaserver/plugins/sudorule.py:124
msgid "host masks of allowed hosts"
msgstr ""

#: ipaserver/plugins/sudorule.py:997
msgid "Add an option to the Sudo Rule."
msgstr ""

#: ipaserver/plugins/sudorule.py:919
msgid "Add group for Sudo to execute as."
msgstr ""

#: ipaserver/plugins/sudorule.py:795
msgid "Add users and groups for Sudo to execute as."
msgstr ""

#: ipaserver/plugins/sudorule.py:592
msgid "Add users and groups affected by Sudo Rule."
msgstr ""

#: ipaserver/plugins/sudorule.py:408
msgid "Delete Sudo Rule."
msgstr ""

#: ipaserver/plugins/sudorule.py:518
msgid "Disable a Sudo Rule."
msgstr ""

#: ipaserver/plugins/sudorule.py:495
msgid "Enable a Sudo Rule."
msgstr ""

#: ipaserver/plugins/sudorule.py:481
msgid "Search for Sudo Rule."
msgstr ""

msgid "Results should contain primary key attribute only (\"sudorule-name\")"
msgstr ""

#: ipaserver/plugins/sudorule.py:415
msgid "Modify Sudo Rule."
msgstr ""

#: ipaserver/plugins/sudorule.py:564 ipaserver/plugins/sudorule.py:584
msgid "Remove commands and sudo command groups affected by Sudo Rule."
msgstr ""

msgid "sudo command groups to remove"
msgstr ""

#: ipaserver/plugins/sudorule.py:749
msgid "Remove hosts and hostgroups affected by Sudo Rule."
msgstr ""

#: ipaserver/plugins/sudorule.py:1046
msgid "Remove an option from Sudo Rule."
msgstr ""

#: ipaserver/plugins/sudorule.py:970
msgid "Remove group for Sudo to execute as."
msgstr ""

#: ipaserver/plugins/sudorule.py:874
msgid "Remove users and groups for Sudo to execute as."
msgstr ""

#: ipaserver/plugins/sudorule.py:647
msgid "Remove users and groups affected by Sudo Rule."
msgstr ""

#: ipaserver/plugins/sudorule.py:490
msgid "Display Sudo Rule."
msgstr ""

#: ipaserver/plugins/pkinit.py:72 ipaserver/plugins/serverrole.py:124
#: ipaserver/plugins/baseldap.py:1980 ipaserver/plugins/cert.py:1570
msgid "Time limit of search in seconds (0 is unlimited)"
msgstr ""

#: ipaserver/plugins/pkinit.py:80 ipaserver/plugins/serverrole.py:132
#: ipaserver/plugins/baseldap.py:1987 ipaserver/plugins/cert.py:1575
msgid "Maximum number of entries returned (0 is unlimited)"
msgstr ""

msgid ""
"\n"
"Manage CA ACL rules.\n"
"\n"
"This plugin is used to define rules governing which principals are\n"
"permitted to have certificates issued using a given certificate\n"
"profile.\n"
"\n"
"PROFILE ID SYNTAX:\n"
"\n"
"A Profile ID is a string without spaces or punctuation starting with a "
"letter\n"
"and followed by a sequence of letters, digits or underscore (\"_\").\n"
"\n"
"EXAMPLES:\n"
"\n"
"  Create a CA ACL \"test\" that grants all users access to the\n"
"  \"UserCert\" profile:\n"
"    ipa caacl-add test --usercat=all\n"
"    ipa caacl-add-profile test --certprofiles UserCert\n"
"\n"
"  Display the properties of a named CA ACL:\n"
"    ipa caacl-show test\n"
"\n"
"  Create a CA ACL to let user \"alice\" use the \"DNP3\" profile:\n"
"    ipa caacl-add-profile alice_dnp3 --certprofiles DNP3\n"
"    ipa caacl-add-user alice_dnp3 --user=alice\n"
"\n"
"  Disable a CA ACL:\n"
"    ipa caacl-disable test\n"
"\n"
"  Remove a CA ACL:\n"
"    ipa caacl-del test\n"
msgstr ""

msgid "ACL name"
msgstr ""

msgid "Profile category"
msgstr ""

msgid "Profile category the ACL applies to"
msgstr ""

msgid "User category the ACL applies to"
msgstr ""

msgid "Host category the ACL applies to"
msgstr ""

msgid "Service category the ACL applies to"
msgstr ""

#: ipaserver/plugins/internal.py:599
msgid "Profiles"
msgstr ""

msgid "Create a new CA ACL."
msgstr ""

msgid "Add target hosts and hostgroups to a CA ACL."
msgstr ""

msgid "Add profiles to a CA ACL."
msgstr ""

msgid "member Certificate Profile"
msgstr "구성원 인증서 프로파일"

msgid "Certificate Profiles to add"
msgstr ""

msgid "Add services to a CA ACL."
msgstr ""

msgid "Add users and groups to a CA ACL."
msgstr ""

msgid "Delete a CA ACL."
msgstr ""

msgid "Disable a CA ACL."
msgstr ""

msgid "Enable a CA ACL."
msgstr ""

msgid "Search for CA ACLs."
msgstr ""

msgid "Modify a CA ACL."
msgstr ""

msgid "Remove target hosts and hostgroups from a CA ACL."
msgstr ""

msgid "Remove profiles from a CA ACL."
msgstr ""

msgid "Certificate Profiles to remove"
msgstr ""

msgid "Remove services from a CA ACL."
msgstr ""

msgid "Remove users and groups from a CA ACL."
msgstr ""

msgid "Display the properties of a CA ACL."
msgstr ""

msgid "Principal for this certificate (e.g. HTTP/test.example.com)"
msgstr ""

#: ipaserver/plugins/certprofile.py:122 ipaserver/plugins/cert.py:575
msgid "Profile ID"
msgstr ""

msgid "Certificate Profile to use"
msgstr ""

msgid ""
"\n"
"Manage Certificate Profiles\n"
"\n"
"Certificate Profiles are used by Certificate Authority (CA) in the signing "
"of\n"
"certificates to determine if a Certificate Signing Request (CSR) is "
"acceptable,\n"
"and if so what features and extensions will be present on the certificate.\n"
"\n"
"The Certificate Profile format is the property-list format understood by "
"the\n"
"Dogtag or Red Hat Certificate System CA.\n"
"\n"
"PROFILE ID SYNTAX:\n"
"\n"
"A Profile ID is a string without spaces or punctuation starting with a "
"letter\n"
"and followed by a sequence of letters, digits or underscore (\"_\").\n"
"\n"
"EXAMPLES:\n"
"\n"
"  Import a profile that will not store issued certificates:\n"
"    ipa certprofile-import ShortLivedUserCert       --file UserCert.profile "
"--desc \"User Certificates\"       --store=false\n"
"\n"
"  Delete a certificate profile:\n"
"    ipa certprofile-del ShortLivedUserCert\n"
"\n"
"  Show information about a profile:\n"
"    ipa certprofile-show ShortLivedUserCert\n"
"\n"
"  Save profile configuration to a file:\n"
"    ipa certprofile-show caIPAserviceCert --out caIPAserviceCert.cfg\n"
"\n"
"  Search for profiles that do not store certificates:\n"
"    ipa certprofile-find --store=false\n"
"\n"
"PROFILE CONFIGURATION FORMAT:\n"
"\n"
"The profile configuration format is the raw property-list format\n"
"used by Dogtag Certificate System.  The XML format is not supported.\n"
"\n"
"The following restrictions apply to profiles managed by IPA:\n"
"\n"
"- When importing a profile the \"profileId\" field, if present, must\n"
"  match the ID given on the command line.\n"
"\n"
"- The \"classId\" field must be set to \"caEnrollImpl\"\n"
"\n"
"- The \"auth.instance_id\" field must be set to \"raCertAuth\"\n"
"\n"
"- The \"certReqInputImpl\" input class and \"certOutputImpl\" output\n"
"  class must be used.\n"
msgstr ""

#: ipaserver/plugins/certprofile.py:123
msgid "Profile ID for referring to this profile"
msgstr ""

#: ipaserver/plugins/certprofile.py:132
msgid "Profile description"
msgstr ""

#: ipaserver/plugins/certprofile.py:133
msgid "Brief description of this profile"
msgstr ""

#: ipaserver/plugins/certprofile.py:138
msgid "Store issued certificates"
msgstr ""

#: ipaserver/plugins/certprofile.py:139
msgid "Whether to store certs issued using this profile"
msgstr ""

#: ipaserver/plugins/certprofile.py:281
msgid "Delete a Certificate Profile."
msgstr ""

#: ipaserver/plugins/certprofile.py:188
msgid "Search for Certificate Profiles."
msgstr ""

#: ipaserver/plugins/certprofile.py:221
msgid "Import a Certificate Profile."
msgstr ""

#: ipaserver/plugins/certprofile.py:226
msgid "Filename of a raw profile. The XML format is not supported."
msgstr ""

#: ipaserver/plugins/certprofile.py:304
msgid "Modify Certificate Profile configuration."
msgstr ""

#: ipaserver/plugins/certprofile.py:310
msgid "File containing profile configuration"
msgstr ""

#: ipaserver/plugins/certprofile.py:200
msgid "Display the properties of a Certificate Profile."
msgstr ""

#: ipaserver/plugins/certprofile.py:204
msgid "Write profile configuration to file"
msgstr ""

msgid "Maximum amount of time (seconds) for a search (-1 or 0 is unlimited)"
msgstr ""

msgid "Maximum number of records to search (-1 or 0 is unlimited)"
msgstr ""

#: ipaserver/plugins/domainlevel.py:18
msgid ""
"\n"
"Raise the IPA Domain Level.\n"
msgstr ""

#: ipaserver/plugins/domainlevel.py:93
msgid "Query current Domain Level."
msgstr ""

#: ipaserver/plugins/domainlevel.py:27
msgid "Current domain level:"
msgstr ""

#: ipaserver/plugins/domainlevel.py:117
msgid "Change current Domain Level."
msgstr ""

#: ipaserver/plugins/domainlevel.py:124 ipaserver/plugins/internal.py:792
#: ipaserver/plugins/internal.py:793
msgid "Domain Level"
msgstr ""

msgid "Add certificates to host entry"
msgstr ""

msgid "Remove certificates from host entry"
msgstr ""

msgid ""
"\n"
"ID ranges\n"
"\n"
"Manage ID ranges  used to map Posix IDs to SIDs and back.\n"
"\n"
"There are two type of ID ranges which are both handled by this utility:\n"
"\n"
" - the ID ranges of the local domain\n"
" - the ID ranges of trusted remote domains\n"
"\n"
"Both types have the following attributes in common:\n"
"\n"
" - base-id: the first ID of the Posix ID range\n"
" - range-size: the size of the range\n"
"\n"
"With those two attributes a range object can reserve the Posix IDs starting\n"
"with base-id up to but not including base-id+range-size exclusively.\n"
"\n"
"Additionally an ID range of the local domain may set\n"
" - rid-base: the first RID(*) of the corresponding RID range\n"
" - secondary-rid-base: first RID of the secondary RID range\n"
"\n"
"and an ID range of a trusted domain must set\n"
" - rid-base: the first RID of the corresponding RID range\n"
" - sid: domain SID of the trusted domain\n"
"\n"
"\n"
"\n"
"EXAMPLE: Add a new ID range for a trusted domain\n"
"\n"
"Since there might be more than one trusted domain the domain SID must be "
"given\n"
"while creating the ID range.\n"
"\n"
"  ipa idrange-add --base-id=1200000 --range-size=200000 --rid-"
"base=0                   --dom-sid=S-1-5-21-123-456-789 trusted_dom_range\n"
"\n"
"This ID range is then used by the IPA server and the SSSD IPA provider to\n"
"assign Posix UIDs to users from the trusted domain.\n"
"\n"
"If e.g. a range for a trusted domain is configured with the following "
"values:\n"
" base-id = 1200000\n"
" range-size = 200000\n"
" rid-base = 0\n"
"the RIDs 0 to 199999 are mapped to the Posix ID from 1200000 to 13999999. "
"So\n"
"RID 1000 <-> Posix ID 1201000\n"
"\n"
"\n"
"\n"
"EXAMPLE: Add a new ID range for the local domain\n"
"\n"
"To create an ID range for the local domain it is not necessary to specify a\n"
"domain SID. But since it is possible that a user and a group can have the "
"same\n"
"value as Posix ID a second RID interval is needed to handle conflicts.\n"
"\n"
"  ipa idrange-add --base-id=1200000 --range-size=200000 --rid-"
"base=1000                   --secondary-rid-base=1000000 local_range\n"
"\n"
"The data from the ID ranges of the local domain are used by the IPA server\n"
"internally to assign SIDs to IPA users and groups. The SID will then be "
"stored\n"
"in the user or group objects.\n"
"\n"
"If e.g. the ID range for the local domain is configured with the values "
"from\n"
"the example above then a new user with the UID 1200007 will get the RID "
"1007.\n"
"If this RID is already used by a group the RID will be 1000007. This can "
"only\n"
"happen if a user or a group object was created with a fixed ID because the\n"
"automatic assignment will not assign the same ID twice. Since there are "
"only\n"
"users and groups sharing the same ID namespace it is sufficient to have "
"only\n"
"one fallback range to handle conflicts.\n"
"\n"
"To find the Posix ID for a given RID from the local domain it has to be\n"
"checked first if the RID falls in the primary or secondary RID range and\n"
"the rid-base or the secondary-rid-base has to be subtracted, respectively,\n"
"and the base-id has to be added to get the Posix ID.\n"
"\n"
"Typically the creation of ID ranges happens behind the scenes and this CLI\n"
"must not be used at all. The ID range for the local domain will be created\n"
"during installation or upgrade from an older version. The ID range for a\n"
"trusted domain will be created together with the trust by 'ipa trust-"
"add ...'.\n"
"\n"
"USE CASES:\n"
"\n"
"  Add an ID range from a transitively trusted domain\n"
"\n"
"    If the trusted domain (A) trusts another domain (B) as well and this "
"trust\n"
"    is transitive 'ipa trust-add domain-A' will only create a range for\n"
"    domain A.  The ID range for domain B must be added manually.\n"
"\n"
"  Add an additional ID range for the local domain\n"
"\n"
"    If the ID range of the local domain is exhausted, i.e. no new IDs can "
"be\n"
"    assigned to Posix users or groups by the DNA plugin, a new range has to "
"be\n"
"    created to allow new users and groups to be added. (Currently there is "
"no\n"
"    connection between this range CLI and the DNA plugin, but a future "
"version\n"
"    might be able to modify the configuration of the DNS plugin as well)\n"
"\n"
"In general it is not necessary to modify or delete ID ranges. If there is "
"no\n"
"other way to achieve a certain configuration than to modify or delete an ID\n"
"range it should be done with great care. Because UIDs are stored in the "
"file\n"
"system and are used for access control it might be possible that users are\n"
"allowed to access files of other users if an ID range got deleted and "
"reused\n"
"for a different domain.\n"
"\n"
"(*) The RID is typically the last integer of a user or group SID which "
"follows\n"
"the domain SID. E.g. if the domain SID is S-1-5-21-123-456-789 and a user "
"from\n"
"this domain has the SID S-1-5-21-123-456-789-1010 then 1010 is the RID of "
"the\n"
"user. RIDs are unique in a domain, 32bit values and are used for users and\n"
"groups.\n"
"\n"
"=======\n"
"WARNING:\n"
"\n"
"DNA plugin in 389-ds will allocate IDs based on the ranges configured for "
"the\n"
"local domain. Currently the DNA plugin *cannot* be reconfigured itself "
"based\n"
"on the local ranges set via this family of commands.\n"
"\n"
"Manual configuration change has to be done in the DNA plugin configuration "
"for\n"
"the new local range. Specifically, The dnaNextRange attribute of 'cn=Posix\n"
"IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has to "
"be\n"
"modified to match the new range.\n"
"=======\n"
msgstr ""

msgid ""
"\n"
"Add new ID range.\n"
"\n"
"    To add a new ID range you always have to specify\n"
"\n"
"        --base-id\n"
"        --range-size\n"
"\n"
"    Additionally\n"
"\n"
"        --rid-base\n"
"        --secondary-rid-base\n"
"\n"
"    may be given for a new ID range for the local domain while\n"
"\n"
"        --rid-base\n"
"        --dom-sid\n"
"\n"
"    must be given to add a new range for a trusted AD domain.\n"
"\n"
"=======\n"
"WARNING:\n"
"\n"
"DNA plugin in 389-ds will allocate IDs based on the ranges configured for "
"the\n"
"local domain. Currently the DNA plugin *cannot* be reconfigured itself "
"based\n"
"on the local ranges set via this family of commands.\n"
"\n"
"Manual configuration change has to be done in the DNA plugin configuration "
"for\n"
"the new local range. Specifically, The dnaNextRange attribute of 'cn=Posix\n"
"IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has to "
"be\n"
"modified to match the new range.\n"
"=======\n"
"    "
msgstr ""

msgid ""
"\n"
"Modify ID range.\n"
"\n"
"=======\n"
"WARNING:\n"
"\n"
"DNA plugin in 389-ds will allocate IDs based on the ranges configured for "
"the\n"
"local domain. Currently the DNA plugin *cannot* be reconfigured itself "
"based\n"
"on the local ranges set via this family of commands.\n"
"\n"
"Manual configuration change has to be done in the DNA plugin configuration "
"for\n"
"the new local range. Specifically, The dnaNextRange attribute of 'cn=Posix\n"
"IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has to "
"be\n"
"modified to match the new range.\n"
"=======\n"
"    "
msgstr ""

#: ipaserver/plugins/idviews.py:80
msgid "Fallback to AD DC LDAP"
msgstr ""

#: ipaserver/plugins/idviews.py:81
msgid ""
"Allow falling back to AD DC LDAP when resolving AD trusted objects. For two-"
"way trusts only."
msgstr ""

#: ipaserver/plugins/idviews.py:441
msgid ""
"Applies ID View to specified hosts or current members of specified "
"hostgroups. If any other ID View is applied to the host, it is overridden."
msgstr ""

#: ipaserver/plugins/migration.py:642
msgid "Add to default group"
msgstr ""

#: ipaserver/plugins/migration.py:643
msgid "Add migrated users without a group to a default group (default: true)"
msgstr ""

#: ipaserver/plugins/migration.py:650
msgid "Search scope"
msgstr ""

#: ipaserver/plugins/migration.py:651
msgid ""
"LDAP search scope for users and groups: base, onelevel, or subtree. Defaults "
"to onelevel"
msgstr ""

#: ipaserver/plugins/otptoken.py:469
msgid "Remove users that can manage this token."
msgstr ""

#: ipaserver/plugins/permission.py:321
msgid "Target DN subtree"
msgstr ""

#: ipaserver/plugins/permission.py:322
msgid ""
"Optional DN subtree where an entry can be moved to (must be in the subtree, "
"but may not yet exist)"
msgstr ""

#: ipaserver/plugins/permission.py:329
msgid "Origin DN subtree"
msgstr ""

#: ipaserver/plugins/permission.py:330
msgid ""
"Optional DN subtree from where an entry can be moved (must be in the "
"subtree, but may not yet exist)"
msgstr ""

msgid ""
"\n"
"IPA servers\n"
"\n"
"Get information about installed IPA servers.\n"
"\n"
"EXAMPLES:\n"
"\n"
"  Find all servers:\n"
"    ipa server-find\n"
"\n"
"  Show specific server:\n"
"    ipa server-show ipa.example.com\n"
msgstr ""

#: ipaserver/plugins/dnsserver.py:112 ipaserver/plugins/pkinit.py:47
#: ipaserver/plugins/serverrole.py:58 ipaserver/plugins/server.py:103
msgid "Server name"
msgstr ""

#: ipaserver/plugins/serverrole.py:59 ipaserver/plugins/server.py:104
msgid "IPA server hostname"
msgstr ""

msgid "Managed suffix"
msgstr ""

msgid "Min domain level"
msgstr ""

msgid "Minimum domain level"
msgstr ""

msgid "Max domain level"
msgstr ""

msgid "Maximum domain level"
msgstr ""

msgid "Delete IPA server."
msgstr ""

msgid "Search for IPA servers."
msgstr ""

msgid "Show IPA server."
msgstr ""

#: ipaserver/plugins/service.py:1157
msgid "Add new certificates to a service"
msgstr ""

#: ipaserver/plugins/service.py:1164
msgid "Remove certificates from a service"
msgstr ""

msgid ""
"\n"
"Service Constrained Delegation\n"
"\n"
"Manage rules to allow constrained delegation of credentials so\n"
"that a service can impersonate a user when communicating with another\n"
"service without requiring the user to actually forward their TGT.\n"
"This makes for a much better method of delegating credentials as it\n"
"prevents exposure of the short term secret of the user.\n"
"\n"
"The naming convention is to append the word \"target\" or \"targets\" to\n"
"a matching rule name. This is not mandatory but helps conceptually\n"
"to associate rules and targets.\n"
"\n"
"A rule consists of two things:\n"
"  - A list of targets the rule applies to\n"
"  - A list of memberPrincipals that are allowed to delegate for\n"
"    those targets\n"
"\n"
"A target consists of a list of principals that can be delegated.\n"
"\n"
"In English, a rule says that this principal can delegate as this\n"
"list of principals, as defined by these targets.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a new constrained delegation rule:\n"
"   ipa servicedelegationrule-add ftp-delegation\n"
"\n"
" Add a new constrained delegation target:\n"
"   ipa servicedelegationtarget-add ftp-delegation-target\n"
"\n"
" Add a principal to the rule:\n"
"   ipa servicedelegationrule-add-member --principals=ftp/ipa.example."
"com       ftp-delegation\n"
"\n"
" Add our target to the rule:\n"
"   ipa servicedelegationrule-add-target       --servicedelegationtargets=ftp-"
"delegation-target ftp-delegation\n"
"\n"
" Add a principal to the target:\n"
"   ipa servicedelegationtarget-add-member --principals=ldap/ipa.example."
"com       ftp-delegation-target\n"
"\n"
" Display information about a named delegation rule and target:\n"
"   ipa servicedelegationrule_show ftp-delegation\n"
"   ipa servicedelegationtarget_show ftp-delegation-target\n"
"\n"
" Remove a constrained delegation:\n"
"   ipa servicedelegationrule-del ftp-delegation-target\n"
"   ipa servicedelegationtarget-del ftp-delegation\n"
"\n"
"In this example the ftp service can get a TGT for the ldap service on\n"
"the bound user's behalf.\n"
"\n"
"It is strongly discouraged to modify the delegations that ship with\n"
"IPA, ipa-http-delegation and its targets ipa-cifs-delegation-targets and\n"
"ipa-ldap-delegation-targets. Incorrect changes can remove the ability\n"
"to delegate, causing the framework to stop functioning.\n"
msgstr ""

#: ipaserver/plugins/servicedelegation.py:167
msgid "Allowed Target"
msgstr ""

#: ipaserver/plugins/servicedelegation.py:396
msgid "Create a new service delegation rule."
msgstr ""

#: ipaserver/plugins/servicedelegation.py:435
msgid "Add member to a named service delegation rule."
msgstr ""

msgid "member principal"
msgstr ""

msgid "principal to add"
msgstr ""

#: ipaserver/plugins/servicedelegation.py:452
msgid "Add target to a named service delegation rule."
msgstr ""

msgid "member service delegation target"
msgstr ""

msgid "service delegation targets to add"
msgstr ""

#: ipaserver/plugins/servicedelegation.py:403
msgid "Delete service delegation."
msgstr ""

#: ipaserver/plugins/servicedelegation.py:420
msgid "Search for service delegations rule."
msgstr ""

msgid "Results should contain primary key attribute only (\"delegation-name\")"
msgstr ""

#: ipaserver/plugins/servicedelegation.py:444
msgid "Remove member from a named service delegation rule."
msgstr ""

msgid "principal to remove"
msgstr ""

#: ipaserver/plugins/servicedelegation.py:462
msgid "Remove target from a named service delegation rule."
msgstr ""

msgid "service delegation targets to remove"
msgstr ""

#: ipaserver/plugins/servicedelegation.py:430
msgid "Display information about a named service delegation rule."
msgstr ""

#: ipaserver/plugins/servicedelegation.py:485
msgid "Create a new service delegation target."
msgstr ""

#: ipaserver/plugins/servicedelegation.py:550
msgid "Add member to a named service delegation target."
msgstr ""

#: ipaserver/plugins/servicedelegation.py:492
msgid "Delete service delegation target."
msgstr ""

#: ipaserver/plugins/servicedelegation.py:509
msgid "Search for service delegation target."
msgstr ""

#: ipaserver/plugins/servicedelegation.py:559
msgid "Remove member from a named service delegation target."
msgstr ""

#: ipaserver/plugins/servicedelegation.py:545
msgid "Display information about a named service delegation target."
msgstr ""

msgid ""
"\n"
"Stageusers\n"
"\n"
"Manage stage user entries.\n"
"\n"
"Stage user entries are directly under the container: \"cn=stage users,\n"
"cn=accounts, cn=provisioning, SUFFIX\".\n"
"User can not authenticate with those entries (even if the entries\n"
"contain credentials) and are candidate to become Active entries.\n"
"\n"
"Active user entries are Posix users directly under the container: "
"\"cn=accounts, SUFFIX\".\n"
"User can authenticate with Active entries, at the condition they have\n"
"credentials\n"
"\n"
"Delete user entries are Posix users directly under the container: "
"\"cn=deleted users,\n"
"cn=accounts, cn=provisioning, SUFFIX\".\n"
"User can not authenticate with those entries (even if the entries contain "
"credentials)\n"
"\n"
"The stage user container contains entries\n"
"    - created by 'stageuser-add' commands that are Posix users\n"
"    - created by external provisioning system\n"
"\n"
"A valid stage user entry MUST:\n"
"    - entry RDN is 'uid'\n"
"    - ipaUniqueID is 'autogenerate'\n"
"\n"
"IPA supports a wide range of username formats, but you need to be aware of "
"any\n"
"restrictions that may apply to your particular environment. For example,\n"
"usernames that start with a digit or usernames that exceed a certain length\n"
"may cause problems for some UNIX systems.\n"
"Use 'ipa config-mod' to change the username format allowed by IPA tools.\n"
"\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a new stageuser:\n"
"   ipa stageuser-add --first=Tim --last=User --password tuser1\n"
"\n"
" Add a stageuser from the Delete container\n"
"   ipa stageuser-add  --first=Tim --last=User --from-delete tuser1\n"
msgstr ""

#: ipaserver/plugins/stageuser.py:506
msgid "Activate a stage user."
msgstr ""

#: ipaserver/plugins/stageuser.py:276
msgid "Add a new stage user."
msgstr ""

#: ipaserver/plugins/stageuser.py:286
msgid "Create Stage user in from a delete user"
msgstr ""

#: ipaserver/plugins/stageuser.py:429
msgid "Delete a stage user."
msgstr ""

#: ipaserver/plugins/stageuser.py:457
msgid "Search for stage users."
msgstr ""

msgid "Search for stage users with these member of groups."
msgstr ""

msgid "Search for stage users without these member of groups."
msgstr ""

msgid "Search for stage users with these member of netgroups."
msgstr ""

msgid "Search for stage users without these member of netgroups."
msgstr ""

msgid "Search for stage users with these member of roles."
msgstr ""

msgid "Search for stage users without these member of roles."
msgstr ""

msgid "Search for stage users with these member of HBAC rules."
msgstr ""

msgid "Search for stage users without these member of HBAC rules."
msgstr "HBAC 규칙의 이들 구성원이 없이 스테이지 사용자를 검색합니다."

msgid "Search for stage users with these member of sudo rules."
msgstr ""

msgid "Search for stage users without these member of sudo rules."
msgstr ""

#: ipaserver/plugins/stageuser.py:435
msgid "Modify a stage user."
msgstr ""

msgid "Rename the stage user object"
msgstr ""

#: ipaserver/plugins/stageuser.py:489
msgid "Display information about a stage user."
msgstr ""

msgid ""
"\n"
"Topology\n"
"\n"
"Management of a replication topology.\n"
"\n"
"Requires minimum domain level 1.\n"
msgstr ""

#: ipaserver/plugins/topology.py:128
msgid "Segment name"
msgstr ""

#: ipaserver/plugins/topology.py:132
msgid "Arbitrary string identifying the segment"
msgstr ""

#: ipaserver/plugins/topology.py:140
msgid "Left node"
msgstr "왼쪽 노드"

#: ipaserver/plugins/topology.py:142
msgid "Left replication node - an IPA server"
msgstr ""

#: ipaserver/plugins/topology.py:151
msgid "Right node"
msgstr ""

#: ipaserver/plugins/topology.py:153
msgid "Right replication node - an IPA server"
msgstr ""

#: ipaserver/plugins/topology.py:159
msgid "Connectivity"
msgstr ""

#: ipaserver/plugins/topology.py:163
msgid "Direction of replication between left and right replication node"
msgstr ""

#: ipaserver/plugins/topology.py:170
msgid "Attributes to strip"
msgstr ""

#: ipaserver/plugins/topology.py:172
msgid ""
"A space separated list of attributes which are removed from replication "
"updates."
msgstr ""

msgid "Attributes to replicate"
msgstr ""

#: ipaserver/plugins/topology.py:179
msgid ""
"Attributes that are not replicated to a consumer server during a fractional "
"update. E.g., `(objectclass=*) $ EXCLUDE accountlockout memberof"
msgstr ""

#: ipaserver/plugins/topology.py:186
msgid "Attributes for total update"
msgstr ""

#: ipaserver/plugins/topology.py:187
msgid ""
"Attributes that are not replicated to a consumer server during a total "
"update. E.g. (objectclass=*) $ EXCLUDE accountlockout"
msgstr ""

#: ipaserver/plugins/topology.py:194
msgid "Session timeout"
msgstr ""

#: ipaserver/plugins/topology.py:196
msgid ""
"Number of seconds outbound LDAP operations waits for a response from the "
"remote replica before timing out and failing"
msgstr ""

#: ipaserver/plugins/topology.py:203
msgid "Replication agreement enabled"
msgstr ""

#: ipaserver/plugins/topology.py:204
msgid ""
"Whether a replication agreement is active, meaning whether replication is "
"occurring per that agreement"
msgstr ""

#: ipaserver/plugins/topology.py:420
msgid "Suffix name"
msgstr ""

msgid "LDAP suffix to be managed"
msgstr ""

#: ipaserver/plugins/topology.py:287
msgid "Add a new segment."
msgstr ""

#: ipaserver/plugins/topology.py:300
msgid "Delete a segment."
msgstr ""

#: ipaserver/plugins/topology.py:277
msgid "Search for topology segments."
msgstr ""

#: ipaserver/plugins/topology.py:312
msgid "Modify a segment."
msgstr ""

#: ipaserver/plugins/topology.py:325
msgid ""
"Request a full re-initialization of the node retrieving data from the other "
"node."
msgstr ""

#: ipaserver/plugins/topology.py:334
msgid "Initialize left node"
msgstr ""

#: ipaserver/plugins/topology.py:339
msgid "Initialize right node"
msgstr ""

#: ipaserver/plugins/topology.py:344
msgid "Stop already started refresh of chosen node(s)"
msgstr ""

#: ipaserver/plugins/topology.py:398
msgid "Display a segment."
msgstr ""

#: ipaserver/plugins/topology.py:456
msgid "Add a new topology suffix to be managed."
msgstr ""

#: ipaserver/plugins/topology.py:442
msgid "Delete a topology suffix."
msgstr ""

msgid "Search for topology suffices."
msgstr ""

#: ipaserver/plugins/topology.py:470
msgid "Modify a topology suffix."
msgstr ""

#: ipaserver/plugins/topology.py:484
msgid "Show managed suffix."
msgstr ""

msgid ""
"\n"
"Verify replication topology for suffix.\n"
"\n"
"Checks done:\n"
"  1. check if a topology is not disconnected. In other words if there are\n"
"     replication paths between all servers.\n"
"  2. check if servers don't have more than the recommended number of\n"
"     replication agreements\n"
"    "
msgstr ""

#: ipaserver/plugins/trust.py:718
msgid "Two-way trust"
msgstr ""

msgid ""
"Establish bi-directional trust. By default trust is inbound one-way only."
msgstr ""

#: ipaserver/plugins/user.py:1173
msgid "Preserved user"
msgstr ""

msgid "Add one or more certificates to the user entry"
msgstr ""

msgid "Remove one or more certificates to the user entry"
msgstr ""

msgid "Move deleted user into staged area"
msgstr ""

msgid "Undelete a delete user account."
msgstr ""

msgid ""
"\n"
"Vaults\n"
"\n"
"Manage vaults.\n"
"\n"
"Vault is a secure place to store a secret.\n"
"\n"
"Based on the ownership there are three vault categories:\n"
"* user/private vault\n"
"* service vault\n"
"* shared vault\n"
"\n"
"User vaults are vaults owned used by a particular user. Private\n"
"vaults are vaults owned the current user. Service vaults are\n"
"vaults owned by a service. Shared vaults are owned by the admin\n"
"but they can be used by other users or services.\n"
"\n"
"Based on the security mechanism there are three types of\n"
"vaults:\n"
"* standard vault\n"
"* symmetric vault\n"
"* asymmetric vault\n"
"\n"
"Standard vault uses a secure mechanism to transport and\n"
"store the secret. The secret can only be retrieved by users\n"
"that have access to the vault.\n"
"\n"
"Symmetric vault is similar to the standard vault, but it\n"
"pre-encrypts the secret using a password before transport.\n"
"The secret can only be retrieved using the same password.\n"
"\n"
"Asymmetric vault is similar to the standard vault, but it\n"
"pre-encrypts the secret using a public key before transport.\n"
"The secret can only be retrieved using the private key.\n"
"\n"
"EXAMPLES:\n"
"\n"
" List vaults:\n"
"   ipa vault-find\n"
"       [--user <user>|--service <service>|--shared]\n"
"\n"
" Add a standard vault:\n"
"   ipa vault-add <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       --type standard\n"
"\n"
" Add a symmetric vault:\n"
"   ipa vault-add <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       --type symmetric --password-file password.txt\n"
"\n"
" Add an asymmetric vault:\n"
"   ipa vault-add <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       --type asymmetric --public-key-file public.pem\n"
"\n"
" Show a vault:\n"
"   ipa vault-show <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"\n"
" Modify vault description:\n"
"   ipa vault-mod <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       --desc <description>\n"
"\n"
" Modify vault type:\n"
"   ipa vault-mod <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       --type <type>\n"
"       [old password/private key]\n"
"       [new password/public key]\n"
"\n"
" Modify symmetric vault password:\n"
"   ipa vault-mod <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       --change-password\n"
"   ipa vault-mod <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       --old-password <old password>\n"
"       --new-password <new password>\n"
"   ipa vault-mod <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       --old-password-file <old password file>\n"
"       --new-password-file <new password file>\n"
"\n"
" Modify asymmetric vault keys:\n"
"   ipa vault-mod <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       --private-key-file <old private key file>\n"
"       --public-key-file <new public key file>\n"
"\n"
" Delete a vault:\n"
"   ipa vault-del <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"\n"
" Display vault configuration:\n"
"   ipa vaultconfig-show\n"
"\n"
" Archive data into standard vault:\n"
"   ipa vault-archive <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       --in <input file>\n"
"\n"
" Archive data into symmetric vault:\n"
"   ipa vault-archive <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       --in <input file>\n"
"       --password-file password.txt\n"
"\n"
" Archive data into asymmetric vault:\n"
"   ipa vault-archive <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       --in <input file>\n"
"\n"
" Retrieve data from standard vault:\n"
"   ipa vault-retrieve <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       --out <output file>\n"
"\n"
" Retrieve data from symmetric vault:\n"
"   ipa vault-retrieve <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       --out <output file>\n"
"       --password-file password.txt\n"
"\n"
" Retrieve data from asymmetric vault:\n"
"   ipa vault-retrieve <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       --out <output file> --private-key-file private.pem\n"
"\n"
" Add vault owners:\n"
"   ipa vault-add-owner <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       [--users <users>]  [--groups <groups>] [--services <services>]\n"
"\n"
" Delete vault owners:\n"
"   ipa vault-remove-owner <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       [--users <users>] [--groups <groups>] [--services <services>]\n"
"\n"
" Add vault members:\n"
"   ipa vault-add-member <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       [--users <users>] [--groups <groups>] [--services <services>]\n"
"\n"
" Delete vault members:\n"
"   ipa vault-remove-member <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       [--users <users>] [--groups <groups>] [--services <services>]\n"
msgstr ""

msgid "Vault name"
msgstr ""

msgid "Vault description"
msgstr ""

msgid "Vault type"
msgstr ""

msgid "Salt"
msgstr ""

msgid "Vault salt"
msgstr ""

msgid "Public key"
msgstr ""

msgid "Vault public key"
msgstr ""

#: ipaserver/plugins/vault.py:620
msgid "Owner users"
msgstr ""

#: ipaserver/plugins/vault.py:625
msgid "Owner groups"
msgstr ""

#: ipaserver/plugins/vault.py:630
msgid "Owner services"
msgstr ""

#: ipaserver/plugins/vault.py:325 ipaserver/plugins/vault.py:635
msgid "Failed owners"
msgstr ""

#: ipaserver/plugins/vault.py:640
msgid "Vault service"
msgstr ""

#: ipaserver/plugins/vault.py:334 ipaserver/plugins/vault.py:645
msgid "Shared vault"
msgstr ""

#: ipaserver/plugins/vault.py:650
msgid "Vault user"
msgstr ""

msgid "Transport Certificate"
msgstr ""

msgid "Service name of the service vault"
msgstr ""

msgid "Username of the user vault"
msgstr ""

msgid "Add members to a vault."
msgstr ""

msgid "Add owners to a vault."
msgstr ""

msgid "owner user"
msgstr ""

msgid "owner group"
msgstr ""

msgid "owner service"
msgstr ""

#: ipaserver/plugins/vault.py:1211
msgid "Owners that could not be added"
msgstr ""

#: ipaserver/plugins/vault.py:1216
msgid "Number of owners added"
msgstr ""

#: ipaserver/plugins/vault.py:1127
msgid "Session key wrapped with transport certificate"
msgstr ""

msgid "Vault data encrypted with session key"
msgstr ""

msgid "Nonce"
msgstr ""

msgid "Delete a vault."
msgstr ""

msgid "Search for vaults."
msgstr ""

msgid "List all service vaults"
msgstr ""

msgid "List all user vaults"
msgstr ""

msgid "Remove members from a vault."
msgstr ""

msgid "Remove owners from a vault."
msgstr ""

#: ipaserver/plugins/vault.py:1236
msgid "Owners that could not be removed"
msgstr ""

#: ipaserver/plugins/vault.py:1241
msgid "Number of owners removed"
msgstr ""

msgid "Display information about a vault."
msgstr ""

msgid "Show vault configuration."
msgstr ""

msgid "Output file to store the transport certificate"
msgstr ""

msgid "Add owners to a vault container."
msgstr ""

msgid "Delete a vault container."
msgstr ""

msgid "Remove owners from a vault container."
msgstr ""

msgid "Display information about a vault container."
msgstr ""

msgid "Resolve a host name in DNS. (Deprecated)"
msgstr ""

msgid "Hostname (FQDN)"
msgstr ""

msgid "Force DNS zone creation even if it will overlap with an existing zone."
msgstr ""

msgid ""
"Force DNS zone creation even if nameserver is not resolvable. (Deprecated)"
msgstr ""

msgid ""
"\n"
"Groups of users\n"
"\n"
"Manage groups of users. By default, new groups are POSIX groups. You\n"
"can add the --nonposix option to the group-add command to mark a new group\n"
"as non-POSIX. You can use the --posix argument with the group-mod command\n"
"to convert a non-POSIX group into a POSIX group. POSIX groups cannot be\n"
"converted to non-POSIX groups.\n"
"\n"
"Every group must have a description.\n"
"\n"
"POSIX groups must have a Group ID (GID) number. Changing a GID is\n"
"supported but can have an impact on your file permissions. It is not "
"necessary\n"
"to supply a GID when creating a group. IPA will generate one automatically\n"
"if it is not provided.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a new group:\n"
"   ipa group-add --desc='local administrators' localadmins\n"
"\n"
" Add a new non-POSIX group:\n"
"   ipa group-add --nonposix --desc='remote administrators' remoteadmins\n"
"\n"
" Convert a non-POSIX group to posix:\n"
"   ipa group-mod --posix remoteadmins\n"
"\n"
" Add a new POSIX group with a specific Group ID number:\n"
"   ipa group-add --gid=500 --desc='unix admins' unixadmins\n"
"\n"
" Add a new POSIX group and let IPA assign a Group ID number:\n"
"   ipa group-add --desc='printer admins' printeradmins\n"
"\n"
" Remove a group:\n"
"   ipa group-del unixadmins\n"
"\n"
" To add the \"remoteadmins\" group to the \"localadmins\" group:\n"
"   ipa group-add-member --groups=remoteadmins localadmins\n"
"\n"
" Add multiple users to the \"localadmins\" group:\n"
"   ipa group-add-member --users=test1 --users=test2 localadmins\n"
"\n"
" Remove a user from the \"localadmins\" group:\n"
"   ipa group-remove-member --users=test2 localadmins\n"
"\n"
" Display information about a named group.\n"
"   ipa group-show localadmins\n"
"\n"
"External group membership is designed to allow users from trusted domains\n"
"to be mapped to local POSIX groups in order to actually use IPA resources.\n"
"External members should be added to groups that specifically created as\n"
"external and non-POSIX. Such group later should be included into one of "
"POSIX\n"
"groups.\n"
"\n"
"An external group member is currently a Security Identifier (SID) as defined "
"by\n"
"the trusted domain. When adding external group members, it is possible to\n"
"specify them in either SID, or DOM\n"
"ame, or name@domain format. IPA will attempt\n"
"to resolve passed name to SID with the use of Global Catalog of the trusted "
"domain.\n"
"\n"
"Example:\n"
"\n"
"1. Create group for the trusted domain admins' mapping and their local POSIX "
"group:\n"
"\n"
"   ipa group-add --desc='<ad.domain> admins external map' ad_admins_external "
"--external\n"
"   ipa group-add --desc='<ad.domain> admins' ad_admins\n"
"\n"
"2. Add security identifier of Domain Admins of the <ad.domain> to the "
"ad_admins_external\n"
"   group:\n"
"\n"
"   ipa group-add-member ad_admins_external --external 'AD\\Domain Admins'\n"
"\n"
"3. Allow members of ad_admins_external group to be associated with ad_admins "
"POSIX group:\n"
"\n"
"   ipa group-add-member ad_admins --groups ad_admins_external\n"
"\n"
"4. List members of external members of ad_admins_external group to see their "
"SIDs:\n"
"\n"
"   ipa group-show ad_admins_external\n"
msgstr ""

msgid ""
"\n"
"Simulate use of Host-based access controls\n"
"\n"
"HBAC rules control who can access what services on what hosts.\n"
"You can use HBAC to control which users or groups can access a service,\n"
"or group of services, on a target host.\n"
"\n"
"Since applying HBAC rules implies use of a production environment,\n"
"this plugin aims to provide simulation of HBAC rules evaluation without\n"
"having access to the production environment.\n"
"\n"
" Test user coming to a service on a named host against\n"
" existing enabled rules.\n"
"\n"
" ipa hbactest --user= --host= --service=\n"
"              [--rules=rules-list] [--nodetail] [--enabled] [--disabled]\n"
"              [--sizelimit= ]\n"
"\n"
" --user, --host, and --service are mandatory, others are optional.\n"
"\n"
" If --rules is specified simulate enabling of the specified rules and test\n"
" the login of the user using only these rules.\n"
"\n"
" If --enabled is specified, all enabled HBAC rules will be added to "
"simulation\n"
"\n"
" If --disabled is specified, all disabled HBAC rules will be added to "
"simulation\n"
"\n"
" If --nodetail is specified, do not return information about rules matched/"
"not matched.\n"
"\n"
" If both --rules and --enabled are specified, apply simulation to --rules "
"_and_\n"
" all IPA enabled rules.\n"
"\n"
" If no --rules specified, simulation is run against all IPA enabled rules.\n"
" By default there is a IPA-wide limit to number of entries fetched, you can "
"change it\n"
" with --sizelimit option.\n"
"\n"
"EXAMPLES:\n"
"\n"
"    1. Use all enabled HBAC rules in IPA database to simulate:\n"
"    $ ipa  hbactest --user=a1a --host=bar --service=sshd\n"
"    --------------------\n"
"    Access granted: True\n"
"    --------------------\n"
"      Not matched rules: my-second-rule\n"
"      Not matched rules: my-third-rule\n"
"      Not matched rules: myrule\n"
"      Matched rules: allow_all\n"
"\n"
"    2. Disable detailed summary of how rules were applied:\n"
"    $ ipa hbactest --user=a1a --host=bar --service=sshd --nodetail\n"
"    --------------------\n"
"    Access granted: True\n"
"    --------------------\n"
"\n"
"    3. Test explicitly specified HBAC rules:\n"
"    $ ipa hbactest --user=a1a --host=bar --service=sshd           --"
"rules=myrule --rules=my-second-rule\n"
"    ---------------------\n"
"    Access granted: False\n"
"    ---------------------\n"
"      Not matched rules: my-second-rule\n"
"      Not matched rules: myrule\n"
"\n"
"    4. Use all enabled HBAC rules in IPA database + explicitly specified "
"rules:\n"
"    $ ipa hbactest --user=a1a --host=bar --service=sshd           --"
"rules=myrule --rules=my-second-rule --enabled\n"
"    --------------------\n"
"    Access granted: True\n"
"    --------------------\n"
"      Not matched rules: my-second-rule\n"
"      Not matched rules: my-third-rule\n"
"      Not matched rules: myrule\n"
"      Matched rules: allow_all\n"
"\n"
"    5. Test all disabled HBAC rules in IPA database:\n"
"    $ ipa hbactest --user=a1a --host=bar --service=sshd --disabled\n"
"    ---------------------\n"
"    Access granted: False\n"
"    ---------------------\n"
"      Not matched rules: new-rule\n"
"\n"
"    6. Test all disabled HBAC rules in IPA database + explicitly specified "
"rules:\n"
"    $ ipa hbactest --user=a1a --host=bar --service=sshd           --"
"rules=myrule --rules=my-second-rule --disabled\n"
"    ---------------------\n"
"    Access granted: False\n"
"    ---------------------\n"
"      Not matched rules: my-second-rule\n"
"      Not matched rules: my-third-rule\n"
"      Not matched rules: myrule\n"
"\n"
"    7. Test all (enabled and disabled) HBAC rules in IPA database:\n"
"    $ ipa hbactest --user=a1a --host=bar --service=sshd           --enabled "
"--disabled\n"
"    --------------------\n"
"    Access granted: True\n"
"    --------------------\n"
"      Not matched rules: my-second-rule\n"
"      Not matched rules: my-third-rule\n"
"      Not matched rules: myrule\n"
"      Not matched rules: new-rule\n"
"      Matched rules: allow_all\n"
"\n"
"\n"
"HBACTEST AND TRUSTED DOMAINS\n"
"\n"
"When an external trusted domain is configured in IPA, HBAC rules are also "
"applied\n"
"on users accessing IPA resources from the trusted domain. Trusted domain "
"users and\n"
"groups (and their SIDs) can be then assigned to external groups which can "
"be\n"
"members of POSIX groups in IPA which can be used in HBAC rules and thus "
"allowing\n"
"access to resources protected by the HBAC system.\n"
"\n"
"hbactest plugin is capable of testing access for both local IPA users and "
"users\n"
"from the trusted domains, either by a fully qualified user name or by user "
"SID.\n"
"Such user names need to have a trusted domain specified as a short name\n"
"(DOMAIN\\Administrator) or with a user principal name (UPN), "
"Administrator@ad.test.\n"
"\n"
"Please note that hbactest executed with a trusted domain user as --user "
"parameter\n"
"can be only run by members of \"trust admins\" group.\n"
"\n"
"EXAMPLES:\n"
"\n"
"    1. Test if a user from a trusted domain specified by its shortname "
"matches any\n"
"       rule:\n"
"\n"
"    $ ipa hbactest --user 'DOMAIN\\Administrator' --host `hostname` --"
"service sshd\n"
"    --------------------\n"
"    Access granted: True\n"
"    --------------------\n"
"      Matched rules: allow_all\n"
"      Matched rules: can_login\n"
"\n"
"    2. Test if a user from a trusted domain specified by its domain name "
"matches\n"
"       any rule:\n"
"\n"
"    $ ipa hbactest --user 'Administrator@domain.com' --host `hostname` --"
"service sshd\n"
"    --------------------\n"
"    Access granted: True\n"
"    --------------------\n"
"      Matched rules: allow_all\n"
"      Matched rules: can_login\n"
"\n"
"    3. Test if a user from a trusted domain specified by its SID matches any "
"rule:\n"
"\n"
"    $ ipa hbactest --user "
"S-1-5-21-3035198329-144811719-1378114514-500             --host `hostname` --"
"service sshd\n"
"    --------------------\n"
"    Access granted: True\n"
"    --------------------\n"
"      Matched rules: allow_all\n"
"      Matched rules: can_login\n"
"\n"
"    4. Test if other user from a trusted domain specified by its SID matches "
"any rule:\n"
"\n"
"    $ ipa hbactest --user "
"S-1-5-21-3035198329-144811719-1378114514-1203             --host `hostname` "
"--service sshd\n"
"    --------------------\n"
"    Access granted: True\n"
"    --------------------\n"
"      Matched rules: allow_all\n"
"      Not matched rules: can_login\n"
"\n"
"   5. Test if other user from a trusted domain specified by its shortname "
"matches\n"
"       any rule:\n"
"\n"
"    $ ipa hbactest --user 'DOMAIN\\Otheruser' --host `hostname` --service "
"sshd\n"
"    --------------------\n"
"    Access granted: True\n"
"    --------------------\n"
"      Matched rules: allow_all\n"
"      Not matched rules: can_login\n"
msgstr ""

msgid "Managed suffixes"
msgstr ""

msgid "Check connection to remote IPA server."
msgstr ""

#: ipaserver/plugins/trust.py:1849
msgid "Remote server name"
msgstr ""

#: ipaserver/plugins/trust.py:1850
msgid "Remote IPA server hostname"
msgstr ""

#: ipaserver/plugins/topology.py:407
msgid "suffix"
msgstr ""

msgid "Search for servers with these managed suffixes."
msgstr ""

msgid "Search for servers without these managed suffixes."
msgstr ""

#: ipaserver/plugins/stageuser.py:774
msgid "Add a manager to the stage user entry"
msgstr ""

#: ipaserver/plugins/stageuser.py:779
msgid "Remove a manager to the stage user entry"
msgstr ""

msgid ""
"\n"
"Topology\n"
"\n"
"Management of a replication topology at domain level 1.\n"
"\n"
"IPA server's data is stored in LDAP server in two suffixes:\n"
"* domain suffix, e.g., 'dc=example,dc=com', contains all domain related "
"data\n"
"* ca suffix, 'o=ipaca', is present only on server with CA installed. It\n"
"  contains data for Certificate Server component\n"
"\n"
"Data stored on IPA servers is replicated to other IPA servers. The way it "
"is\n"
"replicated is defined by replication agreements. Replication agreements "
"needs\n"
"to be set for both suffixes separately. On domain level 0 they are managed\n"
"using ipa-replica-manage and ipa-csreplica-manage tools. With domain level "
"1\n"
"they are managed centrally using `ipa topology*` commands.\n"
"\n"
"Agreements are represented by topology segments. By default topology "
"segment\n"
"represents 2 replication agreements - one for each direction, e.g., A to B "
"and\n"
"B to A. Creation of unidirectional segments is not allowed.\n"
"\n"
"To verify that no server is disconnected in the topology of the given "
"suffix,\n"
"use:\n"
"  ipa topologysuffix-verify $suffix\n"
"\n"
"\n"
"Examples:\n"
"  Find all IPA servers:\n"
"    ipa server-find\n"
"\n"
"  Find all suffixes:\n"
"    ipa topologysuffix-find\n"
"\n"
"  Add topology segment to 'domain' suffix:\n"
"    ipa topologysegment-add domain --left IPA_SERVER_A --right IPA_SERVER_B\n"
"\n"
"  Add topology segment to 'ca' suffix:\n"
"    ipa topologysegment-add ca --left IPA_SERVER_A --right IPA_SERVER_B\n"
"\n"
"  List all topology segments in 'domain' suffix:\n"
"    ipa topologysegment-find domain\n"
"\n"
"  List all topology segments in 'ca' suffix:\n"
"    ipa topologysegment-find ca\n"
"\n"
"  Delete topology segment in 'domain' suffix:\n"
"    ipa topologysegment-del domain segment_name\n"
"\n"
"  Delete topology segment in 'ca' suffix:\n"
"    ipa topologysegment-del ca segment_name\n"
"\n"
"  Verify topology of 'domain' suffix:\n"
"    ipa topologysuffix-verify domain\n"
"\n"
"  Verify topology of 'ca' suffix:\n"
"    ipa topologysuffix-verify ca\n"
msgstr ""

#: ipaserver/plugins/topology.py:425
msgid "Managed LDAP suffix DN"
msgstr ""

#: ipaserver/plugins/topology.py:432
msgid "Search for topology suffixes."
msgstr ""

msgid "Add a manager to the user entry"
msgstr ""

msgid "Remove a manager to the user entry"
msgstr ""

msgid ""
"\n"
"Directory Server Access Control Instructions (ACIs)\n"
"\n"
"ACIs are used to allow or deny access to information. This module is\n"
"currently designed to allow, not deny, access.\n"
"\n"
"The aci commands are designed to grant permissions that allow updating\n"
"existing entries or adding or deleting new ones. The goal of the ACIs\n"
"that ship with IPA is to provide a set of low-level permissions that\n"
"grant access to special groups called taskgroups. These low-level\n"
"permissions can be combined into roles that grant broader access. These\n"
"roles are another type of group, roles.\n"
"\n"
"For example, if you have taskgroups that allow adding and modifying users "
"you\n"
"could create a role, useradmin. You would assign users to the useradmin\n"
"role to allow them to do the operations defined by the taskgroups.\n"
"\n"
"You can create ACIs that delegate permission so users in group A can write\n"
"attributes on group B.\n"
"\n"
"The type option is a map that applies to all entries in the users, groups "
"or\n"
"host location. It is primarily designed to be used when granting add\n"
"permissions (to write new entries).\n"
"\n"
"An ACI consists of three parts:\n"
"1. target\n"
"2. permissions\n"
"3. bind rules\n"
"\n"
"The target is a set of rules that define which LDAP objects are being\n"
"targeted. This can include a list of attributes, an area of that LDAP\n"
"tree or an LDAP filter.\n"
"\n"
"The targets include:\n"
"- attrs: list of attributes affected\n"
"- type: an object type (user, group, host, service, etc)\n"
"- memberof: members of a group\n"
"- targetgroup: grant access to modify a specific group. This is primarily\n"
"  designed to enable users to add or remove members of a specific group.\n"
"- filter: A legal LDAP filter used to narrow the scope of the target.\n"
"- subtree: Used to apply a rule across an entire set of objects. For "
"example,\n"
"  to allow adding users you need to grant \"add\" permission to the subtree\n"
"  ldap://uid=*,cn=users,cn=accounts,dc=example,dc=com. The subtree option\n"
"  is a fail-safe for objects that may not be covered by the type option.\n"
"\n"
"The permissions define what the ACI is allowed to do, and are one or\n"
"more of:\n"
"1. write - write one or more attributes\n"
"2. read - read one or more attributes\n"
"3. add - add a new entry to the tree\n"
"4. delete - delete an existing entry\n"
"5. all - all permissions are granted\n"
"\n"
"Note the distinction between attributes and entries. The permissions are\n"
"independent, so being able to add a user does not mean that the user will\n"
"be editable.\n"
"\n"
"The bind rule defines who this ACI grants permissions to. The LDAP server\n"
"allows this to be any valid LDAP entry but we encourage the use of\n"
"taskgroups so that the rights can be easily shared through roles.\n"
"\n"
"For a more thorough description of access controls see\n"
"http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Managing_Access_Control."
"html\n"
"\n"
"EXAMPLES:\n"
"\n"
"NOTE: ACIs are now added via the permission plugin. These examples are to\n"
"demonstrate how the various options work but this is done via the "
"permission\n"
"command-line now (see last example).\n"
"\n"
" Add an ACI so that the group \"secretaries\" can update the address on any "
"user:\n"
"   ipa group-add --desc=\"Office secretaries\" secretaries\n"
"   ipa aci-add --attrs=streetAddress --memberof=ipausers --group=secretaries "
"--permissions=write --prefix=none \"Secretaries write addresses\"\n"
"\n"
" Show the new ACI:\n"
"   ipa aci-show --prefix=none \"Secretaries write addresses\"\n"
"\n"
" Add an ACI that allows members of the \"addusers\" permission to add new "
"users:\n"
"   ipa aci-add --type=user --permission=addusers --permissions=add --"
"prefix=none \"Add new users\"\n"
"\n"
" Add an ACI that allows members of the editors manage members of the admins "
"group:\n"
"   ipa aci-add --permissions=write --attrs=member --targetgroup=admins --"
"group=editors --prefix=none \"Editors manage admins\"\n"
"\n"
" Add an ACI that allows members of the admins group to manage the street and "
"zip code of those in the editors group:\n"
"   ipa aci-add --permissions=write --memberof=editors --group=admins --"
"attrs=street,postalcode --prefix=none \"admins edit the address of "
"editors\"\n"
"\n"
" Add an ACI that allows the admins group manage the street and zipcode of "
"those who work for the boss:\n"
"   ipa aci-add --permissions=write --group=admins --attrs=street,postalcode "
"--filter=\"(manager=uid=boss,cn=users,cn=accounts,dc=example,dc=com)\" --"
"prefix=none \"Edit the address of those who work for the boss\"\n"
"\n"
" Add an entirely new kind of record to IPA that isn't covered by any of the "
"--type options, creating a permission:\n"
"   ipa permission-add  --permissions=add --subtree=\"cn=*,cn=orange,"
"cn=accounts,dc=example,dc=com\" --desc=\"Add Orange Entries\" add_orange\n"
"\n"
"\n"
"The show command shows the raw 389-ds ACI.\n"
"\n"
"IMPORTANT: When modifying the target attributes of an existing ACI you\n"
"must include all existing attributes as well. When doing an aci-mod the\n"
"targetattr REPLACES the current attributes, it does not add to them.\n"
msgstr ""

msgid ""
"comma-separated list of permissions to grant(read, write, add, delete, all)"
msgstr ""

msgid "Comma-separated list of attributes"
msgstr ""

msgid ""
"\n"
"Auto Membership Rule.\n"
"\n"
"Bring clarity to the membership of hosts and users by configuring inclusive\n"
"or exclusive regex patterns, you can automatically assign a new entries "
"into\n"
"a group or hostgroup based upon attribute information.\n"
"\n"
"A rule is directly associated with a group by name, so you cannot create\n"
"a rule without an accompanying group or hostgroup.\n"
"\n"
"A condition is a regular expression used by 389-ds to match a new incoming\n"
"entry with an automember rule. If it matches an inclusive rule then the\n"
"entry is added to the appropriate group or hostgroup.\n"
"\n"
"A default group or hostgroup could be specified for entries that do not\n"
"match any rule. In case of user entries this group will be a fallback group\n"
"because all users are by default members of group specified in IPA config.\n"
"\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add the initial group or hostgroup:\n"
"   ipa hostgroup-add --desc=\"Web Servers\" webservers\n"
"   ipa group-add --desc=\"Developers\" devel\n"
"\n"
" Add the initial rule:\n"
"   ipa automember-add --type=hostgroup webservers\n"
"   ipa automember-add --type=group devel\n"
"\n"
" Add a condition to the rule:\n"
"   ipa automember-add-condition --key=fqdn --type=hostgroup --inclusive-"
"regex=^web[1-9]+\\.example\\.com webservers\n"
"   ipa automember-add-condition --key=manager --type=group --inclusive-"
"regex=^uid=mscott devel\n"
"\n"
" Add an exclusive condition to the rule to prevent auto assignment:\n"
"   ipa automember-add-condition --key=fqdn --type=hostgroup --exclusive-"
"regex=^web5\\.example\\.com webservers\n"
"\n"
" Add a host:\n"
"    ipa host-add web1.example.com\n"
"\n"
" Add a user:\n"
"    ipa user-add --first=Tim --last=User --password tuser1 --manager=mscott\n"
"\n"
" Verify automembership:\n"
"    ipa hostgroup-show webservers\n"
"      Host-group: webservers\n"
"      Description: Web Servers\n"
"      Member hosts: web1.example.com\n"
"\n"
"    ipa group-show devel\n"
"      Group name: devel\n"
"      Description: Developers\n"
"      GID: 1004200000\n"
"      Member users: tuser\n"
"\n"
" Remove a condition from the rule:\n"
"   ipa automember-remove-condition --key=fqdn --type=hostgroup --inclusive-"
"regex=^web[1-9]+\\.example\\.com webservers\n"
"\n"
" Modify the automember rule:\n"
"    ipa automember-mod\n"
"\n"
" Set the default (fallback) target group:\n"
"    ipa automember-default-group-set --default-group=webservers --"
"type=hostgroup\n"
"    ipa automember-default-group-set --default-group=ipausers --type=group\n"
"\n"
" Remove the default (fallback) target group:\n"
"    ipa automember-default-group-remove --type=hostgroup\n"
"    ipa automember-default-group-remove --type=group\n"
"\n"
" Show the default (fallback) target group:\n"
"    ipa automember-default-group-show --type=hostgroup\n"
"    ipa automember-default-group-show --type=group\n"
"\n"
" Find all of the automember rules:\n"
"    ipa automember-find\n"
"\n"
" Display a automember rule:\n"
"    ipa automember-show --type=hostgroup webservers\n"
"    ipa automember-show --type=group devel\n"
"\n"
" Delete an automember rule:\n"
"    ipa automember-del --type=hostgroup webservers\n"
"    ipa automember-del --type=group devel\n"
msgstr ""

msgid ""
"\n"
"IPA certificate operations\n"
"\n"
"Implements a set of commands for managing server SSL certificates.\n"
"\n"
"Certificate requests exist in the form of a Certificate Signing Request "
"(CSR)\n"
"in PEM format.\n"
"\n"
"If using the selfsign back end then the subject in the CSR needs to match\n"
"the subject configured in the server. The dogtag CA uses just the CN\n"
"value of the CSR and forces the rest of the subject.\n"
"\n"
"A certificate is stored with a service principal and a service principal\n"
"needs a host.\n"
"\n"
"In order to request a certificate:\n"
"\n"
"* The host must exist\n"
"* The service must exist (or you use the --add option to automatically add "
"it)\n"
"\n"
"EXAMPLES:\n"
"\n"
" Request a new certificate and add the principal:\n"
"   ipa cert-request --add --principal=HTTP/lion.example.com example.csr\n"
"\n"
" Retrieve an existing certificate:\n"
"   ipa cert-show 1032\n"
"\n"
" Revoke a certificate (see RFC 5280 for reason details):\n"
"   ipa cert-revoke --revocation-reason=6 1032\n"
"\n"
" Remove a certificate from revocation hold status:\n"
"   ipa cert-remove-hold 1032\n"
"\n"
" Check the status of a signing request:\n"
"   ipa cert-status 10\n"
"\n"
"IPA currently immediately issues (or declines) all certificate requests so\n"
"the status of a request is not normally useful. This is for future use\n"
"or the case where a CA does not immediately issue a certificate.\n"
"\n"
"The following revocation reasons are supported:\n"
"\n"
"    * 0 - unspecified\n"
"    * 1 - keyCompromise\n"
"    * 2 - cACompromise\n"
"    * 3 - affiliationChanged\n"
"    * 4 - superseded\n"
"    * 5 - cessationOfOperation\n"
"    * 6 - certificateHold\n"
"    * 8 - removeFromCRL\n"
"    * 9 - privilegeWithdrawn\n"
"    * 10 - aACompromise\n"
"\n"
"Note that reason code 7 is not used.  See RFC 5280 for more details:\n"
"\n"
"http://www.ietf.org/rfc/rfc5280.txt\n"
msgstr ""

msgid ""
"\n"
"Group to Group Delegation\n"
"\n"
"A permission enables fine-grained delegation of permissions. Access Control\n"
"Rules, or instructions (ACIs), grant permission to permissions to perform\n"
"given tasks such as adding a user, modifying a group, etc.\n"
"\n"
"Group to Group Delegations grants the members of one group to update a set\n"
"of attributes of members of another group.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a delegation rule to allow managers to edit employee's addresses:\n"
"   ipa delegation-add --attrs=street --group=managers --"
"membergroup=employees \"managers edit employees' street\"\n"
"\n"
" When managing the list of attributes you need to include all attributes\n"
" in the list, including existing ones. Add postalCode to the list:\n"
"   ipa delegation-mod --attrs=street,postalCode --group=managers --"
"membergroup=employees \"managers edit employees' street\"\n"
"\n"
" Display our updated rule:\n"
"   ipa delegation-show \"managers edit employees' street\"\n"
"\n"
" Delete a rule:\n"
"   ipa delegation-del \"managers edit employees' street\"\n"
msgstr ""

msgid ""
"Comma-separated list of permissions to grant (read, write). Default is write."
msgstr ""

msgid ""
"\n"
"Domain Name System (DNS)\n"
"\n"
"Manage DNS zone and resource records.\n"
"\n"
"\n"
"USING STRUCTURED PER-TYPE OPTIONS\n"
"\n"
"There are many structured DNS RR types where DNS data stored in LDAP server\n"
"is not just a scalar value, for example an IP address or a domain name, but\n"
"a data structure which may be often complex. A good example is a LOC record\n"
"[RFC1876] which consists of many mandatory and optional parts (degrees,\n"
"minutes, seconds of latitude and longitude, altitude or precision).\n"
"\n"
"It may be difficult to manipulate such DNS records without making a mistake\n"
"and entering an invalid value. DNS module provides an abstraction over "
"these\n"
"raw records and allows to manipulate each RR type with specific options. "
"For\n"
"each supported RR type, DNS module provides a standard option to manipulate\n"
"a raw records with format --<rrtype>-rec, e.g. --mx-rec, and special "
"options\n"
"for every part of the RR structure with format --<rrtype>-<partname>, e.g.\n"
"--mx-preference and --mx-exchanger.\n"
"\n"
"When adding a record, either RR specific options or standard option for a "
"raw\n"
"value can be used, they just should not be combined in one add operation. "
"When\n"
"modifying an existing entry, new RR specific options can be used to change\n"
"one part of a DNS record, where the standard option for raw value is used\n"
"to specify the modified value. The following example demonstrates\n"
"a modification of MX record preference from 0 to 1 in a record without\n"
"modifying the exchanger:\n"
"ipa dnsrecord-mod --mx-rec=\"0 mx.example.com.\" --mx-preference=1\n"
"\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add new zone:\n"
"   ipa dnszone-add example.com --name-"
"server=ns                                --admin-email=admin@example."
"com                                --ip-address=10.0.0.1\n"
"\n"
" Add system permission that can be used for per-zone privilege delegation:\n"
"   ipa dnszone-add-permission example.com\n"
"\n"
" Modify the zone to allow dynamic updates for hosts own records in realm "
"EXAMPLE.COM:\n"
"   ipa dnszone-mod example.com --dynamic-update=TRUE\n"
"\n"
"   This is the equivalent of:\n"
"     ipa dnszone-mod example.com --dynamic-update=TRUE       --update-"
"policy=\"grant EXAMPLE.COM krb5-self * A; grant EXAMPLE.COM krb5-self * "
"AAAA; grant EXAMPLE.COM krb5-self * SSHFP;\"\n"
"\n"
" Modify the zone to allow zone transfers for local network only:\n"
"   ipa dnszone-mod example.com --allow-transfer=10.0.0.0/8\n"
"\n"
" Add new reverse zone specified by network IP address:\n"
"   ipa dnszone-add --name-from-ip=80.142.15.0/24                    --name-"
"server=ns.example.com.\n"
"\n"
" Add second nameserver for example.com:\n"
"   ipa dnsrecord-add example.com @ --ns-rec=nameserver2.example.com\n"
"\n"
" Add a mail server for example.com:\n"
"   ipa dnsrecord-add example.com @ --mx-rec=\"10 mail1\"\n"
"\n"
" Add another record using MX record specific options:\n"
"  ipa dnsrecord-add example.com @ --mx-preference=20 --mx-exchanger=mail2\n"
"\n"
" Add another record using interactive mode (started when dnsrecord-add, "
"dnsrecord-mod,\n"
" or dnsrecord-del are executed with no options):\n"
"  ipa dnsrecord-add example.com @\n"
"  Please choose a type of DNS resource record to be added\n"
"  The most common types for this type of zone are: NS, MX, LOC\n"
"\n"
"  DNS resource record type: MX\n"
"  MX Preference: 30\n"
"  MX Exchanger: mail3\n"
"    Record name: example.com\n"
"    MX record: 10 mail1, 20 mail2, 30 mail3\n"
"    NS record: nameserver.example.com., nameserver2.example.com.\n"
"\n"
" Delete previously added nameserver from example.com:\n"
"   ipa dnsrecord-del example.com @ --ns-rec=nameserver2.example.com.\n"
"\n"
" Add LOC record for example.com:\n"
"   ipa dnsrecord-add example.com @ --loc-rec=\"49 11 42.4 N 16 36 29.6 E "
"227.64m\"\n"
"\n"
" Add new A record for www.example.com. Create a reverse record in "
"appropriate\n"
" reverse zone as well. In this case a PTR record \"2\" pointing to www."
"example.com\n"
" will be created in zone 15.142.80.in-addr.arpa.\n"
"   ipa dnsrecord-add example.com www --a-rec=80.142.15.2 --a-create-reverse\n"
"\n"
" Add new PTR record for www.example.com\n"
"   ipa dnsrecord-add 15.142.80.in-addr.arpa. 2 --ptr-rec=www.example.com.\n"
"\n"
" Add new SRV records for LDAP servers. Three quarters of the requests\n"
" should go to fast.example.com, one quarter to slow.example.com. If neither\n"
" is available, switch to backup.example.com.\n"
"   ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"0 3 389 fast.example."
"com\"\n"
"   ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"0 1 389 slow.example."
"com\"\n"
"   ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"1 1 389 backup."
"example.com\"\n"
"\n"
" The interactive mode can be used for easy modification:\n"
"  ipa dnsrecord-mod example.com _ldap._tcp\n"
"  No option to modify specific record provided.\n"
"  Current DNS record contents:\n"
"\n"
"  SRV record: 0 3 389 fast.example.com, 0 1 389 slow.example.com, 1 1 389 "
"backup.example.com\n"
"\n"
"  Modify SRV record '0 3 389 fast.example.com'? Yes/No (default No):\n"
"  Modify SRV record '0 1 389 slow.example.com'? Yes/No (default No): y\n"
"  SRV Priority [0]:                     (keep the default value)\n"
"  SRV Weight [1]: 2                     (modified value)\n"
"  SRV Port [389]:                       (keep the default value)\n"
"  SRV Target [slow.example.com]:        (keep the default value)\n"
"  1 SRV record skipped. Only one value per DNS record type can be modified "
"at one time.\n"
"    Record name: _ldap._tcp\n"
"    SRV record: 0 3 389 fast.example.com, 1 1 389 backup.example.com, 0 2 "
"389 slow.example.com\n"
"\n"
" After this modification, three fifths of the requests should go to\n"
" fast.example.com and two fifths to slow.example.com.\n"
"\n"
" An example of the interactive mode for dnsrecord-del command:\n"
"   ipa dnsrecord-del example.com www\n"
"   No option to delete specific record provided.\n"
"   Delete all? Yes/No (default No):     (do not delete all records)\n"
"   Current DNS record contents:\n"
"\n"
"   A record: 1.2.3.4, 11.22.33.44\n"
"\n"
"   Delete A record '1.2.3.4'? Yes/No (default No):\n"
"   Delete A record '11.22.33.44'? Yes/No (default No): y\n"
"     Record name: www\n"
"     A record: 1.2.3.4                  (A record 11.22.33.44 has been "
"deleted)\n"
"\n"
" Show zone example.com:\n"
"   ipa dnszone-show example.com\n"
"\n"
" Find zone with \"example\" in its domain name:\n"
"   ipa dnszone-find example\n"
"\n"
" Find records for resources with \"www\" in their name in zone example.com:\n"
"   ipa dnsrecord-find example.com www\n"
"\n"
" Find A records with value 10.10.0.1 in zone example.com\n"
"   ipa dnsrecord-find example.com --a-rec=10.10.0.1\n"
"\n"
" Show records for resource www in zone example.com\n"
"   ipa dnsrecord-show example.com www\n"
"\n"
" Delegate zone sub.example to another nameserver:\n"
"   ipa dnsrecord-add example.com ns.sub --a-rec=10.0.100.5\n"
"   ipa dnsrecord-add example.com sub --ns-rec=ns.sub.example.com.\n"
"\n"
" If global forwarder is configured, all requests to sub.example.com will be\n"
" routed through the global forwarder. To change the behavior for example."
"com\n"
" zone only and forward the request directly to ns.sub.example.com., global\n"
" forwarding may be disabled per-zone:\n"
"   ipa dnszone-mod example.com --forward-policy=none\n"
"\n"
" Forward all requests for the zone external.com to another nameserver using\n"
" a \"first\" policy (it will send the queries to the selected forwarder and "
"if\n"
" not answered it will use global resolvers):\n"
"   ipa dnszone-add external.com\n"
"   ipa dnszone-mod external.com --"
"forwarder=10.20.0.1                                 --forward-policy=first\n"
"\n"
" Delete zone example.com with all resource records:\n"
"   ipa dnszone-del example.com\n"
"\n"
" Resolve a host name to see if it exists (will add default IPA domain\n"
" if one is not included):\n"
"   ipa dns-resolve www.example.com\n"
"   ipa dns-resolve www\n"
"\n"
"\n"
"GLOBAL DNS CONFIGURATION\n"
"\n"
"DNS configuration passed to command line install script is stored in a "
"local\n"
"configuration file on each IPA server where DNS service is configured. "
"These\n"
"local settings can be overridden with a common configuration stored in LDAP\n"
"server:\n"
"\n"
" Show global DNS configuration:\n"
"   ipa dnsconfig-show\n"
"\n"
" Modify global DNS configuration and set a list of global forwarders:\n"
"   ipa dnsconfig-mod --forwarder=10.0.0.1\n"
msgstr ""

msgid ""
"A list of global forwarders. A custom port can be specified for each "
"forwarder using a standard format \"IP_ADDRESS port PORT\""
msgstr ""

msgid "An interval between regular polls of the name server for new DNS zones"
msgstr ""

msgid "DNS class"
msgstr ""

msgid "Comma-separated list of raw A records"
msgstr ""

msgid "Comma-separated list of raw AAAA records"
msgstr ""

msgid "Comma-separated list of raw A6 records"
msgstr ""

msgid "Comma-separated list of raw AFSDB records"
msgstr ""

msgid "Comma-separated list of raw APL records"
msgstr ""

msgid "Comma-separated list of raw CERT records"
msgstr ""

msgid "Comma-separated list of raw CNAME records"
msgstr ""

msgid "Comma-separated list of raw DHCID records"
msgstr ""

msgid "Comma-separated list of raw DLV records"
msgstr ""

msgid "Comma-separated list of raw DNAME records"
msgstr ""

msgid "Comma-separated list of raw DNSKEY records"
msgstr ""

msgid "Comma-separated list of raw DS records"
msgstr ""

msgid "Comma-separated list of raw HIP records"
msgstr ""

msgid "Comma-separated list of raw IPSECKEY records"
msgstr ""

msgid "Comma-separated list of raw KEY records"
msgstr ""

msgid "KEY Flags"
msgstr ""

msgid "KEY Protocol"
msgstr ""

msgid "Protocol"
msgstr ""

msgid "KEY Algorithm"
msgstr "키 알고리즘"

msgid "KEY Public Key"
msgstr ""

msgid "Public Key"
msgstr ""

msgid "Comma-separated list of raw KX records"
msgstr ""

msgid "Comma-separated list of raw LOC records"
msgstr ""

msgid "Comma-separated list of raw MX records"
msgstr ""

msgid "Comma-separated list of raw NAPTR records"
msgstr "단순 NAPTR 레코드의 쉼표로-구분된 목록"

msgid "Comma-separated list of raw NS records"
msgstr ""

msgid "Comma-separated list of raw NSEC records"
msgstr ""

msgid "NSEC Next Domain Name"
msgstr ""

msgid "Next Domain Name"
msgstr ""

msgid "NSEC Type Map"
msgstr ""

msgid "Type Map"
msgstr ""

msgid "Comma-separated list of raw NSEC3 records"
msgstr ""

msgid "Comma-separated list of raw NSEC3PARAM records"
msgstr ""

msgid "Comma-separated list of raw PTR records"
msgstr ""

msgid "Comma-separated list of raw RRSIG records"
msgstr ""

msgid "RRSIG Type Covered"
msgstr "RRSIG 유형 적용"

msgid "Type Covered"
msgstr ""

msgid "RRSIG Algorithm"
msgstr ""

msgid "RRSIG Labels"
msgstr ""

msgid "Labels"
msgstr ""

msgid "RRSIG Original TTL"
msgstr ""

msgid "Original TTL"
msgstr ""

msgid "RRSIG Signature Expiration"
msgstr ""

msgid "Signature Expiration"
msgstr ""

msgid "RRSIG Signature Inception"
msgstr ""

msgid "Signature Inception"
msgstr ""

msgid "RRSIG Key Tag"
msgstr ""

msgid "RRSIG Signer's Name"
msgstr ""

msgid "Signer's Name"
msgstr ""

msgid "RRSIG Signature"
msgstr ""

msgid "Signature"
msgstr ""

msgid "Comma-separated list of raw RP records"
msgstr ""

msgid "Comma-separated list of raw SIG records"
msgstr ""

msgid "SIG Type Covered"
msgstr ""

msgid "SIG Algorithm"
msgstr ""

msgid "SIG Labels"
msgstr ""

msgid "SIG Original TTL"
msgstr ""

msgid "SIG Signature Expiration"
msgstr ""

msgid "SIG Signature Inception"
msgstr ""

msgid "SIG Key Tag"
msgstr ""

msgid "SIG Signer's Name"
msgstr ""

msgid "SIG Signature"
msgstr ""

msgid "Comma-separated list of raw SPF records"
msgstr ""

msgid "Comma-separated list of raw SRV records"
msgstr ""

msgid "Comma-separated list of raw SSHFP records"
msgstr ""

msgid "Comma-separated list of raw TA records"
msgstr ""

msgid "Comma-separated list of raw TKEY records"
msgstr ""

msgid "Comma-separated list of raw TSIG records"
msgstr ""

msgid "Comma-separated list of raw TXT records"
msgstr ""

msgid "SOA time to live"
msgstr ""

msgid "SOA record time to live"
msgstr ""

msgid "SOA class"
msgstr ""

msgid "SOA record class"
msgstr ""

msgid ""
"A list of per-zone forwarders. A custom port can be specified for each "
"forwarder using a standard format \"IP_ADDRESS port PORT\""
msgstr ""

msgid "Add forward record for nameserver located in the created zone"
msgstr ""

msgid ""
"\n"
"Entitlements\n"
"\n"
"Manage entitlements for client machines\n"
"\n"
"Entitlements can be managed either by registering with an entitlement\n"
"server with a username and password or by manually importing entitlement\n"
"certificates. An entitlement certificate contains embedded information\n"
"such as the product being entitled, the quantity and the validity dates.\n"
"\n"
"An entitlement server manages the number of client entitlements available.\n"
"To mark these entitlements as used by the IPA server you provide a quantity\n"
"and they are marked as consumed on the entitlement server.\n"
"\n"
" Register with an entitlement server:\n"
"   ipa entitle-register consumer\n"
"\n"
" Import an entitlement certificate:\n"
"   ipa entitle-import /home/user/ipaclient.pem\n"
"\n"
" Display current entitlements:\n"
"   ipa entitle-status\n"
"\n"
" Retrieve details on entitlement certificates:\n"
"   ipa entitle-get\n"
"\n"
" Consume some entitlements from the entitlement server:\n"
"   ipa entitle-consume 50\n"
"\n"
"The registration ID is a Unique Identifier (UUID). This ID will be\n"
"IMPORTED if you have used entitle-import.\n"
"\n"
"Changes to /etc/rhsm/rhsm.conf require a restart of the httpd service.\n"
msgstr ""

msgid "Consume an entitlement."
msgstr ""

msgid "Quantity"
msgstr ""

msgid "Search for entitlement accounts."
msgstr ""

msgid "Retrieve the entitlement certs."
msgstr ""

msgid "Import an entitlement certificate."
msgstr ""

msgid "UUID"
msgstr ""

msgid "Enrollment UUID"
msgstr ""

msgid "Register to the entitlement system."
msgstr ""

#: ipaserver/plugins/internal.py:414
msgid "Username"
msgstr ""

msgid "Enrollment UUID (not implemented)"
msgstr ""

msgid "Registration password"
msgstr ""

msgid "Display current entitlements."
msgstr ""

msgid "Re-sync the local entitlement cache with the entitlement server."
msgstr ""

msgid ""
"\n"
"Groups of users\n"
"\n"
"Manage groups of users. By default, new groups are POSIX groups. You\n"
"can add the --nonposix option to the group-add command to mark a new group\n"
"as non-POSIX. You can use the --posix argument with the group-mod command\n"
"to convert a non-POSIX group into a POSIX group. POSIX groups cannot be\n"
"converted to non-POSIX groups.\n"
"\n"
"Every group must have a description.\n"
"\n"
"POSIX groups must have a Group ID (GID) number. Changing a GID is\n"
"supported but can have an impact on your file permissions. It is not "
"necessary\n"
"to supply a GID when creating a group. IPA will generate one automatically\n"
"if it is not provided.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a new group:\n"
"   ipa group-add --desc='local administrators' localadmins\n"
"\n"
" Add a new non-POSIX group:\n"
"   ipa group-add --nonposix --desc='remote administrators' remoteadmins\n"
"\n"
" Convert a non-POSIX group to posix:\n"
"   ipa group-mod --posix remoteadmins\n"
"\n"
" Add a new POSIX group with a specific Group ID number:\n"
"   ipa group-add --gid=500 --desc='unix admins' unixadmins\n"
"\n"
" Add a new POSIX group and let IPA assign a Group ID number:\n"
"   ipa group-add --desc='printer admins' printeradmins\n"
"\n"
" Remove a group:\n"
"   ipa group-del unixadmins\n"
"\n"
" To add the \"remoteadmins\" group to the \"localadmins\" group:\n"
"   ipa group-add-member --groups=remoteadmins localadmins\n"
"\n"
" Add a list of users to the \"localadmins\" group:\n"
"   ipa group-add-member --users=test1,test2 localadmins\n"
"\n"
" Remove a user from the \"localadmins\" group:\n"
"   ipa group-remove-member --users=test2 localadmins\n"
"\n"
" Display information about a named group.\n"
"   ipa group-show localadmins\n"
"\n"
"External group membership is designed to allow users from trusted domains\n"
"to be mapped to local POSIX groups in order to actually use IPA resources.\n"
"External members should be added to groups that specifically created as\n"
"external and non-POSIX. Such group later should be included into one of "
"POSIX\n"
"groups.\n"
"\n"
"An external group member is currently a Security Identifier (SID) as defined "
"by\n"
"the trusted domain. When adding external group members, it is possible to\n"
"specify them in either SID, or DOM\n"
"ame, or name@domain format. IPA will attempt\n"
"to resolve passed name to SID with the use of Global Catalog of the trusted "
"domain.\n"
"\n"
"Example:\n"
"\n"
"1. Create group for the trusted domain admins' mapping and their local POSIX "
"group:\n"
"\n"
"   ipa group-add --desc='<ad.domain> admins external map' ad_admins_external "
"--external\n"
"   ipa group-add --desc='<ad.domain> admins' ad_admins\n"
"\n"
"2. Add security identifier of Domain Admins of the <ad.domain> to the "
"ad_admins_external\n"
"   group:\n"
"\n"
"   ipa group-add-member ad_admins_external --external 'AD\\Domain Admins'\n"
"\n"
"3. Allow members of ad_admins_external group to be associated with ad_admins "
"POSIX group:\n"
"\n"
"   ipa group-add-member ad_admins --groups ad_admins_external\n"
"\n"
"4. List members of external members of ad_admins_external group to see their "
"SIDs:\n"
"\n"
"   ipa group-show ad_admins_external\n"
msgstr ""

msgid ""
"comma-separated list of members of a trusted domain in DOM\\name or "
"name@domain form"
msgstr ""

msgid "comma-separated list of users to add"
msgstr ""

msgid "comma-separated list of groups to add"
msgstr ""

msgid "comma-separated list of users to remove"
msgstr ""

msgid "comma-separated list of groups to remove"
msgstr ""

msgid ""
"\n"
"Host-based access control\n"
"\n"
"Control who can access what services on what hosts and from where. You\n"
"can use HBAC to control which users or groups on a source host can\n"
"access a service, or group of services, on a target host.\n"
"\n"
"You can also specify a category of users, target hosts, and source\n"
"hosts. This is currently limited to \"all\", but might be expanded in the\n"
"future.\n"
"\n"
"Target hosts and source hosts in HBAC rules must be hosts managed by IPA.\n"
"\n"
"The available services and groups of services are controlled by the\n"
"hbacsvc and hbacsvcgroup plug-ins respectively.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Create a rule, \"test1\", that grants all users access to the host "
"\"server\" from\n"
" anywhere:\n"
"   ipa hbacrule-add --usercat=all --srchostcat=all test1\n"
"   ipa hbacrule-add-host --hosts=server.example.com test1\n"
"\n"
" Display the properties of a named HBAC rule:\n"
"   ipa hbacrule-show test1\n"
"\n"
" Create a rule for a specific service. This lets the user john access\n"
" the sshd service on any machine from any machine:\n"
"   ipa hbacrule-add --hostcat=all --srchostcat=all john_sshd\n"
"   ipa hbacrule-add-user --users=john john_sshd\n"
"   ipa hbacrule-add-service --hbacsvcs=sshd john_sshd\n"
"\n"
" Create a rule for a new service group. This lets the user john access\n"
" the FTP service on any machine from any machine:\n"
"   ipa hbacsvcgroup-add ftpers\n"
"   ipa hbacsvc-add sftp\n"
"   ipa hbacsvcgroup-add-member --hbacsvcs=ftp,sftp ftpers\n"
"   ipa hbacrule-add --hostcat=all --srchostcat=all john_ftp\n"
"   ipa hbacrule-add-user --users=john john_ftp\n"
"   ipa hbacrule-add-service --hbacsvcgroups=ftpers john_ftp\n"
"\n"
" Disable a named HBAC rule:\n"
"   ipa hbacrule-disable test1\n"
"\n"
" Remove a named HBAC rule:\n"
"   ipa hbacrule-del allow_server\n"
msgstr ""

#: ipaserver/plugins/hbacrule.py:236
msgid "Source host category"
msgstr ""

#: ipaserver/plugins/hbacrule.py:237
msgid "Source host category the rule applies to"
msgstr ""

#: ipaserver/plugins/hbacrule.py:277
msgid "Source Hosts"
msgstr ""

#: ipaserver/plugins/hbacrule.py:282
msgid "Source Host Groups"
msgstr ""

msgid "comma-separated list of hosts to add"
msgstr ""

msgid "comma-separated list of host groups to add"
msgstr ""

msgid "comma-separated list of HBAC services to add"
msgstr ""

msgid "comma-separated list of HBAC service groups to add"
msgstr ""

msgid "Add source hosts and hostgroups from a HBAC rule."
msgstr ""

msgid "comma-separated list of hosts to remove"
msgstr "제거하려는 호스트의 쉼표로-구분된 목록"

msgid "comma-separated list of host groups to remove"
msgstr ""

msgid "comma-separated list of HBAC services to remove"
msgstr ""

msgid "comma-separated list of HBAC service groups to remove"
msgstr ""

#: ipaserver/plugins/hbacrule.py:578
msgid "Remove source hosts and hostgroups from an HBAC rule."
msgstr ""

msgid ""
"\n"
"HBAC Service Groups\n"
"\n"
"HBAC service groups can contain any number of individual services,\n"
"or \"members\". Every group must have a description.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a new HBAC service group:\n"
"   ipa hbacsvcgroup-add --desc=\"login services\" login\n"
"\n"
" Add members to an HBAC service group:\n"
"   ipa hbacsvcgroup-add-member --hbacsvcs=sshd,login login\n"
"\n"
" Display information about a named group:\n"
"   ipa hbacsvcgroup-show login\n"
"\n"
" Add a new group to the \"login\" group:\n"
"   ipa hbacsvcgroup-add --desc=\"switch users\" login\n"
"   ipa hbacsvcgroup-add-member --hbacsvcs=su,su-l login\n"
"\n"
" Delete an HBAC service group:\n"
"   ipa hbacsvcgroup-del login\n"
msgstr ""

msgid ""
"\n"
"Simulate use of Host-based access controls\n"
"\n"
"HBAC rules control who can access what services on what hosts and from "
"where.\n"
"You can use HBAC to control which users or groups can access a service,\n"
"or group of services, on a target host.\n"
"\n"
"Since applying HBAC rules implies use of a production environment,\n"
"this plugin aims to provide simulation of HBAC rules evaluation without\n"
"having access to the production environment.\n"
"\n"
" Test user coming to a service on a named host against\n"
" existing enabled rules.\n"
"\n"
" ipa hbactest --user= --host= --service=\n"
"              [--rules=rules-list] [--nodetail] [--enabled] [--disabled]\n"
"              [--srchost= ] [--sizelimit= ]\n"
"\n"
" --user, --host, and --service are mandatory, others are optional.\n"
"\n"
" If --rules is specified simulate enabling of the specified rules and test\n"
" the login of the user using only these rules.\n"
"\n"
" If --enabled is specified, all enabled HBAC rules will be added to "
"simulation\n"
"\n"
" If --disabled is specified, all disabled HBAC rules will be added to "
"simulation\n"
"\n"
" If --nodetail is specified, do not return information about rules matched/"
"not matched.\n"
"\n"
" If both --rules and --enabled are specified, apply simulation to --rules "
"_and_\n"
" all IPA enabled rules.\n"
"\n"
" If no --rules specified, simulation is run against all IPA enabled rules.\n"
" By default there is a IPA-wide limit to number of entries fetched, you can "
"change it\n"
" with --sizelimit option.\n"
"\n"
" If --srchost is specified, it will be ignored. It is left because of "
"compatibility reasons only.\n"
"\n"
"EXAMPLES:\n"
"\n"
"    1. Use all enabled HBAC rules in IPA database to simulate:\n"
"    $ ipa  hbactest --user=a1a --host=bar --service=sshd\n"
"    --------------------\n"
"    Access granted: True\n"
"    --------------------\n"
"      notmatched: my-second-rule\n"
"      notmatched: my-third-rule\n"
"      notmatched: myrule\n"
"      matched: allow_all\n"
"\n"
"    2. Disable detailed summary of how rules were applied:\n"
"    $ ipa hbactest --user=a1a --host=bar --service=sshd --nodetail\n"
"    --------------------\n"
"    Access granted: True\n"
"    --------------------\n"
"\n"
"    3. Test explicitly specified HBAC rules:\n"
"    $ ipa hbactest --user=a1a --host=bar --service=sshd           --rules=my-"
"second-rule,myrule\n"
"    ---------------------\n"
"    Access granted: False\n"
"    ---------------------\n"
"      notmatched: my-second-rule\n"
"      notmatched: myrule\n"
"\n"
"    4. Use all enabled HBAC rules in IPA database + explicitly specified "
"rules:\n"
"    $ ipa hbactest --user=a1a --host=bar --service=sshd           --rules=my-"
"second-rule,myrule --enabled\n"
"    --------------------\n"
"    Access granted: True\n"
"    --------------------\n"
"      notmatched: my-second-rule\n"
"      notmatched: my-third-rule\n"
"      notmatched: myrule\n"
"      matched: allow_all\n"
"\n"
"    5. Test all disabled HBAC rules in IPA database:\n"
"    $ ipa hbactest --user=a1a --host=bar --service=sshd --disabled\n"
"    ---------------------\n"
"    Access granted: False\n"
"    ---------------------\n"
"      notmatched: new-rule\n"
"\n"
"    6. Test all disabled HBAC rules in IPA database + explicitly specified "
"rules:\n"
"    $ ipa hbactest --user=a1a --host=bar --service=sshd           --rules=my-"
"second-rule,myrule --disabled\n"
"    ---------------------\n"
"    Access granted: False\n"
"    ---------------------\n"
"      notmatched: my-second-rule\n"
"      notmatched: my-third-rule\n"
"      notmatched: myrule\n"
"\n"
"    7. Test all (enabled and disabled) HBAC rules in IPA database:\n"
"    $ ipa hbactest --user=a1a --host=bar --service=sshd           --enabled "
"--disabled\n"
"    --------------------\n"
"    Access granted: True\n"
"    --------------------\n"
"      notmatched: my-second-rule\n"
"      notmatched: my-third-rule\n"
"      notmatched: myrule\n"
"      notmatched: new-rule\n"
"      matched: allow_all\n"
msgstr ""

#: ipaserver/plugins/hbactest.py:276
msgid "Source host"
msgstr ""

msgid ""
"\n"
"Hosts/Machines\n"
"\n"
"A host represents a machine. It can be used in a number of contexts:\n"
"- service entries are associated with a host\n"
"- a host stores the host/ service principal\n"
"- a host can be used in Host-based Access Control (HBAC) rules\n"
"- every enrolled client generates a host entry\n"
"\n"
"ENROLLMENT:\n"
"\n"
"There are three enrollment scenarios when enrolling a new client:\n"
"\n"
"1. You are enrolling as a full administrator. The host entry may exist\n"
"   or not. A full administrator is a member of the hostadmin role\n"
"   or the admins group.\n"
"2. You are enrolling as a limited administrator. The host must already\n"
"   exist. A limited administrator is a member a role with the\n"
"   Host Enrollment privilege.\n"
"3. The host has been created with a one-time password.\n"
"\n"
"A host can only be enrolled once. If a client has enrolled and needs to\n"
"be re-enrolled, the host entry must be removed and re-created. Note that\n"
"re-creating the host entry will result in all services for the host being\n"
"removed, and all SSL certificates associated with those services being\n"
"revoked.\n"
"\n"
"A host can optionally store information such as where it is located,\n"
"the OS that it runs, etc.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a new host:\n"
"   ipa host-add --location=\"3rd floor lab\" --locality=Dallas test.example."
"com\n"
"\n"
" Delete a host:\n"
"   ipa host-del test.example.com\n"
"\n"
" Add a new host with a one-time password:\n"
"   ipa host-add --os='Fedora 12' --password=Secret123 test.example.com\n"
"\n"
" Add a new host with a random one-time password:\n"
"   ipa host-add --os='Fedora 12' --random test.example.com\n"
"\n"
" Modify information about a host:\n"
"   ipa host-mod --os='Fedora 12' test.example.com\n"
"\n"
" Remove SSH public keys of a host and update DNS to reflect this change:\n"
"   ipa host-mod --sshpubkey= --updatedns test.example.com\n"
"\n"
" Disable the host Kerberos key, SSL certificate and all of its services:\n"
"   ipa host-disable test.example.com\n"
"\n"
" Add a host that can manage this host's keytab and certificate:\n"
"   ipa host-add-managedby --hosts=test2 test\n"
msgstr ""

msgid ""
"\n"
"Groups of hosts.\n"
"\n"
"Manage groups of hosts. This is useful for applying access control to a\n"
"number of hosts by using Host-based Access Control.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a new host group:\n"
"   ipa hostgroup-add --desc=\"Baltimore hosts\" baltimore\n"
"\n"
" Add another new host group:\n"
"   ipa hostgroup-add --desc=\"Maryland hosts\" maryland\n"
"\n"
" Add members to the hostgroup:\n"
"   ipa hostgroup-add-member --hosts=box1,box2,box3 baltimore\n"
"\n"
" Add a hostgroup as a member of another hostgroup:\n"
"   ipa hostgroup-add-member --hostgroups=baltimore maryland\n"
"\n"
" Remove a host from the hostgroup:\n"
"   ipa hostgroup-remove-member --hosts=box2 baltimore\n"
"\n"
" Display a host group:\n"
"   ipa hostgroup-show baltimore\n"
"\n"
" Delete a hostgroup:\n"
"   ipa hostgroup-del baltimore\n"
msgstr ""

msgid ""
"\n"
"ID ranges\n"
"\n"
"Manage ID ranges  used to map Posix IDs to SIDs and back.\n"
"\n"
"There are two type of ID ranges which are both handled by this utility:\n"
"\n"
" - the ID ranges of the local domain\n"
" - the ID ranges of trusted remote domains\n"
"\n"
"Both types have the following attributes in common:\n"
"\n"
" - base-id: the first ID of the Posix ID range\n"
" - range-size: the size of the range\n"
"\n"
"With those two attributes a range object can reserve the Posix IDs starting\n"
"with base-id up to but not including base-id+range-size exclusively.\n"
"\n"
"Additionally an ID range of the local domain may set\n"
" - rid-base: the first RID(*) of the corresponding RID range\n"
" - secondary-rid-base: first RID of the secondary RID range\n"
"\n"
"and an ID range of a trusted domain must set\n"
" - rid-base: the first RID of the corresponding RID range\n"
" - dom_sid: domain SID of the trusted domain\n"
"\n"
"\n"
"\n"
"EXAMPLE: Add a new ID range for a trusted domain\n"
"\n"
"Since there might be more than one trusted domain the domain SID must be "
"given\n"
"while creating the ID range.\n"
"\n"
"  ipa idrange-add --base-id=1200000 --range-size=200000 --rid-"
"base=0                   --dom-sid=S-1-5-21-123-456-789 trusted_dom_range\n"
"\n"
"This ID range is then used by the IPA server and the SSSD IPA provider to\n"
"assign Posix UIDs to users from the trusted domain.\n"
"\n"
"If e.g. a range for a trusted domain is configured with the following "
"values:\n"
" base-id = 1200000\n"
" range-size = 200000\n"
" rid-base = 0\n"
"the RIDs 0 to 199999 are mapped to the Posix ID from 1200000 to 13999999. "
"So\n"
"RID 1000 <-> Posix ID 1201000\n"
"\n"
"\n"
"\n"
"EXAMPLE: Add a new ID range for the local domain\n"
"\n"
"To create an ID range for the local domain it is not necessary to specify a\n"
"domain SID. But since it is possible that a user and a group can have the "
"same\n"
"value as Posix ID a second RID interval is needed to handle conflicts.\n"
"\n"
"  ipa idrange-add --base-id=1200000 --range-size=200000 --rid-"
"base=1000                   --secondary-rid-base=1000000 local_range\n"
"\n"
"The data from the ID ranges of the local domain are used by the IPA server\n"
"internally to assign SIDs to IPA users and groups. The SID will then be "
"stored\n"
"in the user or group objects.\n"
"\n"
"If e.g. the ID range for the local domain is configured with the values "
"from\n"
"the example above then a new user with the UID 1200007 will get the RID "
"1007.\n"
"If this RID is already used by a group the RID will be 1000007. This can "
"only\n"
"happen if a user or a group object was created with a fixed ID because the\n"
"automatic assignment will not assign the same ID twice. Since there are "
"only\n"
"users and groups sharing the same ID namespace it is sufficient to have "
"only\n"
"one fallback range to handle conflicts.\n"
"\n"
"To find the Posix ID for a given RID from the local domain it has to be\n"
"checked first if the RID falls in the primary or secondary RID range and\n"
"the rid-base or the secondary-rid-base has to be subtracted, respectively,\n"
"and the base-id has to be added to get the Posix ID.\n"
"\n"
"Typically the creation of ID ranges happens behind the scenes and this CLI\n"
"must not be used at all. The ID range for the local domain will be created\n"
"during installation or upgrade from an older version. The ID range for a\n"
"trusted domain will be created together with the trust by 'ipa trust-"
"add ...'.\n"
"\n"
"USE CASES:\n"
"\n"
"  Add an ID range from a transitively trusted domain\n"
"\n"
"    If the trusted domain (A) trusts another domain (B) as well and this "
"trust\n"
"    is transitive 'ipa trust-add domain-A' will only create a range for\n"
"    domain A.  The ID range for domain B must be added manually.\n"
"\n"
"  Add an additional ID range for the local domain\n"
"\n"
"    If the ID range of the local domain is exhausted, i.e. no new IDs can "
"be\n"
"    assigned to Posix users or groups by the DNA plugin, a new range has to "
"be\n"
"    created to allow new users and groups to be added. (Currently there is "
"no\n"
"    connection between this range CLI and the DNA plugin, but a future "
"version\n"
"    might be able to modify the configuration of the DNS plugin as well)\n"
"\n"
"In general it is not necessary to modify or delete ID ranges. If there is "
"no\n"
"other way to achieve a certain configuration than to modify or delete an ID\n"
"range it should be done with great care. Because UIDs are stored in the "
"file\n"
"system and are used for access control it might be possible that users are\n"
"allowed to access files of other users if an ID range got deleted and "
"reused\n"
"for a different domain.\n"
"\n"
"(*) The RID is typically the last integer of a user or group SID which "
"follows\n"
"the domain SID. E.g. if the domain SID is S-1-5-21-123-456-789 and a user "
"from\n"
"this domain has the SID S-1-5-21-123-456-789-1010 then 1010 is the RID of "
"the\n"
"user. RIDs are unique in a domain, 32bit values and are used for users and\n"
"groups.\n"
"\n"
"WARNING:\n"
"\n"
"DNA plugin in 389-ds will allocate IDs based on the ranges configured for "
"the\n"
"local domain. Currently the DNA plugin *cannot* be reconfigured itself "
"based\n"
"on the local ranges set via this family of commands.\n"
"\n"
"Manual configuration change has to be done in the DNA plugin configuration "
"for\n"
"the new local range. Specifically, The dnaNextRange attribute of 'cn=Posix\n"
"IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has to "
"be\n"
"modified to match the new range.\n"
msgstr ""

msgid ""
"\n"
"Add new ID range.\n"
"\n"
"    To add a new ID range you always have to specify\n"
"\n"
"        --base-id\n"
"        --range-size\n"
"\n"
"    Additionally\n"
"\n"
"        --rid-base\n"
"        --secondary-rid-base\n"
"\n"
"    may be given for a new ID range for the local domain while\n"
"\n"
"        --rid-bas\n"
"        --dom-sid\n"
"\n"
"    must be given to add a new range for a trusted AD domain.\n"
"\n"
"    WARNING:\n"
"\n"
"    DNA plugin in 389-ds will allocate IDs based on the ranges configured "
"for the\n"
"    local domain. Currently the DNA plugin *cannot* be reconfigured itself "
"based\n"
"    on the local ranges set via this family of commands.\n"
"\n"
"    Manual configuration change has to be done in the DNA plugin "
"configuration for\n"
"    the new local range. Specifically, The dnaNextRange attribute of "
"'cn=Posix\n"
"    IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has "
"to be\n"
"    modified to match the new range.\n"
"    "
msgstr ""

msgid ""
"Comma-separated list of objectclasses used to search for user entries in DS"
msgstr ""

msgid ""
"Comma-separated list of objectclasses used to search for group entries in DS"
msgstr ""

msgid ""
"Comma-separated list of objectclasses to be ignored for user entries in DS"
msgstr ""

msgid "Comma-separated list of attributes to be ignored for user entries in DS"
msgstr ""

msgid ""
"Comma-separated list of objectclasses to be ignored for group entries in DS"
msgstr ""

msgid ""
"Comma-separated list of attributes to be ignored for group entries in DS"
msgstr "DS에서 그룹 항목을 위해 무시되는 속성의 쉼표로-구분된 목록"

msgid "comma-separated list of groups to exclude from migration"
msgstr ""

msgid "comma-separated list of users to exclude from migration"
msgstr ""

msgid ""
"\n"
"Netgroups\n"
"\n"
"A netgroup is a group used for permission checking. It can contain both\n"
"user and host values.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a new netgroup:\n"
"   ipa netgroup-add --desc=\"NFS admins\" admins\n"
"\n"
" Add members to the netgroup:\n"
"   ipa netgroup-add-member --users=tuser1,tuser2 admins\n"
"\n"
" Remove a member from the netgroup:\n"
"   ipa netgroup-remove-member --users=tuser2 admins\n"
"\n"
" Display information about a netgroup:\n"
"   ipa netgroup-show admins\n"
"\n"
" Delete a netgroup:\n"
"   ipa netgroup-del admins\n"
msgstr ""

msgid "comma-separated list of netgroups to add"
msgstr ""

msgid "comma-separated list of netgroups to remove"
msgstr ""

msgid ""
"\n"
"Permissions\n"
"\n"
"A permission enables fine-grained delegation of rights. A permission is\n"
"a human-readable form of a 389-ds Access Control Rule, or instruction "
"(ACI).\n"
"A permission grants the right to perform a specific task such as adding a\n"
"user, modifying a group, etc.\n"
"\n"
"A permission may not contain other permissions.\n"
"\n"
"* A permission grants access to read, write, add or delete.\n"
"* A privilege combines similar permissions (for example all the permissions\n"
"  needed to add a user).\n"
"* A role grants a set of privileges to users, groups, hosts or hostgroups.\n"
"\n"
"A permission is made up of a number of different parts:\n"
"\n"
"1. The name of the permission.\n"
"2. The target of the permission.\n"
"3. The rights granted by the permission.\n"
"\n"
"Rights define what operations are allowed, and may be one or more\n"
"of the following:\n"
"1. write - write one or more attributes\n"
"2. read - read one or more attributes\n"
"3. add - add a new entry to the tree\n"
"4. delete - delete an existing entry\n"
"5. all - all permissions are granted\n"
"\n"
"Read permission is granted for most attributes by default so the read\n"
"permission is not expected to be used very often.\n"
"\n"
"Note the distinction between attributes and entries. The permissions are\n"
"independent, so being able to add a user does not mean that the user will\n"
"be editable.\n"
"\n"
"There are a number of allowed targets:\n"
"1. type: a type of object (user, group, etc).\n"
"2. memberof: a member of a group or hostgroup\n"
"3. filter: an LDAP filter\n"
"4. subtree: an LDAP filter specifying part of the LDAP DIT. This is a\n"
"   super-set of the \"type\" target.\n"
"5. targetgroup: grant access to modify a specific group (such as granting\n"
"   the rights to manage group membership)\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a permission that grants the creation of users:\n"
"   ipa permission-add --type=user --permissions=add \"Add Users\"\n"
"\n"
" Add a permission that grants the ability to manage group membership:\n"
"   ipa permission-add --attrs=member --permissions=write --type=group "
"\"Manage Group Members\"\n"
msgstr ""

msgid ""
"Comma-separated list of permissions to grant (read, write, add, delete, all)"
msgstr ""

msgid ""
"Type of IPA object (user, group, host, hostgroup, service, netgroup, dns)"
msgstr ""

msgid "Target members of a group"
msgstr ""

msgid "User group to apply permissions to"
msgstr ""

msgid "comma-separated list of privileges to add"
msgstr ""

msgid "Add a system permission without an ACI"
msgstr ""

msgid "Permission type"
msgstr ""

msgid "comma-separated list of privileges to remove"
msgstr ""

msgid ""
"\n"
"Ping the remote IPA server to ensure it is running.\n"
"\n"
"The ping command sends an echo request to an IPA server. The server\n"
"returns its version information. This is used by an IPA client\n"
"to confirm that the server is available and accepting requests.\n"
"\n"
"The server from xmlrpc_uri in /etc/ipa/default.conf is contacted first.\n"
"If it does not respond then the client will contact any servers defined\n"
"by ldap SRV records in DNS.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Ping an IPA server:\n"
"   ipa ping\n"
"   ------------------------------------------\n"
"   IPA server version 2.1.9. API version 2.20\n"
"   ------------------------------------------\n"
"\n"
" Ping an IPA server verbosely:\n"
"   ipa -v ping\n"
"   ipa: INFO: trying https://ipa.example.com/ipa/xml\n"
"   ipa: INFO: Forwarding 'ping' to server u'https://ipa.example.com/ipa/"
"xml'\n"
"   -----------------------------------------------------\n"
"   IPA server version 2.1.9. API version 2.20\n"
"   -----------------------------------------------------\n"
msgstr ""

msgid "comma-separated list of roles to add"
msgstr ""

msgid "comma-separated list of permissions"
msgstr ""

msgid "comma-separated list of roles to remove"
msgstr ""

msgid "comma-separated list of privileges"
msgstr ""

msgid ""
"\n"
"Self-service Permissions\n"
"\n"
"A permission enables fine-grained delegation of permissions. Access Control\n"
"Rules, or instructions (ACIs), grant permission to permissions to perform\n"
"given tasks such as adding a user, modifying a group, etc.\n"
"\n"
"A Self-service permission defines what an object can change in its own "
"entry.\n"
"\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a self-service rule to allow users to manage their address:\n"
"   ipa selfservice-add --permissions=write --attrs=street,postalCode,l,c,st "
"\"Users manage their own address\"\n"
"\n"
" When managing the list of attributes you need to include all attributes\n"
" in the list, including existing ones. Add telephoneNumber to the list:\n"
"   ipa selfservice-mod --attrs=street,postalCode,l,c,st,telephoneNumber "
"\"Users manage their own address\"\n"
"\n"
" Display our updated rule:\n"
"   ipa selfservice-show \"Users manage their own address\"\n"
"\n"
" Delete a rule:\n"
"   ipa selfservice-del \"Users manage their own address\"\n"
msgstr ""

msgid ""
"\n"
"Services\n"
"\n"
"A IPA service represents a service that runs on a host. The IPA service\n"
"record can store a Kerberos principal, an SSL certificate, or both.\n"
"\n"
"An IPA service can be managed directly from a machine, provided that\n"
"machine has been given the correct permission. This is true even for\n"
"machines other than the one the service is associated with. For example,\n"
"requesting an SSL certificate using the host service principal credentials\n"
"of the host. To manage a service using host credentials you need to\n"
"kinit as the host:\n"
"\n"
" # kinit -kt /etc/krb5.keytab host/ipa.example.com@EXAMPLE.COM\n"
"\n"
"Adding an IPA service allows the associated service to request an SSL\n"
"certificate or keytab, but this is performed as a separate step; they\n"
"are not produced as a result of adding the service.\n"
"\n"
"Only the public aspect of a certificate is stored in a service record;\n"
"the private key is not stored.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a new IPA service:\n"
"   ipa service-add HTTP/web.example.com\n"
"\n"
" Allow a host to manage an IPA service certificate:\n"
"   ipa service-add-host --hosts=web.example.com HTTP/web.example.com\n"
"   ipa role-add-member --hosts=web.example.com certadmin\n"
"\n"
" Override a default list of supported PAC types for the service:\n"
"   ipa service-mod HTTP/web.example.com --pac-type=MS-PAC\n"
"\n"
" Delete an IPA service:\n"
"   ipa service-del HTTP/web.example.com\n"
"\n"
" Find all IPA services associated with a host:\n"
"   ipa service-find web.example.com\n"
"\n"
" Find all HTTP services:\n"
"   ipa service-find HTTP\n"
"\n"
" Disable the service Kerberos key and SSL certificate:\n"
"   ipa service-disable HTTP/web.example.com\n"
"\n"
" Request a certificate for an IPA service:\n"
"   ipa cert-request --principal=HTTP/web.example.com example.csr\n"
"\n"
" Generate and retrieve a keytab for an IPA service:\n"
"   ipa-getkeytab -s ipa.example.com -p HTTP/web.example.com -k /etc/httpd/"
"httpd.keytab\n"
msgstr ""

msgid ""
"Override default list of supported PAC types. Use 'NONE' to disable PAC "
"support for this service"
msgstr ""

msgid ""
"\n"
"Groups of Sudo Commands\n"
"\n"
"Manage groups of Sudo Commands.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a new Sudo Command Group:\n"
"   ipa sudocmdgroup-add --desc='administrators commands' admincmds\n"
"\n"
" Remove a Sudo Command Group:\n"
"   ipa sudocmdgroup-del admincmds\n"
"\n"
" Manage Sudo Command Group membership, commands:\n"
"   ipa sudocmdgroup-add-member --sudocmds=/usr/bin/less,/usr/bin/vim "
"admincmds\n"
"\n"
" Manage Sudo Command Group membership, commands:\n"
"   ipa group-remove-member --sudocmds=/usr/bin/less admincmds\n"
"\n"
" Show a Sudo Command Group:\n"
"   ipa group-show localadmins\n"
msgstr ""

msgid "comma-separated list of sudo commands to add"
msgstr ""

msgid "comma-separated list of sudo commands to remove"
msgstr ""

msgid "Active directory domain administrator's password"
msgstr ""

msgid "GECOS field"
msgstr ""

msgid ""
"\n"
"Sudo Rules\n"
"\n"
"Sudo (su \"do\") allows a system administrator to delegate authority to\n"
"give certain users (or groups of users) the ability to run some (or all)\n"
"commands as root or another user while providing an audit trail of the\n"
"commands and their arguments.\n"
"\n"
"IPA provides a means to configure the various aspects of Sudo:\n"
"   Users: The user(s)/group(s) allowed to invoke Sudo.\n"
"   Hosts: The host(s)/hostgroup(s) which the user is allowed to to invoke "
"Sudo.\n"
"   Allow Command: The specific command(s) permitted to be run via Sudo.\n"
"   Deny Command: The specific command(s) prohibited to be run via Sudo.\n"
"   RunAsUser: The user(s) or group(s) of users whose rights Sudo will be "
"invoked with.\n"
"   RunAsGroup: The group(s) whose gid rights Sudo will be invoked with.\n"
"   Options: The various Sudoers Options that can modify Sudo's behavior.\n"
"\n"
"An order can be added to a sudorule to control the order in which they\n"
"are evaluated (if the client supports it). This order is an integer and\n"
"must be unique.\n"
"\n"
"IPA provides a designated binddn to use with Sudo located at:\n"
"uid=sudo,cn=sysaccounts,cn=etc,dc=example,dc=com\n"
"\n"
"To enable the binddn run the following command to set the password:\n"
"LDAPTLS_CACERT=/etc/ipa/ca.crt /usr/bin/ldappasswd -S -W \\\n"
"    -H ldap://ipa.example.com -ZZ -D \"cn=Directory Manager\" \\\n"
"    uid=sudo,cn=sysaccounts,cn=etc,dc=example,dc=com\n"
"\n"
"For more information, see the IPA Documentation to Sudo.\n"
msgstr ""

msgid "comma-separated list of sudo command groups to add"
msgstr ""

msgid "comma-separated list of sudo command groups to remove"
msgstr ""

#: ipaclient/frontend.py:28 ipaclient/frontend.py:90
#: ipaserver/plugins/baseldap.py:53
msgid "Failed members"
msgstr ""

#: ipaclient/frontend.py:32 ipaserver/plugins/baseldap.py:176
msgid "Failed source hosts/hostgroups"
msgstr ""

#: ipaclient/frontend.py:36 ipaserver/plugins/baseldap.py:179
msgid "Failed hosts/hostgroups"
msgstr ""

#: ipaclient/frontend.py:40 ipaserver/plugins/baseldap.py:182
msgid "Failed users/groups"
msgstr ""

#: ipaclient/frontend.py:44 ipaserver/plugins/baseldap.py:185
msgid "Failed service/service groups"
msgstr ""

#: ipaclient/frontend.py:48 ipaserver/plugins/baseldap.py:188
msgid "Failed to remove"
msgstr ""

#: ipaclient/frontend.py:53 ipaserver/plugins/baseldap.py:192
msgid "Failed RunAs"
msgstr ""

#: ipaclient/frontend.py:57 ipaserver/plugins/baseldap.py:195
msgid "Failed RunAsGroup"
msgstr ""

#: ipaclient/frontend.py:62 ipaserver/plugins/caacl.py:473
msgid "Failed profiles"
msgstr ""

#: ipaclient/frontend.py:66 ipaserver/plugins/caacl.py:476
msgid "Failed CAs"
msgstr ""

#: ipaclient/frontend.py:71 ipaserver/plugins/group.py:183
#: ipaserver/plugins/hostgroup.py:95
msgid "Failed member manager"
msgstr ""

#: ipaclient/frontend.py:76 ipaserver/plugins/host.py:209
msgid "Failed managedby"
msgstr ""

#: ipaclient/frontend.py:81 ipaserver/plugins/host.py:236
#: ipaserver/plugins/service.py:158
msgid "Failed allowed to retrieve keytab"
msgstr ""

#: ipaclient/frontend.py:85 ipaserver/plugins/host.py:239
#: ipaserver/plugins/service.py:161
msgid "Failed allowed to create keytab"
msgstr ""

#: ipaclient/frontend.py:94
msgid "Failed targets"
msgstr ""

#: ipalib/errors.py:296
#, python-format
msgid "%(cver)s client incompatible with %(sver)s server at '%(server)s'"
msgstr ""

#: ipalib/errors.py:314
#, python-format
msgid "unknown error %(code)d from %(server)s: %(error)s"
msgstr ""

#: ipalib/errors.py:330
msgid "an internal error has occurred"
msgstr ""

#: ipalib/errors.py:352
#, python-format
msgid "an internal error has occurred on server at '%(server)s'"
msgstr ""

#: ipalib/errors.py:368
#, python-format
msgid "unknown command '%(name)s'"
msgstr ""

#: ipalib/errors.py:385 ipalib/errors.py:410
#, python-format
msgid "error on server '%(server)s': %(error)s"
msgstr ""

#: ipalib/errors.py:401
#, python-format
msgid "cannot connect to '%(uri)s': %(error)s"
msgstr ""

#: ipalib/errors.py:419
#, python-format
msgid "Invalid JSON-RPC request: %(error)s"
msgstr ""

#: ipalib/errors.py:435
#, python-format
msgid "error marshalling data for XML-RPC transport: %(error)s"
msgstr ""

#: ipalib/errors.py:451
#, python-format
msgid "Missing or invalid HTTP Referer, %(referer)s"
msgstr ""

#: ipalib/errors.py:469
#, python-format
msgid ""
"System encoding must be UTF-8, '%(encoding)s' is not supported. Set "
"LC_ALL=\"C.UTF-8\", or LC_ALL=\"\" and LC_CTYPE=\"C.UTF-8\"."
msgstr ""

#: ipalib/errors.py:497
#, python-format
msgid "Kerberos error: %(major)s/%(minor)s"
msgstr ""

#: ipalib/errors.py:514
msgid "did not receive Kerberos credentials"
msgstr ""

#: ipalib/errors.py:530
#, python-format
msgid "Service '%(service)s' not found in Kerberos database"
msgstr ""

#: ipalib/errors.py:546
msgid "No credentials cache found"
msgstr ""

#: ipalib/errors.py:562
msgid "Ticket expired"
msgstr ""

#: ipalib/errors.py:578
msgid "Credentials cache permissions incorrect"
msgstr ""

#: ipalib/errors.py:594
msgid "Bad format in credentials cache"
msgstr ""

#: ipalib/errors.py:610
msgid "Cannot resolve KDC for requested realm"
msgstr ""

#: ipalib/errors.py:622
msgid "Session error"
msgstr ""

#: ipalib/errors.py:630
#, python-format
msgid "Principal %(principal)s cannot be authenticated: %(message)s"
msgstr ""

#: ipalib/errors.py:666
#, python-format
msgid "Insufficient access: %(info)s"
msgstr ""

#: ipalib/errors.py:710
#, python-format
msgid "command '%(name)s' takes no arguments"
msgstr ""

#: ipalib/errors.py:730
#, python-format
msgid "command '%(name)s' takes at most %(count)d argument"
msgid_plural "command '%(name)s' takes at most %(count)d arguments"
msgstr[0] ""
msgstr[1] ""

#: ipalib/errors.py:760
#, python-format
msgid "overlapping arguments and options: %(names)s"
msgstr ""

#: ipalib/errors.py:776
#, python-format
msgid "'%(name)s' is required"
msgstr ""

#: ipalib/errors.py:792 ipalib/errors.py:808
#, python-format
msgid "invalid '%(name)s': %(error)s"
msgstr ""

#: ipalib/errors.py:824
#, python-format
msgid "api has no such namespace: '%(name)s'"
msgstr ""

#: ipalib/errors.py:833
msgid "Passwords do not match"
msgstr ""

#: ipalib/errors.py:842
msgid "Command not implemented"
msgstr ""

#: ipalib/errors.py:851
msgid "Client is not configured. Run ipa-client-install."
msgstr ""

#: ipalib/errors.py:860
#, python-format
msgid "Could not get %(name)s interactively"
msgstr ""

#: ipalib/errors.py:875
#, python-format
msgid "Command '%(name)s' has been deprecated"
msgstr ""

#: ipalib/errors.py:891
#, python-format
msgid "Domain '%(domain)s' is not a root domain for forest '%(forest)s'"
msgstr ""

#: ipalib/errors.py:918 ipalib/errors.py:1158 ipalib/errors.py:1237
#: ipalib/errors.py:1403 ipalib/errors.py:1468 ipalib/errors.py:1785
#: ipalib/errors.py:1802
#, python-format
msgid "%(reason)s"
msgstr ""

#: ipalib/errors.py:934
msgid "This entry already exists"
msgstr ""

#: ipalib/errors.py:950
msgid "You must enroll a host in order to create a host service"
msgstr ""

#: ipalib/errors.py:966
#, python-format
msgid ""
"Service principal is not of the form: service/fully-qualified host name: "
"%(reason)s"
msgstr ""

#: ipalib/errors.py:982
msgid ""
"The realm for the principal does not match the realm for this IPA server"
msgstr ""

#: ipalib/errors.py:998
msgid "This command requires root access"
msgstr ""

#: ipalib/errors.py:1014
msgid "This is already a posix group"
msgstr ""

#: ipalib/errors.py:1030
#, python-format
msgid "Principal is not of the form user@REALM: '%(principal)s'"
msgstr ""

#: ipalib/errors.py:1046
msgid "This entry is already enabled"
msgstr ""

#: ipalib/errors.py:1062
msgid "This entry is already disabled"
msgstr ""

#: ipalib/errors.py:1078
msgid "This entry cannot be enabled or disabled"
msgstr ""

#: ipalib/errors.py:1094
msgid "This entry is not a member"
msgstr ""

#: ipalib/errors.py:1110
msgid "A group may not be a member of itself"
msgstr ""

#: ipalib/errors.py:1126
msgid "This entry is already a member"
msgstr ""

#: ipalib/errors.py:1142
#, python-format
msgid "Base64 decoding failed: %(reason)s"
msgstr ""

#: ipalib/errors.py:1174
msgid "A group may not be added as a member of itself"
msgstr ""

#: ipalib/errors.py:1190
msgid "The default users group cannot be removed"
msgstr ""

#: ipalib/errors.py:1206
msgid "Deleting a managed group is not allowed. It must be detached first."
msgstr ""

#: ipalib/errors.py:1221
msgid "A managed group cannot have a password policy."
msgstr ""

#: ipalib/errors.py:1253
#, python-format
msgid "'%(entry)s' doesn't have a certificate."
msgstr ""

#: ipalib/errors.py:1269
#, python-format
msgid "Unable to create private group. A group '%(group)s' already exists."
msgstr ""

#: ipalib/errors.py:1285
#, python-format
msgid ""
"A problem was encountered when verifying that all members were %(verb)s: "
"%(exc)s"
msgstr ""

#: ipalib/errors.py:1303
#, python-format
msgid "%(attr)s does not contain '%(value)s'"
msgstr ""

#: ipalib/errors.py:1320
#, python-format
msgid ""
"The search criteria was not specific enough. Expected 1 and found %(found)d."
msgstr ""

#: ipalib/errors.py:1337
msgid "This group already allows external members"
msgstr ""

#: ipalib/errors.py:1354
msgid "This group cannot be posix because it is external"
msgstr ""

#: ipalib/errors.py:1371
msgid "This is already a posix group and cannot be converted to external one"
msgstr ""

#: ipalib/errors.py:1420
#, python-format
msgid "Server removal aborted: %(reason)s."
msgstr ""

#: ipalib/errors.py:1430
#, python-format
msgid "%(operation)s is not supported for %(principal_type)s principals"
msgstr ""

#: ipalib/errors.py:1440
#, python-format
msgid "Request failed with status %(status)s: %(reason)s"
msgstr ""

#: ipalib/errors.py:1458
#, python-format
msgid ""
"Mapping ruleset \"%(ruleset)s\" has more than one rule for the %(helper)s "
"helper"
msgstr ""

#: ipalib/errors.py:1477
#, python-format
msgid "'%(attr)s' already contains one or more values"
msgstr ""

#: ipalib/errors.py:1501
#, python-format
msgid "no command nor help topic '%(topic)s'"
msgstr ""

#: ipalib/errors.py:1525
msgid "change collided with another change"
msgstr ""

#: ipalib/errors.py:1541
msgid "no modifications to be performed"
msgstr ""

#: ipalib/errors.py:1557
#, python-format
msgid "%(desc)s: %(info)s"
msgstr ""

#: ipalib/errors.py:1573
msgid "limits exceeded for this query"
msgstr ""

#: ipalib/errors.py:1588
#, python-format
msgid "%(info)s"
msgstr ""

#: ipalib/errors.py:1603
msgid "modifying primary key is not allowed"
msgstr ""

#: ipalib/errors.py:1619
#, python-format
msgid "%(attr)s: Only one value allowed."
msgstr ""

#: ipalib/errors.py:1635
#, python-format
msgid "%(attr)s: Invalid syntax."
msgstr ""

#: ipalib/errors.py:1651
#, python-format
msgid "Bad search filter %(info)s"
msgstr ""

#: ipalib/errors.py:1667
msgid "Not allowed on non-leaf entry"
msgstr ""

#: ipalib/errors.py:1683
msgid "LDAP timeout"
msgstr ""

#: ipalib/errors.py:1699
#, python-format
msgid "%(task)s LDAP task timeout, Task DN: '%(task_dn)s'"
msgstr ""

#: ipalib/errors.py:1708
msgid "Configured time limit exceeded"
msgstr ""

#: ipalib/errors.py:1717
msgid "Configured size limit exceeded"
msgstr ""

#: ipalib/errors.py:1727
msgid "Configured administrative server limit exceeded"
msgstr ""

#: ipalib/errors.py:1752
#, python-format
msgid "Certificate operation cannot be completed: %(error)s"
msgstr ""

#: ipalib/errors.py:1768
#, python-format
msgid "Certificate format error: %(error)s"
msgstr ""

#: ipalib/errors.py:1819
msgid "Already registered"
msgstr ""

#: ipalib/errors.py:1835
msgid "Not registered yet"
msgstr ""

#: ipalib/errors.py:1851
#, python-format
msgid "%(key)s cannot be deleted because %(label)s %(dependent)s requires it"
msgstr ""

#: ipalib/errors.py:1867
#, python-format
msgid ""
"%(key)s cannot be deleted or disabled because it is the last member of "
"%(label)s %(container)s"
msgstr ""

#: ipalib/errors.py:1883
#, python-format
msgid "%(label)s %(key)s cannot be deleted/modified: %(reason)s"
msgstr ""

#: ipalib/errors.py:1900
#, python-format
msgid "%(name)s certificate is not valid"
msgstr ""

#: ipalib/errors.py:1918
#, python-format
msgid "Schema is up to date (FP '%(fingerprint)s', TTL %(ttl)s s)"
msgstr ""

#: ipalib/errors.py:1945
#, python-format
msgid "Host '%(hostname)s' does not have corresponding DNS A/AAAA record"
msgstr ""

#: ipalib/errors.py:1963
#, python-format
msgid "DNS check failed: Expected {%(expected)s} got {%(got)s}"
msgstr ""

#: ipalib/errors.py:1979
#, python-format
msgid "%(exception)s"
msgstr ""

#: ipalib/errors.py:2006
#, python-format
msgid ""
"Forest '%(forest)s' has existing trust to forest(s) %(domains)s which "
"prevents a trust to '%(conflict)s'"
msgstr ""

#: ipalib/messages.py:84
msgid "Additional instructions:"
msgstr ""

#: ipalib/messages.py:146
#, python-format
msgid ""
"API Version number was not sent, forward compatibility not guaranteed. "
"Assuming server's API version, %(server_version)s"
msgstr ""

#: ipalib/messages.py:158
msgid ""
"DNS forwarder semantics changed since IPA 4.0.\n"
"You may want to use forward zones (dnsforwardzone-*) instead.\n"
"For more details read the docs."
msgstr ""

#: ipalib/messages.py:170
#, python-format
msgid ""
"DNSSEC support is experimental.\n"
"%(additional_info)s"
msgstr ""

#: ipalib/messages.py:180
#, python-format
msgid "'%(option)s' option is deprecated. %(additional_info)s"
msgstr ""

#: ipalib/messages.py:190
#, python-format
msgid ""
"Semantic of %(label)s was changed. %(current_behavior)s\n"
"%(hint)s"
msgstr ""

#: ipalib/messages.py:201
#, python-format
msgid "DNS server %(server)s: %(error)s."
msgstr ""

#: ipalib/messages.py:211
#, python-format
msgid ""
"DNS server %(server)s does not support DNSSEC: %(error)s.\n"
"If DNSSEC validation is enabled on IPA server(s), please disable it."
msgstr ""

#: ipalib/messages.py:224
#, python-format
msgid ""
"forward zone \"%(fwzone)s\" is not effective because of missing proper NS "
"delegation in authoritative zone \"%(authzone)s\". Please add NS record "
"\"%(ns_rec)s\" to parent zone \"%(authzone)s\"."
msgstr ""

#: ipalib/messages.py:238
#, python-format
msgid ""
"DNS server %(server)s does not support EDNS0 (RFC 6891): %(error)s.\n"
"If DNSSEC validation is enabled on IPA server(s), please disable it."
msgstr ""

#: ipalib/messages.py:251
#, python-format
msgid ""
"DNSSEC validation failed: %(error)s.\n"
"Please verify your DNSSEC configuration or disable DNSSEC validation on all "
"IPA servers."
msgstr ""

#: ipalib/messages.py:265
#, python-format
msgid ""
"The _kerberos TXT record from domain %(domain)s could not be created "
"(%(error)s).\n"
"This can happen if the zone is not managed by IPA. Please create the record "
"manually, containing the following value: '%(realm)s'"
msgstr ""

#: ipalib/messages.py:281
#, python-format
msgid ""
"The _kerberos TXT record from domain %(domain)s could not be removed "
"(%(error)s).\n"
"This can happen if the zone is not managed by IPA. Please remove the record "
"manually."
msgstr ""

#: ipalib/messages.py:295
msgid ""
"No DNSSEC key master is installed. DNSSEC zone signing will not work until "
"the DNSSEC key master is installed."
msgstr ""

#: ipalib/messages.py:310
#, python-format
msgid ""
"Relative record name '%(record)s' contains the zone name '%(zone)s' as a "
"suffix, which results in FQDN '%(fqdn)s'. This is usually a mistake caused "
"by a missing dot at the end of the name specification."
msgstr ""

#: ipalib/messages.py:323
#, python-format
msgid "'%(command)s' is deprecated. %(additional_info)s"
msgstr ""

#: ipalib/messages.py:333
#, python-format
msgid "%(line)s"
msgstr ""

#: ipalib/messages.py:343
#, python-format
msgid "Search result has been truncated: %(reason)s"
msgstr ""

#: ipalib/messages.py:353
#, python-format
msgid ""
"Your trust to %(domain)s is broken. Please re-create it by running 'ipa "
"trust-add' again."
msgstr ""

#: ipalib/messages.py:372
#, python-format
msgid "DNS record(s) of host %(host)s could not be removed. (%(reason)s)"
msgstr ""

#: ipalib/messages.py:386
msgid ""
"Forwarding policy conflicts with some automatic empty zones. Queries for "
"zones specified by RFC 6303 will ignore forwarding and recursion and always "
"result in NXDOMAIN answers. To override this behavior use forward policy "
"'only'."
msgstr ""

#: ipalib/messages.py:400
#, python-format
msgid "Update of system record '%(record)s' failed with error: %(error)s"
msgstr ""

#: ipalib/messages.py:411
#, python-format
msgid ""
"IPA does not manage the zone %(zone)s, please add records to your DNS server "
"manually"
msgstr ""

#: ipalib/messages.py:423
msgid ""
"Automatic update of DNS system records failed. Please re-run update of "
"system records manually to get list of missing records."
msgstr ""

#: ipalib/messages.py:436
#, python-format
msgid ""
"Service %(service)s requires restart on IPA server %(server)s to apply "
"configuration changes."
msgstr ""

#: ipalib/messages.py:448
#, python-format
msgid ""
"No DNS servers in IPA location %(location)s. Without DNS servers location is "
"not working as expected."
msgstr ""

#: ipalib/messages.py:475
#, python-format
msgid "%(subject)s: Malformed certificate. %(reason)s"
msgstr ""

#: ipalib/messages.py:486
#, python-format
msgid "The host was added but the DNS update failed with: %(reason)s"
msgstr ""

#: ipalib/messages.py:496
#, python-format
msgid "The certificate for %(ca)s is not available on this server."
msgstr ""

#: ipalib/misc.py:22
#, python-format
msgid "%(count)d variables"
msgstr ""

#: ipalib/misc.py:96
#, python-format
msgid "%(count)d plugin loaded"
msgid_plural "%(count)d plugins loaded"
msgstr[0] ""
msgstr[1] ""

#: ipalib/output.py:110
msgid "A dictionary representing an LDAP entry"
msgstr ""

#: ipalib/output.py:118
msgid "A list of LDAP entries"
msgstr ""

#: ipalib/output.py:170
msgid "All commands should at least have a result"
msgstr ""

#: ipalib/cli.py:630
#, python-format
msgid "Enter %(label)s again to verify: "
msgstr ""

#: ipalib/cli.py:639
msgid "Passwords do not match!"
msgstr ""

#: ipalib/cli.py:662
msgid "No matching entries found"
msgstr ""

#: ipalib/cli.py:737
msgid "Topic or Command"
msgstr ""

#: ipalib/cli.py:738
msgid "The topic or command name."
msgstr ""

#: ipalib/cli.py:910
msgid "Topic commands:"
msgstr ""

#: ipalib/cli.py:916
msgid "To get command help, use:"
msgstr ""

#: ipalib/cli.py:917
msgid "  ipa <command> --help"
msgstr ""

#: ipalib/cli.py:928
msgid "Command name"
msgstr ""

#: ipalib/cli.py:1151
msgid "Positional arguments"
msgstr ""

#: ipalib/cli.py:1297
#, python-format
msgid "Same as --%s"
msgstr ""

#: ipalib/cli.py:1300
msgid "Deprecated options"
msgstr ""

#: ipalib/cli.py:1429
msgid "No file to read"
msgstr ""

#: ipalib/frontend.py:425
msgid "Results are truncated, try a more specific search"
msgstr ""

#: ipalib/frontend.py:584 ipatests/test_xmlrpc/test_ping_plugin.py:52
#, python-format
msgid "Unknown option: %(option)s"
msgstr ""

#: ipalib/frontend.py:981 ipaserver/plugins/batch.py:83
msgid "Client version. Used to determine if server will accept request."
msgstr ""

#: ipalib/plugable.py:534
#, python-format
msgid "%(filename)s: file not found"
msgstr ""

#: ipalib/plugable.py:607
#, python-brace-format
msgid "Unable to parse option {item}"
msgstr ""

#: ipalib/rpc.py:1109
msgid "any of the configured servers"
msgstr ""

#: ipalib/rpc.py:1192
msgid "Exceeded number of tries to forward a request."
msgstr ""

#: ipalib/util.py:213
msgid "Filename is empty"
msgstr ""

#: ipalib/util.py:217
#, python-format
msgid "Permission denied: %(file)s"
msgstr ""

#: ipalib/util.py:412 ipalib/util.py:944
msgid "empty DNS label"
msgstr ""

#: ipalib/util.py:415
msgid "DNS label cannot be longer that 63 characters"
msgstr ""

#: ipalib/util.py:420
#, python-format
msgid ""
"only letters, numbers, %(chars)s are allowed. DNS label may not start or end "
"with %(chars2)s"
msgstr ""

#: ipalib/util.py:436
msgid "single label {}s are not supported"
msgstr ""

#: ipalib/util.py:446
msgid "too many '@' characters"
msgstr ""

#: ipalib/util.py:475
msgid "cannot be longer that {} characters"
msgstr ""

#: ipalib/util.py:482
msgid "hostname contains empty label (consecutive dots)"
msgstr ""

#: ipalib/util.py:486
msgid "not fully qualified"
msgstr ""

#: ipalib/util.py:499 ipalib/util.py:508
msgid "invalid SSH public key"
msgstr ""

#: ipalib/util.py:511
msgid "options are not allowed"
msgstr ""

#: ipalib/util.py:747
msgid "invalid hostmask"
msgstr ""

#: ipalib/util.py:761
#, python-format
msgid "query '%(owner)s %(rtype)s': %(error)s"
msgstr ""

#: ipalib/util.py:765
#, python-format
msgid "query '%(owner)s %(rtype)s' with EDNS0: %(error)s"
msgstr ""

#: ipalib/util.py:769
#, python-format
msgid ""
"answer to query '%(owner)s %(rtype)s' is missing DNSSEC signatures (no RRSIG "
"data)"
msgstr ""

#: ipalib/util.py:774
#, python-format
msgid "record '%(owner)s %(rtype)s' failed DNSSEC validation on server %(ip)s"
msgstr ""

#: ipalib/util.py:942
msgid "invalid escape code in domain name"
msgstr ""

#: ipalib/util.py:946
msgid "domain name cannot be longer than 255 characters"
msgstr ""

#: ipalib/util.py:948
msgid "DNS label cannot be longer than 63 characters"
msgstr ""

#: ipalib/util.py:950
msgid "invalid domain name"
msgstr ""

#: ipalib/util.py:963
#, python-format
msgid "domain name '%(domain)s' should be normalized to: %(normalized)s"
msgstr ""

#: ipalib/util.py:1112
#, python-format
msgid "invalid domain-name: %s"
msgstr ""

#: ipalib/util.py:1124
#, python-format
msgid "invalid IP address version (is %(value)d, must be %(required_value)d)!"
msgstr ""

#: ipalib/util.py:1130
msgid "invalid IP address format"
msgstr ""

#: ipalib/util.py:1148
#, python-format
msgid "%(port)s is not a valid port"
msgstr ""

#: ipalib/util.py:1181
msgid ""
"at least one value equal to the canonical principal name must be present"
msgstr ""

#: ipalib/util.py:1268
msgid "realm or UPN suffix overlaps with trusted domain namespace"
msgstr ""

#: ipalib/parameters.py:415
msgid "incorrect type"
msgstr ""

#: ipalib/parameters.py:418
msgid "Only one value is allowed"
msgstr ""

#: ipalib/parameters.py:885
msgid "this option is deprecated"
msgstr ""

#: ipalib/parameters.py:1003
msgid "must be True or False"
msgstr ""

#: ipalib/parameters.py:1101 ipalib/parameters.py:2294
msgid "must be an integer"
msgstr ""

#: ipalib/parameters.py:1167
#, python-format
msgid "must be at least %(minvalue)d"
msgstr ""

#: ipalib/parameters.py:1179
#, python-format
msgid "can be at most %(maxvalue)d"
msgstr ""

#: ipalib/parameters.py:1197
msgid "must be a decimal number"
msgstr ""

#: ipalib/parameters.py:1243
#, python-format
msgid "must be at least %(minvalue)s"
msgstr ""

#: ipalib/parameters.py:1255
#, python-format
msgid "can be at most %(maxvalue)s"
msgstr ""

#: ipalib/parameters.py:1265
#, python-format
msgid ""
"number class '%(cls)s' is not included in a list of allowed number classes: "
"%(allowed)s"
msgstr ""

#: ipalib/parameters.py:1388
#, python-format
msgid "must match pattern \"%(pattern)s\""
msgstr ""

#: ipalib/parameters.py:1408
msgid "must be binary data"
msgstr ""

#: ipalib/parameters.py:1427
#, python-format
msgid "must be at least %(minlength)d bytes"
msgstr ""

#: ipalib/parameters.py:1439
#, python-format
msgid "can be at most %(maxlength)d bytes"
msgstr ""

#: ipalib/parameters.py:1451
#, python-format
msgid "must be exactly %(length)d bytes"
msgstr ""

#: ipalib/parameters.py:1468
msgid "must be a certificate"
msgstr ""

#: ipalib/parameters.py:1504
msgid "must be a certificate signing request"
msgstr ""

#: ipalib/parameters.py:1550
#, python-format
msgid "Failure decoding Certificate Signing Request: %s"
msgstr ""

#: ipalib/parameters.py:1574
msgid "must be Unicode text"
msgstr ""

#: ipalib/parameters.py:1605
msgid "Leading and trailing spaces are not allowed"
msgstr ""

#: ipalib/parameters.py:1615
#, python-format
msgid "must be at least %(minlength)d characters"
msgstr ""

#: ipalib/parameters.py:1627
#, python-format
msgid "can be at most %(maxlength)d characters"
msgstr ""

#: ipalib/parameters.py:1639
#, python-format
msgid "must be exactly %(length)d characters"
msgstr ""

#: ipalib/parameters.py:1661
#, python-format
msgid "The character %(char)r is not allowed."
msgstr ""

#: ipalib/parameters.py:1714
#, python-format
msgid "must be '%(value)s'"
msgstr ""

#: ipalib/parameters.py:1717
#, python-format
msgid "must be one of %(values)s"
msgstr ""

#: ipalib/parameters.py:1834
msgid "must be datetime value"
msgstr ""

#: ipalib/parameters.py:1852
msgid "does not match any of accepted formats: "
msgstr ""

#: ipalib/parameters.py:2035
msgid "incomplete time value"
msgstr ""

#: ipalib/parameters.py:2112
msgid "must be DNS name"
msgstr ""

#: ipalib/parameters.py:2140
msgid "must be absolute"
msgstr ""

#: ipalib/parameters.py:2146
msgid "must be relative"
msgstr ""

#: ipalib/parameters.py:2157
msgid "must be dictionary"
msgstr ""

#: ipalib/parameters.py:2166
msgid "must be Kerberos principal"
msgstr ""

#: ipalib/parameters.py:2182
#, python-format
msgid "Malformed principal: '%(value)s'"
msgstr ""

#: ipalib/parameters.py:2191
msgid "Service principal is required"
msgstr ""

#: ipalib/parameters.py:2279
msgid "must be at least 0"
msgstr ""

#: ipalib/parameters.py:2288
msgid "invalid valid hex"
msgstr ""

#: ipalib/parameters.py:2299
msgid "invalid serial number 0"
msgstr ""

#: ipapython/dogtag.py:113
#, python-format
msgid "Retrieving CA cert chain failed: %s"
msgstr ""

#: ipapython/dogtag.py:119
#, python-format
msgid "request failed with HTTP status %d"
msgstr ""

#: ipapython/dogtag.py:136
#, python-format
msgid "Retrieving CA status failed: %s"
msgstr ""

#: ipapython/dogtag.py:158
#, python-format
msgid "Retrieving CA status failed with status %d"
msgstr ""

#: ipapython/ipaldap.py:1189
#, python-format
msgid "objectclass %s not found"
msgstr ""

#: ipaserver/dcerpc_common.py:20
msgid "Trusting forest"
msgstr ""

#: ipaserver/dcerpc_common.py:21
msgid "Trusted forest"
msgstr ""

#: ipaserver/dcerpc_common.py:26
msgid "Established and verified"
msgstr ""

#: ipaserver/dcerpc_common.py:27
msgid "Waiting for confirmation by remote side"
msgstr ""

#: ipaserver/dcerpc_common.py:30
msgid "Unknown"
msgstr ""

#: ipaserver/dcerpc_common.py:36
msgid "Non-Active Directory domain"
msgstr ""

#: ipaserver/dcerpc_common.py:37 ipaserver/plugins/internal.py:1258
msgid "Active Directory domain"
msgstr ""

#: ipaserver/dcerpc_common.py:38
msgid "RFC4120-compliant Kerberos realm"
msgstr ""

#: ipaserver/dcerpc_common.py:39
msgid ""
"Non-transitive external trust to a domain in another Active Directory forest"
msgstr ""

#: ipaserver/dcerpc_common.py:41
msgid "Non-transitive external trust to an RFC4120-compliant Kerberos realm"
msgstr ""

#: ipaserver/install/ipa_acme_manage.py:45 ipaserver/plugins/dogtag.py:1211
msgid "Failed to authenticate to CA REST API"
msgstr ""

#: ipaserver/install/certs.py:480
#, python-format
msgid "Unable to communicate with CMS (status %d)"
msgstr ""

#: ipaserver/install/replication.py:1787 ipaserver/install/replication.py:1806
#, python-format
msgid "Replication agreement for %(hostname)s not found"
msgstr ""

#: ipaserver/plugins/automount.py:218
msgid "automount location"
msgstr ""

#: ipaserver/plugins/automount.py:219
msgid "automount locations"
msgstr ""

#: ipaserver/plugins/automount.py:222
msgid "Automount Locations"
msgstr ""

#: ipaserver/plugins/automount.py:223
msgid "Automount Location"
msgstr ""

#: ipaserver/plugins/automount.py:263
#, python-format
msgid "Added automount location \"%(value)s\""
msgstr "추가된 자동적재 위치 \"%(value)s\""

#: ipaserver/plugins/automount.py:283
#, python-format
msgid "Deleted automount location \"%(value)s\""
msgstr ""

#: ipaserver/plugins/automount.py:296
#, python-format
msgid "%(count)d automount location matched"
msgid_plural "%(count)d automount locations matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/automount.py:349
msgid "automount map"
msgstr ""

#: ipaserver/plugins/automount.py:350
msgid "automount maps"
msgstr ""

#: ipaserver/plugins/automount.py:393
msgid "Automount Maps"
msgstr ""

#: ipaserver/plugins/automount.py:394
msgid "Automount Map"
msgstr ""

#: ipaserver/plugins/automount.py:401
#, python-format
msgid "Added automount map \"%(value)s\""
msgstr ""

#: ipaserver/plugins/automount.py:408
#, python-format
msgid "Deleted automount map \"%(value)s\""
msgstr ""

#: ipaserver/plugins/automount.py:428
#, python-format
msgid "Modified automount map \"%(value)s\""
msgstr ""

#: ipaserver/plugins/automount.py:436
#, python-format
msgid "%(count)d automount map matched"
msgid_plural "%(count)d automount maps matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/automount.py:448
msgid "Automount key object."
msgstr ""

#: ipaserver/plugins/automount.py:452
msgid "automount key"
msgstr ""

#: ipaserver/plugins/automount.py:453
msgid "automount keys"
msgstr ""

#: ipaserver/plugins/automount.py:512
msgid "Automount Keys"
msgstr ""

#: ipaserver/plugins/automount.py:513
msgid "Automount Key"
msgstr ""

#: ipaserver/plugins/automount.py:514
#, python-format
msgid ""
"The key,info pair must be unique. A key named %(key)s with info %(info)s "
"already exists"
msgstr ""

#: ipaserver/plugins/automount.py:515
#, python-format
msgid "key named %(key)s already exists"
msgstr ""

#: ipaserver/plugins/automount.py:516
#, python-format
msgid "The automount key %(key)s with info %(info)s does not exist"
msgstr ""

#: ipaserver/plugins/automount.py:566
#, python-format
msgid ""
"More than one entry with key %(key)s found, use --info to select specific "
"entry."
msgstr ""

#: ipaserver/plugins/automount.py:625
#, python-format
msgid "Added automount key \"%(value)s\""
msgstr ""

#: ipaserver/plugins/automount.py:654
#, python-format
msgid "Added automount indirect map \"%(value)s\""
msgstr ""

#: ipaserver/plugins/automount.py:678
msgid "mount point is relative to parent map, cannot begin with /"
msgstr ""

#: ipaserver/plugins/automount.py:707
#, python-format
msgid "Deleted automount key \"%(value)s\""
msgstr ""

#: ipaserver/plugins/automount.py:748
#, python-format
msgid "Modified automount key \"%(value)s\""
msgstr ""

#: ipaserver/plugins/automount.py:807
#, python-format
msgid "%(count)d automount key matched"
msgid_plural "%(count)d automount keys matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/certprofile.py:21
msgid ""
"\n"
"Manage Certificate Profiles\n"
"\n"
"Certificate Profiles are used by Certificate Authority (CA) in the signing "
"of\n"
"certificates to determine if a Certificate Signing Request (CSR) is "
"acceptable,\n"
"and if so what features and extensions will be present on the certificate.\n"
"\n"
"The Certificate Profile format is the property-list format understood by "
"the\n"
"Dogtag or Red Hat Certificate System CA.\n"
"\n"
"PROFILE ID SYNTAX:\n"
"\n"
"A Profile ID is a string without spaces or punctuation starting with a "
"letter\n"
"and followed by a sequence of letters, digits or underscore (\"_\").\n"
"\n"
"EXAMPLES:\n"
"\n"
"  Import a profile that will not store issued certificates:\n"
"    ipa certprofile-import ShortLivedUserCert \\\n"
"      --file UserCert.profile --desc \"User Certificates\" \\\n"
"      --store=false\n"
"\n"
"  Delete a certificate profile:\n"
"    ipa certprofile-del ShortLivedUserCert\n"
"\n"
"  Show information about a profile:\n"
"    ipa certprofile-show ShortLivedUserCert\n"
"\n"
"  Save profile configuration to a file:\n"
"    ipa certprofile-show caIPAserviceCert --out caIPAserviceCert.cfg\n"
"\n"
"  Search for profiles that do not store certificates:\n"
"    ipa certprofile-find --store=false\n"
"\n"
"PROFILE CONFIGURATION FORMAT:\n"
"\n"
"The profile configuration format is the raw property-list format\n"
"used by Dogtag Certificate System.  The XML format is not supported.\n"
"\n"
"The following restrictions apply to profiles managed by IPA:\n"
"\n"
"- When importing a profile the \"profileId\" field, if present, must\n"
"  match the ID given on the command line.\n"
"\n"
"- The \"classId\" field must be set to \"caEnrollImpl\"\n"
"\n"
"- The \"auth.instance_id\" field must be set to \"raCertAuth\"\n"
"\n"
"- The \"certReqInputImpl\" input class and \"certOutputImpl\" output\n"
"  class must be used.\n"
"\n"
msgstr ""

#: ipaserver/plugins/certprofile.py:86 ipaserver/plugins/cert.py:283
msgid "CA is not configured"
msgstr ""

#: ipaserver/plugins/certprofile.py:95
msgid "invalid Profile ID"
msgstr ""

#: ipaserver/plugins/certprofile.py:106 ipaserver/plugins/certprofile.py:116
msgid "Certificate Profile"
msgstr ""

#: ipaserver/plugins/certprofile.py:107 ipaserver/plugins/certprofile.py:115
msgid "Certificate Profiles"
msgstr ""

#: ipaserver/plugins/certprofile.py:126
msgid "Profile configuration"
msgstr ""

#: ipaserver/plugins/certprofile.py:190
#, python-format
msgid "%(count)d profile matched"
msgid_plural "%(count)d profiles matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/certprofile.py:222
#, python-format
msgid "Imported profile \"%(value)s\""
msgstr ""

#: ipaserver/plugins/certprofile.py:247
#, python-format
msgid "Profile data specifies profileId multiple times: %(values)s"
msgstr ""

#: ipaserver/plugins/certprofile.py:255
#, python-format
msgid "Profile ID '%(cli_value)s' does not match profile data '%(file_value)s'"
msgstr ""

#: ipaserver/plugins/certprofile.py:282
#, python-format
msgid "Deleted profile \"%(value)s\""
msgstr ""

#: ipaserver/plugins/certprofile.py:289
#, python-format
msgid "Predefined profile '%(profile_id)s' cannot be deleted"
msgstr ""

#: ipaserver/plugins/certprofile.py:305
#, python-format
msgid "Modified Certificate Profile \"%(value)s\""
msgstr ""

#: ipaserver/plugins/certprofile.py:322
msgid "Certificate profiles cannot be renamed"
msgstr ""

#: ipaserver/plugins/certprofile.py:327
msgid "Insufficient privilege to modify a certificate profile."
msgstr ""

#: ipaserver/plugins/delegation.py:67
msgid "delegation"
msgstr ""

#: ipaserver/plugins/delegation.py:68
msgid "delegations"
msgstr ""

#: ipaserver/plugins/delegation.py:69
msgid "Delegations"
msgstr ""

#: ipaserver/plugins/delegation.py:70
msgid "Delegation"
msgstr ""

#: ipaserver/plugins/delegation.py:101 ipaserver/plugins/selfservice.py:94
#: ipaserver/plugins/aci.py:514 ipaserver/plugins/permission.py:359
msgid "ACI"
msgstr ""

#: ipaserver/plugins/delegation.py:132
#, python-format
msgid "Added delegation \"%(value)s\""
msgstr ""

#: ipaserver/plugins/delegation.py:153
#, python-format
msgid "Deleted delegation \"%(value)s\""
msgstr ""

#: ipaserver/plugins/delegation.py:170
#, python-format
msgid "Modified delegation \"%(value)s\""
msgstr ""

#: ipaserver/plugins/delegation.py:189
#, python-format
msgid "%(count)d delegation matched"
msgid_plural "%(count)d delegations matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/dnsserver.py:35
msgid ""
"\n"
"DNS server configuration\n"
msgstr ""

#: ipaserver/plugins/dnsserver.py:37
msgid ""
"\n"
"Manipulate DNS server configuration\n"
msgstr ""

#: ipaserver/plugins/dnsserver.py:41
msgid ""
"\n"
"  Show configuration of a specific DNS server:\n"
"    ipa dnsserver-show\n"
msgstr ""

#: ipaserver/plugins/dnsserver.py:44
msgid ""
"\n"
"  Update configuration of a specific DNS server:\n"
"    ipa dnsserver-mod\n"
msgstr ""

#: ipaserver/plugins/dnsserver.py:62
msgid "DNS server"
msgstr ""

#: ipaserver/plugins/dnsserver.py:63
msgid "DNS servers"
msgstr ""

#: ipaserver/plugins/dnsserver.py:71
msgid "DNS Servers"
msgstr ""

#: ipaserver/plugins/dnsserver.py:72
msgid "DNS Server"
msgstr ""

#: ipaserver/plugins/dnsserver.py:113
msgid "DNS Server name"
msgstr ""

#: ipaserver/plugins/dnsserver.py:119
msgid "SOA mname override"
msgstr ""

#: ipaserver/plugins/dnsserver.py:120
msgid "SOA mname (authoritative server) override"
msgstr ""

#: ipaserver/plugins/dnsserver.py:126
msgid "Forwarders"
msgstr ""

#: ipaserver/plugins/dnsserver.py:128
msgid ""
"Per-server forwarders. A custom port can be specified for each forwarder "
"using a standard format \"IP_ADDRESS port PORT\""
msgstr ""

#: ipaserver/plugins/dnsserver.py:138
msgid ""
"Per-server conditional forwarding policy. Set to \"none\" to disable "
"forwarding to global forwarder for this zone. In that case, conditional zone "
"forwarders are disregarded."
msgstr ""

#: ipaserver/plugins/dnsserver.py:148 ipaserver/plugins/dns.py:2063
#: ipaserver/plugins/dns.py:2237 ipaserver/plugins/dns.py:3210
#: ipaserver/plugins/dns.py:4191
msgid "DNS is not configured"
msgstr ""

#: ipaserver/plugins/dnsserver.py:154
msgid "Modify DNS server configuration"
msgstr ""

#: ipaserver/plugins/dnsserver.py:157
#, python-format
msgid "Modified DNS server \"%(value)s\""
msgstr ""

#: ipaserver/plugins/dnsserver.py:162
msgid "Search for DNS servers."
msgstr ""

#: ipaserver/plugins/dnsserver.py:166
#, python-format
msgid "%(count)d DNS server matched"
msgid_plural "%(count)d DNS servers matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/dnsserver.py:176
msgid "IPA DNS Server is not installed"
msgstr ""

#: ipaserver/plugins/dnsserver.py:183
msgid "Display configuration of a DNS server."
msgstr ""

#: ipaserver/plugins/dnsserver.py:193
msgid "Add a new DNS server."
msgstr ""

#: ipaserver/plugins/dnsserver.py:196
#, python-format
msgid "Added new DNS server \"%(value)s\""
msgstr ""

#: ipaserver/plugins/dnsserver.py:205
msgid "Delete a DNS server"
msgstr ""

#: ipaserver/plugins/dnsserver.py:208
#, python-format
msgid "Deleted DNS server \"%(value)s\""
msgstr ""

#: ipaserver/plugins/domainlevel.py:69
#, python-brace-format
msgid ""
"Domain Level cannot be raised to {0}, existing replication conflicts have to "
"be resolved."
msgstr ""

#: ipaserver/plugins/domainlevel.py:112
msgid "Server does not support domain level functionality"
msgstr ""

#: ipaserver/plugins/domainlevel.py:147
msgid "Domain Level cannot be lowered."
msgstr ""

#: ipaserver/plugins/domainlevel.py:155
#, python-brace-format
msgid "Domain Level cannot be raised to {0}, server {1} does not support it."
msgstr ""

#: ipaserver/plugins/group.py:62
msgid ""
"\n"
"Groups of users\n"
"\n"
"Manage groups of users, groups, or services. By default, new groups are "
"POSIX\n"
"groups. You can add the --nonposix option to the group-add command to mark "
"a\n"
"new group as non-POSIX. You can use the --posix argument with the group-mod\n"
"command to convert a non-POSIX group into a POSIX group. POSIX groups cannot "
"be\n"
"converted to non-POSIX groups.\n"
"\n"
"Every group must have a description.\n"
"\n"
"POSIX groups must have a Group ID (GID) number. Changing a GID is\n"
"supported but can have an impact on your file permissions. It is not "
"necessary\n"
"to supply a GID when creating a group. IPA will generate one automatically\n"
"if it is not provided.\n"
"\n"
"Groups members can be users, other groups, and Kerberos services. In POSIX\n"
"environments only users will be visible as group members, but nested groups "
"and\n"
"groups of services can be used for IPA management purposes.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a new group:\n"
"   ipa group-add --desc='local administrators' localadmins\n"
"\n"
" Add a new non-POSIX group:\n"
"   ipa group-add --nonposix --desc='remote administrators' remoteadmins\n"
"\n"
" Convert a non-POSIX group to posix:\n"
"   ipa group-mod --posix remoteadmins\n"
"\n"
" Add a new POSIX group with a specific Group ID number:\n"
"   ipa group-add --gid=500 --desc='unix admins' unixadmins\n"
"\n"
" Add a new POSIX group and let IPA assign a Group ID number:\n"
"   ipa group-add --desc='printer admins' printeradmins\n"
"\n"
" Remove a group:\n"
"   ipa group-del unixadmins\n"
"\n"
" To add the \"remoteadmins\" group to the \"localadmins\" group:\n"
"   ipa group-add-member --groups=remoteadmins localadmins\n"
"\n"
" Add multiple users to the \"localadmins\" group:\n"
"   ipa group-add-member --users=test1 --users=test2 localadmins\n"
"\n"
" To add Kerberos services to the \"printer admins\" group:\n"
"   ipa group-add-member --services=CUPS/some.host printeradmins\n"
"\n"
" Remove a user from the \"localadmins\" group:\n"
"   ipa group-remove-member --users=test2 localadmins\n"
"\n"
" Display information about a named group.\n"
"   ipa group-show localadmins\n"
"\n"
"Group membership managers are users or groups that can add members to a\n"
"group or remove members from a group.\n"
"\n"
" Allow user \"test2\" to add or remove members from group \"localadmins\":\n"
"   ipa group-add-member-manager --users=test2 localadmins\n"
"\n"
" Revoke membership management rights for user \"test2\" from "
"\"localadmins\":\n"
"   ipa group-remove-member-manager --users=test2 localadmins\n"
"\n"
"External group membership is designed to allow users from trusted domains\n"
"to be mapped to local POSIX groups in order to actually use IPA resources.\n"
"External members should be added to groups that specifically created as\n"
"external and non-POSIX. Such group later should be included into one of "
"POSIX\n"
"groups.\n"
"\n"
"An external group member is currently a Security Identifier (SID) as defined "
"by\n"
"the trusted domain. When adding external group members, it is possible to\n"
"specify them in either SID, or DOM\\name, or name@domain format. IPA will "
"attempt\n"
"to resolve passed name to SID with the use of Global Catalog of the trusted "
"domain.\n"
"\n"
"Example:\n"
"\n"
"1. Create group for the trusted domain admins' mapping and their local POSIX "
"group:\n"
"\n"
"   ipa group-add --desc='<ad.domain> admins external map' ad_admins_external "
"--external\n"
"   ipa group-add --desc='<ad.domain> admins' ad_admins\n"
"\n"
"2. Add security identifier of Domain Admins of the <ad.domain> to the "
"ad_admins_external\n"
"   group:\n"
"\n"
"   ipa group-add-member ad_admins_external --external 'AD\\Domain Admins'\n"
"\n"
"3. Allow members of ad_admins_external group to be associated with ad_admins "
"POSIX group:\n"
"\n"
"   ipa group-add-member ad_admins --groups ad_admins_external\n"
"\n"
"4. List members of external members of ad_admins_external group to see their "
"SIDs:\n"
"\n"
"   ipa group-show ad_admins_external\n"
msgstr ""

#: ipaserver/plugins/group.py:195
msgid "groups"
msgstr ""

#: ipaserver/plugins/group.py:328
msgid "User Group"
msgstr ""

#: ipaserver/plugins/group.py:360
#, python-format
msgid "Added group \"%(value)s\""
msgstr ""

#: ipaserver/plugins/group.py:383
msgid "gid cannot be set for external group"
msgstr ""

#: ipaserver/plugins/group.py:395
msgid "attribute \"gidNumber\" not allowed with --nonposix"
msgstr ""

#: ipaserver/plugins/group.py:404
#, python-format
msgid "Deleted group \"%(value)s\""
msgstr ""

#: ipaserver/plugins/group.py:418
msgid "privileged group"
msgstr ""

#: ipaserver/plugins/group.py:451
#, python-format
msgid "Modified group \"%(value)s\""
msgstr ""

#: ipaserver/plugins/group.py:526
#, python-format
msgid "%(count)d group matched"
msgid_plural "%(count)d groups matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/group.py:629 ipaserver/plugins/group.py:686
#: ipaserver/plugins/hbactest.py:402
msgid ""
"Cannot perform external member validation without Samba 4 support installed. "
"Make sure you have installed server-trust-ad sub-package of IPA on the server"
msgstr ""

#: ipaserver/plugins/group.py:634 ipaserver/plugins/group.py:691
#: ipaserver/plugins/trust.py:874
msgid ""
"Cannot perform join operation without own domain configured. Make sure you "
"have run ipa-adtrust-install on the IPA server first"
msgstr ""

#: ipaserver/plugins/group.py:725
#, python-format
msgid "Detached group \"%(value)s\" from user \"%(value)s\""
msgstr ""

#: ipaserver/plugins/group.py:750
msgid "not allowed to modify user entries"
msgstr ""

#: ipaserver/plugins/group.py:761
msgid "not allowed to modify group entries"
msgstr ""

#: ipaserver/plugins/group.py:781
msgid "Not a managed group"
msgstr ""

#: ipaserver/plugins/group.py:803
msgid "Add users that can manage members of this group."
msgstr ""

#: ipaserver/plugins/group.py:811
msgid "Remove users that can manage members of this group."
msgstr ""

#: ipaserver/plugins/hbac.py:7
msgid "Host-based access control commands"
msgstr ""

#: ipaserver/plugins/hbacsvc.py:28
msgid ""
"\n"
"HBAC Services\n"
"\n"
"The PAM services that HBAC can control access to. The name used here\n"
"must match the service name that PAM is evaluating.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a new HBAC service:\n"
"   ipa hbacsvc-add tftp\n"
"\n"
" Modify an existing HBAC service:\n"
"   ipa hbacsvc-mod --desc=\"TFTP service\" tftp\n"
"\n"
" Search for HBAC services. This example will return two results, the FTP\n"
" service and the newly-added tftp service:\n"
"   ipa hbacsvc-find ftp\n"
"\n"
" Delete an HBAC service:\n"
"   ipa hbacsvc-del tftp\n"
"\n"
msgstr ""

#: ipaserver/plugins/hbacsvc.py:62
msgid "HBAC services"
msgstr ""

#: ipaserver/plugins/hbacsvc.py:95 ipaserver/plugins/hbacrule.py:286
msgid "HBAC Services"
msgstr ""

#: ipaserver/plugins/hbacsvc.py:96
msgid "HBAC Service"
msgstr ""

#: ipaserver/plugins/hbacsvc.py:119
#, python-format
msgid "Added HBAC service \"%(value)s\""
msgstr ""

#: ipaserver/plugins/hbacsvc.py:127
#, python-format
msgid "Deleted HBAC service \"%(value)s\""
msgstr ""

#: ipaserver/plugins/hbacsvc.py:135
#, python-format
msgid "Modified HBAC service \"%(value)s\""
msgstr ""

#: ipaserver/plugins/hbacsvc.py:144
#, python-format
msgid "%(count)d HBAC service matched"
msgid_plural "%(count)d HBAC services matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/hbacsvcgroup.py:64
msgid "HBAC service group"
msgstr ""

#: ipaserver/plugins/hbacsvcgroup.py:65
msgid "HBAC service groups"
msgstr ""

#: ipaserver/plugins/hbacsvcgroup.py:108 ipaserver/plugins/hbacrule.py:290
msgid "HBAC Service Groups"
msgstr ""

#: ipaserver/plugins/hbacsvcgroup.py:109
msgid "HBAC Service Group"
msgstr ""

#: ipaserver/plugins/hbacsvcgroup.py:131
#, python-format
msgid "Added HBAC service group \"%(value)s\""
msgstr ""

#: ipaserver/plugins/hbacsvcgroup.py:139
#, python-format
msgid "Deleted HBAC service group \"%(value)s\""
msgstr ""

#: ipaserver/plugins/hbacsvcgroup.py:147
#, python-format
msgid "Modified HBAC service group \"%(value)s\""
msgstr ""

#: ipaserver/plugins/hbacsvcgroup.py:156
#, python-format
msgid "%(count)d HBAC service group matched"
msgid_plural "%(count)d HBAC service groups matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/hostgroup.py:35
msgid ""
"\n"
"Groups of hosts.\n"
"\n"
"Manage groups of hosts. This is useful for applying access control to a\n"
"number of hosts by using Host-based Access Control.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a new host group:\n"
"   ipa hostgroup-add --desc=\"Baltimore hosts\" baltimore\n"
"\n"
" Add another new host group:\n"
"   ipa hostgroup-add --desc=\"Maryland hosts\" maryland\n"
"\n"
" Add members to the hostgroup (using Bash brace expansion):\n"
"   ipa hostgroup-add-member --hosts={box1,box2,box3} baltimore\n"
"\n"
" Add a hostgroup as a member of another hostgroup:\n"
"   ipa hostgroup-add-member --hostgroups=baltimore maryland\n"
"\n"
" Remove a host from the hostgroup:\n"
"   ipa hostgroup-remove-member --hosts=box2 baltimore\n"
"\n"
" Display a host group:\n"
"   ipa hostgroup-show baltimore\n"
"\n"
" Add a member manager:\n"
"   ipa hostgroup-add-member-manager --users=user1 baltimore\n"
"\n"
" Remove a member manager\n"
"   ipa hostgroup-remove-member-manager --users=user1 baltimore\n"
"\n"
" Delete a hostgroup:\n"
"   ipa hostgroup-del baltimore\n"
msgstr ""

#: ipaserver/plugins/hostgroup.py:107
msgid "host groups"
msgstr ""

#: ipaserver/plugins/hostgroup.py:179
msgid "Host Group"
msgstr ""

#: ipaserver/plugins/hostgroup.py:223
#, python-format
msgid "Added hostgroup \"%(value)s\""
msgstr ""

#: ipaserver/plugins/hostgroup.py:239
#, python-format
msgid ""
"netgroup with name \"%s\" already exists. Hostgroups and netgroups share a "
"common namespace"
msgstr ""

#: ipaserver/plugins/hostgroup.py:262
#, python-format
msgid "Deleted hostgroup \"%(value)s\""
msgstr ""

#: ipaserver/plugins/hostgroup.py:266 ipaserver/plugins/hostgroup.py:284
#: ipaserver/plugins/hostgroup.py:349
msgid "hostgroup"
msgstr ""

#: ipaserver/plugins/hostgroup.py:268 ipaserver/plugins/hostgroup.py:286
msgid "privileged hostgroup"
msgstr ""

#: ipaserver/plugins/hostgroup.py:278
#, python-format
msgid "Modified hostgroup \"%(value)s\""
msgstr ""

#: ipaserver/plugins/hostgroup.py:303
#, python-format
msgid "%(count)d hostgroup matched"
msgid_plural "%(count)d hostgroups matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/hostgroup.py:362
msgid "Add users that can manage members of this hostgroup."
msgstr ""

#: ipaserver/plugins/hostgroup.py:372
msgid "Remove users that can manage members of this hostgroup."
msgstr ""

#: ipaserver/plugins/idrange.py:43
msgid ""
"=======\n"
"WARNING:\n"
"\n"
"DNA plugin in 389-ds will allocate IDs based on the ranges configured for "
"the\n"
"local domain. Currently the DNA plugin *cannot* be reconfigured itself "
"based\n"
"on the local ranges set via this family of commands.\n"
"\n"
"Manual configuration change has to be done in the DNA plugin configuration "
"for\n"
"the new local range. Specifically, The dnaNextRange attribute of 'cn=Posix\n"
"IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has to "
"be\n"
"modified to match the new range.\n"
"=======\n"
msgstr ""

#: ipaserver/plugins/idrange.py:57
msgid ""
"\n"
"ID ranges\n"
"\n"
"Manage ID ranges  used to map Posix IDs to SIDs and back.\n"
"\n"
"There are two type of ID ranges which are both handled by this utility:\n"
"\n"
" - the ID ranges of the local domain\n"
" - the ID ranges of trusted remote domains\n"
"\n"
"Both types have the following attributes in common:\n"
"\n"
" - base-id: the first ID of the Posix ID range\n"
" - range-size: the size of the range\n"
"\n"
"With those two attributes a range object can reserve the Posix IDs starting\n"
"with base-id up to but not including base-id+range-size exclusively.\n"
"\n"
"Additionally an ID range of the local domain may set\n"
" - rid-base: the first RID(*) of the corresponding RID range\n"
" - secondary-rid-base: first RID of the secondary RID range\n"
"\n"
"and an ID range of a trusted domain must set\n"
" - rid-base: the first RID of the corresponding RID range\n"
" - sid: domain SID of the trusted domain\n"
"\n"
"and an ID range of a trusted domain may set\n"
" - auto-private-groups: [true|false|hybrid] automatic creation of private "
"groups\n"
"\n"
"\n"
"\n"
"EXAMPLE: Add a new ID range for a trusted domain\n"
"\n"
"Since there might be more than one trusted domain the domain SID must be "
"given\n"
"while creating the ID range.\n"
"\n"
"  ipa idrange-add --base-id=1200000 --range-size=200000 --rid-base=0 \\\n"
"                  --dom-sid=S-1-5-21-123-456-789 trusted_dom_range\n"
"\n"
"This ID range is then used by the IPA server and the SSSD IPA provider to\n"
"assign Posix UIDs to users from the trusted domain.\n"
"\n"
"If e.g. a range for a trusted domain is configured with the following "
"values:\n"
" base-id = 1200000\n"
" range-size = 200000\n"
" rid-base = 0\n"
"the RIDs 0 to 199999 are mapped to the Posix ID from 1200000 to 13999999. "
"So\n"
"RID 1000 <-> Posix ID 1201000\n"
"\n"
"\n"
"\n"
"EXAMPLE: Add a new ID range for the local domain\n"
"\n"
"To create an ID range for the local domain it is not necessary to specify a\n"
"domain SID. But since it is possible that a user and a group can have the "
"same\n"
"value as Posix ID a second RID interval is needed to handle conflicts.\n"
"\n"
"  ipa idrange-add --base-id=1200000 --range-size=200000 --rid-base=1000 \\\n"
"                  --secondary-rid-base=1000000 local_range\n"
"\n"
"The data from the ID ranges of the local domain are used by the IPA server\n"
"internally to assign SIDs to IPA users and groups. The SID will then be "
"stored\n"
"in the user or group objects.\n"
"\n"
"If e.g. the ID range for the local domain is configured with the values "
"from\n"
"the example above then a new user with the UID 1200007 will get the RID "
"1007.\n"
"If this RID is already used by a group the RID will be 1000007. This can "
"only\n"
"happen if a user or a group object was created with a fixed ID because the\n"
"automatic assignment will not assign the same ID twice. Since there are "
"only\n"
"users and groups sharing the same ID namespace it is sufficient to have "
"only\n"
"one fallback range to handle conflicts.\n"
"\n"
"To find the Posix ID for a given RID from the local domain it has to be\n"
"checked first if the RID falls in the primary or secondary RID range and\n"
"the rid-base or the secondary-rid-base has to be subtracted, respectively,\n"
"and the base-id has to be added to get the Posix ID.\n"
"\n"
"Typically the creation of ID ranges happens behind the scenes and this CLI\n"
"must not be used at all. The ID range for the local domain will be created\n"
"during installation or upgrade from an older version. The ID range for a\n"
"trusted domain will be created together with the trust by 'ipa trust-"
"add ...'.\n"
"\n"
"USE CASES:\n"
"\n"
"  Add an ID range from a transitively trusted domain\n"
"\n"
"    If the trusted domain (A) trusts another domain (B) as well and this "
"trust\n"
"    is transitive 'ipa trust-add domain-A' will only create a range for\n"
"    domain A.  The ID range for domain B must be added manually.\n"
"\n"
"  Add an additional ID range for the local domain\n"
"\n"
"    If the ID range of the local domain is exhausted, i.e. no new IDs can "
"be\n"
"    assigned to Posix users or groups by the DNA plugin, a new range has to "
"be\n"
"    created to allow new users and groups to be added. (Currently there is "
"no\n"
"    connection between this range CLI and the DNA plugin, but a future "
"version\n"
"    might be able to modify the configuration of the DNS plugin as well)\n"
"\n"
"In general it is not necessary to modify or delete ID ranges. If there is "
"no\n"
"other way to achieve a certain configuration than to modify or delete an ID\n"
"range it should be done with great care. Because UIDs are stored in the "
"file\n"
"system and are used for access control it might be possible that users are\n"
"allowed to access files of other users if an ID range got deleted and "
"reused\n"
"for a different domain.\n"
"\n"
"(*) The RID is typically the last integer of a user or group SID which "
"follows\n"
"the domain SID. E.g. if the domain SID is S-1-5-21-123-456-789 and a user "
"from\n"
"this domain has the SID S-1-5-21-123-456-789-1010 then 1010 is the RID of "
"the\n"
"user. RIDs are unique in a domain, 32bit values and are used for users and\n"
"groups.\n"
"\n"
msgstr ""

#: ipaserver/plugins/idrange.py:202
msgid "ID Ranges"
msgstr ""

#: ipaserver/plugins/idrange.py:203
msgid "ID Range"
msgstr ""

#: ipaserver/plugins/idrange.py:207
msgid "local domain range"
msgstr ""

#: ipaserver/plugins/idrange.py:210 ipaserver/plugins/trust.py:675
msgid "Active Directory domain range"
msgstr ""

#: ipaserver/plugins/idrange.py:211 ipaserver/plugins/trust.py:676
msgid "Active Directory trust range with POSIX attributes"
msgstr ""

#: ipaserver/plugins/idrange.py:255
msgid "ID range type, one of allowed values"
msgstr ""

#: ipaserver/plugins/idrange.py:260 ipaserver/plugins/internal.py:1250
msgid "Auto private groups"
msgstr ""

#: ipaserver/plugins/idrange.py:262
msgid "Auto creation of private groups, one of allowed values"
msgstr ""

#: ipaserver/plugins/idrange.py:336
msgid ""
"range modification leaving objects with ID out of the defined range is not "
"allowed"
msgstr ""

#: ipaserver/plugins/idrange.py:341
msgid ""
"Cannot perform SID validation without Samba 4 support installed. Make sure "
"you have installed server-trust-ad sub-package of IPA on the server"
msgstr ""

#: ipaserver/plugins/idrange.py:348
msgid ""
"Cross-realm trusts are not configured. Make sure you have run ipa-adtrust-"
"install on the IPA server first"
msgstr ""

#: ipaserver/plugins/idrange.py:360
msgid "SID is not recognized as a valid SID for a trusted domain"
msgstr ""

#: ipaserver/plugins/idrange.py:397
msgid ""
"\n"
"    Add new ID range.\n"
"\n"
"    To add a new ID range you always have to specify\n"
"\n"
"        --base-id\n"
"        --range-size\n"
"\n"
"    Additionally\n"
"\n"
"        --rid-base\n"
"        --secondary-rid-base\n"
"\n"
"    may be given for a new ID range for the local domain while\n"
"\n"
"        --auto-private-groups\n"
"\n"
"    may be given for a new ID range for a trusted AD domain and\n"
"\n"
"        --rid-base\n"
"        --dom-sid\n"
"\n"
"    must be given to add a new range for a trusted AD domain.\n"
"\n"
msgstr ""

#: ipaserver/plugins/idrange.py:423
#, python-format
msgid "Added ID range \"%(value)s\""
msgstr ""

#: ipaserver/plugins/idrange.py:435 ipaserver/plugins/idrange.py:698
msgid "Options dom-sid and dom-name cannot be used together"
msgstr ""

#: ipaserver/plugins/idrange.py:446
msgid "Specified trusted domain name could not be found."
msgstr ""

#: ipaserver/plugins/idrange.py:461
msgid "Options dom-sid/dom-name and rid-base must be used together"
msgstr ""

#: ipaserver/plugins/idrange.py:468 ipaserver/plugins/idrange.py:733
msgid ""
"Option rid-base must not be used when IPA range type is ipa-ad-trust-posix"
msgstr ""

#: ipaserver/plugins/idrange.py:475
msgid ""
"IPA Range type must be one of ipa-ad-trust or ipa-ad-trust-posix when SID of "
"the trusted domain is specified"
msgstr ""

#: ipaserver/plugins/idrange.py:481
msgid "Options dom-sid/dom-name and secondary-rid-base cannot be used together"
msgstr ""

#: ipaserver/plugins/idrange.py:500
msgid ""
"IPA Range type must not be one of ipa-ad-trust or ipa-ad-trust-posix when "
"SID of the trusted domain is not specified."
msgstr ""

#: ipaserver/plugins/idrange.py:510
msgid ""
"IPA Range type must be one of ipa-ad-trust or ipa-ad-trust-posix when auto-"
"private-groups is specified"
msgstr ""

#: ipaserver/plugins/idrange.py:517 ipaserver/plugins/idrange.py:752
msgid "Options secondary-rid-base and rid-base must be used together"
msgstr ""

#: ipaserver/plugins/idrange.py:527 ipaserver/plugins/idrange.py:775
msgid "Primary RID range and secondary RID range cannot overlap"
msgstr ""

#: ipaserver/plugins/idrange.py:539
msgid ""
"You must specify both rid-base and secondary-rid-base options, because ipa-"
"adtrust-install has already been run."
msgstr ""

#: ipaserver/plugins/idrange.py:558
#, python-format
msgid "Deleted ID range \"%(value)s\""
msgstr ""

#: ipaserver/plugins/idrange.py:607
#, python-format
msgid "%(count)d range matched"
msgid_plural "%(count)d ranges matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/idrange.py:643
msgid ""
"Modify ID range.\n"
"\n"
msgstr ""

#: ipaserver/plugins/idrange.py:647
#, python-format
msgid "Modified ID range \"%(value)s\""
msgstr ""

#: ipaserver/plugins/idrange.py:682
msgid ""
"This command can not be used to change ID allocation for local IPA domain. "
"Run `ipa help idrange` for more information"
msgstr ""

#: ipaserver/plugins/idrange.py:710
msgid ""
"SID for the specified trusted domain name could not be found. Please specify "
"the SID directly using dom-sid option."
msgstr ""

#: ipaserver/plugins/idrange.py:717
msgid "Options dom-sid and secondary-rid-base cannot be used together"
msgstr ""

#: ipaserver/plugins/idrange.py:724
msgid "Options dom-sid and rid-base must be used together"
msgstr ""

#: ipaserver/plugins/join.py:125
#, python-format
msgid ""
"Insufficient 'write' privilege to the 'krbLastPwdChange' attribute of entry "
"'%s'."
msgstr ""

#: ipaserver/plugins/location.py:33
msgid ""
"\n"
"IPA locations\n"
msgstr ""

#: ipaserver/plugins/location.py:35
msgid ""
"\n"
"Manipulate DNS locations\n"
msgstr ""

#: ipaserver/plugins/location.py:39
msgid ""
"\n"
"  Find all locations:\n"
"    ipa location-find\n"
msgstr ""

#: ipaserver/plugins/location.py:42
msgid ""
"\n"
"  Show specific location:\n"
"    ipa location-show location\n"
msgstr ""

#: ipaserver/plugins/location.py:45
msgid ""
"\n"
"  Add location:\n"
"    ipa location-add location --description 'My location'\n"
msgstr ""

#: ipaserver/plugins/location.py:48
msgid ""
"\n"
"  Delete location:\n"
"    ipa location-del location\n"
msgstr ""

#: ipaserver/plugins/location.py:62
msgid "location"
msgstr ""

#: ipaserver/plugins/location.py:63
msgid "locations"
msgstr ""

#: ipaserver/plugins/location.py:69
msgid "IPA Locations"
msgstr ""

#: ipaserver/plugins/location.py:70
msgid "IPA Location"
msgstr ""

#: ipaserver/plugins/location.py:103
msgid "Location name"
msgstr ""

#: ipaserver/plugins/location.py:104
msgid "IPA location name"
msgstr ""

#: ipaserver/plugins/location.py:112
msgid "IPA Location description"
msgstr ""

#: ipaserver/plugins/location.py:116
msgid "Servers"
msgstr ""

#: ipaserver/plugins/location.py:117
msgid "Servers that belongs to the IPA location"
msgstr ""

#: ipaserver/plugins/location.py:122
msgid "Advertised by servers"
msgstr ""

#: ipaserver/plugins/location.py:123
msgid "List of servers which advertise the given location"
msgstr ""

#: ipaserver/plugins/location.py:138
msgid "Add a new IPA location."
msgstr ""

#: ipaserver/plugins/location.py:140
#, python-format
msgid "Added IPA location \"%(value)s\""
msgstr ""

#: ipaserver/plugins/location.py:145
msgid "Delete an IPA location."
msgstr ""

#: ipaserver/plugins/location.py:147
#, python-format
msgid "Deleted IPA location \"%(value)s\""
msgstr ""

#: ipaserver/plugins/location.py:157 ipaserver/plugins/server.py:71
#: ipaserver/plugins/internal.py:1959
msgid "IPA Server"
msgstr ""

#: ipaserver/plugins/location.py:170
msgid "Modify information about an IPA location."
msgstr ""

#: ipaserver/plugins/location.py:172
#, python-format
msgid "Modified IPA location \"%(value)s\""
msgstr ""

#: ipaserver/plugins/location.py:177
msgid "Search for IPA locations."
msgstr ""

#: ipaserver/plugins/location.py:180
#, python-format
msgid "%(count)d IPA location matched"
msgid_plural "%(count)d IPA locations matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/location.py:187
msgid "Display information about an IPA location."
msgstr ""

#: ipaserver/plugins/location.py:193
msgid "Servers in location"
msgstr ""

#: ipaserver/plugins/netgroup.py:103
msgid "netgroups"
msgstr ""

#: ipaserver/plugins/netgroup.py:196 ipaserver/plugins/internal.py:1176
msgid "Netgroups"
msgstr ""

#: ipaserver/plugins/netgroup.py:197
msgid "Netgroup"
msgstr ""

#: ipaserver/plugins/netgroup.py:266
#, python-format
msgid "Added netgroup \"%(value)s\""
msgstr ""

#: ipaserver/plugins/netgroup.py:268
#, python-format
msgid ""
"hostgroup with name \"%s\" already exists. Hostgroups and netgroups share a "
"common namespace"
msgstr ""

#: ipaserver/plugins/netgroup.py:301
#, python-format
msgid "Deleted netgroup \"%(value)s\""
msgstr ""

#: ipaserver/plugins/netgroup.py:310
#, python-format
msgid "Modified netgroup \"%(value)s\""
msgstr ""

#: ipaserver/plugins/netgroup.py:321 ipaserver/plugins/caacl.py:294
#: ipaserver/plugins/hbacrule.py:345
msgid "user category cannot be set to 'all' while there are allowed users"
msgstr ""

#: ipaserver/plugins/netgroup.py:326 ipaserver/plugins/caacl.py:298
#: ipaserver/plugins/hbacrule.py:350
msgid "host category cannot be set to 'all' while there are allowed hosts"
msgstr ""

#: ipaserver/plugins/netgroup.py:339
#, python-format
msgid "%(count)d netgroup matched"
msgid_plural "%(count)d netgroups matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/otp.py:7
msgid "One time password commands"
msgstr ""

#: ipaserver/plugins/otpconfig.py:57
msgid "OTP configuration options"
msgstr ""

#: ipaserver/plugins/otpconfig.py:80 ipaserver/plugins/otpconfig.py:81
msgid "OTP Configuration"
msgstr ""

#: ipaserver/plugins/otptoken.py:42
msgid ""
"\n"
"OTP Tokens\n"
msgstr ""

#: ipaserver/plugins/otptoken.py:44
msgid ""
"\n"
"Manage OTP tokens.\n"
msgstr ""

#: ipaserver/plugins/otptoken.py:46
msgid ""
"\n"
"IPA supports the use of OTP tokens for multi-factor authentication. This\n"
"code enables the management of OTP tokens.\n"
msgstr ""

#: ipaserver/plugins/otptoken.py:51
msgid ""
"\n"
" Add a new token:\n"
"   ipa otptoken-add --type=totp --owner=jdoe --desc=\"My soft token\"\n"
msgstr ""

#: ipaserver/plugins/otptoken.py:54
msgid ""
"\n"
" Examine the token:\n"
"   ipa otptoken-show a93db710-a31a-4639-8647-f15b2c70b78a\n"
msgstr ""

#: ipaserver/plugins/otptoken.py:57
msgid ""
"\n"
" Change the vendor:\n"
"   ipa otptoken-mod a93db710-a31a-4639-8647-f15b2c70b78a --vendor=\"Red "
"Hat\"\n"
msgstr ""

#: ipaserver/plugins/otptoken.py:60
msgid ""
"\n"
" Delete a token:\n"
"   ipa otptoken-del a93db710-a31a-4639-8647-f15b2c70b78a\n"
msgstr ""

#: ipaserver/plugins/otptoken.py:137
msgid "OTP token"
msgstr ""

#: ipaserver/plugins/otptoken.py:138
msgid "OTP tokens"
msgstr ""

#: ipaserver/plugins/otptoken.py:154
msgid "OTP Tokens"
msgstr ""

#: ipaserver/plugins/otptoken.py:155
msgid "OTP Token"
msgstr ""

#: ipaserver/plugins/otptoken.py:272
msgid "URI"
msgstr ""

#: ipaserver/plugins/otptoken.py:281
#, python-format
msgid "Added OTP token \"%(value)s\""
msgstr ""

#: ipaserver/plugins/otptoken.py:335
msgid "cannot be empty"
msgstr ""

#: ipaserver/plugins/otptoken.py:367
#, python-format
msgid "Deleted OTP token \"%(value)s\""
msgstr ""

#: ipaserver/plugins/otptoken.py:373
#, python-format
msgid "Modified OTP token \"%(value)s\""
msgstr ""

#: ipaserver/plugins/otptoken.py:422
#, python-format
msgid "%(count)d OTP token matched"
msgid_plural "%(count)d OTP tokens matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/passwd.py:40
msgid ""
"\n"
"Set a user's password\n"
"\n"
"If someone other than a user changes that user's password (e.g., Helpdesk\n"
"resets it) then the password will need to be changed the first time it\n"
"is used. This is so the end-user is the only one who knows the password.\n"
"\n"
"The IPA password policy controls how often a password may be changed,\n"
"what strength requirements exist, and the length of the password history.\n"
"\n"
"If the user authentication method is set to password+OTP, the user should\n"
"pass the --otp option when resetting the password.\n"
"\n"
"EXAMPLES:\n"
"\n"
" To reset your own password:\n"
"   ipa passwd\n"
"\n"
" To reset your own password when password+OTP is set as authentication "
"method:\n"
"   ipa passwd --otp\n"
"\n"
" To change another user's password:\n"
"   ipa passwd tuser1\n"
msgstr ""

#: ipaserver/plugins/passwd.py:114
msgid "The OTP if the user has a token configured"
msgstr ""

#: ipaserver/plugins/passwd.py:120
#, python-format
msgid "Changed password for \"%(value)s\""
msgstr ""

#: ipaserver/plugins/pkinit.py:13
msgid ""
"\n"
"Kerberos PKINIT feature status reporting tools.\n"
"\n"
"Report IPA masters on which Kerberos PKINIT is enabled or disabled\n"
"\n"
"EXAMPLES:\n"
" List PKINIT status on all masters:\n"
"   ipa pkinit-status\n"
"\n"
" Check PKINIT status on `ipa.example.com`:\n"
"   ipa pkinit-status --server ipa.example.com\n"
"\n"
" List all IPA masters with disabled PKINIT:\n"
"   ipa pkinit-status --status='disabled'\n"
"\n"
"For more info about PKINIT support see:\n"
"\n"
"https://www.freeipa.org/page/V4/Kerberos_PKINIT\n"
msgstr ""

#: ipaserver/plugins/pkinit.py:39
msgid "pkinit"
msgstr ""

#: ipaserver/plugins/pkinit.py:41 ipaserver/plugins/internal.py:192
msgid "PKINIT"
msgstr ""

#: ipaserver/plugins/pkinit.py:53
msgid "PKINIT status"
msgstr ""

#: ipaserver/plugins/pkinit.py:54
msgid "Whether PKINIT is enabled or disabled"
msgstr ""

#: ipaserver/plugins/pkinit.py:63
msgid "Report PKINIT status on the IPA masters"
msgstr ""

#: ipaserver/plugins/pkinit.py:65
#, python-format
msgid "%(count)s server matched"
msgid_plural "%(count)s servers matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/radiusproxy.py:35
msgid ""
"\n"
"RADIUS Proxy Servers\n"
msgstr ""

#: ipaserver/plugins/radiusproxy.py:37
msgid ""
"\n"
"Manage RADIUS Proxy Servers.\n"
msgstr ""

#: ipaserver/plugins/radiusproxy.py:39
msgid ""
"\n"
"IPA supports the use of an external RADIUS proxy server for krb5 OTP\n"
"authentications. This permits a great deal of flexibility when\n"
"integrating with third-party authentication services.\n"
msgstr ""

#: ipaserver/plugins/radiusproxy.py:45
msgid ""
"\n"
" Add a new server:\n"
"   ipa radiusproxy-add MyRADIUS --server=radius.example.com:1812\n"
msgstr ""

#: ipaserver/plugins/radiusproxy.py:48
msgid ""
"\n"
" Find all servers whose entries include the string \"example.com\":\n"
"   ipa radiusproxy-find example.com\n"
msgstr ""

#: ipaserver/plugins/radiusproxy.py:51
msgid ""
"\n"
" Examine the configuration:\n"
"   ipa radiusproxy-show MyRADIUS\n"
msgstr ""

#: ipaserver/plugins/radiusproxy.py:54
msgid ""
"\n"
" Change the secret:\n"
"   ipa radiusproxy-mod MyRADIUS --secret\n"
msgstr ""

#: ipaserver/plugins/radiusproxy.py:57
msgid ""
"\n"
" Delete a configuration:\n"
"   ipa radiusproxy-del MyRADIUS\n"
msgstr ""

#: ipaserver/plugins/radiusproxy.py:68
msgid "invalid attribute name"
msgstr ""

#: ipaserver/plugins/radiusproxy.py:80
msgid "invalid port number"
msgstr ""

#: ipaserver/plugins/radiusproxy.py:98
msgid "RADIUS proxy server"
msgstr ""

#: ipaserver/plugins/radiusproxy.py:99
msgid "RADIUS proxy servers"
msgstr ""

#: ipaserver/plugins/radiusproxy.py:106
msgid "RADIUS Servers"
msgstr ""

#: ipaserver/plugins/radiusproxy.py:107
msgid "RADIUS Server"
msgstr ""

#: ipaserver/plugins/radiusproxy.py:172
#, python-format
msgid "Added RADIUS proxy server \"%(value)s\""
msgstr ""

#: ipaserver/plugins/radiusproxy.py:177
#, python-format
msgid "Deleted RADIUS proxy server \"%(value)s\""
msgstr ""

#: ipaserver/plugins/radiusproxy.py:182
#, python-format
msgid "Modified RADIUS proxy server \"%(value)s\""
msgstr ""

#: ipaserver/plugins/radiusproxy.py:188
#, python-format
msgid "%(count)d RADIUS proxy server matched"
msgid_plural "%(count)d RADIUS proxy servers matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/realmdomains.py:34
msgid ""
"\n"
"Realm domains\n"
"\n"
"Manage the list of domains associated with IPA realm.\n"
"\n"
"This list is useful for Domain Controllers from other realms which have\n"
"established trust with this IPA realm. They need the information to know\n"
"which request should be forwarded to KDC of this IPA realm.\n"
"\n"
"Automatic management: a domain is automatically added to the realm domains\n"
"list when a new DNS Zone managed by IPA is created. Same applies for "
"deletion.\n"
"\n"
"Externally managed DNS: domains which are not managed in IPA server DNS\n"
"need to be manually added to the list using ipa realmdomains-mod command.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Display the current list of realm domains:\n"
"   ipa realmdomains-show\n"
"\n"
" Replace the list of realm domains:\n"
"   ipa realmdomains-mod --domain=example.com\n"
"   ipa realmdomains-mod --domain={example1.com,example2.com,example3.com}\n"
"\n"
" Add a domain to the list of realm domains:\n"
"   ipa realmdomains-mod --add-domain=newdomain.com\n"
"\n"
" Delete a domain from the list of realm domains:\n"
"   ipa realmdomains-mod --del-domain=olddomain.com\n"
msgstr ""

#: ipaserver/plugins/realmdomains.py:85
msgid "Realm domains"
msgstr ""

#: ipaserver/plugins/realmdomains.py:107 ipaserver/plugins/realmdomains.py:108
#: ipaserver/plugins/internal.py:1271
msgid "Realm Domains"
msgstr ""

#: ipaserver/plugins/realmdomains.py:134
msgid ""
"\n"
"    Modify realm domains\n"
"\n"
"    DNS check: When manually adding a domain to the list, a DNS check is\n"
"    performed by default. It ensures that the domain is associated with\n"
"    the IPA realm, by checking whether the domain has a _kerberos TXT "
"record\n"
"    containing the IPA realm name. This check can be skipped by specifying\n"
"    --force option.\n"
"\n"
"    Removal: when a realm domain which has a matching DNS zone managed by\n"
"    IPA is being removed, a corresponding _kerberos TXT record in the zone "
"is\n"
"    removed automatically as well. Other records in the zone or the zone\n"
"    itself are not affected.\n"
"    "
msgstr ""

#: ipaserver/plugins/realmdomains.py:177
#, python-format
msgid ""
"DNS zone for each realmdomain must contain SOA or NS records. No records "
"found for: %s"
msgstr ""

#: ipaserver/plugins/realmdomains.py:203
#, python-format
msgid "The following domains do not belong to this realm: %(domains)s"
msgstr ""

#: ipaserver/plugins/realmdomains.py:218
#, python-format
msgid ""
"The realm of the following domains could not be detected: %(domains)s. If "
"these are domains that belong to the this realm, please create a _kerberos "
"TXT record containing \"%(realm)s\" in each of them."
msgstr ""

#: ipaserver/plugins/realmdomains.py:241
msgid ""
"The --domain option cannot be used together with --add-domain or --del-"
"domain. Use --domain to specify the whole realm domain list explicitly, to "
"add/remove individual domains, use --add-domain/del-domain."
msgstr ""

#: ipaserver/plugins/realmdomains.py:252
msgid "IPA server domain cannot be omitted"
msgstr ""

#: ipaserver/plugins/realmdomains.py:274
msgid "IPA server domain cannot be deleted"
msgstr ""

#: ipaserver/plugins/role.py:82 ipaserver/plugins/serverrole.py:186
msgid "roles"
msgstr ""

#: ipaserver/plugins/role.py:143
msgid "Role"
msgstr ""

#: ipaserver/plugins/role.py:164
#, python-format
msgid "Added role \"%(value)s\""
msgstr ""

#: ipaserver/plugins/role.py:172
#, python-format
msgid "Deleted role \"%(value)s\""
msgstr ""

#: ipaserver/plugins/role.py:180
#, python-format
msgid "Modified role \"%(value)s\""
msgstr ""

#: ipaserver/plugins/role.py:189
#, python-format
msgid "%(count)d role matched"
msgid_plural "%(count)d roles matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/selfservice.py:68
msgid "self service permission"
msgstr ""

#: ipaserver/plugins/selfservice.py:69
msgid "self service permissions"
msgstr ""

#: ipaserver/plugins/selfservice.py:70
msgid "Self Service Permissions"
msgstr ""

#: ipaserver/plugins/selfservice.py:71
msgid "Self Service Permission"
msgstr ""

#: ipaserver/plugins/selfservice.py:124
#, python-format
msgid "Added selfservice \"%(value)s\""
msgstr ""

#: ipaserver/plugins/selfservice.py:146
#, python-format
msgid "Deleted selfservice \"%(value)s\""
msgstr ""

#: ipaserver/plugins/selfservice.py:163
#, python-format
msgid "Modified selfservice \"%(value)s\""
msgstr ""

#: ipaserver/plugins/selfservice.py:185
#, python-format
msgid "%(count)d selfservice matched"
msgid_plural "%(count)d selfservices matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/serverrole.py:13
msgid ""
"\n"
"IPA server roles\n"
msgstr ""

#: ipaserver/plugins/serverrole.py:15
msgid ""
"\n"
"Get status of roles (DNS server, CA, etc.) provided by IPA masters.\n"
msgstr ""

#: ipaserver/plugins/serverrole.py:17
msgid ""
"\n"
"The status of a role is either enabled, configured, or absent.\n"
msgstr ""

#: ipaserver/plugins/serverrole.py:21
msgid ""
"\n"
"  Show status of 'DNS server' role on a server:\n"
"    ipa server-role-show ipa.example.com \"DNS server\"\n"
msgstr ""

#: ipaserver/plugins/serverrole.py:24
msgid ""
"\n"
"  Show status of all roles containing 'AD' on a server:\n"
"    ipa server-role-find --server ipa.example.com --role=\"AD trust "
"controller\"\n"
msgstr ""

#: ipaserver/plugins/serverrole.py:27
msgid ""
"\n"
"  Show status of all configured roles on a server:\n"
"    ipa server-role-find ipa.example.com\n"
msgstr ""

#: ipaserver/plugins/serverrole.py:30
msgid ""
"\n"
"  Show implicit IPA master role:\n"
"    ipa server-role-find --include-master\n"
msgstr ""

#: ipaserver/plugins/serverrole.py:46
msgid "server role"
msgstr ""

#: ipaserver/plugins/serverrole.py:47
msgid "server roles"
msgstr "서버 역할"

#: ipaserver/plugins/serverrole.py:51
msgid "IPA Server Roles"
msgstr ""

#: ipaserver/plugins/serverrole.py:52
msgid "IPA Server Role"
msgstr ""

#: ipaserver/plugins/serverrole.py:65
msgid "IPA server role name"
msgstr ""

#: ipaserver/plugins/serverrole.py:71
msgid "Role status"
msgstr ""

#: ipaserver/plugins/serverrole.py:72
msgid "Status of the role"
msgstr ""

#: ipaserver/plugins/serverrole.py:89
msgid "Show role status on a server"
msgstr ""

#: ipaserver/plugins/serverrole.py:113
msgid "Find a server role on a server(s)"
msgstr ""

#: ipaserver/plugins/serverrole.py:118
#, python-format
msgid "%(count)s server role matched"
msgid_plural "%(count)s server roles matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/serverrole.py:139
msgid "Include IPA master entries"
msgstr ""

#: ipaserver/plugins/serverrole.py:192
msgid "IPA role name"
msgstr "IPA 역할 이름"

#: ipaserver/plugins/serverroles.py:84
#, python-brace-format
msgid "{role}: role not found"
msgstr ""

#: ipaserver/plugins/serverroles.py:178
#, python-brace-format
msgid "{attr}: no such attribute"
msgstr ""

#: ipaserver/plugins/servicedelegation.py:26
msgid ""
"\n"
"Service Constrained Delegation\n"
"\n"
"Manage rules to allow constrained delegation of credentials so\n"
"that a service can impersonate a user when communicating with another\n"
"service without requiring the user to actually forward their TGT.\n"
"This makes for a much better method of delegating credentials as it\n"
"prevents exposure of the short term secret of the user.\n"
"\n"
"The naming convention is to append the word \"target\" or \"targets\" to\n"
"a matching rule name. This is not mandatory but helps conceptually\n"
"to associate rules and targets.\n"
"\n"
"A rule consists of two things:\n"
"  - A list of targets the rule applies to\n"
"  - A list of memberPrincipals that are allowed to delegate for\n"
"    those targets\n"
"\n"
"A target consists of a list of principals that can be delegated.\n"
"\n"
"In English, a rule says that this principal can delegate as this\n"
"list of principals, as defined by these targets.\n"
"\n"
"In both a rule and a target Kerberos principals may be specified\n"
"by their name or an alias and the realm can be omitted. Additionally,\n"
"hosts can be specified by their names. If Kerberos principal specified\n"
"has a single component and does not end with '$' sign, it will be treated\n"
"as a host name. Kerberos principal names ending with '$' are typically\n"
"used as aliases for Active Directory-related services.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a new constrained delegation rule:\n"
"   ipa servicedelegationrule-add ftp-delegation\n"
"\n"
" Add a new constrained delegation target:\n"
"   ipa servicedelegationtarget-add ftp-delegation-target\n"
"\n"
" Add a principal to the rule:\n"
"   ipa servicedelegationrule-add-member --principals=ftp/ipa.example."
"com       ftp-delegation\n"
"\n"
" Add a host principal of the host 'ipa.example.com' to the rule:\n"
"   ipa servicedelegationrule-add-member --principals=ipa.example.com       "
"ftp-delegation\n"
"\n"
" Add our target to the rule:\n"
"   ipa servicedelegationrule-add-target       --servicedelegationtargets=ftp-"
"delegation-target ftp-delegation\n"
"\n"
" Add a principal to the target:\n"
"   ipa servicedelegationtarget-add-member --principals=ldap/ipa.example."
"com       ftp-delegation-target\n"
"\n"
" Display information about a named delegation rule and target:\n"
"   ipa servicedelegationrule_show ftp-delegation\n"
"   ipa servicedelegationtarget_show ftp-delegation-target\n"
"\n"
" Remove a constrained delegation:\n"
"   ipa servicedelegationrule-del ftp-delegation-target\n"
"   ipa servicedelegationtarget-del ftp-delegation\n"
"\n"
"In this example the ftp service can get a TGT for the ldap service on\n"
"the bound user's behalf.\n"
"\n"
"It is strongly discouraged to modify the delegations that ship with\n"
"IPA, ipa-http-delegation and its targets ipa-cifs-delegation-targets and\n"
"ipa-ldap-delegation-targets. Incorrect changes can remove the ability\n"
"to delegate, causing the framework to stop functioning.\n"
msgstr ""

#: ipaserver/plugins/servicedelegation.py:172
msgid "Allowed to Impersonate"
msgstr ""

#: ipaserver/plugins/servicedelegation.py:177
msgid "Member principals"
msgstr ""

#: ipaserver/plugins/servicedelegation.py:189
#, python-format
msgid "Malformed principal: %(error)s"
msgstr ""

#: ipaserver/plugins/servicedelegation.py:199
msgid "Add target to a named service delegation."
msgstr ""

#: ipaserver/plugins/servicedelegation.py:213
#: ipaserver/plugins/servicedelegation.py:303
#: ipaserver/plugins/baseldap.py:1720
#, python-format
msgid "member %s"
msgstr ""

#: ipaserver/plugins/servicedelegation.py:287
msgid "Remove member from a named service delegation."
msgstr ""

#: ipaserver/plugins/servicedelegation.py:378
#: ipaserver/plugins/servicedelegation.py:411
msgid "service delegation rule"
msgstr ""

#: ipaserver/plugins/servicedelegation.py:379
msgid "service delegation rules"
msgstr ""

#: ipaserver/plugins/servicedelegation.py:390
msgid "Service delegation rules"
msgstr ""

#: ipaserver/plugins/servicedelegation.py:391
msgid "Service delegation rule"
msgstr ""

#: ipaserver/plugins/servicedelegation.py:398
#, python-format
msgid "Added service delegation rule \"%(value)s\""
msgstr ""

#: ipaserver/plugins/servicedelegation.py:405
#, python-format
msgid "Deleted service delegation \"%(value)s\""
msgstr ""

#: ipaserver/plugins/servicedelegation.py:413
msgid "privileged service delegation rule"
msgstr ""

#: ipaserver/plugins/servicedelegation.py:423
#, python-format
msgid "%(count)d service delegation rule matched"
msgid_plural "%(count)d service delegation rules matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/servicedelegation.py:471
#: ipaserver/plugins/servicedelegation.py:500
msgid "service delegation target"
msgstr ""

#: ipaserver/plugins/servicedelegation.py:472
msgid "service delegation targets"
msgstr ""

#: ipaserver/plugins/servicedelegation.py:479
msgid "Service delegation targets"
msgstr ""

#: ipaserver/plugins/servicedelegation.py:480
msgid "Service delegation target"
msgstr ""

#: ipaserver/plugins/servicedelegation.py:487
#, python-format
msgid "Added service delegation target \"%(value)s\""
msgstr ""

#: ipaserver/plugins/servicedelegation.py:494
#, python-format
msgid "Deleted service delegation target \"%(value)s\""
msgstr ""

#: ipaserver/plugins/servicedelegation.py:502
msgid "privileged service delegation target"
msgstr ""

#: ipaserver/plugins/servicedelegation.py:512
#, python-format
msgid "%(count)d service delegation target matched"
msgid_plural "%(count)d service delegation targets matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/session.py:12
msgid ""
"\n"
"Session Support for IPA\n"
msgstr ""

#: ipaserver/plugins/subid.py:29
msgid ""
"\n"
"Subordinate ids\n"
"\n"
"Manage subordinate user and group ids for users\n"
"\n"
"EXAMPLES:\n"
"\n"
" Auto-assign a subordinate id range to current user\n"
"   ipa subid-generate\n"
"\n"
" Auto-assign a subordinate id range to user alice:\n"
"   ipa subid-generate --owner=alice\n"
"\n"
" Find subordinate ids for user alice:\n"
"   ipa subid-find --owner=alice\n"
"\n"
" Match entry by any subordinate uid in range:\n"
"   ipa subid-match --subuid=2147483649\n"
msgstr ""

#: ipaserver/plugins/subid.py:59 ipaserver/plugins/subid.py:62
msgid "Subordinate id"
msgstr ""

#: ipaserver/plugins/subid.py:60 ipaserver/plugins/subid.py:61
msgid "Subordinate ids"
msgstr ""

#: ipaserver/plugins/subid.py:144
msgid "Subordinate id description"
msgstr ""

#: ipaserver/plugins/subid.py:150 ipaserver/plugins/subid.py:468
msgid "Owning user of subordinate id entry"
msgstr ""

#: ipaserver/plugins/subid.py:155 ipaserver/plugins/internal.py:1387
msgid "SubUID range start"
msgstr ""

#: ipaserver/plugins/subid.py:157
msgid "Start value for subordinate user ID (subuid) range"
msgstr ""

#: ipaserver/plugins/subid.py:164 ipaserver/plugins/internal.py:1386
msgid "SubUID range size"
msgstr ""

#: ipaserver/plugins/subid.py:166
msgid "Subordinate user ID count"
msgstr ""

#: ipaserver/plugins/subid.py:173 ipaserver/plugins/internal.py:1385
msgid "SubGID range start"
msgstr ""

#: ipaserver/plugins/subid.py:175
msgid "Start value for subordinate group ID (subgid) range"
msgstr ""

#: ipaserver/plugins/subid.py:182 ipaserver/plugins/internal.py:1384
msgid "SubGID range size"
msgstr ""

#: ipaserver/plugins/subid.py:184
msgid "Subordinate group ID count"
msgstr ""

#: ipaserver/plugins/subid.py:213
#, python-format
msgid ""
"%(oname)s with with name \"%(pkey)s\" or for user \"%(uid)s\" already exists."
msgstr ""

#: ipaserver/plugins/subid.py:246
#, python-format
msgid "'%(dn)s is not a valid user"
msgstr ""

#: ipaserver/plugins/subid.py:278
msgid "subgidnumber must be equal to subuidnumber"
msgstr ""

#: ipaserver/plugins/subid.py:351
msgid "Add a new subordinate id."
msgstr ""

#: ipaserver/plugins/subid.py:352
#, python-format
msgid "Added subordinate id \"%(value)s\""
msgstr ""

#: ipaserver/plugins/subid.py:384
msgid "Delete a subordinate id."
msgstr ""

#: ipaserver/plugins/subid.py:385
#, python-format
msgid "Deleted subordinate id \"%(value)s\""
msgstr ""

#: ipaserver/plugins/subid.py:393
msgid "Modify a subordinate id."
msgstr ""

#: ipaserver/plugins/subid.py:394
#, python-format
msgid "Modified subordinate id \"%(value)s\""
msgstr ""

#: ipaserver/plugins/subid.py:405
msgid "Search for subordinate id."
msgstr ""

#: ipaserver/plugins/subid.py:407
#, python-format
msgid "%(count)d subordinate id matched"
msgid_plural "%(count)d subordinate ids matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/subid.py:440
msgid "Display information about a subordinate id."
msgstr ""

#: ipaserver/plugins/subid.py:458
msgid "Generate and auto-assign subuid and subgid range to user entry"
msgstr ""

#: ipaserver/plugins/subid.py:493
msgid "Match users by any subordinate uid in their range"
msgstr ""

#: ipaserver/plugins/subid.py:500
msgid "SubUID match"
msgstr ""

#: ipaserver/plugins/subid.py:501
msgid "Match value for subordinate user ID"
msgstr ""

#: ipaserver/plugins/subid.py:542
msgid "Subordinate id statistics"
msgstr ""

#: ipaserver/plugins/subid.py:586
#, python-format
msgid "%(remaining)i remaining subordinate id ranges"
msgstr ""

#: ipaserver/plugins/sudo.py:7
msgid "commands for controlling sudo configuration"
msgstr ""

#: ipaserver/plugins/sudocmd.py:33
msgid ""
"\n"
"Sudo Commands\n"
"\n"
"Commands used as building blocks for sudo\n"
"\n"
"EXAMPLES:\n"
"\n"
" Create a new command\n"
"   ipa sudocmd-add --desc='For reading log files' /usr/bin/less\n"
"\n"
" Remove a command\n"
"   ipa sudocmd-del /usr/bin/less\n"
"\n"
msgstr ""

#: ipaserver/plugins/sudocmd.py:55
#, python-format
msgid "must not contain trailing dot: %s"
msgstr ""

#: ipaserver/plugins/sudocmd.py:64
msgid "sudo command"
msgstr ""

#: ipaserver/plugins/sudocmd.py:65
msgid "sudo commands"
msgstr ""

#: ipaserver/plugins/sudocmd.py:117
msgid "Sudo Commands"
msgstr ""

#: ipaserver/plugins/sudocmd.py:154
#, python-format
msgid "Added Sudo Command \"%(value)s\""
msgstr ""

#: ipaserver/plugins/sudocmd.py:160
#, python-format
msgid "Deleted Sudo Command \"%(value)s\""
msgstr ""

#: ipaserver/plugins/sudocmd.py:193
#, python-format
msgid "Modified Sudo Command \"%(value)s\""
msgstr ""

#: ipaserver/plugins/sudocmd.py:201
#, python-format
msgid "%(count)d Sudo Command matched"
msgid_plural "%(count)d Sudo Commands matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/sudocmdgroup.py:34
msgid ""
"\n"
"Groups of Sudo Commands\n"
"\n"
"Manage groups of Sudo Commands.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a new Sudo Command Group:\n"
"   ipa sudocmdgroup-add --desc='administrators commands' admincmds\n"
"\n"
" Remove a Sudo Command Group:\n"
"   ipa sudocmdgroup-del admincmds\n"
"\n"
" Manage Sudo Command Group membership, commands:\n"
"   ipa sudocmdgroup-add-member --sudocmds=/usr/bin/less --sudocmds=/usr/bin/"
"vim admincmds\n"
"\n"
" Manage Sudo Command Group membership, commands:\n"
"   ipa sudocmdgroup-remove-member --sudocmds=/usr/bin/less admincmds\n"
"\n"
" Show a Sudo Command Group:\n"
"   ipa sudocmdgroup-show admincmds\n"
msgstr ""

#: ipaserver/plugins/sudocmdgroup.py:67
msgid "sudo command group"
msgstr ""

#: ipaserver/plugins/sudocmdgroup.py:68
msgid "sudo command groups"
msgstr ""

#: ipaserver/plugins/sudocmdgroup.py:149
#, python-format
msgid "Added Sudo Command Group \"%(value)s\""
msgstr ""

#: ipaserver/plugins/sudocmdgroup.py:157
#, python-format
msgid "Deleted Sudo Command Group \"%(value)s\""
msgstr ""

#: ipaserver/plugins/sudocmdgroup.py:165
#, python-format
msgid "Modified Sudo Command Group \"%(value)s\""
msgstr ""

#: ipaserver/plugins/sudocmdgroup.py:174
#, python-format
msgid "%(count)d Sudo Command Group matched"
msgid_plural "%(count)d Sudo Command Groups matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/topology.py:24
msgid ""
"\n"
"Topology\n"
"\n"
"Management of a replication topology at domain level 1.\n"
msgstr ""

#: ipaserver/plugins/topology.py:28
msgid ""
"\n"
"IPA server's data is stored in LDAP server in two suffixes:\n"
"* domain suffix, e.g., 'dc=example,dc=com', contains all domain related "
"data\n"
"* ca suffix, 'o=ipaca', is present only on server with CA installed. It\n"
"  contains data for Certificate Server component\n"
msgstr ""

#: ipaserver/plugins/topology.py:33
msgid ""
"\n"
"Data stored on IPA servers is replicated to other IPA servers. The way it "
"is\n"
"replicated is defined by replication agreements. Replication agreements "
"needs\n"
"to be set for both suffixes separately. On domain level 0 they are managed\n"
"using ipa-replica-manage and ipa-csreplica-manage tools. With domain level "
"1\n"
"they are managed centrally using `ipa topology*` commands.\n"
msgstr ""

#: ipaserver/plugins/topology.py:39
msgid ""
"\n"
"Agreements are represented by topology segments. By default topology "
"segment\n"
"represents 2 replication agreements - one for each direction, e.g., A to B "
"and\n"
"B to A. Creation of unidirectional segments is not allowed.\n"
msgstr ""

#: ipaserver/plugins/topology.py:43
msgid ""
"\n"
"To verify that no server is disconnected in the topology of the given "
"suffix,\n"
"use:\n"
"  ipa topologysuffix-verify $suffix\n"
msgstr ""

#: ipaserver/plugins/topology.py:47
msgid ""
"\n"
"\n"
"Examples:\n"
"  Find all IPA servers:\n"
"    ipa server-find\n"
msgstr ""

#: ipaserver/plugins/topology.py:52
msgid ""
"\n"
"  Find all suffixes:\n"
"    ipa topologysuffix-find\n"
msgstr ""

#: ipaserver/plugins/topology.py:55
msgid ""
"\n"
"  Add topology segment to 'domain' suffix:\n"
"    ipa topologysegment-add domain --left IPA_SERVER_A --right IPA_SERVER_B\n"
msgstr ""

#: ipaserver/plugins/topology.py:58
msgid ""
"\n"
"  Add topology segment to 'ca' suffix:\n"
"    ipa topologysegment-add ca --left IPA_SERVER_A --right IPA_SERVER_B\n"
msgstr ""

#: ipaserver/plugins/topology.py:61
msgid ""
"\n"
"  List all topology segments in 'domain' suffix:\n"
"    ipa topologysegment-find domain\n"
msgstr ""

#: ipaserver/plugins/topology.py:64
msgid ""
"\n"
"  List all topology segments in 'ca' suffix:\n"
"    ipa topologysegment-find ca\n"
msgstr ""

#: ipaserver/plugins/topology.py:67
msgid ""
"\n"
"  Delete topology segment in 'domain' suffix:\n"
"    ipa topologysegment-del domain segment_name\n"
msgstr ""

#: ipaserver/plugins/topology.py:70
msgid ""
"\n"
"  Delete topology segment in 'ca' suffix:\n"
"    ipa topologysegment-del ca segment_name\n"
msgstr ""

#: ipaserver/plugins/topology.py:73
msgid ""
"\n"
"  Verify topology of 'domain' suffix:\n"
"    ipa topologysuffix-verify domain\n"
msgstr ""

#: ipaserver/plugins/topology.py:76
msgid ""
"\n"
"  Verify topology of 'ca' suffix:\n"
"    ipa topologysuffix-verify ca\n"
msgstr ""

#: ipaserver/plugins/topology.py:92
#, python-brace-format
msgid "Topology management requires minimum domain level {0} "
msgstr ""

#: ipaserver/plugins/topology.py:104
msgid "segment"
msgstr ""

#: ipaserver/plugins/topology.py:105
msgid "segments"
msgstr ""

#: ipaserver/plugins/topology.py:119
msgid "Topology Segments"
msgstr ""

#: ipaserver/plugins/topology.py:120
msgid "Topology Segment"
msgstr ""

#: ipaserver/plugins/topology.py:226
#, python-format
msgid "left node is not a topology node: %(leftnode)s"
msgstr ""

#: ipaserver/plugins/topology.py:233
#, python-format
msgid "right node is not a topology node: %(rightnode)s"
msgstr ""

#: ipaserver/plugins/topology.py:250
msgid "left node and right node must not be the same"
msgstr ""

#: ipaserver/plugins/topology.py:261
#, python-brace-format
msgid "left node ({host}) does not support suffix '{suff}'"
msgstr ""

#: ipaserver/plugins/topology.py:269
#, python-brace-format
msgid "right node ({host}) does not support suffix '{suff}'"
msgstr ""

#: ipaserver/plugins/topology.py:280
#, python-format
msgid "%(count)d segment matched"
msgid_plural "%(count)d segments matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/topology.py:289
#, python-format
msgid "Added segment \"%(value)s\""
msgstr ""

#: ipaserver/plugins/topology.py:302
#, python-format
msgid "Deleted segment \"%(value)s\""
msgstr ""

#: ipaserver/plugins/topology.py:314
#, python-format
msgid "Modified segment \"%(value)s\""
msgstr ""

#: ipaserver/plugins/topology.py:329
#, python-format
msgid "%(value)s"
msgstr ""

#: ipaserver/plugins/topology.py:365
msgid "left or right node has to be specified"
msgstr ""

#: ipaserver/plugins/topology.py:370
msgid "only one node can be specified"
msgstr ""

#: ipaserver/plugins/topology.py:374
#, python-format
msgid "Replication refresh for segment: \"%(pkey)s\" requested."
msgstr ""

#: ipaserver/plugins/topology.py:377
#, python-format
msgid "Stopping of replication refresh for segment: \"%(pkey)s\" requested."
msgstr ""

#: ipaserver/plugins/topology.py:408
msgid "suffixes"
msgstr ""

#: ipaserver/plugins/topology.py:412
msgid "Topology suffixes"
msgstr ""

#: ipaserver/plugins/topology.py:413
msgid "Topology suffix"
msgstr ""

#: ipaserver/plugins/topology.py:435
#, python-format
msgid "%(count)d topology suffix matched"
msgid_plural "%(count)d topology suffixes matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/topology.py:446
#, python-format
msgid "Deleted topology suffix \"%(value)s\""
msgstr ""

#: ipaserver/plugins/topology.py:460
#, python-format
msgid "Added topology suffix \"%(value)s\""
msgstr ""

#: ipaserver/plugins/topology.py:474
#, python-format
msgid "Modified topology suffix \"%(value)s\""
msgstr ""

#: ipaserver/plugins/topology.py:489
msgid ""
"\n"
"Verify replication topology for suffix.\n"
"\n"
"Checks done:\n"
"  1. check if a topology is not disconnected. In other words if there are\n"
"     replication paths between all servers.\n"
"  2. check if servers don't have more than the recommended number of\n"
"     replication agreements\n"
msgstr ""

#: ipaserver/plugins/virtual.py:57
msgid "operation not defined"
msgstr ""

#: ipaserver/plugins/virtual.py:82
#, python-format
msgid "not allowed to perform operation: %s"
msgstr ""

#: ipaserver/plugins/virtual.py:84
msgid "No such virtual command"
msgstr ""

#: ipaserver/plugins/whoami.py:15
msgid ""
"\n"
"Return information about currently authenticated identity\n"
"\n"
"Who am I command returns information on how to get\n"
"more details about the identity authenticated for this\n"
"request. The information includes:\n"
"\n"
" * type of object\n"
" * command to retrieve details of the object\n"
" * arguments and options to pass to the command\n"
"\n"
"The information is returned as a dictionary. Examples below use\n"
"'key: value' output for illustrative purposes.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Look up as IPA user:\n"
"   kinit admin\n"
"   ipa console\n"
"   >> api.Command.whoami()\n"
"   ------------------------------------------\n"
"   object: user\n"
"   command: user_show/1\n"
"   arguments: admin\n"
"   ------------------------------------------\n"
"\n"
" Look up as a user from a trusted domain:\n"
"   kinit user@AD.DOMAIN\n"
"   ipa console\n"
"   >> api.Command.whoami()\n"
"   ------------------------------------------\n"
"   object: idoverrideuser\n"
"   command: idoverrideuser_show/1\n"
"   arguments: ('default trust view', 'user@ad.domain')\n"
"   ------------------------------------------\n"
"\n"
" Look up as a host:\n"
"   kinit -k\n"
"   ipa console\n"
"   >> api.Command.whoami()\n"
"   ------------------------------------------\n"
"   object: host\n"
"   command: host_show/1\n"
"   arguments: ipa.example.com\n"
"   ------------------------------------------\n"
"\n"
" Look up as a Kerberos service:\n"
"   kinit -k -t /path/to/keytab HTTP/ipa.example.com\n"
"   ipa console\n"
"   >> api.Command.whoami()\n"
"   ------------------------------------------\n"
"   object: service\n"
"   command: service_show/1\n"
"   arguments: HTTP/ipa.example.com\n"
"   ------------------------------------------\n"
msgstr ""

#: ipaserver/plugins/whoami.py:77
msgid "Describe currently authenticated identity."
msgstr ""

#: ipaserver/plugins/whoami.py:82 ipaserver/plugins/whoami.py:88
msgid "Object class name"
msgstr ""

#: ipaserver/plugins/whoami.py:83 ipaserver/plugins/whoami.py:89
msgid "Function to get details"
msgstr ""

#: ipaserver/plugins/whoami.py:84 ipaserver/plugins/whoami.py:91
msgid "Arguments to details function"
msgstr ""

#: ipaserver/plugins/whoami.py:111
msgid "Cannot query Directory Manager with API"
msgstr ""

#: ipaserver/plugins/server.py:36
msgid ""
"\n"
"IPA servers\n"
msgstr ""

#: ipaserver/plugins/server.py:38
msgid ""
"\n"
"Get information about installed IPA servers.\n"
msgstr ""

#: ipaserver/plugins/server.py:42
msgid ""
"\n"
"  Find all servers:\n"
"    ipa server-find\n"
msgstr ""

#: ipaserver/plugins/server.py:45
msgid ""
"\n"
"  Show specific server:\n"
"    ipa server-show ipa.example.com\n"
msgstr ""

#: ipaserver/plugins/server.py:61
msgid "server"
msgstr ""

#: ipaserver/plugins/server.py:62
msgid "servers"
msgstr ""

#: ipaserver/plugins/server.py:70
msgid "IPA Servers"
msgstr ""

#: ipaserver/plugins/server.py:133
msgid "Server location"
msgstr ""

#: ipaserver/plugins/server.py:140
msgid "Service weight"
msgstr ""

#: ipaserver/plugins/server.py:141
msgid "Weight for server services"
msgstr ""

#: ipaserver/plugins/server.py:148
msgid "Service relative weight"
msgstr ""

#: ipaserver/plugins/server.py:149
msgid "Relative weight for server services (counts per location)"
msgstr ""

#: ipaserver/plugins/server.py:154
msgid "Enabled server roles"
msgstr ""

#: ipaserver/plugins/server.py:155
msgid "List of enabled roles"
msgstr ""

#: ipaserver/plugins/server.py:222
msgid "Modify information about an IPA server."
msgstr ""

#: ipaserver/plugins/server.py:224
#, python-format
msgid "Modified IPA server \"%(value)s\""
msgstr ""

#: ipaserver/plugins/server.py:306
#, python-format
msgid "%(count)d IPA server matched"
msgid_plural "%(count)d IPA servers matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/server.py:444
#, python-format
msgid "Deleted IPA server \"%(value)s\""
msgstr ""

#: ipaserver/plugins/server.py:449
msgid "Ignore topology errors"
msgstr ""

#: ipaserver/plugins/server.py:450
msgid "Ignore topology connectivity problems after removal"
msgstr ""

#: ipaserver/plugins/server.py:455
msgid "Ignore check for last remaining CA or DNS server"
msgstr ""

#: ipaserver/plugins/server.py:456
msgid "Skip a check whether the last CA master or DNS server is removed"
msgstr ""

#: ipaserver/plugins/server.py:462
msgid "Force server removal"
msgstr ""

#: ipaserver/plugins/server.py:463
msgid "Force server removal even if it does not exist"
msgstr ""

#: ipaserver/plugins/server.py:500
msgid ""
"Replica is active DNSSEC key master. Uninstall could break your DNS system. "
"Please disable or replace DNSSEC key master first."
msgstr ""

#: ipaserver/plugins/server.py:506
msgid "Deleting this server will leave your installation without a DNS."
msgstr ""

#: ipaserver/plugins/server.py:520
msgid ""
"Deleting this server is not allowed as it would leave your installation "
"without a KRA."
msgstr ""

#: ipaserver/plugins/server.py:530
msgid ""
"Deleting this server is not allowed as it would leave your installation "
"without a CA."
msgstr ""

#: ipaserver/plugins/server.py:545
msgid "Ignoring these warnings and proceeding with removal"
msgstr ""

#: ipaserver/plugins/server.py:595
#, python-format
msgid ""
"Failed to clean memberPrincipal %(principal)s from s4u2proxy entry %(dn)s: "
"%(err)s"
msgstr ""

#: ipaserver/plugins/server.py:616
#, python-format
msgid "Failed to clean up DNA hostname entries for %(master)s: %(err)s"
msgstr ""

#: ipaserver/plugins/server.py:637
#, python-format
msgid "Failed to remove server %(master)s from server list: %(err)s"
msgstr ""

#: ipaserver/plugins/server.py:663
#, python-format
msgid "Failed to clean up Custodia keys for %(master)s: %(err)s"
msgstr ""

#: ipaserver/plugins/server.py:701
#, python-format
msgid "Failed to cleanup server principals/keys: %(err)s"
msgstr ""

#: ipaserver/plugins/server.py:717
#, python-format
msgid "Failed to cleanup %(hostname)s DNS entries: %(err)s"
msgstr ""

#: ipaserver/plugins/server.py:722
msgid "You may need to manually remove them from the tree"
msgstr ""

#: ipaserver/plugins/server.py:737
#, python-format
msgid "Forcing removal of %(hostname)s"
msgstr ""

#: ipaserver/plugins/server.py:747
msgid "Ignoring topology connectivity errors."
msgstr ""

#: ipaserver/plugins/server.py:766
#, python-format
msgid "Failed to remove server from security domain: %s"
msgstr ""

#: ipaserver/plugins/server.py:793
msgid "Server has already been deleted"
msgstr ""

#: ipaserver/plugins/server.py:843
msgid "Agreements deleted"
msgstr ""

#: ipaserver/plugins/server.py:854
msgid "Following segments were not deleted:"
msgstr ""

#: ipaserver/plugins/server.py:927 ipaserver/plugins/trust.py:1866
#, python-format
msgid "must be \"%s\""
msgstr ""

#: ipaserver/plugins/server.py:939
msgid "not allowed to perform server connection check"
msgstr ""

#: ipaserver/plugins/server.py:965
msgid "Set enabled/hidden state of a server."
msgstr ""

#: ipaserver/plugins/server.py:971
msgid "State"
msgstr ""

#: ipaserver/plugins/server.py:972
msgid "Server state"
msgstr ""

#: ipaserver/plugins/server.py:977
#, python-format
msgid "Changed server state of \"%(value)s\"."
msgstr ""

#: ipaserver/plugins/server.py:986
msgid "Cannot hide CA renewal master."
msgstr ""

#: ipaserver/plugins/server.py:988
msgid "Cannot hide DNSSec key master."
msgstr ""

#: ipaserver/plugins/server.py:1000
#, python-format
msgid "Cannot hide last enabled %(name)s server."
msgstr ""

#: ipaserver/plugins/aci.py:165
msgid "A list of ACI values"
msgstr ""

#: ipaserver/plugins/aci.py:229
msgid "type, filter, subtree and targetgroup are mutually exclusive"
msgstr ""

#: ipaserver/plugins/aci.py:232
msgid "ACI prefix is required"
msgstr ""

#: ipaserver/plugins/aci.py:235
msgid ""
"at least one of: type, filter, subtree, targetgroup, attrs or memberof are "
"required"
msgstr ""

#: ipaserver/plugins/aci.py:238
msgid "filter and memberof are mutually exclusive"
msgstr ""

#: ipaserver/plugins/aci.py:244
msgid "group, permission and self are mutually exclusive"
msgstr ""

#: ipaserver/plugins/aci.py:246
msgid "One of group, permission or self is required"
msgstr ""

#: ipaserver/plugins/aci.py:269
#, python-format
msgid "Group '%s' does not exist"
msgstr ""

#: ipaserver/plugins/aci.py:295
msgid "empty filter"
msgstr ""

#: ipaserver/plugins/aci.py:316
#, python-format
msgid "Syntax Error: %(error)s"
msgstr ""

#: ipaserver/plugins/aci.py:361
#, python-format
msgid "invalid DN (%s)"
msgstr ""

#: ipaserver/plugins/aci.py:408
#, python-format
msgid "ACI with name \"%s\" not found"
msgstr ""

#: ipaserver/plugins/aci.py:437
msgid "ACI object."
msgstr ""

#: ipaserver/plugins/aci.py:440
msgid "ACIs"
msgstr ""

#: ipaserver/plugins/aci.py:524
#, python-format
msgid "Created ACI \"%(value)s\""
msgstr ""

#: ipaserver/plugins/aci.py:577
#, python-format
msgid "Deleted ACI \"%(value)s\""
msgstr ""

#: ipaserver/plugins/aci.py:620
#, python-format
msgid "Modified ACI \"%(value)s\""
msgstr ""

#: ipaserver/plugins/aci.py:694
#, python-format
msgid "%(count)d ACI matched"
msgid_plural "%(count)d ACIs matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/aci.py:929
#, python-format
msgid "Renamed ACI to \"%(value)s\""
msgstr ""

#: ipaserver/plugins/automember.py:43
msgid ""
"\n"
"Auto Membership Rule.\n"
msgstr ""

#: ipaserver/plugins/automember.py:45
msgid ""
"\n"
"Bring clarity to the membership of hosts and users by configuring inclusive\n"
"or exclusive regex patterns, you can automatically assign a new entries "
"into\n"
"a group or hostgroup based upon attribute information.\n"
msgstr ""

#: ipaserver/plugins/automember.py:49
msgid ""
"\n"
"A rule is directly associated with a group by name, so you cannot create\n"
"a rule without an accompanying group or hostgroup.\n"
msgstr ""

#: ipaserver/plugins/automember.py:52
msgid ""
"\n"
"A condition is a regular expression used by 389-ds to match a new incoming\n"
"entry with an automember rule. If it matches an inclusive rule then the\n"
"entry is added to the appropriate group or hostgroup.\n"
msgstr ""

#: ipaserver/plugins/automember.py:56
msgid ""
"\n"
"A default group or hostgroup could be specified for entries that do not\n"
"match any rule. In case of user entries this group will be a fallback group\n"
"because all users are by default members of group specified in IPA config.\n"
msgstr ""

#: ipaserver/plugins/automember.py:60
msgid ""
"\n"
"The automember-rebuild command can be used to retroactively run automember "
"rules\n"
"against existing entries, thus rebuilding their membership.\n"
msgstr ""

#: ipaserver/plugins/automember.py:65
msgid ""
"\n"
" Add the initial group or hostgroup:\n"
"   ipa hostgroup-add --desc=\"Web Servers\" webservers\n"
"   ipa group-add --desc=\"Developers\" devel\n"
msgstr ""

#: ipaserver/plugins/automember.py:69
msgid ""
"\n"
" Add the initial rule:\n"
"   ipa automember-add --type=hostgroup webservers\n"
"   ipa automember-add --type=group devel\n"
msgstr ""

#: ipaserver/plugins/automember.py:73
msgid ""
"\n"
" Add a condition to the rule:\n"
"   ipa automember-add-condition --key=fqdn --type=hostgroup --inclusive-"
"regex=^web[1-9]+\\.example\\.com webservers\n"
"   ipa automember-add-condition --key=manager --type=group --inclusive-"
"regex=^uid=mscott devel\n"
msgstr ""

#: ipaserver/plugins/automember.py:77
msgid ""
"\n"
" Add an exclusive condition to the rule to prevent auto assignment:\n"
"   ipa automember-add-condition --key=fqdn --type=hostgroup --exclusive-"
"regex=^web5\\.example\\.com webservers\n"
msgstr ""

#: ipaserver/plugins/automember.py:80
msgid ""
"\n"
" Add a host:\n"
"    ipa host-add web1.example.com\n"
msgstr ""

#: ipaserver/plugins/automember.py:83
msgid ""
"\n"
" Add a user:\n"
"    ipa user-add --first=Tim --last=User --password tuser1 --manager=mscott\n"
msgstr ""

#: ipaserver/plugins/automember.py:86
msgid ""
"\n"
" Verify automembership:\n"
"    ipa hostgroup-show webservers\n"
"      Host-group: webservers\n"
"      Description: Web Servers\n"
"      Member hosts: web1.example.com\n"
"\n"
"    ipa group-show devel\n"
"      Group name: devel\n"
"      Description: Developers\n"
"      GID: 1004200000\n"
"      Member users: tuser\n"
msgstr ""

#: ipaserver/plugins/automember.py:98
msgid ""
"\n"
" Remove a condition from the rule:\n"
"   ipa automember-remove-condition --key=fqdn --type=hostgroup --inclusive-"
"regex=^web[1-9]+\\.example\\.com webservers\n"
msgstr ""

#: ipaserver/plugins/automember.py:101
msgid ""
"\n"
" Modify the automember rule:\n"
"    ipa automember-mod\n"
msgstr ""

#: ipaserver/plugins/automember.py:104
msgid ""
"\n"
" Set the default (fallback) target group:\n"
"    ipa automember-default-group-set --default-group=webservers --"
"type=hostgroup\n"
"    ipa automember-default-group-set --default-group=ipausers --type=group\n"
msgstr ""

#: ipaserver/plugins/automember.py:108
msgid ""
"\n"
" Remove the default (fallback) target group:\n"
"    ipa automember-default-group-remove --type=hostgroup\n"
"    ipa automember-default-group-remove --type=group\n"
msgstr ""

#: ipaserver/plugins/automember.py:112
msgid ""
"\n"
" Show the default (fallback) target group:\n"
"    ipa automember-default-group-show --type=hostgroup\n"
"    ipa automember-default-group-show --type=group\n"
msgstr ""

#: ipaserver/plugins/automember.py:116
msgid ""
"\n"
" Find all of the automember rules:\n"
"    ipa automember-find\n"
msgstr ""

#: ipaserver/plugins/automember.py:119
msgid ""
"\n"
" Find all of the orphan automember rules:\n"
"    ipa automember-find-orphans --type=hostgroup\n"
" Find all of the orphan automember rules and remove them:\n"
"    ipa automember-find-orphans --type=hostgroup --remove\n"
msgstr ""

#: ipaserver/plugins/automember.py:124
msgid ""
"\n"
" Display a automember rule:\n"
"    ipa automember-show --type=hostgroup webservers\n"
"    ipa automember-show --type=group devel\n"
msgstr ""

#: ipaserver/plugins/automember.py:128
msgid ""
"\n"
" Delete an automember rule:\n"
"    ipa automember-del --type=hostgroup webservers\n"
"    ipa automember-del --type=group devel\n"
msgstr ""

#: ipaserver/plugins/automember.py:132
msgid ""
"\n"
" Rebuild membership for all users:\n"
"    ipa automember-rebuild --type=group\n"
msgstr ""

#: ipaserver/plugins/automember.py:135
msgid ""
"\n"
" Rebuild membership for all hosts:\n"
"    ipa automember-rebuild --type=hostgroup\n"
msgstr ""

#: ipaserver/plugins/automember.py:138
msgid ""
"\n"
" Rebuild membership for specified users:\n"
"    ipa automember-rebuild --users=tuser1 --users=tuser2\n"
msgstr ""

#: ipaserver/plugins/automember.py:141
msgid ""
"\n"
" Rebuild membership for specified hosts:\n"
"    ipa automember-rebuild --hosts=web1.example.com --hosts=web2.example."
"com\n"
msgstr ""

#: ipaserver/plugins/automember.py:244
msgid "Auto Membership Rule"
msgstr ""

#: ipaserver/plugins/automember.py:275
#, python-format
msgid "%(otype)s \"%(oname)s\" not found"
msgstr ""

#: ipaserver/plugins/automember.py:301
#, python-format
msgid "%s is not a valid attribute."
msgstr ""

#: ipaserver/plugins/automember.py:314
msgid ""
"\n"
"    Add an automember rule.\n"
"    "
msgstr ""

#: ipaserver/plugins/automember.py:318
#, python-format
msgid "Added automember rule \"%(value)s\""
msgstr ""

#: ipaserver/plugins/automember.py:325
msgid "Auto Membership is not configured"
msgstr ""

#: ipaserver/plugins/automember.py:337
msgid ""
"\n"
"    Add conditions to an automember rule.\n"
"    "
msgstr ""

#: ipaserver/plugins/automember.py:348
#, python-format
msgid "Added condition(s) to \"%(value)s\""
msgstr ""

#: ipaserver/plugins/automember.py:371 ipaserver/plugins/automember.py:455
#, python-format
msgid "Auto member rule: %s not found!"
msgstr ""

#: ipaserver/plugins/automember.py:413
msgid ""
"\n"
"        Override this so we can add completed and failed to the return "
"result.\n"
"        "
msgstr ""

#: ipaserver/plugins/automember.py:428
msgid ""
"\n"
"    Remove conditions from an automember rule.\n"
"    "
msgstr ""

#: ipaserver/plugins/automember.py:432
#, python-format
msgid "Removed condition(s) from \"%(value)s\""
msgstr ""

#: ipaserver/plugins/automember.py:496
msgid ""
"\n"
"        Override this so we can set completed and failed.\n"
"        "
msgstr ""

#: ipaserver/plugins/automember.py:511
msgid ""
"\n"
"    Modify an automember rule.\n"
"    "
msgstr ""

#: ipaserver/plugins/automember.py:515
#, python-format
msgid "Modified automember rule \"%(value)s\""
msgstr ""

#: ipaserver/plugins/automember.py:525
msgid ""
"\n"
"    Delete an automember rule.\n"
"    "
msgstr ""

#: ipaserver/plugins/automember.py:529
#, python-format
msgid "Deleted automember rule \"%(value)s\""
msgstr ""

#: ipaserver/plugins/automember.py:534
msgid ""
"\n"
"    Search for automember rules.\n"
"    "
msgstr ""

#: ipaserver/plugins/automember.py:540 ipaserver/plugins/automember.py:840
#, python-format
msgid "%(count)d rules matched"
msgid_plural "%(count)d rules matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/automember.py:552
msgid ""
"\n"
"    Display information about an automember rule.\n"
"    "
msgstr ""

#: ipaserver/plugins/automember.py:576
msgid ""
"\n"
"    Set default (fallback) group for all unmatched entries.\n"
"    "
msgstr ""

#: ipaserver/plugins/automember.py:590
#, python-format
msgid "Set default (fallback) group for automember \"%(value)s\""
msgstr ""

#: ipaserver/plugins/automember.py:607
msgid ""
"\n"
"    Remove default (fallback) group for all unmatched entries.\n"
"    "
msgstr ""

#: ipaserver/plugins/automember.py:614
#, python-format
msgid "Removed default (fallback) group for automember \"%(value)s\""
msgstr ""

#: ipaserver/plugins/automember.py:625 ipaserver/plugins/automember.py:633
#: ipaserver/plugins/automember.py:661
msgid "No default (fallback) group set"
msgstr ""

#: ipaserver/plugins/automember.py:644
msgid ""
"\n"
"    Display information about the default (fallback) automember groups.\n"
"    "
msgstr ""

#: ipaserver/plugins/automember.py:675
msgid "Task DN"
msgstr ""

#: ipaserver/plugins/automember.py:676
msgid "DN of the started task"
msgstr ""

#: ipaserver/plugins/automember.py:727
msgid "at least one of options: type, users, hosts must be specified"
msgstr ""

#: ipaserver/plugins/automember.py:733
msgid "users and hosts cannot both be set"
msgstr ""

#: ipaserver/plugins/automember.py:737
msgid "hosts cannot be set when type is 'group'"
msgstr ""

#: ipaserver/plugins/automember.py:741
msgid "users cannot be set when type is 'hostgroup'"
msgstr ""

#: ipaserver/plugins/automember.py:795
msgid "Automember rebuild membership task started"
msgstr ""

#: ipaserver/plugins/automember.py:799 ipaserver/plugins/internal.py:164
msgid "Automember rebuild membership task completed"
msgstr ""

#: ipaserver/plugins/automember.py:815
#, python-format
msgid "Task DN = '%s'"
msgstr ""

#: ipaserver/plugins/automember.py:818 ipaserver/plugins/internal.py:1953
msgid "Automember"
msgstr ""

#: ipaserver/plugins/automember.py:828
msgid ""
"\n"
"    Search for orphan automember rules. The command might need to be run as\n"
"    a privileged user user to get all orphan rules.\n"
"    "
msgstr ""

#: ipaserver/plugins/automember.py:835
msgid "Remove orphan automember rules"
msgstr ""

#: ipaserver/plugins/baseldap.py:101
msgid "Member service groups"
msgstr ""

#: ipaserver/plugins/baseldap.py:110
msgid "Member HBAC service groups"
msgstr ""

#: ipaserver/plugins/baseldap.py:127
msgid "Member ID user overrides"
msgstr ""

#: ipaserver/plugins/baseldap.py:129
msgid "Indirect Member ID user overrides"
msgstr ""

#: ipaserver/plugins/baseldap.py:146
msgid "Indirect Member permissions"
msgstr ""

#: ipaserver/plugins/baseldap.py:149
msgid "Indirect Member HBAC service"
msgstr ""

#: ipaserver/plugins/baseldap.py:152
msgid "Indirect Member HBAC service group"
msgstr ""

#: ipaserver/plugins/baseldap.py:213
msgid "Invalid format. Should be name=value"
msgstr ""

#: ipaserver/plugins/baseldap.py:584
msgid "An IPA master host cannot be deleted or disabled"
msgstr ""

#: ipaserver/plugins/baseldap.py:615
msgid "entry"
msgstr ""

#: ipaserver/plugins/baseldap.py:616
msgid "entries"
msgstr ""

#: ipaserver/plugins/baseldap.py:654 ipaserver/plugins/baseldap.py:655
msgid "Entry"
msgstr ""

#: ipaserver/plugins/baseldap.py:658
#, python-format
msgid "container entry (%(container)s) not found"
msgstr ""

#: ipaserver/plugins/baseldap.py:659
#, python-format
msgid "%(parent)s: %(oname)s not found"
msgstr ""

#: ipaserver/plugins/baseldap.py:660 ipaserver/plugins/schema.py:257
#: ipaserver/plugins/schema.py:333 ipaserver/plugins/schema.py:424
#: ipaserver/plugins/schema.py:661 ipaserver/plugins/schema.py:754
#, python-format
msgid "%(pkey)s: %(oname)s not found"
msgstr ""

#: ipaserver/plugins/baseldap.py:661
#, python-format
msgid "%(oname)s with name \"%(pkey)s\" already exists"
msgstr ""

#: ipaserver/plugins/baseldap.py:954 ipaserver/plugins/baseldap.py:962
#, python-format
msgid "attribute \"%(attribute)s\" not allowed"
msgstr ""

#: ipaserver/plugins/baseldap.py:967
#, python-format
msgid "these attributes are not allowed: %(attrs)s"
msgstr ""

#: ipaserver/plugins/baseldap.py:1025
msgid "attribute is not configurable"
msgstr ""

#: ipaserver/plugins/baseldap.py:1128
msgid "No such attribute on this entry"
msgstr ""

#: ipaserver/plugins/baseldap.py:1488
#, python-format
msgid "Rename the %(ldap_obj_name)s object"
msgstr ""

#: ipaserver/plugins/baseldap.py:1586 ipaserver/plugins/baseldap.py:2494
msgid "the entry was deleted while being modified"
msgstr ""

#: ipaserver/plugins/baseldap.py:1719 ipaserver/plugins/baseldap.py:2221
#, python-format
msgid "%s"
msgstr ""

#: ipaserver/plugins/baseldap.py:1762 ipaserver/plugins/baseldap.py:2245
#, python-format
msgid "%s to add"
msgstr ""

#: ipaserver/plugins/baseldap.py:1861 ipaserver/plugins/baseldap.py:2344
#, python-format
msgid "%s to remove"
msgstr ""

#: ipaserver/plugins/baseldap.py:1961 ipaserver/plugins/schema.py:122
#, python-format
msgid "Results should contain primary key attribute only (\"%s\")"
msgstr ""

#: ipaserver/plugins/baseldap.py:1969
#, python-format
msgid ""
"Search for %(searched_object)s with these %(relationship)s %(ldap_object)s."
msgstr ""

#: ipaserver/plugins/baseldap.py:1970
#, python-format
msgid ""
"Search for %(searched_object)s without these %(relationship)s "
"%(ldap_object)s."
msgstr ""

#: ipaserver/plugins/baseldap.py:2525
#, python-format
msgid "added attribute value to entry %(value)s"
msgstr ""

#: ipaserver/plugins/baseldap.py:2539
#, python-format
msgid "removed attribute values from entry %(value)s"
msgstr ""

#: ipaserver/plugins/baseldap.py:2548
msgid "one or more values to remove"
msgstr ""

#: ipaserver/plugins/batch.py:35
msgid ""
"\n"
"Plugin to make multiple ipa calls via one remote procedure call\n"
"\n"
"To run this code in the lite-server\n"
"\n"
"curl   -H \"Content-Type:application/json\"          -H \"Accept:application/"
"json\" -H \"Accept-Language:en\"        --negotiate -u :          --cacert /"
"etc/ipa/ca.crt           -d  @batch_request.json -X POST       http://"
"localhost:8888/ipa/json\n"
"\n"
"where the contents of the file batch_request.json follow the below example\n"
"\n"
"{\"method\":\"batch\",\"params\":[[\n"
"        {\"method\":\"group_find\",\"params\":[[],{}]},\n"
"        {\"method\":\"user_find\",\"params\":[[],{\"whoami\":\"true\","
"\"all\":\"true\"}]},\n"
"        {\"method\":\"user_show\",\"params\":[[\"admin\"],{\"all\":true}]}\n"
"        ],{}],\"id\":1}\n"
"\n"
"The format of the response is nested the same way.  At the top you will see\n"
"  \"error\": null,\n"
"    \"id\": 1,\n"
"    \"result\": {\n"
"        \"count\": 3,\n"
"            \"results\": [\n"
"\n"
"\n"
"And then a nested response for each IPA command method sent in the request\n"
"\n"
msgstr ""

#: ipaserver/plugins/batch.py:71
msgid "Make multiple ipa calls via one remote procedure call"
msgstr ""

#: ipaserver/plugins/batch.py:122
msgid "must contain a tuple (list, dict)"
msgstr ""

#: ipaserver/plugins/dogtag.py:1251
msgid "REST API is not logged in."
msgstr ""

#: ipaserver/plugins/dogtag.py:1273
#, python-format
msgid "Non-2xx response from CA REST API: %(status)d. %(explanation)s"
msgstr ""

#: ipaserver/plugins/dogtag.py:1299
msgid "Unable to communicate with CMS"
msgstr ""

#: ipaserver/plugins/dogtag.py:1490 ipaserver/plugins/dogtag.py:1576
#: ipaserver/plugins/dogtag.py:2083 ipaserver/plugins/dogtag.py:2093
msgid "Response from CA was not valid JSON"
msgstr ""

#: ipaserver/plugins/hbactest.py:39 ipaserver/plugins/cert.py:64
msgid "pyhbac is not installed."
msgstr ""

#: ipaserver/plugins/hbactest.py:45
msgid ""
"\n"
"Simulate use of Host-based access controls\n"
"\n"
"HBAC rules control who can access what services on what hosts.\n"
"You can use HBAC to control which users or groups can access a service,\n"
"or group of services, on a target host.\n"
"\n"
"Since applying HBAC rules implies use of a production environment,\n"
"this plugin aims to provide simulation of HBAC rules evaluation without\n"
"having access to the production environment.\n"
"\n"
" Test user coming to a service on a named host against\n"
" existing enabled rules.\n"
"\n"
" ipa hbactest --user= --host= --service=\n"
"              [--rules=rules-list] [--nodetail] [--enabled] [--disabled]\n"
"              [--sizelimit= ]\n"
"\n"
" --user, --host, and --service are mandatory, others are optional.\n"
"\n"
" If --rules is specified simulate enabling of the specified rules and test\n"
" the login of the user using only these rules.\n"
"\n"
" If --enabled is specified, all enabled HBAC rules will be added to "
"simulation\n"
"\n"
" If --disabled is specified, all disabled HBAC rules will be added to "
"simulation\n"
"\n"
" If --nodetail is specified, do not return information about rules matched/"
"not matched.\n"
"\n"
" If both --rules and --enabled are specified, apply simulation to --rules "
"_and_\n"
" all IPA enabled rules.\n"
"\n"
" If no --rules specified, simulation is run against all IPA enabled rules.\n"
" By default there is a IPA-wide limit to number of entries fetched, you can "
"change it\n"
" with --sizelimit option.\n"
"\n"
"EXAMPLES:\n"
"\n"
"    1. Use all enabled HBAC rules in IPA database to simulate:\n"
"    $ ipa  hbactest --user=a1a --host=bar --service=sshd\n"
"    --------------------\n"
"    Access granted: True\n"
"    --------------------\n"
"      Not matched rules: my-second-rule\n"
"      Not matched rules: my-third-rule\n"
"      Not matched rules: myrule\n"
"      Matched rules: allow_all\n"
"\n"
"    2. Disable detailed summary of how rules were applied:\n"
"    $ ipa hbactest --user=a1a --host=bar --service=sshd --nodetail\n"
"    --------------------\n"
"    Access granted: True\n"
"    --------------------\n"
"\n"
"    3. Test explicitly specified HBAC rules:\n"
"    $ ipa hbactest --user=a1a --host=bar --service=sshd \\\\\n"
"          --rules=myrule --rules=my-second-rule\n"
"    ---------------------\n"
"    Access granted: False\n"
"    ---------------------\n"
"      Not matched rules: my-second-rule\n"
"      Not matched rules: myrule\n"
"\n"
"    4. Use all enabled HBAC rules in IPA database + explicitly specified "
"rules:\n"
"    $ ipa hbactest --user=a1a --host=bar --service=sshd \\\\\n"
"          --rules=myrule --rules=my-second-rule --enabled\n"
"    --------------------\n"
"    Access granted: True\n"
"    --------------------\n"
"      Not matched rules: my-second-rule\n"
"      Not matched rules: my-third-rule\n"
"      Not matched rules: myrule\n"
"      Matched rules: allow_all\n"
"\n"
"    5. Test all disabled HBAC rules in IPA database:\n"
"    $ ipa hbactest --user=a1a --host=bar --service=sshd --disabled\n"
"    ---------------------\n"
"    Access granted: False\n"
"    ---------------------\n"
"      Not matched rules: new-rule\n"
"\n"
"    6. Test all disabled HBAC rules in IPA database + explicitly specified "
"rules:\n"
"    $ ipa hbactest --user=a1a --host=bar --service=sshd \\\\\n"
"          --rules=myrule --rules=my-second-rule --disabled\n"
"    ---------------------\n"
"    Access granted: False\n"
"    ---------------------\n"
"      Not matched rules: my-second-rule\n"
"      Not matched rules: my-third-rule\n"
"      Not matched rules: myrule\n"
"\n"
"    7. Test all (enabled and disabled) HBAC rules in IPA database:\n"
"    $ ipa hbactest --user=a1a --host=bar --service=sshd \\\\\n"
"          --enabled --disabled\n"
"    --------------------\n"
"    Access granted: True\n"
"    --------------------\n"
"      Not matched rules: my-second-rule\n"
"      Not matched rules: my-third-rule\n"
"      Not matched rules: myrule\n"
"      Not matched rules: new-rule\n"
"      Matched rules: allow_all\n"
"\n"
"\n"
"HBACTEST AND TRUSTED DOMAINS\n"
"\n"
"When an external trusted domain is configured in IPA, HBAC rules are also "
"applied\n"
"on users accessing IPA resources from the trusted domain. Trusted domain "
"users and\n"
"groups (and their SIDs) can be then assigned to external groups which can "
"be\n"
"members of POSIX groups in IPA which can be used in HBAC rules and thus "
"allowing\n"
"access to resources protected by the HBAC system.\n"
"\n"
"hbactest plugin is capable of testing access for both local IPA users and "
"users\n"
"from the trusted domains, either by a fully qualified user name or by user "
"SID.\n"
"Such user names need to have a trusted domain specified as a short name\n"
"(DOMAIN\\Administrator) or with a user principal name (UPN), "
"Administrator@ad.test.\n"
"\n"
"Please note that hbactest executed with a trusted domain user as --user "
"parameter\n"
"can be only run by members of \"trust admins\" group.\n"
"\n"
"EXAMPLES:\n"
"\n"
"    1. Test if a user from a trusted domain specified by its shortname "
"matches any\n"
"       rule:\n"
"\n"
"    $ ipa hbactest --user 'DOMAIN\\Administrator' --host `hostname` --"
"service sshd\n"
"    --------------------\n"
"    Access granted: True\n"
"    --------------------\n"
"      Matched rules: allow_all\n"
"      Matched rules: can_login\n"
"\n"
"    2. Test if a user from a trusted domain specified by its domain name "
"matches\n"
"       any rule:\n"
"\n"
"    $ ipa hbactest --user 'Administrator@domain.com' --host `hostname` --"
"service sshd\n"
"    --------------------\n"
"    Access granted: True\n"
"    --------------------\n"
"      Matched rules: allow_all\n"
"      Matched rules: can_login\n"
"\n"
"    3. Test if a user from a trusted domain specified by its SID matches any "
"rule:\n"
"\n"
"    $ ipa hbactest --user S-1-5-21-3035198329-144811719-1378114514-500 \\\\\n"
"            --host `hostname` --service sshd\n"
"    --------------------\n"
"    Access granted: True\n"
"    --------------------\n"
"      Matched rules: allow_all\n"
"      Matched rules: can_login\n"
"\n"
"    4. Test if other user from a trusted domain specified by its SID matches "
"any rule:\n"
"\n"
"    $ ipa hbactest --user S-1-5-21-3035198329-144811719-1378114514-1203 \\"
"\\\n"
"            --host `hostname` --service sshd\n"
"    --------------------\n"
"    Access granted: True\n"
"    --------------------\n"
"      Matched rules: allow_all\n"
"      Not matched rules: can_login\n"
"\n"
"   5. Test if other user from a trusted domain specified by its shortname "
"matches\n"
"       any rule:\n"
"\n"
"    $ ipa hbactest --user 'DOMAIN\\Otheruser' --host `hostname` --service "
"sshd\n"
"    --------------------\n"
"    Access granted: True\n"
"    --------------------\n"
"      Matched rules: allow_all\n"
"      Not matched rules: can_login\n"
msgstr ""

#: ipaserver/plugins/hbactest.py:384
msgid "Unresolved rules in --rules"
msgstr ""

#: ipaserver/plugins/hbactest.py:408 ipaserver/plugins/trust.py:345
msgid ""
"Cannot search in trusted domains without own domain configured. Make sure "
"you have run ipa-adtrust-install on the IPA server first"
msgstr ""

#: ipaserver/plugins/hbactest.py:497
#, python-format
msgid "Access granted: %s"
msgstr ""

#: ipaserver/plugins/permission.py:40
msgid ""
"\n"
"Permissions\n"
msgstr ""

#: ipaserver/plugins/permission.py:42
msgid ""
"\n"
"A permission enables fine-grained delegation of rights. A permission is\n"
"a human-readable wrapper around a 389-ds Access Control Rule,\n"
"or instruction (ACI).\n"
"A permission grants the right to perform a specific task such as adding a\n"
"user, modifying a group, etc.\n"
msgstr ""

#: ipaserver/plugins/permission.py:48
msgid ""
"\n"
"A permission may not contain other permissions.\n"
msgstr ""

#: ipaserver/plugins/permission.py:50
msgid ""
"\n"
"* A permission grants access to read, write, add, delete, read, search,\n"
"  or compare.\n"
"* A privilege combines similar permissions (for example all the permissions\n"
"  needed to add a user).\n"
"* A role grants a set of privileges to users, groups, hosts or hostgroups.\n"
msgstr ""

#: ipaserver/plugins/permission.py:56
msgid ""
"\n"
"A permission is made up of a number of different parts:\n"
"\n"
"1. The name of the permission.\n"
"2. The target of the permission.\n"
"3. The rights granted by the permission.\n"
msgstr ""

#: ipaserver/plugins/permission.py:62
msgid ""
"\n"
"Rights define what operations are allowed, and may be one or more\n"
"of the following:\n"
"1. write - write one or more attributes\n"
"2. read - read one or more attributes\n"
"3. search - search on one or more attributes\n"
"4. compare - compare one or more attributes\n"
"5. add - add a new entry to the tree\n"
"6. delete - delete an existing entry\n"
"7. all - all permissions are granted\n"
msgstr ""

#: ipaserver/plugins/permission.py:72
msgid ""
"\n"
"Note the distinction between attributes and entries. The permissions are\n"
"independent, so being able to add a user does not mean that the user will\n"
"be editable.\n"
msgstr ""

#: ipaserver/plugins/permission.py:76
msgid ""
"\n"
"There are a number of allowed targets:\n"
"1. subtree: a DN; the permission applies to the subtree under this DN\n"
"2. target filter: an LDAP filter\n"
"3. target: DN with possible wildcards, specifies entries permission applies "
"to\n"
msgstr ""

#: ipaserver/plugins/permission.py:81
msgid ""
"\n"
"Additionally, there are the following convenience options.\n"
"Setting one of these options will set the corresponding attribute(s).\n"
"1. type: a type of object (user, group, etc); sets subtree and target "
"filter.\n"
"2. memberof: apply to members of a group; sets target filter\n"
"3. targetgroup: grant access to modify a specific group (such as granting\n"
"   the rights to manage group membership); sets target.\n"
msgstr ""

#: ipaserver/plugins/permission.py:88
msgid ""
"\n"
"Managed permissions\n"
msgstr ""

#: ipaserver/plugins/permission.py:90
msgid ""
"\n"
"Permissions that come with IPA by default can be so-called \"managed\"\n"
"permissions. These have a default set of attributes they apply to,\n"
"but the administrator can add/remove individual attributes to/from the set.\n"
msgstr ""

#: ipaserver/plugins/permission.py:94
msgid ""
"\n"
"Deleting or renaming a managed permission, as well as changing its target,\n"
"is not allowed.\n"
msgstr ""

#: ipaserver/plugins/permission.py:99
msgid ""
"\n"
" Add a permission that grants the creation of users:\n"
"   ipa permission-add --type=user --permissions=add \"Add Users\"\n"
msgstr ""

#: ipaserver/plugins/permission.py:102
msgid ""
"\n"
" Add a permission that grants the ability to manage group membership:\n"
"   ipa permission-add --attrs=member --permissions=write --type=group "
"\"Manage Group Members\"\n"
msgstr ""

#: ipaserver/plugins/permission.py:129
msgid "must be enclosed in parentheses"
msgstr ""

#: ipaserver/plugins/permission.py:149
#, python-format
msgid "\"%s\" is not an object type"
msgstr ""

#: ipaserver/plugins/permission.py:151 ipaserver/plugins/permission.py:897
#, python-format
msgid "\"%s\" is not a valid permission type"
msgstr ""

#: ipaserver/plugins/permission.py:353
#, python-format
msgid "Deprecated; use %s"
msgstr ""

#: ipaserver/plugins/permission.py:370
#, python-format
msgid "Permission with unknown flag %s may not be modified or removed"
msgstr ""

#: ipaserver/plugins/permission.py:374
msgid "A SYSTEM permission may not be modified or removed"
msgstr ""

#: ipaserver/plugins/permission.py:624
#, python-format
msgid "Entry %s not found"
msgstr ""

#: ipaserver/plugins/permission.py:716
#, python-format
msgid "The ACI for permission %(name)s was not found in %(dn)s "
msgstr ""

#: ipaserver/plugins/permission.py:820
msgid ""
"cannot specify full target filter and extra target filter simultaneously"
msgstr ""

#: ipaserver/plugins/permission.py:843
#, python-format
msgid "option was renamed; use %s"
msgstr ""

#: ipaserver/plugins/permission.py:847
#, python-format
msgid "Cannot use %(old_name)s with %(new_name)s"
msgstr ""

#: ipaserver/plugins/permission.py:861 ipaserver/plugins/permission.py:876
#, python-format
msgid "%s: group not found"
msgstr ""

#: ipaserver/plugins/permission.py:871
msgid "target and targetgroup are mutually exclusive"
msgstr ""

#: ipaserver/plugins/permission.py:892
msgid "subtree and type are mutually exclusive"
msgstr ""

#: ipaserver/plugins/permission.py:930
msgid "Bad search filter"
msgstr ""

#: ipaserver/plugins/permission.py:940
#, python-format
msgid "Entry %s does not exist"
msgstr ""

#: ipaserver/plugins/permission.py:949
msgid ""
"there must be at least one target entry specifier (e.g. target, "
"targetfilter, attrs)"
msgstr ""

#: ipaserver/plugins/permission.py:961 ipaserver/plugins/permission.py:989
#, python-format
msgid "Added permission \"%(value)s\""
msgstr ""

#: ipaserver/plugins/permission.py:1014
msgid "attrs and included attributes are mutually exclusive"
msgstr ""

#: ipaserver/plugins/permission.py:1046
#, python-format
msgid "Cannot store permission ACI to %s"
msgstr ""

#: ipaserver/plugins/permission.py:1057
#, python-format
msgid "Deleted permission \"%(value)s\""
msgstr ""

#: ipaserver/plugins/permission.py:1077
msgid "cannot delete managed permissions"
msgstr ""

#: ipaserver/plugins/permission.py:1083
#, python-format
msgid "ACI of permission %s was not found"
msgstr ""

#: ipaserver/plugins/permission.py:1092
#, python-format
msgid "Modified permission \"%(value)s\""
msgstr ""

#: ipaserver/plugins/permission.py:1125
msgid "cannot rename managed permissions"
msgstr ""

#: ipaserver/plugins/permission.py:1132 ipaserver/plugins/permission.py:1136
msgid "not modifiable on managed permissions"
msgstr ""

#: ipaserver/plugins/permission.py:1143
msgid "only available on managed permissions"
msgstr ""

#: ipaserver/plugins/permission.py:1150 ipaserver/plugins/permission.py:1276
msgid "attrs and included/excluded attributes are mutually exclusive"
msgstr ""

#: ipaserver/plugins/permission.py:1161
msgid "cannot set bindtype for a permission that is assigned to a privilege"
msgstr ""

#: ipaserver/plugins/permission.py:1265
#, python-format
msgid "%(count)d permission matched"
msgid_plural "%(count)d permissions matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/privilege.py:76
#, python-format
msgid ""
"cannot add permission \"%(perm)s\" with bindtype \"%(bindtype)s\" to a "
"privilege"
msgstr ""

#: ipaserver/plugins/privilege.py:149
msgid "Privilege"
msgstr ""

#: ipaserver/plugins/privilege.py:169
#, python-format
msgid "Added privilege \"%(value)s\""
msgstr ""

#: ipaserver/plugins/privilege.py:176
#, python-format
msgid "Deleted privilege \"%(value)s\""
msgstr ""

#: ipaserver/plugins/privilege.py:183
#, python-format
msgid "Modified privilege \"%(value)s\""
msgstr ""

#: ipaserver/plugins/privilege.py:191
#, python-format
msgid "%(count)d privilege matched"
msgid_plural "%(count)d privileges matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/schema.py:24
msgid ""
"\n"
"API Schema\n"
msgstr ""

#: ipaserver/plugins/schema.py:26
msgid ""
"\n"
"Provides API introspection capabilities.\n"
msgstr ""

#: ipaserver/plugins/schema.py:30
msgid ""
"\n"
" Show user-find details:\n"
"   ipa command-show user-find\n"
msgstr ""

#: ipaserver/plugins/schema.py:33
msgid ""
"\n"
" Find user-find parameters:\n"
"   ipa param-find user-find\n"
msgstr ""

#: ipaserver/plugins/schema.py:48 ipaserver/plugins/trust.py:1419
#: ipaserver/plugins/ca.py:86
msgid "Name"
msgstr ""

#: ipaserver/plugins/schema.py:54
msgid "Documentation"
msgstr ""

#: ipaserver/plugins/schema.py:59
msgid "Exclude from"
msgstr ""

#: ipaserver/plugins/schema.py:64
msgid "Include in"
msgstr ""

#: ipaserver/plugins/schema.py:135
msgid "Help topic"
msgstr ""

#: ipaserver/plugins/schema.py:147 ipaserver/plugins/internal.py:731
msgid "Version"
msgstr ""

#: ipaserver/plugins/schema.py:172
msgid "Parameters"
msgstr ""

#: ipaserver/plugins/schema.py:207
msgid "Method of"
msgstr ""

#: ipaserver/plugins/schema.py:212
msgid "Method name"
msgstr ""

#: ipaserver/plugins/schema.py:270
msgid "Display information about a command."
msgstr ""

#: ipaserver/plugins/schema.py:275
msgid "Search for commands."
msgstr ""

#: ipaserver/plugins/schema.py:280
msgid "Return command defaults"
msgstr ""

#: ipaserver/plugins/schema.py:291
#, python-brace-format
msgid "{oname}: {command_name} not found"
msgstr ""

#: ipaserver/plugins/schema.py:344
msgid "Display information about a class."
msgstr ""

#: ipaserver/plugins/schema.py:349
msgid "Search for classes."
msgstr "등급 검색."

#: ipaserver/plugins/schema.py:436
msgid "Display information about a help topic."
msgstr "도움말 주제에 대한 정보를 표시합니다."

#: ipaserver/plugins/schema.py:441
msgid "Search for help topics."
msgstr ""

#: ipaserver/plugins/schema.py:453
msgid "Required"
msgstr ""

#: ipaserver/plugins/schema.py:458
msgid "Multi-value"
msgstr ""

#: ipaserver/plugins/schema.py:508
msgid "Always ask"
msgstr ""

#: ipaserver/plugins/schema.py:513
msgid "CLI metavar"
msgstr ""

#: ipaserver/plugins/schema.py:518
msgid "CLI name"
msgstr ""

#: ipaserver/plugins/schema.py:523
msgid "Confirm (password)"
msgstr ""

#: ipaserver/plugins/schema.py:528
msgid "Default"
msgstr ""

#: ipaserver/plugins/schema.py:533
msgid "Default from"
msgstr ""

#: ipaserver/plugins/schema.py:538
msgid "Label"
msgstr ""

#: ipaserver/plugins/schema.py:543
msgid "Convert on server"
msgstr ""

#: ipaserver/plugins/schema.py:548
msgid "Option group"
msgstr ""

#: ipaserver/plugins/schema.py:553
msgid "Sensitive"
msgstr ""

#: ipaserver/plugins/schema.py:558
msgid "Positional argument"
msgstr ""

#: ipaserver/plugins/schema.py:643
#, python-format
msgid "%(metaobject)s: %(oname)s not found"
msgstr ""

#: ipaserver/plugins/schema.py:682
msgid "Display information about a command parameter."
msgstr ""

#: ipaserver/plugins/schema.py:687
msgid "Search command parameters."
msgstr ""

#: ipaserver/plugins/schema.py:744
#, python-format
msgid "%(command_name)s: %(oname)s not found"
msgstr ""

#: ipaserver/plugins/schema.py:769
msgid "Display information about a command output."
msgstr ""

#: ipaserver/plugins/schema.py:774
msgid "Search for command outputs."
msgstr ""

#: ipaserver/plugins/schema.py:779
msgid "Store and provide schema for commands and topics"
msgstr ""

#: ipaserver/plugins/schema.py:785
msgid "Fingerprint of schema cached by client"
msgstr ""

#: ipaserver/plugins/trust.py:83
msgid ""
"\n"
"Cross-realm trusts\n"
"\n"
"Manage trust relationship between IPA and Active Directory domains.\n"
"\n"
"In order to allow users from a remote domain to access resources in IPA "
"domain,\n"
"trust relationship needs to be established. Currently IPA supports only "
"trusts\n"
"between IPA and Active Directory domains under control of Windows Server "
"2008\n"
"or later, with functional level 2008 or later.\n"
"\n"
"Please note that DNS on both IPA and Active Directory domain sides should "
"be\n"
"configured properly to discover each other. Trust relationship relies on\n"
"ability to discover special resources in the other domain via DNS records.\n"
"\n"
"Examples:\n"
"\n"
"1. Establish cross-realm trust with Active Directory using AD administrator\n"
"   credentials:\n"
"\n"
"   ipa trust-add --type=ad <ad.domain> --admin <AD domain "
"administrator>            --password\n"
"\n"
"2. List all existing trust relationships:\n"
"\n"
"   ipa trust-find\n"
"\n"
"3. Show details of the specific trust relationship:\n"
"\n"
"   ipa trust-show <ad.domain>\n"
"\n"
"4. Delete existing trust relationship:\n"
"\n"
"   ipa trust-del <ad.domain>\n"
"\n"
"Once trust relationship is established, remote users will need to be mapped\n"
"to local POSIX groups in order to actually use IPA resources. The mapping\n"
"should be done via use of external membership of non-POSIX group and then\n"
"this group should be included into one of local POSIX groups.\n"
"\n"
"Example:\n"
"\n"
"1. Create group for the trusted domain admins' mapping and their local "
"POSIX\n"
"group:\n"
"\n"
"   ipa group-add --desc='<ad.domain> admins external map'            "
"ad_admins_external --external\n"
"   ipa group-add --desc='<ad.domain> admins' ad_admins\n"
"\n"
"2. Add security identifier of Domain Admins of the <ad.domain> to the\n"
"   ad_admins_external group:\n"
"\n"
"   ipa group-add-member ad_admins_external --external 'AD\\Domain Admins'\n"
"\n"
"3. Allow members of ad_admins_external group to be associated with\n"
"   ad_admins POSIX group:\n"
"\n"
"   ipa group-add-member ad_admins --groups ad_admins_external\n"
"\n"
"4. List members of external members of ad_admins_external group to see\n"
"   their SIDs:\n"
"\n"
"   ipa group-show ad_admins_external\n"
"\n"
"\n"
"GLOBAL TRUST CONFIGURATION\n"
"\n"
"When IPA AD trust subpackage is installed and ipa-adtrust-install is run, a\n"
"local domain configuration (SID, GUID, NetBIOS name) is generated. These\n"
"identifiers are then used when communicating with a trusted domain of the\n"
"particular type.\n"
"\n"
"1. Show global trust configuration for Active Directory type of trusts:\n"
"\n"
"   ipa trustconfig-show --type ad\n"
"\n"
"2. Modify global configuration for all trusts of Active Directory type and "
"set\n"
"   a different fallback primary group (fallback primary group GID is used as "
"a\n"
"   primary user GID if user authenticating to IPA domain does not have any\n"
"   other primary GID already set):\n"
"\n"
"   ipa trustconfig-mod --type ad --fallback-primary-group \"another AD "
"group\"\n"
"\n"
"3. Change primary fallback group back to default hidden group (any group "
"with\n"
"   posixGroup object class is allowed):\n"
"\n"
"   ipa trustconfig-mod --type ad --fallback-primary-group \"Default SMB "
"Group\"\n"
msgstr ""

#: ipaserver/plugins/trust.py:226
#, python-format
msgid ""
" Alternatively, following servers are capable of running this command: "
"%(masters)s"
msgstr ""

#: ipaserver/plugins/trust.py:239 ipaserver/plugins/trust.py:872
#: ipaserver/plugins/trust.py:888 ipaserver/plugins/trust.py:909
#: ipaserver/plugins/trust.py:919 ipaserver/plugins/trust.py:1072
#: ipaserver/plugins/trust.py:1107
msgid "AD Trust setup"
msgstr ""

#: ipaserver/plugins/trust.py:250
msgid ""
"Cannot perform the selected command without Samba 4 support installed. Make "
"sure you have installed server-trust-ad sub-package of IPA."
msgstr ""

#: ipaserver/plugins/trust.py:260
msgid ""
"Cannot perform the selected command without Samba 4 instance configured on "
"this machine. Make sure you have run ipa-adtrust-install on this server."
msgstr ""

#: ipaserver/plugins/trust.py:474
msgid ""
"Fetching domains from trusted forest failed. See details in the error_log"
msgstr ""

#: ipaserver/plugins/trust.py:487
msgid "trust"
msgstr ""

#: ipaserver/plugins/trust.py:488
msgid "trusts"
msgstr ""

#: ipaserver/plugins/trust.py:530 ipaserver/plugins/internal.py:1966
msgid "Trusts"
msgstr ""

#: ipaserver/plugins/trust.py:531
msgid "Trust"
msgstr ""

#: ipaserver/plugins/trust.py:549
msgid "SID blocklist incoming"
msgstr ""

#: ipaserver/plugins/trust.py:553
msgid "SID blocklist outgoing"
msgstr ""

#: ipaserver/plugins/trust.py:556 ipaserver/plugins/internal.py:1553
msgid "Trust direction"
msgstr ""

#: ipaserver/plugins/trust.py:560 ipaserver/plugins/internal.py:1555
msgid "Trust type"
msgstr ""

#: ipaserver/plugins/trust.py:564 ipaserver/plugins/internal.py:1554
msgid "Trust status"
msgstr ""

#: ipaserver/plugins/trust.py:569
msgid "UPN suffixes"
msgstr ""

#: ipaserver/plugins/trust.py:586
#, python-brace-format
msgid "invalid SID: {SID}"
msgstr ""

#: ipaserver/plugins/trust.py:655
msgid ""
"\n"
"Add new trust to use.\n"
"\n"
"This command establishes trust relationship to another domain\n"
"which becomes 'trusted'. As result, users of the trusted domain\n"
"may access resources of this domain.\n"
"\n"
"Only trusts to Active Directory domains are supported right now.\n"
"\n"
"The command can be safely run multiple times against the same domain,\n"
"this will cause change to trust relationship credentials on both\n"
"sides.\n"
"\n"
"Note that if the command was previously run with a specific range type,\n"
"or with automatic detection of the range type, and you want to configure a\n"
"different range type, you may need to delete first the ID range using\n"
"ipa idrange-del before retrying the command with the desired range type.\n"
"    "
msgstr ""

#: ipaserver/plugins/trust.py:713
msgid "Type of trusted domain ID range, one of allowed values"
msgstr ""

#: ipaserver/plugins/trust.py:725
msgid "External trust"
msgstr ""

#: ipaserver/plugins/trust.py:727
msgid ""
"Establish external trust to a domain in another forest. The trust is not "
"transitive beyond the domain."
msgstr ""

#: ipaserver/plugins/trust.py:733
#, python-format
msgid "Added Active Directory trust for realm \"%(value)s\""
msgstr ""

#: ipaserver/plugins/trust.py:734
#, python-format
msgid "Re-established trust to domain \"%(value)s\""
msgstr ""

#: ipaserver/plugins/trust.py:830
msgid "missing base_id"
msgstr ""

#: ipaserver/plugins/trust.py:832
msgid "pysss_murmur is not available on the server and no base-id is given."
msgstr ""

#: ipaserver/plugins/trust.py:842
msgid "trust type"
msgstr ""

#: ipaserver/plugins/trust.py:843
msgid "only \"ad\" is supported"
msgstr ""

#: ipaserver/plugins/trust.py:849 ipaserver/plugins/certmap.py:141
#: ipaserver/plugins/certmap.py:148 ipaserver/plugins/certmap.py:175
msgid "domain"
msgstr ""

#: ipaserver/plugins/trust.py:850
msgid ""
"Cannot establish a trust to AD deployed in the same domain as IPA. Such "
"setup is not supported."
msgstr ""

#: ipaserver/plugins/trust.py:863
msgid "Realm-domain mismatch"
msgstr ""

#: ipaserver/plugins/trust.py:864
msgid ""
"To establish trust with Active Directory, the domain name and the realm name "
"of the IPA server must match"
msgstr ""

#: ipaserver/plugins/trust.py:890
#, python-format
msgid ""
"Trusted domain %(domain)s is included among IPA realm domains. It needs to "
"be removed prior to establishing the trust. See the \"ipa realmdomains-mod --"
"del-domain\" command."
msgstr ""

#: ipaserver/plugins/trust.py:911
msgid "Trusted domain and administrator account use different realms"
msgstr ""

#: ipaserver/plugins/trust.py:920
msgid "Realm administrator password should be specified"
msgstr ""

#: ipaserver/plugins/trust.py:941
msgid "id range type"
msgstr ""

#: ipaserver/plugins/trust.py:943
msgid ""
"Only the ipa-ad-trust and ipa-ad-trust-posix are allowed values for --range-"
"type when adding an AD trust."
msgstr ""

#: ipaserver/plugins/trust.py:953
msgid "id range"
msgstr ""

#: ipaserver/plugins/trust.py:955
msgid ""
"An id range already exists for this trust. You should either delete the old "
"range, or exclude --base-id/--range-size options from the command."
msgstr ""

#: ipaserver/plugins/trust.py:977
msgid "range exists"
msgstr ""

#: ipaserver/plugins/trust.py:979
msgid ""
"ID range with the same name but different domain SID already exists. The ID "
"range for the new trusted domain must be created manually."
msgstr ""

#: ipaserver/plugins/trust.py:987
msgid "range type change"
msgstr ""

#: ipaserver/plugins/trust.py:988
msgid ""
"ID range for the trusted domain already exists, but it has a different type. "
"Please remove the old range manually, or do not enforce type via --range-"
"type option."
msgstr ""

#: ipaserver/plugins/trust.py:1026
#, python-brace-format
msgid "Unable to resolve domain controller for {domain} domain. "
msgstr ""

#: ipaserver/plugins/trust.py:1040
msgid ""
"Forward policy is defined for it in IPA DNS, perhaps forwarder points to "
"incorrect host?"
msgstr ""

#: ipaserver/plugins/trust.py:1046
#, python-brace-format
msgid ""
"IPA manages DNS, please verify your DNS configuration and make sure that "
"service records of the '{domain}' domain can be resolved. Examples how to "
"configure DNS with CLI commands or the Web UI can be found in the "
"documentation. "
msgstr ""

#: ipaserver/plugins/trust.py:1058
#, python-brace-format
msgid ""
"Since IPA does not manage DNS records, ensure DNS is configured to resolve "
"'{domain}' domain from IPA hosts and back."
msgstr ""

#: ipaserver/plugins/trust.py:1073
msgid "Unable to verify write permissions to the AD"
msgstr ""

#: ipaserver/plugins/trust.py:1108
msgid "Not enough arguments specified to perform trust setup"
msgstr ""

#: ipaserver/plugins/trust.py:1116
#, python-format
msgid "Deleted trust \"%(value)s\""
msgstr ""

#: ipaserver/plugins/trust.py:1121
msgid ""
"\n"
"    Modify a trust (for future use).\n"
"\n"
"    Currently only the default option to modify the LDAP attributes is\n"
"    available. More specific options will be added in coming releases.\n"
"    "
msgstr ""

#: ipaserver/plugins/trust.py:1128
#, python-format
msgid "Modified trust \"%(value)s\" (change will be effective in 60 seconds)"
msgstr ""

#: ipaserver/plugins/trust.py:1146
#, python-format
msgid "%(count)d trust matched"
msgid_plural "%(count)d trusts matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/trust.py:1235
msgid "trust configuration"
msgstr ""

#: ipaserver/plugins/trust.py:1241 ipaserver/plugins/trust.py:1242
msgid "Global Trust Configuration"
msgstr ""

#: ipaserver/plugins/trust.py:1267
msgid "IPA AD trust agents"
msgstr ""

#: ipaserver/plugins/trust.py:1268
msgid "IPA servers configured as AD trust agents"
msgstr ""

#: ipaserver/plugins/trust.py:1273
msgid "IPA AD trust controllers"
msgstr ""

#: ipaserver/plugins/trust.py:1274
msgid "IPA servers configured as AD trust controllers"
msgstr ""

#: ipaserver/plugins/trust.py:1288
msgid "unsupported trust type"
msgstr ""

#: ipaserver/plugins/trust.py:1355
#, python-format
msgid "Modified \"%(value)s\" trust configuration"
msgstr ""

#: ipaserver/plugins/trust.py:1420
msgid "SID"
msgstr ""

#: ipaserver/plugins/trust.py:1546
msgid "sidgen_was_run"
msgstr ""

#: ipaserver/plugins/trust.py:1548
msgid ""
"This command relies on the existence of the \"editors\" group, but this "
"group was not found."
msgstr ""

#: ipaserver/plugins/trust.py:1567
msgid "trust domain"
msgstr ""

#: ipaserver/plugins/trust.py:1568
msgid "trust domains"
msgstr ""

#: ipaserver/plugins/trust.py:1576
msgid "Trusted domains"
msgstr ""

#: ipaserver/plugins/trust.py:1577
msgid "Trusted domain"
msgstr ""

#: ipaserver/plugins/trust.py:1591
msgid "Domain enabled"
msgstr ""

#: ipaserver/plugins/trust.py:1663
#, python-format
msgid "Removed information about the trusted domain \"%(value)s\""
msgstr ""

#: ipaserver/plugins/trust.py:1681
msgid ""
"cannot delete root domain of the trust, use trust-del to delete the trust "
"itself"
msgstr ""

#: ipaserver/plugins/trust.py:1832
msgid ""
"List of trust domains successfully refreshed. Use trustdomain-find command "
"to list them."
msgstr ""

#: ipaserver/plugins/trust.py:1840
msgid "Configure this server as a trust agent."
msgstr ""

#: ipaserver/plugins/trust.py:1856
msgid "Enable support for trusted domains for old clients"
msgstr ""

#: ipaserver/plugins/trust.py:1872
msgid "not allowed to remotely add agent"
msgstr ""

#: ipaserver/plugins/trust.py:1908
#, python-format
msgid "Enabled trust domain \"%(value)s\""
msgstr ""

#: ipaserver/plugins/trust.py:1917
msgid "Root domain of the trust is always enabled for the existing trust"
msgstr ""

#: ipaserver/plugins/trust.py:1950
#, python-format
msgid "Disabled trust domain \"%(value)s\""
msgstr ""

#: ipaserver/plugins/trust.py:1959
msgid ""
"cannot disable root domain of the trust, use trust-del to delete the trust "
"itself"
msgstr ""

#: ipaserver/plugins/vault.py:52
msgid ""
"\n"
"Vaults\n"
msgstr ""

#: ipaserver/plugins/vault.py:54
msgid ""
"\n"
"Manage vaults.\n"
msgstr ""

#: ipaserver/plugins/vault.py:56
msgid ""
"\n"
"Vault is a secure place to store a secret. One vault can only\n"
"store one secret. When archiving a secret in a vault, the\n"
"existing secret (if any) is overwritten.\n"
msgstr ""

#: ipaserver/plugins/vault.py:60
msgid ""
"\n"
"Based on the ownership there are three vault categories:\n"
"* user/private vault\n"
"* service vault\n"
"* shared vault\n"
msgstr ""

#: ipaserver/plugins/vault.py:65
msgid ""
"\n"
"User vaults are vaults owned used by a particular user. Private\n"
"vaults are vaults owned the current user. Service vaults are\n"
"vaults owned by a service. Shared vaults are owned by the admin\n"
"but they can be used by other users or services.\n"
msgstr ""

#: ipaserver/plugins/vault.py:70
msgid ""
"\n"
"Based on the security mechanism there are three types of\n"
"vaults:\n"
"* standard vault\n"
"* symmetric vault\n"
"* asymmetric vault\n"
msgstr ""

#: ipaserver/plugins/vault.py:76
msgid ""
"\n"
"Standard vault uses a secure mechanism to transport and\n"
"store the secret. The secret can only be retrieved by users\n"
"that have access to the vault.\n"
msgstr ""

#: ipaserver/plugins/vault.py:80
msgid ""
"\n"
"Symmetric vault is similar to the standard vault, but it\n"
"pre-encrypts the secret using a password before transport.\n"
"The secret can only be retrieved using the same password.\n"
msgstr ""

#: ipaserver/plugins/vault.py:84
msgid ""
"\n"
"Asymmetric vault is similar to the standard vault, but it\n"
"pre-encrypts the secret using a public key before transport.\n"
"The secret can only be retrieved using the private key.\n"
msgstr ""

#: ipaserver/plugins/vault.py:90
msgid ""
"\n"
" List vaults:\n"
"   ipa vault-find\n"
"       [--user <user>|--service <service>|--shared]\n"
msgstr ""

#: ipaserver/plugins/vault.py:94
msgid ""
"\n"
" Add a standard vault:\n"
"   ipa vault-add <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       --type standard\n"
msgstr ""

#: ipaserver/plugins/vault.py:99
msgid ""
"\n"
" Add a symmetric vault:\n"
"   ipa vault-add <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       --type symmetric --password-file password.txt\n"
msgstr ""

#: ipaserver/plugins/vault.py:104
msgid ""
"\n"
" Add an asymmetric vault:\n"
"   ipa vault-add <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       --type asymmetric --public-key-file public.pem\n"
msgstr ""

#: ipaserver/plugins/vault.py:109
msgid ""
"\n"
" Show a vault:\n"
"   ipa vault-show <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
msgstr ""

#: ipaserver/plugins/vault.py:113
msgid ""
"\n"
" Modify vault description:\n"
"   ipa vault-mod <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       --desc <description>\n"
msgstr ""

#: ipaserver/plugins/vault.py:118
msgid ""
"\n"
" Modify vault type:\n"
"   ipa vault-mod <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       --type <type>\n"
"       [old password/private key]\n"
"       [new password/public key]\n"
msgstr ""

#: ipaserver/plugins/vault.py:125
msgid ""
"\n"
" Modify symmetric vault password:\n"
"   ipa vault-mod <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       --change-password\n"
"   ipa vault-mod <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       --old-password <old password>\n"
"       --new-password <new password>\n"
"   ipa vault-mod <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       --old-password-file <old password file>\n"
"       --new-password-file <new password file>\n"
msgstr ""

#: ipaserver/plugins/vault.py:138
msgid ""
"\n"
" Modify asymmetric vault keys:\n"
"   ipa vault-mod <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       --private-key-file <old private key file>\n"
"       --public-key-file <new public key file>\n"
msgstr ""

#: ipaserver/plugins/vault.py:144
msgid ""
"\n"
" Delete a vault:\n"
"   ipa vault-del <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
msgstr ""

#: ipaserver/plugins/vault.py:148
msgid ""
"\n"
" Display vault configuration:\n"
"   ipa vaultconfig-show\n"
msgstr ""

#: ipaserver/plugins/vault.py:151
msgid ""
"\n"
" Archive data into standard vault:\n"
"   ipa vault-archive <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       --in <input file>\n"
msgstr ""

#: ipaserver/plugins/vault.py:156
msgid ""
"\n"
" Archive data into symmetric vault:\n"
"   ipa vault-archive <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       --in <input file>\n"
"       --password-file password.txt\n"
msgstr ""

#: ipaserver/plugins/vault.py:162
msgid ""
"\n"
" Archive data into asymmetric vault:\n"
"   ipa vault-archive <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       --in <input file>\n"
msgstr ""

#: ipaserver/plugins/vault.py:167
msgid ""
"\n"
" Retrieve data from standard vault:\n"
"   ipa vault-retrieve <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       --out <output file>\n"
msgstr ""

#: ipaserver/plugins/vault.py:172
msgid ""
"\n"
" Retrieve data from symmetric vault:\n"
"   ipa vault-retrieve <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       --out <output file>\n"
"       --password-file password.txt\n"
msgstr ""

#: ipaserver/plugins/vault.py:178
msgid ""
"\n"
" Retrieve data from asymmetric vault:\n"
"   ipa vault-retrieve <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       --out <output file> --private-key-file private.pem\n"
msgstr ""

#: ipaserver/plugins/vault.py:183
msgid ""
"\n"
" Add vault owners:\n"
"   ipa vault-add-owner <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       [--users <users>]  [--groups <groups>] [--services <services>]\n"
msgstr ""

#: ipaserver/plugins/vault.py:188
msgid ""
"\n"
" Delete vault owners:\n"
"   ipa vault-remove-owner <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       [--users <users>] [--groups <groups>] [--services <services>]\n"
msgstr ""

#: ipaserver/plugins/vault.py:193
msgid ""
"\n"
" Add vault members:\n"
"   ipa vault-add-member <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       [--users <users>] [--groups <groups>] [--services <services>]\n"
msgstr ""

#: ipaserver/plugins/vault.py:198
msgid ""
"\n"
" Delete vault members:\n"
"   ipa vault-remove-member <name>\n"
"       [--user <user>|--service <service>|--shared]\n"
"       [--users <users>] [--groups <groups>] [--services <services>]\n"
msgstr ""

#: ipaserver/plugins/vault.py:250
msgid ""
"\n"
"    Vault Container object.\n"
"    "
msgstr ""

#: ipaserver/plugins/vault.py:256
msgid "vaultcontainer"
msgstr ""

#: ipaserver/plugins/vault.py:257
msgid "vaultcontainers"
msgstr ""

#: ipaserver/plugins/vault.py:265
msgid "Vault Containers"
msgstr ""

#: ipaserver/plugins/vault.py:266
msgid "Vault Container"
msgstr ""

#: ipaserver/plugins/vault.py:355
msgid "Service, shared and user options cannot be specified simultaneously"
msgstr ""

#: ipaserver/plugins/vault.py:365 ipaserver/plugins/vault.py:695
msgid "Host is not supported"
msgstr ""

#: ipaserver/plugins/vault.py:407 ipaserver/plugins/vault.py:431
#: ipaserver/plugins/vault.py:798 ipaserver/plugins/vault.py:836
#: ipaserver/plugins/vault.py:892 ipaserver/plugins/vault.py:948
#: ipaserver/plugins/vault.py:970 ipaserver/plugins/vault.py:1011
#: ipaserver/plugins/vault.py:1067 ipaserver/plugins/vault.py:1146
msgid "KRA service is not enabled"
msgstr ""

#: ipaserver/plugins/vault.py:422
msgid "Deleted vault container"
msgstr ""

#: ipaserver/plugins/vault.py:447 ipaserver/plugins/vault.py:472
#: ipaserver/plugins/vault.py:1203 ipaserver/plugins/vault.py:1228
#, python-format
msgid "owner %s"
msgstr ""

#: ipaserver/plugins/vault.py:492
msgid ""
"\n"
"    Vault object.\n"
"    "
msgstr ""

#: ipaserver/plugins/vault.py:498
msgid "vault"
msgstr ""

#: ipaserver/plugins/vault.py:499
msgid "vaults"
msgstr ""

#: ipaserver/plugins/vault.py:522
msgid "Vaults"
msgstr ""

#: ipaserver/plugins/vault.py:523
msgid "Vault"
msgstr ""

#: ipaserver/plugins/vault.py:680
msgid "Service, shared, and user options cannot be specified simultaneously"
msgstr ""

#: ipaserver/plugins/vault.py:784
msgid "Add a vault."
msgstr ""

#: ipaserver/plugins/vault.py:790
#, python-format
msgid "Added vault \"%(value)s\""
msgstr ""

#: ipaserver/plugins/vault.py:829
#, python-format
msgid "Deleted vault \"%(value)s\""
msgstr ""

#: ipaserver/plugins/vault.py:881
#, python-format
msgid "%(count)d vault matched"
msgid_plural "%(count)d vaults matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/vault.py:899
msgid ""
"Service(s), shared, and user(s) options cannot be specified simultaneously"
msgstr ""

#: ipaserver/plugins/vault.py:939
#, python-format
msgid "Modified vault \"%(value)s\""
msgstr ""

#: ipaserver/plugins/vault.py:981
msgid "Vault configuration"
msgstr ""

#: ipaserver/plugins/vault.py:990 ipaserver/plugins/config.py:317
msgid "IPA KRA servers"
msgstr ""

#: ipaserver/plugins/vault.py:991
msgid "IPA servers configured as key recovery agents"
msgstr ""

#: ipaserver/plugins/vault.py:1052 ipaserver/plugins/vault.py:1131
msgid "Key wrapping algorithm"
msgstr ""

#: ipaserver/plugins/vault.py:1061
#, python-format
msgid "Archived data into vault \"%(value)s\""
msgstr ""

#: ipaserver/plugins/vault.py:1120
msgid "Retrieve data from a vault."
msgstr ""

#: ipaserver/plugins/vault.py:1140
#, python-format
msgid "Retrieved data from vault \"%(value)s\""
msgstr ""

#: ipaserver/plugins/vault.py:1169
msgid "No archived data."
msgstr ""

#: ipaserver/plugins/vault.py:1262
msgid "Checks if any of the servers has the KRA service enabled"
msgstr ""

#: ipaserver/plugins/baseuser.py:57
msgid ""
"\n"
"Baseuser\n"
"\n"
"This contains common definitions for user/stageuser\n"
msgstr ""

#: ipaserver/plugins/baseuser.py:88
msgid "must be TRUE or FALSE"
msgstr ""

#: ipaserver/plugins/baseuser.py:154
msgid ""
"Object class ipaNTUserAttrs is missing, user entry cannot have SMB "
"attributes."
msgstr ""

#: ipaserver/plugins/baseuser.py:269 ipaserver/plugins/host.py:562
#: ipaserver/plugins/service.py:511
msgid "Principal alias"
msgstr ""

#: ipaserver/plugins/baseuser.py:281
msgid "User password expiration"
msgstr ""

#: ipaserver/plugins/baseuser.py:365 ipaserver/plugins/host.py:581
msgid "SSH public key fingerprint"
msgstr "SSH 공유 키 지문"

#: ipaserver/plugins/baseuser.py:392
msgid "External IdP configuration"
msgstr ""

#: ipaserver/plugins/baseuser.py:396
msgid "External IdP user identifier"
msgstr ""

#: ipaserver/plugins/baseuser.py:397
msgid "A string that identifies the user at external IdP"
msgstr ""

#: ipaserver/plugins/baseuser.py:421 ipaserver/plugins/baseuser.py:887
#: ipaserver/plugins/certmap.py:606 ipaserver/plugins/idviews.py:1061
msgid "Base-64 encoded user certificate"
msgstr ""

#: ipaserver/plugins/baseuser.py:426 ipaserver/plugins/baseuser.py:427
#: ipaserver/plugins/internal.py:722
msgid "Certificate mapping data"
msgstr ""

#: ipaserver/plugins/baseuser.py:432
msgid "SMB logon script path"
msgstr ""

#: ipaserver/plugins/baseuser.py:437
msgid "SMB profile path"
msgstr ""

#: ipaserver/plugins/baseuser.py:442
msgid "SMB Home Directory"
msgstr ""

#: ipaserver/plugins/baseuser.py:447
msgid "SMB Home Directory Drive"
msgstr ""

#: ipaserver/plugins/baseuser.py:471 ipaserver/plugins/baseuser.py:475
#, python-format
msgid "invalid e-mail format: %(email)s"
msgstr ""

#: ipaserver/plugins/baseuser.py:502
#, python-format
msgid "manager %(manager)s not found"
msgstr ""

#: ipaserver/plugins/baseuser.py:598 ipaserver/plugins/host.py:694
#: ipaserver/plugins/stageuser.py:329 ipaserver/plugins/stageuser.py:546
#: ipaserver/plugins/user.py:563
#, python-format
msgid "can be at most %(len)d characters"
msgstr ""

#: ipaserver/plugins/baseuser.py:872 ipaserver/plugins/host.py:529
#: ipaserver/plugins/internal.py:727 ipaserver/plugins/service.py:536
#: ipaserver/plugins/cert.py:425
msgid "Issuer"
msgstr ""

#: ipaserver/plugins/baseuser.py:873
msgid "Issuer of the certificate"
msgstr ""

#: ipaserver/plugins/baseuser.py:879 ipaserver/plugins/host.py:517
#: ipaserver/plugins/internal.py:654 ipaserver/plugins/internal.py:730
#: ipaserver/plugins/service.py:524 ipaserver/plugins/cert.py:365
#: ipaserver/plugins/cert.py:1501
msgid "Subject"
msgstr ""

#: ipaserver/plugins/baseuser.py:880
msgid "Subject of the certificate"
msgstr ""

#: ipaserver/plugins/baseuser.py:925
msgid "cannot have an empty subject"
msgstr ""

#: ipaserver/plugins/baseuser.py:965
msgid "cannot specify both subject/issuer and certificate"
msgstr ""

#: ipaserver/plugins/baseuser.py:969
msgid "cannot specify both subject/issuer and ipacertmapdata"
msgstr ""

#: ipaserver/plugins/baseuser.py:993 ipaserver/plugins/user.py:1329
msgid "Add one or more certificate mappings to the user entry."
msgstr ""

#: ipaserver/plugins/baseuser.py:994
#, python-format
msgid "Added certificate mappings to user \"%(value)s\""
msgstr ""

#: ipaserver/plugins/baseuser.py:1012 ipaserver/plugins/user.py:1334
msgid "Remove one or more certificate mappings from the user entry."
msgstr ""

#: ipaserver/plugins/baseuser.py:1013
#, python-format
msgid "Removed certificate mappings from user \"%(value)s\""
msgstr ""

#: ipaserver/plugins/caacl.py:21
msgid ""
"\n"
"Manage CA ACL rules.\n"
"\n"
"This plugin is used to define rules governing which CAs and profiles\n"
"may be used to issue certificates to particular principals or groups\n"
"of principals.\n"
"\n"
"SUBJECT PRINCIPAL SCOPE:\n"
"\n"
"For a certificate request to be allowed, the principal(s) that are\n"
"the subject of a certificate request (not necessarily the principal\n"
"actually requesting the certificate) must be included in the scope\n"
"of a CA ACL that also includes the target CA and profile.\n"
"\n"
"Users can be included by name, group or the \"all users\" category.\n"
"Hosts can be included by name, hostgroup or the \"all hosts\"\n"
"category.  Services can be included by service name or the \"all\n"
"services\" category.  CA ACLs may be associated with a single type of\n"
"principal, or multiple types.\n"
"\n"
"CERTIFICATE AUTHORITY SCOPE:\n"
"\n"
"A CA ACL can be associated with one or more CAs by name, or by the\n"
"\"all CAs\" category.  For compatibility reasons, a CA ACL with no CA\n"
"association implies an association with the 'ipa' CA (and only this\n"
"CA).\n"
"\n"
"PROFILE SCOPE:\n"
"\n"
"A CA ACL can be associated with one or more profiles by Profile ID.\n"
"The Profile ID is a string without spaces or punctuation starting\n"
"with a letter and followed by a sequence of letters, digits or\n"
"underscore (\"_\").\n"
"\n"
"EXAMPLES:\n"
"\n"
"  Create a CA ACL \"test\" that grants all users access to the\n"
"  \"UserCert\" profile on all CAs:\n"
"    ipa caacl-add test --usercat=all --cacat=all\n"
"    ipa caacl-add-profile test --certprofiles UserCert\n"
"\n"
"  Display the properties of a named CA ACL:\n"
"    ipa caacl-show test\n"
"\n"
"  Create a CA ACL to let user \"alice\" use the \"DNP3\" profile on \"DNP3-"
"CA\":\n"
"    ipa caacl-add alice_dnp3\n"
"    ipa caacl-add-ca alice_dnp3 --cas DNP3-CA\n"
"    ipa caacl-add-profile alice_dnp3 --certprofiles DNP3\n"
"    ipa caacl-add-user alice_dnp3 --user=alice\n"
"\n"
"  Disable a CA ACL:\n"
"    ipa caacl-disable test\n"
"\n"
"  Remove a CA ACL:\n"
"    ipa caacl-del test\n"
msgstr ""

#: ipaserver/plugins/caacl.py:87 ipaserver/plugins/caacl.py:165
#: ipaserver/plugins/caacl.py:263
msgid "CA ACL"
msgstr ""

#: ipaserver/plugins/caacl.py:88 ipaserver/plugins/caacl.py:164
msgid "CA ACLs"
msgstr ""

#: ipaserver/plugins/caacl.py:183
msgid "CA category"
msgstr ""

#: ipaserver/plugins/caacl.py:184
msgid "CA category the ACL applies to"
msgstr ""

#: ipaserver/plugins/caacl.py:212
msgid "CAs"
msgstr ""

#: ipaserver/plugins/caacl.py:246
#, python-format
msgid "Added CA ACL \"%(value)s\""
msgstr ""

#: ipaserver/plugins/caacl.py:258
#, python-format
msgid "Deleted CA ACL \"%(value)s\""
msgstr ""

#: ipaserver/plugins/caacl.py:265
msgid "default CA ACL can be only disabled"
msgstr ""

#: ipaserver/plugins/caacl.py:273
#, python-format
msgid "Modified CA ACL \"%(value)s\""
msgstr ""

#: ipaserver/plugins/caacl.py:285
msgid "CA category cannot be set to 'all' while there are allowed CAs"
msgstr ""

#: ipaserver/plugins/caacl.py:290
msgid ""
"profile category cannot be set to 'all' while there are allowed profiles"
msgstr ""

#: ipaserver/plugins/caacl.py:302 ipaserver/plugins/hbacrule.py:356
msgid ""
"service category cannot be set to 'all' while there are allowed services"
msgstr ""

#: ipaserver/plugins/caacl.py:312
#, python-format
msgid "%(count)d CA ACL matched"
msgid_plural "%(count)d CA ACLs matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/caacl.py:325
#, python-format
msgid "Enabled CA ACL \"%(value)s\""
msgstr ""

#: ipaserver/plugins/caacl.py:354
#, python-format
msgid "Disabled CA ACL \"%(value)s\""
msgstr ""

#: ipaserver/plugins/caacl.py:385
#, python-format
msgid "%i user or group added."
msgstr ""

#: ipaserver/plugins/caacl.py:386
#, python-format
msgid "%i users or groups added."
msgstr ""

#: ipaserver/plugins/caacl.py:397 ipaserver/plugins/hbacrule.py:518
#: ipaserver/plugins/selinuxusermap.py:572 ipaserver/plugins/sudorule.py:607
msgid "users cannot be added when user category='all'"
msgstr ""

#: ipaserver/plugins/caacl.py:407
#, python-format
msgid "%i user or group removed."
msgstr ""

#: ipaserver/plugins/caacl.py:408
#, python-format
msgid "%i users or groups removed."
msgstr ""

#: ipaserver/plugins/caacl.py:417
#, python-format
msgid "%i host or hostgroup added."
msgstr ""

#: ipaserver/plugins/caacl.py:418
#, python-format
msgid "%i hosts or hostgroups added."
msgstr ""

#: ipaserver/plugins/caacl.py:429 ipaserver/plugins/hbacrule.py:549
#: ipaserver/plugins/selinuxusermap.py:605 ipaserver/plugins/sudorule.py:710
msgid "hosts cannot be added when host category='all'"
msgstr ""

#: ipaserver/plugins/caacl.py:439
#, python-format
msgid "%i host or hostgroup removed."
msgstr ""

#: ipaserver/plugins/caacl.py:440
#, python-format
msgid "%i hosts or hostgroups removed."
msgstr ""

#: ipaserver/plugins/caacl.py:448
#, python-format
msgid "%i service added."
msgstr ""

#: ipaserver/plugins/caacl.py:448
#, python-format
msgid "%i services added."
msgstr ""

#: ipaserver/plugins/caacl.py:459 ipaserver/plugins/hbacrule.py:606
msgid "services cannot be added when service category='all'"
msgstr ""

#: ipaserver/plugins/caacl.py:468
#, python-format
msgid "%i service removed."
msgstr ""

#: ipaserver/plugins/caacl.py:468
#, python-format
msgid "%i services removed."
msgstr ""

#: ipaserver/plugins/caacl.py:488
#, python-format
msgid "%i profile added."
msgstr ""

#: ipaserver/plugins/caacl.py:488
#, python-format
msgid "%i profiles added."
msgstr ""

#: ipaserver/plugins/caacl.py:499
msgid "profiles cannot be added when profile category='all'"
msgstr ""

#: ipaserver/plugins/caacl.py:510
#, python-format
msgid "%i profile removed."
msgstr ""

#: ipaserver/plugins/caacl.py:510
#, python-format
msgid "%i profiles removed."
msgstr ""

#: ipaserver/plugins/caacl.py:515
msgid "Add CAs to a CA ACL."
msgstr ""

#: ipaserver/plugins/caacl.py:520
#, python-format
msgid "%i CA added."
msgstr ""

#: ipaserver/plugins/caacl.py:520
#, python-format
msgid "%i CAs added."
msgstr ""

#: ipaserver/plugins/caacl.py:531
msgid "CAs cannot be added when CA category='all'"
msgstr ""

#: ipaserver/plugins/caacl.py:537
msgid "Remove CAs from a CA ACL."
msgstr ""

#: ipaserver/plugins/caacl.py:542
#, python-format
msgid "%i CA removed."
msgstr ""

#: ipaserver/plugins/caacl.py:542
#, python-format
msgid "%i CAs removed."
msgstr ""

#: ipaserver/plugins/certmap.py:50
msgid ""
"\n"
"Certificate Identity Mapping\n"
msgstr ""

#: ipaserver/plugins/certmap.py:52
msgid ""
"\n"
"Manage Certificate Identity Mapping configuration and rules.\n"
msgstr ""

#: ipaserver/plugins/certmap.py:54
msgid ""
"\n"
"IPA supports the use of certificates for authentication. Certificates can\n"
"either be stored in the user entry (full certificate in the usercertificate\n"
"attribute), or simply linked to the user entry through a mapping.\n"
"This code enables the management of the rules allowing to link a\n"
"certificate to a user entry.\n"
msgstr ""

#: ipaserver/plugins/certmap.py:62
msgid ""
"\n"
" Display the Certificate Identity Mapping global configuration:\n"
"   ipa certmapconfig-show\n"
msgstr ""

#: ipaserver/plugins/certmap.py:65
msgid ""
"\n"
" Modify Certificate Identity Mapping global configuration:\n"
"   ipa certmapconfig-mod --promptusername=TRUE\n"
msgstr ""

#: ipaserver/plugins/certmap.py:68
msgid ""
"\n"
" Create a new Certificate Identity Mapping Rule:\n"
"   ipa certmaprule-add rule1 --desc=\"Link certificate with subject and "
"issuer\"\n"
msgstr ""

#: ipaserver/plugins/certmap.py:71
msgid ""
"\n"
" Modify a Certificate Identity Mapping Rule:\n"
"   ipa certmaprule-mod rule1 --maprule=\"<ALT-SEC-ID-I-S:"
"altSecurityIdentities>\"\n"
msgstr ""

#: ipaserver/plugins/certmap.py:74
msgid ""
"\n"
" Disable a Certificate Identity Mapping Rule:\n"
"   ipa certmaprule-disable rule1\n"
msgstr ""

#: ipaserver/plugins/certmap.py:77
msgid ""
"\n"
" Enable a Certificate Identity Mapping Rule:\n"
"   ipa certmaprule-enable rule1\n"
msgstr ""

#: ipaserver/plugins/certmap.py:80
msgid ""
"\n"
" Display information about a Certificate Identity Mapping Rule:\n"
"   ipa certmaprule-show rule1\n"
msgstr ""

#: ipaserver/plugins/certmap.py:83
msgid ""
"\n"
" Find all Certificate Identity Mapping Rules with the specified domain:\n"
"   ipa certmaprule-find --domain example.com\n"
msgstr ""

#: ipaserver/plugins/certmap.py:86
msgid ""
"\n"
" Delete a Certificate Identity Mapping Rule:\n"
"   ipa certmaprule-del rule1\n"
msgstr ""

#: ipaserver/plugins/certmap.py:142
#, python-format
msgid ""
"The domain(s) \"%s\" cannot be used to apply altSecurityIdentities check."
msgstr ""

#: ipaserver/plugins/certmap.py:149
msgid ""
"The mapping rule with altSecurityIdentities should be applied to a trusted "
"Active Directory domain but no domain was associated with the rule."
msgstr ""

#: ipaserver/plugins/certmap.py:176
#, python-format
msgid "The domain %s is neither IPA domain nor a trusteddomain."
msgstr ""

#: ipaserver/plugins/certmap.py:186
msgid "Certificate Identity Mapping configuration options"
msgstr ""

#: ipaserver/plugins/certmap.py:191 ipaserver/plugins/certmap.py:192
msgid "Certificate Identity Mapping Global Configuration"
msgstr ""

#: ipaserver/plugins/certmap.py:198
msgid "Prompt for the username"
msgstr ""

#: ipaserver/plugins/certmap.py:199
msgid ""
"Prompt for the username when multiple identities are mapped to a certificate"
msgstr ""

#: ipaserver/plugins/certmap.py:229
msgid "Modify Certificate Identity Mapping configuration."
msgstr ""

#: ipaserver/plugins/certmap.py:234
msgid "Show the current Certificate Identity Mapping configuration."
msgstr ""

#: ipaserver/plugins/certmap.py:243 ipaserver/plugins/certmap.py:247
msgid "Certificate Identity Mapping Rules"
msgstr ""

#: ipaserver/plugins/certmap.py:244 ipaserver/plugins/certmap.py:246
msgid "Certificate Identity Mapping Rule"
msgstr ""

#: ipaserver/plugins/certmap.py:274
msgid "Certificate Identity Mapping Rule name"
msgstr ""

#: ipaserver/plugins/certmap.py:280
msgid "Certificate Identity Mapping Rule description"
msgstr ""

#: ipaserver/plugins/certmap.py:285
msgid "Mapping rule"
msgstr ""

#: ipaserver/plugins/certmap.py:286
msgid "Rule used to map the certificate with a user entry"
msgstr ""

#: ipaserver/plugins/certmap.py:291
msgid "Matching rule"
msgstr ""

#: ipaserver/plugins/certmap.py:292
msgid "Rule used to check if a certificate can be used for authentication"
msgstr ""

#: ipaserver/plugins/certmap.py:299
msgid "Domain where the user entry will be searched"
msgstr ""

#: ipaserver/plugins/certmap.py:305
msgid "Priority of the rule (higher number means lower priority"
msgstr ""

#: ipaserver/plugins/certmap.py:356
msgid "Create a new Certificate Identity Mapping Rule."
msgstr ""

#: ipaserver/plugins/certmap.py:358
#, python-format
msgid "Added Certificate Identity Mapping Rule \"%(value)s\""
msgstr ""

#: ipaserver/plugins/certmap.py:369
msgid "Modify a Certificate Identity Mapping Rule."
msgstr ""

#: ipaserver/plugins/certmap.py:371
#, python-format
msgid "Modified Certificate Identity Mapping Rule \"%(value)s\""
msgstr ""

#: ipaserver/plugins/certmap.py:392
msgid "Search for Certificate Identity Mapping Rules."
msgstr ""

#: ipaserver/plugins/certmap.py:395
#, python-format
msgid "%(count)d Certificate Identity Mapping Rule matched"
msgid_plural "%(count)d Certificate Identity Mapping Rules matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/certmap.py:402
msgid "Display information about a Certificate Identity Mapping Rule."
msgstr ""

#: ipaserver/plugins/certmap.py:408
msgid "Delete a Certificate Identity Mapping Rule."
msgstr ""

#: ipaserver/plugins/certmap.py:410
#, python-format
msgid "Deleted Certificate Identity Mapping Rule \"%(value)s\""
msgstr ""

#: ipaserver/plugins/certmap.py:415
msgid "Enable a Certificate Identity Mapping Rule."
msgstr ""

#: ipaserver/plugins/certmap.py:417
#, python-format
msgid "Enabled Certificate Identity Mapping Rule \"%(value)s\""
msgstr ""

#: ipaserver/plugins/certmap.py:444
msgid "Disable a Certificate Identity Mapping Rule."
msgstr ""

#: ipaserver/plugins/certmap.py:446
#, python-format
msgid "Disabled Certificate Identity Mapping Rule \"%(value)s\""
msgstr ""

#: ipaserver/plugins/certmap.py:500
msgid "Failed to connect to sssd over SystemBus. See details in the error_log"
msgstr ""

#: ipaserver/plugins/certmap.py:554
msgid "Failed to find users over SystemBus.  See details in the error_log"
msgstr ""

#: ipaserver/plugins/certmap.py:571
msgid "User logins"
msgstr ""

#: ipaserver/plugins/certmap.py:579
msgid ""
"\n"
"    Search for users matching the provided certificate.\n"
"\n"
"    This command relies on SSSD to retrieve the list of matching users and\n"
"    may return cached data. For more information on purging SSSD cache,\n"
"    please refer to sss_cache documentation.\n"
"    "
msgstr ""

#: ipaserver/plugins/certmap.py:587
#, python-format
msgid "%(count)s user matched"
msgid_plural "%(count)s users matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/config.py:50
msgid ""
"\n"
"Server configuration\n"
"\n"
"Manage the default values that IPA uses and some of its tuning parameters.\n"
"\n"
"NOTES:\n"
"\n"
"The password notification value (--pwdexpnotify) is stored here so it will\n"
"be replicated. It is not currently used to notify users in advance of an\n"
"expiring password.\n"
"\n"
"Some attributes are read-only, provided only for information purposes. "
"These\n"
"include:\n"
"\n"
"Certificate Subject base: the configured certificate subject base,\n"
"  e.g. O=EXAMPLE.COM.  This is configurable only at install time.\n"
"Password plug-in features: currently defines additional hashes that the\n"
"  password will generate (there may be other conditions).\n"
"\n"
"When setting the order list for mapping SELinux users you may need to\n"
"quote the value so it isn't interpreted by the shell.\n"
"\n"
"The maximum length of a hostname in Linux is controlled by\n"
"MAXHOSTNAMELEN in the kernel and defaults to 64. Some other operating\n"
"systems, Solaris for example, allows hostnames up to 255 characters.\n"
"This option will allow flexibility in length but by default limiting\n"
"to the Linux maximum length.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Show basic server configuration:\n"
"   ipa config-show\n"
"\n"
" Show all configuration options:\n"
"   ipa config-show --all\n"
"\n"
" Change maximum username length to 99 characters:\n"
"   ipa config-mod --maxusername=99\n"
"\n"
" Change maximum host name length to 255 characters:\n"
"   ipa config-mod --maxhostname=255\n"
"\n"
" Increase default time and size limits for maximum IPA server search:\n"
"   ipa config-mod --searchtimelimit=10 --searchrecordslimit=2000\n"
"\n"
" Set default user e-mail domain:\n"
"   ipa config-mod --emaildomain=example.com\n"
"\n"
" Enable migration mode to make \"ipa migrate-ds\" command operational:\n"
"   ipa config-mod --enable-migration=TRUE\n"
"\n"
" Define SELinux user map order:\n"
"   ipa config-mod --ipaselinuxusermaporder='guest_u:s0$xguest_u:s0$user_u:s0-"
"s0:c0.c1023$staff_u:s0-s0:c0.c1023$unconfined_u:s0-s0:c0.c1023'\n"
msgstr ""

#: ipaserver/plugins/config.py:116
msgid "must be at least 10"
msgstr ""

#: ipaserver/plugins/config.py:124
msgid "configuration options"
msgstr ""

#: ipaserver/plugins/config.py:160 ipaserver/plugins/config.py:161
msgid "Configuration"
msgstr ""

#: ipaserver/plugins/config.py:172
msgid "Maximum hostname length"
msgstr ""

#: ipaserver/plugins/config.py:276 ipaserver/plugins/config.py:277
msgid "Enable adding subids to new users"
msgstr ""

#: ipaserver/plugins/config.py:281
msgid "IPA masters"
msgstr ""

#: ipaserver/plugins/config.py:282
msgid "List of all IPA masters"
msgstr ""

#: ipaserver/plugins/config.py:287
msgid "Hidden IPA masters"
msgstr ""

#: ipaserver/plugins/config.py:288
msgid "List of all hidden IPA masters"
msgstr ""

#: ipaserver/plugins/config.py:293
msgid "IPA master capable of PKINIT"
msgstr ""

#: ipaserver/plugins/config.py:294
msgid "IPA master which can process PKINIT requests"
msgstr ""

#: ipaserver/plugins/config.py:299
msgid "IPA CA servers"
msgstr ""

#: ipaserver/plugins/config.py:300
msgid "IPA servers configured as certificate authority"
msgstr ""

#: ipaserver/plugins/config.py:305
msgid "Hidden IPA CA servers"
msgstr ""

#: ipaserver/plugins/config.py:306
msgid "Hidden IPA servers configured as certificate authority"
msgstr ""

#: ipaserver/plugins/config.py:311
msgid "IPA CA renewal master"
msgstr ""

#: ipaserver/plugins/config.py:312
msgid "Renewal master for IPA certificate authority"
msgstr ""

#: ipaserver/plugins/config.py:318
msgid "IPA servers configured as key recovery agent"
msgstr ""

#: ipaserver/plugins/config.py:323
msgid "Hidden IPA KRA servers"
msgstr ""

#: ipaserver/plugins/config.py:324
msgid "Hidden IPA servers configured as key recovery agent"
msgstr ""

#: ipaserver/plugins/config.py:330 ipaserver/plugins/idviews.py:159
msgid "Domain resolution order"
msgstr ""

#: ipaserver/plugins/config.py:331 ipaserver/plugins/idviews.py:160
msgid "colon-separated list of domains used for short name qualification"
msgstr ""

#: ipaserver/plugins/config.py:336 ipaserver/plugins/dns.py:4147
msgid "IPA DNS servers"
msgstr ""

#: ipaserver/plugins/config.py:337
msgid "IPA servers configured as domain name server"
msgstr ""

#: ipaserver/plugins/config.py:342
msgid "Hidden IPA DNS servers"
msgstr ""

#: ipaserver/plugins/config.py:343
msgid "Hidden IPA servers configured as domain name server"
msgstr ""

#: ipaserver/plugins/config.py:348 ipaserver/plugins/dns.py:4153
msgid "IPA DNSSec key master"
msgstr ""

#: ipaserver/plugins/config.py:349
msgid "DNSec key master"
msgstr ""

#: ipaserver/plugins/config.py:354
msgid "Setup SID configuration"
msgstr ""

#: ipaserver/plugins/config.py:355
msgid "New users and groups automatically get a SID assigned"
msgstr ""

#: ipaserver/plugins/config.py:360
msgid "Add SIDs"
msgstr ""

#: ipaserver/plugins/config.py:361
msgid "Add SIDs for existing users and groups"
msgstr ""

#: ipaserver/plugins/config.py:366 ipaserver/plugins/config.py:367
msgid "NetBIOS name of the IPA domain"
msgstr ""

#: ipaserver/plugins/config.py:444
msgid "Empty domain is not allowed"
msgstr ""

#: ipaserver/plugins/config.py:452
#, python-format
msgid "Invalid domain name '%(domain)s': %(e)s"
msgstr ""

#: ipaserver/plugins/config.py:457
#, python-format
msgid "Server has no information about domain '%(domain)s'"
msgstr ""

#: ipaserver/plugins/config.py:464
#, python-format
msgid "Disabled domain '%(domain)s' is not allowed"
msgstr ""

#: ipaserver/plugins/config.py:514
msgid "not allowed to enable SID generation"
msgstr ""

#: ipaserver/plugins/config.py:522
msgid ""
"Up to 15 characters and only uppercase ASCII letters, digits and dashes are "
"allowed. Empty string is not allowed."
msgstr ""

#: ipaserver/plugins/config.py:550
msgid "Failed to call DBus"
msgstr ""

#: ipaserver/plugins/config.py:560
msgid "Configuration of SID failed. See details in the error log"
msgstr ""

#: ipaserver/plugins/config.py:570
msgid "The group doesn't exist"
msgstr ""

#: ipaserver/plugins/config.py:588
#, python-format
msgid "attribute \"%s\" not allowed"
msgstr ""

#: ipaserver/plugins/config.py:608
msgid "May not be empty"
msgstr ""

#: ipaserver/plugins/config.py:627
#, python-format
msgid "%(obj)s default attribute %(attr)s would not be allowed!"
msgstr ""

#: ipaserver/plugins/config.py:659
msgid "A list of SELinux users delimited by $ expected"
msgstr ""

#: ipaserver/plugins/config.py:663
#, python-format
msgid "SELinux user '%(user)s' is not valid: %(error)s"
msgstr ""

#: ipaserver/plugins/config.py:675
msgid "SELinux user map default user not in order list"
msgstr ""

#: ipaserver/plugins/config.py:694
#, python-format
msgid "You cannot specify %s without the --enable-sid option"
msgstr ""

#: ipaserver/plugins/dns.py:100
msgid ""
"\n"
"Domain Name System (DNS)\n"
msgstr ""

#: ipaserver/plugins/dns.py:102
msgid ""
"\n"
"Manage DNS zone and resource records.\n"
msgstr ""

#: ipaserver/plugins/dns.py:104
msgid ""
"\n"
"SUPPORTED ZONE TYPES\n"
"\n"
" * Master zone (dnszone-*), contains authoritative data.\n"
" * Forward zone (dnsforwardzone-*), forwards queries to configured "
"forwarders\n"
" (a set of DNS servers).\n"
msgstr ""

#: ipaserver/plugins/dns.py:110
msgid ""
"\n"
"USING STRUCTURED PER-TYPE OPTIONS\n"
msgstr ""

#: ipaserver/plugins/dns.py:112
msgid ""
"\n"
"There are many structured DNS RR types where DNS data stored in LDAP server\n"
"is not just a scalar value, for example an IP address or a domain name, but\n"
"a data structure which may be often complex. A good example is a LOC record\n"
"[RFC1876] which consists of many mandatory and optional parts (degrees,\n"
"minutes, seconds of latitude and longitude, altitude or precision).\n"
msgstr ""

#: ipaserver/plugins/dns.py:118
msgid ""
"\n"
"It may be difficult to manipulate such DNS records without making a mistake\n"
"and entering an invalid value. DNS module provides an abstraction over "
"these\n"
"raw records and allows to manipulate each RR type with specific options. "
"For\n"
"each supported RR type, DNS module provides a standard option to manipulate\n"
"a raw records with format --<rrtype>-rec, e.g. --mx-rec, and special "
"options\n"
"for every part of the RR structure with format --<rrtype>-<partname>, e.g.\n"
"--mx-preference and --mx-exchanger.\n"
msgstr ""

#: ipaserver/plugins/dns.py:126
msgid ""
"\n"
"When adding a record, either RR specific options or standard option for a "
"raw\n"
"value can be used, they just should not be combined in one add operation. "
"When\n"
"modifying an existing entry, new RR specific options can be used to change\n"
"one part of a DNS record, where the standard option for raw value is used\n"
"to specify the modified value. The following example demonstrates\n"
"a modification of MX record preference from 0 to 1 in a record without\n"
"modifying the exchanger:\n"
"ipa dnsrecord-mod --mx-rec=\"0 mx.example.com.\" --mx-preference=1\n"
msgstr ""

#: ipaserver/plugins/dns.py:135
msgid ""
"\n"
"\n"
"EXAMPLES:\n"
msgstr ""

#: ipaserver/plugins/dns.py:138
msgid ""
"\n"
" Add new zone:\n"
"   ipa dnszone-add example.com --admin-email=admin@example.com\n"
msgstr ""

#: ipaserver/plugins/dns.py:141
msgid ""
"\n"
" Add system permission that can be used for per-zone privilege delegation:\n"
"   ipa dnszone-add-permission example.com\n"
msgstr ""

#: ipaserver/plugins/dns.py:144
msgid ""
"\n"
" Modify the zone to allow dynamic updates for hosts own records in realm "
"EXAMPLE.COM:\n"
"   ipa dnszone-mod example.com --dynamic-update=TRUE\n"
msgstr ""

#: ipaserver/plugins/dns.py:147
msgid ""
"\n"
"   This is the equivalent of:\n"
"     ipa dnszone-mod example.com --dynamic-update=TRUE \\\n"
"      --update-policy=\"grant EXAMPLE.COM krb5-self * A; grant EXAMPLE.COM "
"krb5-self * AAAA; grant EXAMPLE.COM krb5-self * SSHFP;\"\n"
msgstr ""

#: ipaserver/plugins/dns.py:151
msgid ""
"\n"
" Modify the zone to allow zone transfers for local network only:\n"
"   ipa dnszone-mod example.com --allow-transfer=192.0.2.0/24\n"
msgstr ""

#: ipaserver/plugins/dns.py:154
msgid ""
"\n"
" Add new reverse zone specified by network IP address:\n"
"   ipa dnszone-add --name-from-ip=192.0.2.0/24\n"
msgstr ""

#: ipaserver/plugins/dns.py:157
msgid ""
"\n"
" Add second nameserver for example.com:\n"
"   ipa dnsrecord-add example.com @ --ns-rec=nameserver2.example.com\n"
msgstr ""

#: ipaserver/plugins/dns.py:160
msgid ""
"\n"
" Add a mail server for example.com:\n"
"   ipa dnsrecord-add example.com @ --mx-rec=\"10 mail1\"\n"
msgstr ""

#: ipaserver/plugins/dns.py:163
msgid ""
"\n"
" Add another record using MX record specific options:\n"
"  ipa dnsrecord-add example.com @ --mx-preference=20 --mx-exchanger=mail2\n"
msgstr ""

#: ipaserver/plugins/dns.py:166
msgid ""
"\n"
" Add another record using interactive mode (started when dnsrecord-add, "
"dnsrecord-mod,\n"
" or dnsrecord-del are executed with no options):\n"
"  ipa dnsrecord-add example.com @\n"
"  Please choose a type of DNS resource record to be added\n"
"  The most common types for this type of zone are: NS, MX, LOC\n"
"\n"
"  DNS resource record type: MX\n"
"  MX Preference: 30\n"
"  MX Exchanger: mail3\n"
"    Record name: example.com\n"
"    MX record: 10 mail1, 20 mail2, 30 mail3\n"
"    NS record: nameserver.example.com., nameserver2.example.com.\n"
msgstr ""

#: ipaserver/plugins/dns.py:179
msgid ""
"\n"
" Delete previously added nameserver from example.com:\n"
"   ipa dnsrecord-del example.com @ --ns-rec=nameserver2.example.com.\n"
msgstr ""

#: ipaserver/plugins/dns.py:182
msgid ""
"\n"
" Add LOC record for example.com:\n"
"   ipa dnsrecord-add example.com @ --loc-rec=\"49 11 42.4 N 16 36 29.6 E "
"227.64m\"\n"
msgstr ""

#: ipaserver/plugins/dns.py:185
msgid ""
"\n"
" Add new A record for www.example.com. Create a reverse record in "
"appropriate\n"
" reverse zone as well. In this case a PTR record \"2\" pointing to www."
"example.com\n"
" will be created in zone 2.0.192.in-addr.arpa.\n"
"   ipa dnsrecord-add example.com www --a-rec=192.0.2.2 --a-create-reverse\n"
msgstr ""

#: ipaserver/plugins/dns.py:190
msgid ""
"\n"
" Add new PTR record for www.example.com\n"
"   ipa dnsrecord-add 2.0.192.in-addr.arpa. 2 --ptr-rec=www.example.com.\n"
msgstr ""

#: ipaserver/plugins/dns.py:193
msgid ""
"\n"
" Add new SRV records for LDAP servers. Three quarters of the requests\n"
" should go to fast.example.com, one quarter to slow.example.com. If neither\n"
" is available, switch to backup.example.com.\n"
"   ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"0 3 389 fast.example."
"com\"\n"
"   ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"0 1 389 slow.example."
"com\"\n"
"   ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"1 1 389 backup."
"example.com\"\n"
msgstr ""

#: ipaserver/plugins/dns.py:200
msgid ""
"\n"
" The interactive mode can be used for easy modification:\n"
"  ipa dnsrecord-mod example.com _ldap._tcp\n"
"  No option to modify specific record provided.\n"
"  Current DNS record contents:\n"
"\n"
"  SRV record: 0 3 389 fast.example.com, 0 1 389 slow.example.com, 1 1 389 "
"backup.example.com\n"
"\n"
"  Modify SRV record '0 3 389 fast.example.com'? Yes/No (default No):\n"
"  Modify SRV record '0 1 389 slow.example.com'? Yes/No (default No): y\n"
"  SRV Priority [0]:                     (keep the default value)\n"
"  SRV Weight [1]: 2                     (modified value)\n"
"  SRV Port [389]:                       (keep the default value)\n"
"  SRV Target [slow.example.com]:        (keep the default value)\n"
"  1 SRV record skipped. Only one value per DNS record type can be modified "
"at one time.\n"
"    Record name: _ldap._tcp\n"
"    SRV record: 0 3 389 fast.example.com, 1 1 389 backup.example.com, 0 2 "
"389 slow.example.com\n"
msgstr ""

#: ipaserver/plugins/dns.py:217
msgid ""
"\n"
" After this modification, three fifths of the requests should go to\n"
" fast.example.com and two fifths to slow.example.com.\n"
msgstr ""

#: ipaserver/plugins/dns.py:220
msgid ""
"\n"
" An example of the interactive mode for dnsrecord-del command:\n"
"   ipa dnsrecord-del example.com www\n"
"   No option to delete specific record provided.\n"
"   Delete all? Yes/No (default No):     (do not delete all records)\n"
"   Current DNS record contents:\n"
"\n"
"   A record: 192.0.2.2, 192.0.2.3\n"
"\n"
"   Delete A record '192.0.2.2'? Yes/No (default No):\n"
"   Delete A record '192.0.2.3'? Yes/No (default No): y\n"
"     Record name: www\n"
"     A record: 192.0.2.2               (A record 192.0.2.3 has been "
"deleted)\n"
msgstr ""

#: ipaserver/plugins/dns.py:233
msgid ""
"\n"
" Show zone example.com:\n"
"   ipa dnszone-show example.com\n"
msgstr ""

#: ipaserver/plugins/dns.py:236
msgid ""
"\n"
" Find zone with \"example\" in its domain name:\n"
"   ipa dnszone-find example\n"
msgstr ""

#: ipaserver/plugins/dns.py:239
msgid ""
"\n"
" Find records for resources with \"www\" in their name in zone example.com:\n"
"   ipa dnsrecord-find example.com www\n"
msgstr ""

#: ipaserver/plugins/dns.py:242
msgid ""
"\n"
" Find A records with value 192.0.2.2 in zone example.com\n"
"   ipa dnsrecord-find example.com --a-rec=192.0.2.2\n"
msgstr ""

#: ipaserver/plugins/dns.py:245
msgid ""
"\n"
" Show records for resource www in zone example.com\n"
"   ipa dnsrecord-show example.com www\n"
msgstr ""

#: ipaserver/plugins/dns.py:248
msgid ""
"\n"
" Delegate zone sub.example to another nameserver:\n"
"   ipa dnsrecord-add example.com ns.sub --a-rec=203.0.113.1\n"
"   ipa dnsrecord-add example.com sub --ns-rec=ns.sub.example.com.\n"
msgstr ""

#: ipaserver/plugins/dns.py:252
msgid ""
"\n"
" Delete zone example.com with all resource records:\n"
"   ipa dnszone-del example.com\n"
msgstr ""

#: ipaserver/plugins/dns.py:255
msgid ""
"\n"
" If a global forwarder is configured, all queries for which this server is "
"not\n"
" authoritative (e.g. sub.example.com) will be routed to the global "
"forwarder.\n"
" Global forwarding configuration can be overridden per-zone.\n"
msgstr ""

#: ipaserver/plugins/dns.py:259
msgid ""
"\n"
" Semantics of forwarding in IPA matches BIND semantics and depends on the "
"type\n"
" of zone:\n"
"   * Master zone: local BIND replies authoritatively to queries for data in\n"
"   the given zone (including authoritative NXDOMAIN answers) and forwarding\n"
"   affects only queries for names below zone cuts (NS records) of locally\n"
"   served zones.\n"
"\n"
"   * Forward zone: forward zone contains no authoritative data. BIND "
"forwards\n"
"   queries, which cannot be answered from its local cache, to configured\n"
"   forwarders.\n"
msgstr ""

#: ipaserver/plugins/dns.py:270
msgid ""
"\n"
" Semantics of the --forward-policy option:\n"
"   * none - disable forwarding for the given zone.\n"
"   * first - forward all queries to configured forwarders. If they fail,\n"
"   do resolution using DNS root servers.\n"
"   * only - forward all queries to configured forwarders and if they fail,\n"
"   return failure.\n"
msgstr ""

#: ipaserver/plugins/dns.py:277
msgid ""
"\n"
" Disable global forwarding for given sub-tree:\n"
"   ipa dnszone-mod example.com --forward-policy=none\n"
msgstr ""

#: ipaserver/plugins/dns.py:280
msgid ""
"\n"
" This configuration forwards all queries for names outside the example.com\n"
" sub-tree to global forwarders. Normal recursive resolution process is used\n"
" for names inside the example.com sub-tree (i.e. NS records are followed "
"etc.).\n"
msgstr ""

#: ipaserver/plugins/dns.py:284
msgid ""
"\n"
" Forward all requests for the zone external.example.com to another "
"forwarder\n"
" using a \"first\" policy (it will send the queries to the selected "
"forwarder\n"
" and if not answered it will use global root servers):\n"
"   ipa dnsforwardzone-add external.example.com --forward-policy=first \\\n"
"                               --forwarder=203.0.113.1\n"
msgstr ""

#: ipaserver/plugins/dns.py:290
msgid ""
"\n"
" Change forward-policy for external.example.com:\n"
"   ipa dnsforwardzone-mod external.example.com --forward-policy=only\n"
msgstr ""

#: ipaserver/plugins/dns.py:293
msgid ""
"\n"
" Show forward zone external.example.com:\n"
"   ipa dnsforwardzone-show external.example.com\n"
msgstr ""

#: ipaserver/plugins/dns.py:296
msgid ""
"\n"
" List all forward zones:\n"
"   ipa dnsforwardzone-find\n"
msgstr ""

#: ipaserver/plugins/dns.py:299
msgid ""
"\n"
" Delete forward zone external.example.com:\n"
"   ipa dnsforwardzone-del external.example.com\n"
msgstr ""

#: ipaserver/plugins/dns.py:302
msgid ""
"\n"
" Resolve a host name to see if it exists (will add default IPA domain\n"
" if one is not included):\n"
"   ipa dns-resolve www.example.com\n"
"   ipa dns-resolve www\n"
msgstr ""

#: ipaserver/plugins/dns.py:307
msgid ""
"\n"
"\n"
"GLOBAL DNS CONFIGURATION\n"
msgstr ""

#: ipaserver/plugins/dns.py:310
msgid ""
"\n"
"DNS configuration passed to command line install script is stored in a "
"local\n"
"configuration file on each IPA server where DNS service is configured. "
"These\n"
"local settings can be overridden with a common configuration stored in LDAP\n"
"server:\n"
msgstr ""

#: ipaserver/plugins/dns.py:315
msgid ""
"\n"
" Show global DNS configuration:\n"
"   ipa dnsconfig-show\n"
msgstr ""

#: ipaserver/plugins/dns.py:318
msgid ""
"\n"
" Modify global DNS configuration and set a list of global forwarders:\n"
"   ipa dnsconfig-mod --forwarder=203.0.113.113\n"
msgstr ""

#: ipaserver/plugins/dns.py:406
msgid "invalid IP network format"
msgstr ""

#: ipaserver/plugins/dns.py:415
msgid "each ACL element must be terminated with a semicolon"
msgstr ""

#: ipaserver/plugins/dns.py:431
msgid "invalid address format"
msgstr ""

#: ipaserver/plugins/dns.py:475
msgid ""
"expected format: <0-255> <0-255> <0-65535> even-"
"length_hexadecimal_digits_or_hyphen"
msgstr ""

#: ipaserver/plugins/dns.py:484
msgid "algorithm value: allowed interval 0-255"
msgstr ""

#: ipaserver/plugins/dns.py:487
msgid "flags value: allowed interval 0-255"
msgstr ""

#: ipaserver/plugins/dns.py:490
msgid "iterations value: allowed interval 0-65535"
msgstr ""

#: ipaserver/plugins/dns.py:498
#, python-format
msgid "salt value: %(err)s"
msgstr ""

#: ipaserver/plugins/dns.py:505
msgid "invalid domain-name: not fully qualified"
msgstr ""

#: ipaserver/plugins/dns.py:514
msgid "should not be a wildcard domain name (RFC 4592 section 4)"
msgstr ""

#: ipaserver/plugins/dns.py:555
#, python-format
msgid ""
"All nameservers failed to answer the query for DNS reverse zone %(revdns)s"
msgstr ""

#: ipaserver/plugins/dns.py:561
#, python-format
msgid ""
"No answers could be found in the specified lifetime for DNS reverse zone "
"%(revdns)s"
msgstr ""

#: ipaserver/plugins/dns.py:571
#, python-format
msgid ""
"DNS reverse zone %(revzone)s for IP address %(addr)s is not managed by this "
"server"
msgstr ""

#: ipaserver/plugins/dns.py:588
#, python-format
msgid "DNS zone %(zone)s not found"
msgstr ""

#: ipaserver/plugins/dns.py:603
#, python-format
msgid "IP address %(ip)s is already assigned in domain %(domain)s."
msgstr ""

#: ipaserver/plugins/dns.py:613
#, python-format
msgid ""
"Reverse record for IP address %(ip)s already exists in reverse zone %(zone)s."
msgstr ""

#: ipaserver/plugins/dns.py:688
#, python-format
msgid "%s record"
msgstr ""

#: ipaserver/plugins/dns.py:690
#, python-format
msgid "Raw %s records"
msgstr ""

#: ipaserver/plugins/dns.py:691
#, python-format
msgid "%s Record"
msgstr ""

#: ipaserver/plugins/dns.py:692
#, python-format
msgid "(see RFC %s for details)"
msgstr ""

#: ipaserver/plugins/dns.py:754
#, python-format
msgid "'%s' is a required part of DNS record"
msgstr ""

#: ipaserver/plugins/dns.py:761
msgid "Invalid number of parts!"
msgstr ""

#: ipaserver/plugins/dns.py:813
#, python-format
msgid "DNS RR type \"%s\" is not supported by bind-dyndb-ldap plugin"
msgstr ""

#: ipaserver/plugins/dns.py:829
#, python-format
msgid "format must be specified as \"%(format)s\" %(rfcs)s"
msgstr ""

#: ipaserver/plugins/dns.py:904
msgid "Create reverse"
msgstr ""

#: ipaserver/plugins/dns.py:940
#, python-format
msgid "Cannot create reverse record for \"%(value)s\": %(exc)s"
msgstr ""

#: ipaserver/plugins/dns.py:1115 ipaserver/plugins/dns.py:1272
msgid "Exchanger"
msgstr ""

#: ipaserver/plugins/dns.py:1190
msgid ""
"format must be specified as\n"
"    \"d1 [m1 [s1]] {\"N\"|\"S\"}  d2 [m2 [s2]] {\"E\"|\"W\"} alt[\"m\"] "
"[siz[\"m\"] [hp[\"m\"] [vp[\"m\"]]]]\"\n"
"    where:\n"
"       d1:     [0 .. 90]            (degrees latitude)\n"
"       d2:     [0 .. 180]           (degrees longitude)\n"
"       m1, m2: [0 .. 59]            (minutes latitude/longitude)\n"
"       s1, s2: [0 .. 59.999]        (seconds latitude/longitude)\n"
"       alt:    [-100000.00 .. 42849672.95] BY .01 (altitude in meters)\n"
"       siz, hp, vp: [0 .. 90000000.00] (size/precision in meters)\n"
"    See RFC 1876 for details"
msgstr ""

#: ipaserver/plugins/dns.py:1244
#, python-format
msgid "'%(required)s' must not be empty when '%(name)s' is set"
msgstr ""

#: ipaserver/plugins/dns.py:1299
msgid "flags must be one of \"S\", \"A\", \"U\", or \"P\""
msgstr ""

#: ipaserver/plugins/dns.py:1360 ipaserver/plugins/dns.py:1490
msgid "Priority (order)"
msgstr ""

#: ipaserver/plugins/dns.py:1361
msgid ""
"Lower number means higher priority. Clients will attempt to contact the "
"server with the lowest-numbered priority they can reach."
msgstr ""

#: ipaserver/plugins/dns.py:1369 ipaserver/plugins/dns.py:1499
msgid "Relative weight for entries with the same priority."
msgstr ""

#: ipaserver/plugins/dns.py:1389
msgid "the value does not follow \"YYYYMMDDHHMMSS\" time format"
msgstr ""

#: ipaserver/plugins/dns.py:1491
msgid ""
"Lower number means higher priority. Clients will attempt to contact the URI "
"with the lowest-numbered priority they can reach."
msgstr ""

#: ipaserver/plugins/dns.py:1504
msgid "Target Uniform Resource Identifier"
msgstr ""

#: ipaserver/plugins/dns.py:1505
msgid "Target Uniform Resource Identifier according to RFC 3986"
msgstr ""

#: ipaserver/plugins/dns.py:1587
#, python-format
msgid "Nameserver '%(host)s' does not have a corresponding A/AAAA record"
msgstr ""

#: ipaserver/plugins/dns.py:2056
msgid "Managedby permission"
msgstr ""

#: ipaserver/plugins/dns.py:2157
msgid "cannot be used when a zone is specified"
msgstr ""

#: ipaserver/plugins/dns.py:2169
msgid "Only one zone type is allowed per zone name"
msgstr ""

#: ipaserver/plugins/dns.py:2312
#, python-format
msgid "Added system permission \"%(value)s\""
msgstr ""

#: ipaserver/plugins/dns.py:2342
#, python-format
msgid "permission \"%(value)s\" already exists"
msgstr ""

#: ipaserver/plugins/dns.py:2370
#, python-format
msgid "Removed system permission \"%(value)s\""
msgstr ""

#: ipaserver/plugins/dns.py:2406
msgid "DNS zone"
msgstr ""

#: ipaserver/plugins/dns.py:2407
msgid "DNS zones"
msgstr ""

#: ipaserver/plugins/dns.py:2415
msgid "DNS Zones"
msgstr ""

#: ipaserver/plugins/dns.py:2416
msgid "DNS Zone"
msgstr ""

#: ipaserver/plugins/dns.py:2490
msgid "Default time to live"
msgstr ""

#: ipaserver/plugins/dns.py:2491
msgid "Time to live for records without explicit TTL definition"
msgstr ""

#: ipaserver/plugins/dns.py:2706
msgid "setting Authoritative nameserver"
msgstr ""

#: ipaserver/plugins/dns.py:2707
msgid "It is used only for setting the SOA MNAME attribute."
msgstr ""

#: ipaserver/plugins/dns.py:2709
msgid "NS record(s) can be edited in zone apex - '@'. "
msgstr ""

#: ipaserver/plugins/dns.py:2744
msgid "<all IPA DNS servers>"
msgstr ""

#: ipaserver/plugins/dns.py:2808
msgid "Nameserver for reverse zone cannot be a relative DNS name"
msgstr ""

#: ipaserver/plugins/dns.py:2863
#, python-format
msgid "Deleted DNS zone \"%(value)s\""
msgstr ""

#: ipaserver/plugins/dns.py:2926
msgid "is required"
msgstr ""

#: ipaserver/plugins/dns.py:3008
#, python-format
msgid "Disabled DNS zone \"%(value)s\""
msgstr ""

#: ipaserver/plugins/dns.py:3019
#, python-format
msgid "Enabled DNS zone \"%(value)s\""
msgstr ""

#: ipaserver/plugins/dns.py:3044
msgid "DNS resource record"
msgstr ""

#: ipaserver/plugins/dns.py:3045
msgid "DNS resource records"
msgstr ""

#: ipaserver/plugins/dns.py:3052
msgid "DNS Resource Records"
msgstr ""

#: ipaserver/plugins/dns.py:3053
msgid "DNS Resource Record"
msgstr ""

#: ipaserver/plugins/dns.py:3088
msgid "DS record must not be in zone apex (RFC 4035 section 2.4)"
msgstr ""

#: ipaserver/plugins/dns.py:3105
msgid ""
"out-of-zone data: record name must be a subdomain of the zone or a relative "
"name"
msgstr ""

#: ipaserver/plugins/dns.py:3116
#, python-format
msgid ""
"owner of %(types)s records should not be a wildcard domain name (RFC 4592 "
"section 4)"
msgstr ""

#: ipaserver/plugins/dns.py:3161
#, python-format
msgid ""
"Reverse zone %(name)s requires exactly %(count)d IP address components, "
"%(user_count)d given"
msgstr ""

#: ipaserver/plugins/dns.py:3203
msgid "only master zones can contain records"
msgstr ""

#: ipaserver/plugins/dns.py:3301
msgid "only one CNAME record is allowed per name (RFC 2136, section 1.1.5)"
msgstr ""

#: ipaserver/plugins/dns.py:3307
msgid ""
"CNAME record is not allowed to coexist with any other record (RFC 1034, "
"section 3.6.2)"
msgstr ""

#: ipaserver/plugins/dns.py:3315
msgid "only one DNAME record is allowed per name (RFC 6672, section 2.4)"
msgstr ""

#: ipaserver/plugins/dns.py:3331
#, python-format
msgid ""
"NS record is not allowed to coexist with an %(type)s record except when "
"located in a zone root record (RFC 2181, section 6.1)"
msgstr ""

#: ipaserver/plugins/dns.py:3347
msgid ""
"DS record requires to coexist with an NS record (RFC 4592 section 4.6, RFC "
"4035 section 2.4)"
msgstr ""

#: ipaserver/plugins/dns.py:3628
#, python-format
msgid "Raw value of a DNS record was already set by \"%(name)s\" option"
msgstr ""

#: ipaserver/plugins/dns.py:3754
msgid "DNS zone root record cannot be renamed"
msgstr ""

#: ipaserver/plugins/dns.py:3772
msgid "DNS records can be only updated one at a time"
msgstr ""

#: ipaserver/plugins/dns.py:3865
#, python-format
msgid "Deleted record \"%(value)s\""
msgstr ""

#: ipaserver/plugins/dns.py:3958
#, python-format
msgid "Zone record '%s' cannot be deleted"
msgstr ""

#: ipaserver/plugins/dns.py:4060
#, python-format
msgid "Found '%(value)s'"
msgstr ""

#: ipaserver/plugins/dns.py:4075
#, python-format
msgid "Host '%(host)s' not found"
msgstr ""

#: ipaserver/plugins/dns.py:4106
msgid "DNS configuration options"
msgstr ""

#: ipaserver/plugins/dns.py:4111 ipaserver/plugins/dns.py:4112
msgid "DNS Global Configuration"
msgstr ""

#: ipaserver/plugins/dns.py:4143
msgid "IPA DNS version"
msgstr ""

#: ipaserver/plugins/dns.py:4148
msgid "List of IPA masters configured as DNS servers"
msgstr ""

#: ipaserver/plugins/dns.py:4154
msgid "IPA server configured as DNSSec key master"
msgstr ""

#: ipaserver/plugins/dns.py:4205
msgid "Global DNS configuration is empty"
msgstr ""

#: ipaserver/plugins/dns.py:4286
msgid "DNS forward zone"
msgstr ""

#: ipaserver/plugins/dns.py:4287
msgid "DNS forward zones"
msgstr ""

#: ipaserver/plugins/dns.py:4289
msgid "DNS Forward Zones"
msgstr ""

#: ipaserver/plugins/dns.py:4290
msgid "DNS Forward Zone"
msgstr ""

#: ipaserver/plugins/dns.py:4397 ipaserver/plugins/dns.py:4447
msgid "Please specify forwarders."
msgstr ""

#: ipaserver/plugins/dns.py:4416
#, python-format
msgid "Deleted DNS forward zone \"%(value)s\""
msgstr ""

#: ipaserver/plugins/dns.py:4473
#, python-format
msgid "Disabled DNS forward zone \"%(value)s\""
msgstr ""

#: ipaserver/plugins/dns.py:4479
#, python-format
msgid "Enabled DNS forward zone \"%(value)s\""
msgstr ""

#: ipaserver/plugins/dns.py:4502
msgid "IPA DNS records"
msgstr ""

#: ipaserver/plugins/dns.py:4506
msgid "IPA location records"
msgstr ""

#: ipaserver/plugins/dns.py:4513
msgid "Update location and IPA server DNS records"
msgstr ""

#: ipaserver/plugins/dns.py:4524
msgid "Result of the command"
msgstr ""

#: ipaserver/plugins/dns.py:4531
msgid "Dry run"
msgstr ""

#: ipaserver/plugins/dns.py:4532
msgid "Do not update records only return expected records"
msgstr ""

#: ipaserver/plugins/hbacrule.py:108
msgid "The deny type has been deprecated."
msgstr ""

#: ipaserver/plugins/hbacrule.py:131
msgid "HBAC rules"
msgstr ""

#: ipaserver/plugins/hbacrule.py:201
msgid "HBAC Rules"
msgstr ""

#: ipaserver/plugins/hbacrule.py:302
#, python-format
msgid "Added HBAC rule \"%(value)s\""
msgstr ""

#: ipaserver/plugins/hbacrule.py:316
#, python-format
msgid "Deleted HBAC rule \"%(value)s\""
msgstr ""

#: ipaserver/plugins/hbacrule.py:333
#, python-format
msgid "Modified HBAC rule \"%(value)s\""
msgstr ""

#: ipaserver/plugins/hbacrule.py:368
#, python-format
msgid "%(count)d HBAC rule matched"
msgid_plural "%(count)d HBAC rules matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/hbacrule.py:383
#, python-format
msgid "Enabled HBAC rule \"%(value)s\""
msgstr ""

#: ipaserver/plugins/hbacrule.py:413
#, python-format
msgid "Disabled HBAC rule \"%(value)s\""
msgstr ""

#: ipaserver/plugins/hbacrule.py:447 ipaserver/plugins/hbacrule.py:478
msgid "Access time"
msgstr ""

#: ipaserver/plugins/hbacrule.py:565
msgid "Add source hosts and hostgroups to an HBAC rule."
msgstr ""

#: ipaserver/plugins/host.py:74
msgid ""
"\n"
"Hosts/Machines\n"
"\n"
"A host represents a machine. It can be used in a number of contexts:\n"
"- service entries are associated with a host\n"
"- a host stores the host/ service principal\n"
"- a host can be used in Host-based Access Control (HBAC) rules\n"
"- every enrolled client generates a host entry\n"
msgstr ""

#: ipaserver/plugins/host.py:82
msgid ""
"\n"
"ENROLLMENT:\n"
"\n"
"There are three enrollment scenarios when enrolling a new client:\n"
"\n"
"1. You are enrolling as a full administrator. The host entry may exist\n"
"   or not. A full administrator is a member of the hostadmin role\n"
"   or the admins group.\n"
"2. You are enrolling as a limited administrator. The host must already\n"
"   exist. A limited administrator is a member a role with the\n"
"   Host Enrollment privilege.\n"
"3. The host has been created with a one-time password.\n"
msgstr ""

#: ipaserver/plugins/host.py:94
msgid ""
"\n"
"RE-ENROLLMENT:\n"
"\n"
"Host that has been enrolled at some point, and lost its configuration (e.g. "
"VM\n"
"destroyed) can be re-enrolled.\n"
"\n"
"For more information, consult the manual pages for ipa-client-install.\n"
"\n"
"A host can optionally store information such as where it is located,\n"
"the OS that it runs, etc.\n"
msgstr ""

#: ipaserver/plugins/host.py:106
msgid ""
"\n"
" Add a new host:\n"
"   ipa host-add --location=\"3rd floor lab\" --locality=Dallas test.example."
"com\n"
msgstr ""

#: ipaserver/plugins/host.py:109
msgid ""
"\n"
" Delete a host:\n"
"   ipa host-del test.example.com\n"
msgstr ""

#: ipaserver/plugins/host.py:112
msgid ""
"\n"
" Add a new host with a one-time password:\n"
"   ipa host-add --os='Fedora 12' --password=Secret123 test.example.com\n"
msgstr ""

#: ipaserver/plugins/host.py:115
msgid ""
"\n"
" Add a new host with a random one-time password:\n"
"   ipa host-add --os='Fedora 12' --random test.example.com\n"
msgstr ""

#: ipaserver/plugins/host.py:118
msgid ""
"\n"
" Modify information about a host:\n"
"   ipa host-mod --os='Fedora 12' test.example.com\n"
msgstr ""

#: ipaserver/plugins/host.py:121
msgid ""
"\n"
" Remove SSH public keys of a host and update DNS to reflect this change:\n"
"   ipa host-mod --sshpubkey= --updatedns test.example.com\n"
msgstr ""

#: ipaserver/plugins/host.py:124
msgid ""
"\n"
" Disable the host Kerberos key, SSL certificate and all of its services:\n"
"   ipa host-disable test.example.com\n"
msgstr ""

#: ipaserver/plugins/host.py:127
msgid ""
"\n"
" Add a host that can manage this host's keytab and certificate:\n"
"   ipa host-add-managedby --hosts=test2 test\n"
msgstr ""

#: ipaserver/plugins/host.py:130
msgid ""
"\n"
" Allow user to create a keytab:\n"
"   ipa host-allow-create-keytab test2 --users=tuser1\n"
msgstr ""

#: ipaserver/plugins/host.py:462 ipaserver/plugins/internal.py:1172
#: ipaserver/plugins/internal.py:1294
msgid "Host"
msgstr ""

#: ipaserver/plugins/host.py:514
msgid "Base-64 encoded host certificate"
msgstr ""

#: ipaserver/plugins/host.py:521 ipaserver/plugins/internal.py:697
#: ipaserver/plugins/service.py:528
msgid "Serial Number"
msgstr ""

#: ipaserver/plugins/host.py:525 ipaserver/plugins/internal.py:698
#: ipaserver/plugins/service.py:532
msgid "Serial Number (hex)"
msgstr ""

#: ipaserver/plugins/host.py:533 ipaserver/plugins/service.py:540
#: ipaserver/plugins/cert.py:431
msgid "Not Before"
msgstr ""

#: ipaserver/plugins/host.py:537 ipaserver/plugins/service.py:544
#: ipaserver/plugins/cert.py:436
msgid "Not After"
msgstr ""

#: ipaserver/plugins/host.py:541 ipaserver/plugins/service.py:548
#: ipaserver/plugins/cert.py:441
msgid "Fingerprint (SHA1)"
msgstr ""

#: ipaserver/plugins/host.py:545 ipaserver/plugins/service.py:552
#: ipaserver/plugins/cert.py:446
msgid "Fingerprint (SHA256)"
msgstr ""

#: ipaserver/plugins/host.py:549 ipaserver/plugins/internal.py:651
#: ipaserver/plugins/internal.py:692 ipaserver/plugins/service.py:556
#: ipaserver/plugins/cert.py:1280
msgid "Revocation reason"
msgstr ""

#: ipaserver/plugins/host.py:597 ipaserver/plugins/service.py:570
msgid "Authentication Indicators"
msgstr ""

#: ipaserver/plugins/host.py:598
msgid ""
"Defines an allow list for Authentication Indicators. Use 'otp' to allow OTP-"
"based 2FA authentications. Use 'radius' to allow RADIUS-based 2FA "
"authentications. Use 'pkinit' to allow PKINIT-based 2FA authentications. Use "
"'hardened' to allow brute-force hardened password authentication by SPAKE or "
"FAST. Use 'idp' to allow External Identity Provider authentications. With no "
"indicator specified, all authentication mechanisms are allowed."
msgstr ""

#: ipaserver/plugins/host.py:670
#, python-format
msgid "Added host \"%(value)s\""
msgstr ""

#: ipaserver/plugins/host.py:794
#, python-format
msgid "Deleted host \"%(value)s\""
msgstr ""

#: ipaserver/plugins/host.py:799
msgid "Remove A, AAAA, SSHFP and PTR records of the host(s) managed by IPA DNS"
msgstr ""

#: ipaserver/plugins/host.py:871
msgid "No A, AAAA, SSHFP or PTR records found."
msgstr ""

#: ipaserver/plugins/host.py:887
#, python-format
msgid "Modified host \"%(value)s\""
msgstr ""

#: ipaserver/plugins/host.py:908
msgid "Password cannot be set on enrolled host."
msgstr ""

#: ipaserver/plugins/host.py:912
msgid "cn is immutable"
msgstr ""

#: ipaserver/plugins/host.py:1037
#, python-format
msgid "%(count)d host matched"
msgid_plural "%(count)d hosts matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/host.py:1192
#, python-format
msgid "Disabled host \"%(value)s\""
msgstr ""

#: ipaserver/plugins/host.py:1361
#, python-format
msgid "Added certificates to host \"%(value)s\""
msgstr ""

#: ipaserver/plugins/host.py:1368
#, python-format
msgid "Removed certificates from host \"%(value)s\""
msgstr ""

#: ipaserver/plugins/host.py:1384
msgid "Add new principal alias to host entry"
msgstr ""

#: ipaserver/plugins/host.py:1385
#, python-format
msgid "Added new aliases to host \"%(value)s\""
msgstr ""

#: ipaserver/plugins/host.py:1396
msgid "Remove principal alias from a host entry"
msgstr ""

#: ipaserver/plugins/host.py:1397
#, python-format
msgid "Removed aliases from host \"%(value)s\""
msgstr ""

#: ipaserver/plugins/idp.py:24
msgid ""
"\n"
"External Identity Provider Servers\n"
msgstr ""

#: ipaserver/plugins/idp.py:26
msgid ""
"\n"
"Manage External Identity Provider Servers.\n"
msgstr ""

#: ipaserver/plugins/idp.py:28
msgid ""
"\n"
"IPA supports the use of an external Identity Provider for Oauth2.0 Device "
"Flow\n"
"authentication.\n"
msgstr ""

#: ipaserver/plugins/idp.py:33
msgid ""
"\n"
" Add a new external Identity Provider server:\n"
"   ipa idp-add MyIdP --client-id jhkQty13       --auth-uri https://oauth2."
"idp.com/auth       --token-uri https://oauth2.idp.com/token --secret\n"
msgstr ""

#: ipaserver/plugins/idp.py:38
msgid ""
"\n"
" Add a new external Identity Provider server using github predefined "
"endpoints:\n"
"   ipa idp-add MyIdp --client-id jhkQty13 --provider github --secret\n"
msgstr ""

#: ipaserver/plugins/idp.py:41
msgid ""
"\n"
" Find all external Identity Provider servers whose entries include the "
"string\n"
" \"test.com\":\n"
"   ipa idp-find test.com\n"
msgstr ""

#: ipaserver/plugins/idp.py:45
msgid ""
"\n"
" Examine the configuration of an external Identity Provider server:\n"
"   ipa idp-show MyIdP\n"
msgstr ""

#: ipaserver/plugins/idp.py:48
msgid ""
"\n"
" Change the secret:\n"
"   ipa idp-mod MyIdP --secret\n"
msgstr ""

#: ipaserver/plugins/idp.py:51
msgid ""
"\n"
" Delete an external Identity Provider server:\n"
"   ipa idp-del MyIdP\n"
msgstr ""

#: ipaserver/plugins/idp.py:69
msgid "Invalid URI: not an https scheme"
msgstr ""

#: ipaserver/plugins/idp.py:72
msgid "Invalid URI: missing netloc"
msgstr ""

#: ipaserver/plugins/idp.py:83 ipaserver/plugins/idp.py:99
msgid "Identity Provider server"
msgstr ""

#: ipaserver/plugins/idp.py:84 ipaserver/plugins/idp.py:98
msgid "Identity Provider servers"
msgstr ""

#: ipaserver/plugins/idp.py:104
msgid "Identity Provider server name"
msgstr ""

#: ipaserver/plugins/idp.py:110
msgid "Authorization URI"
msgstr ""

#: ipaserver/plugins/idp.py:111
msgid "OAuth 2.0 authorization endpoint"
msgstr ""

#: ipaserver/plugins/idp.py:116
msgid "Device authorization URI"
msgstr ""

#: ipaserver/plugins/idp.py:117
msgid "Device authorization endpoint"
msgstr ""

#: ipaserver/plugins/idp.py:122
msgid "Token URI"
msgstr ""

#: ipaserver/plugins/idp.py:123
msgid "Token endpoint"
msgstr ""

#: ipaserver/plugins/idp.py:128
msgid "User info URI"
msgstr ""

#: ipaserver/plugins/idp.py:129
msgid "User information endpoint"
msgstr ""

#: ipaserver/plugins/idp.py:134
msgid "JWKS URI"
msgstr ""

#: ipaserver/plugins/idp.py:135
msgid "JWKS endpoint"
msgstr ""

#: ipaserver/plugins/idp.py:139
msgid "OIDC URL"
msgstr ""

#: ipaserver/plugins/idp.py:141
msgid "The Identity Provider OIDC URL"
msgstr ""

#: ipaserver/plugins/idp.py:145
msgid "Client identifier"
msgstr ""

#: ipaserver/plugins/idp.py:147
msgid "OAuth 2.0 client identifier"
msgstr ""

#: ipaserver/plugins/idp.py:152
msgid "OAuth 2.0 client secret"
msgstr ""

#: ipaserver/plugins/idp.py:158
msgid "Scope"
msgstr ""

#: ipaserver/plugins/idp.py:159
msgid "OAuth 2.0 scope. Multiple scopes separated by space"
msgstr ""

#: ipaserver/plugins/idp.py:163
msgid "External IdP user identifier attribute"
msgstr ""

#: ipaserver/plugins/idp.py:164
msgid "Attribute for user identity in OAuth 2.0 userinfo"
msgstr ""

#: ipaserver/plugins/idp.py:228
msgid "Add a new Identity Provider server."
msgstr ""

#: ipaserver/plugins/idp.py:229
#, python-format
msgid "Added Identity Provider server \"%(value)s\""
msgstr ""

#: ipaserver/plugins/idp.py:308
msgid "IdP provider template"
msgstr ""

#: ipaserver/plugins/idp.py:309
msgid "Choose a pre-defined template to use"
msgstr ""

#: ipaserver/plugins/idp.py:315 ipaserver/plugins/internal.py:680
msgid "Organization"
msgstr ""

#: ipaserver/plugins/idp.py:316
msgid "Organization ID or Realm name for IdP provider templates"
msgstr ""

#: ipaserver/plugins/idp.py:320
msgid "Base URL"
msgstr ""

#: ipaserver/plugins/idp.py:321
msgid "Base URL for IdP provider templates"
msgstr ""

#: ipaserver/plugins/idp.py:335
msgid "unknown provider"
msgstr ""

#: ipaserver/plugins/idp.py:350
msgid "value is missing"
msgstr ""

#: ipaserver/plugins/idp.py:381
msgid "cannot specify both individual endpoints and IdP provider"
msgstr ""

#: ipaserver/plugins/idp.py:412
msgid "Delete an Identity Provider server."
msgstr ""

#: ipaserver/plugins/idp.py:413
#, python-format
msgid "Deleted Identity Provider server \"%(value)s\""
msgstr ""

#: ipaserver/plugins/idp.py:418
msgid "Modify an Identity Provider server."
msgstr ""

#: ipaserver/plugins/idp.py:419
#, python-format
msgid "Modified Identity Provider server \"%(value)s\""
msgstr ""

#: ipaserver/plugins/idp.py:424
msgid "Search for Identity Provider servers."
msgstr ""

#: ipaserver/plugins/idp.py:426
#, python-format
msgid "%(count)d Identity Provider server matched"
msgid_plural "%(count)d Identity Provider servers matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/idp.py:441
msgid "Display information about an Identity Provider server."
msgstr ""

#: ipaserver/plugins/internal.py:151
msgid "Internationalization messages"
msgstr ""

#: ipaserver/plugins/internal.py:157
msgid "Your session has expired. Please log in again."
msgstr ""

#: ipaserver/plugins/internal.py:161 ipaserver/plugins/internal.py:206
msgid "Apply"
msgstr ""

#: ipaserver/plugins/internal.py:162
msgid "Rebuild auto membership"
msgstr ""

#: ipaserver/plugins/internal.py:163
msgid "Are you sure you want to rebuild auto membership?"
msgstr ""

#: ipaserver/plugins/internal.py:165
msgid "Are you sure you want to proceed with the action?"
msgstr ""

#: ipaserver/plugins/internal.py:166
#, python-brace-format
msgid "Are you sure you want to delete ${object}?"
msgstr ""

#: ipaserver/plugins/internal.py:167
#, python-brace-format
msgid "Are you sure you want to disable ${object}?"
msgstr ""

#: ipaserver/plugins/internal.py:168
#, python-brace-format
msgid "Are you sure you want to enable ${object}?"
msgstr ""

#: ipaserver/plugins/internal.py:169
msgid "Actions"
msgstr ""

#: ipaserver/plugins/internal.py:172 ipaserver/plugins/internal.py:201
#: ipaserver/plugins/internal.py:263
msgid "Add"
msgstr ""

#: ipaserver/plugins/internal.py:173
#, python-brace-format
msgid "${count} item(s) added"
msgstr ""

#: ipaserver/plugins/internal.py:174
msgid "Direct Membership"
msgstr ""

#: ipaserver/plugins/internal.py:175
#, python-brace-format
msgid "Filter available ${other_entity}"
msgstr ""

#: ipaserver/plugins/internal.py:176
msgid "Indirect Membership"
msgstr ""

#: ipaserver/plugins/internal.py:177
msgid "No entries."
msgstr ""

#: ipaserver/plugins/internal.py:178
#, python-brace-format
msgid "Showing ${start} to ${end} of ${total} entries."
msgstr ""

#: ipaserver/plugins/internal.py:179 ipaserver/plugins/internal.py:278
msgid "Remove"
msgstr ""

#: ipaserver/plugins/internal.py:180
#, python-brace-format
msgid "${count} item(s) removed"
msgstr ""

#: ipaserver/plugins/internal.py:181
msgid "Show Results"
msgstr ""

#: ipaserver/plugins/internal.py:184
msgid "Authentication indicators"
msgstr ""

#: ipaserver/plugins/internal.py:185
msgid "Authentication indicator"
msgstr ""

#: ipaserver/plugins/internal.py:186
msgid ""
"<p>Implicit method (password) will be used if no method is chosen.</"
"p><p><strong>Password + Two-factor:</strong> LDAP and Kerberos allow "
"authentication with either one of the authentication types but Kerberos uses "
"pre-authentication method which requires to use armor ccache.</"
"p><p><strong>RADIUS with another type:</strong> Kerberos always use RADIUS, "
"but LDAP never does. LDAP only recognize the password and two-factor "
"authentication options.</p>"
msgstr ""

#: ipaserver/plugins/internal.py:187
msgid "Add Custom Authentication Indicator"
msgstr ""

#: ipaserver/plugins/internal.py:189
msgid "Two factor authentication (password + OTP)"
msgstr ""

#: ipaserver/plugins/internal.py:191
msgid "RADIUS"
msgstr ""

#: ipaserver/plugins/internal.py:193
msgid "Hardened Password (by SPAKE or FAST)"
msgstr ""

#: ipaserver/plugins/internal.py:194
msgid "External Identity Provider"
msgstr ""

#: ipaserver/plugins/internal.py:195
msgid "Disable per-user override"
msgstr ""

#: ipaserver/plugins/internal.py:196
msgid ""
"<p>Per-user setting, overwrites the global setting if any option is checked."
"</p><p><strong>Password + Two-factor:</strong> LDAP and Kerberos allow "
"authentication with either one of the authentication types but Kerberos uses "
"pre-authentication method which requires to use armor ccache.</"
"p><p><strong>RADIUS with another type:</strong> Kerberos always use RADIUS, "
"but LDAP never does. LDAP only recognize the password and two-factor "
"authentication options.</p>"
msgstr ""

#: ipaserver/plugins/internal.py:199 ipaserver/plugins/internal.py:273
#: ipaserver/plugins/internal.py:1739
msgid "About"
msgstr ""

#: ipaserver/plugins/internal.py:200
msgid "Activate"
msgstr ""

#: ipaserver/plugins/internal.py:202
msgid "Add and Add Another"
msgstr ""

#: ipaserver/plugins/internal.py:203
msgid "Add and Close"
msgstr ""

#: ipaserver/plugins/internal.py:204
msgid "Add and Edit"
msgstr ""

#: ipaserver/plugins/internal.py:205
msgid "Add Many"
msgstr ""

#: ipaserver/plugins/internal.py:207
msgid "Back"
msgstr ""

#: ipaserver/plugins/internal.py:208
msgid "Cancel"
msgstr ""

#: ipaserver/plugins/internal.py:209
msgid "Clear"
msgstr ""

#: ipaserver/plugins/internal.py:210
msgid "Clear all fields on the page."
msgstr ""

#: ipaserver/plugins/internal.py:211
msgid "Close"
msgstr ""

#: ipaserver/plugins/internal.py:212 ipaserver/plugins/internal.py:1943
msgid "Disable"
msgstr ""

#: ipaserver/plugins/internal.py:213 ipaserver/plugins/internal.py:644
msgid "Download"
msgstr ""

#: ipaserver/plugins/internal.py:214
msgid "Download certificate as PEM formatted file."
msgstr ""

#: ipaserver/plugins/internal.py:215
msgid "Edit"
msgstr ""

#: ipaserver/plugins/internal.py:216 ipaserver/plugins/internal.py:1945
msgid "Enable"
msgstr ""

#: ipaserver/plugins/internal.py:218
msgid "Find"
msgstr ""

#: ipaserver/plugins/internal.py:219
msgid "Get"
msgstr ""

#: ipaserver/plugins/internal.py:220
msgid "Hide"
msgstr ""

#: ipaserver/plugins/internal.py:221
msgid "Issue"
msgstr ""

#: ipaserver/plugins/internal.py:222
msgid "Match"
msgstr ""

#: ipaserver/plugins/internal.py:223
msgid "Match users according to certificate."
msgstr ""

#: ipaserver/plugins/internal.py:224
msgid "Migrate"
msgstr ""

#: ipaserver/plugins/internal.py:225
msgid "OK"
msgstr ""

#: ipaserver/plugins/internal.py:226
msgid "Refresh"
msgstr ""

#: ipaserver/plugins/internal.py:227
msgid "Reload current settings from the server."
msgstr ""

#: ipaserver/plugins/internal.py:228
msgid "Delete"
msgstr ""

#: ipaserver/plugins/internal.py:229 ipaserver/plugins/internal.py:685
msgid "Remove hold"
msgstr ""

#: ipaserver/plugins/internal.py:230
msgid "Reset"
msgstr ""

#: ipaserver/plugins/internal.py:231 ipaserver/plugins/internal.py:1732
msgid "Reset Password"
msgstr ""

#: ipaserver/plugins/internal.py:232
msgid "Reset Password and Log in"
msgstr ""

#: ipaserver/plugins/internal.py:233
msgid "Restore"
msgstr ""

#: ipaserver/plugins/internal.py:234
msgid "Retry"
msgstr ""

#: ipaserver/plugins/internal.py:235
msgid "Revert"
msgstr ""

#: ipaserver/plugins/internal.py:237
msgid "Revoke"
msgstr ""

#: ipaserver/plugins/internal.py:238
msgid "Save"
msgstr ""

#: ipaserver/plugins/internal.py:239
msgid "Set"
msgstr ""

#: ipaserver/plugins/internal.py:240
msgid "Show"
msgstr ""

#: ipaserver/plugins/internal.py:241
msgid "Stage"
msgstr ""

#: ipaserver/plugins/internal.py:243
msgid "Update"
msgstr ""

#: ipaserver/plugins/internal.py:244
msgid "View"
msgstr ""

#: ipaserver/plugins/internal.py:247 ipaserver/plugins/internal.py:1740
msgid "Customization"
msgstr ""

#: ipaserver/plugins/internal.py:248
msgid "Pagination Size"
msgstr ""

#: ipaserver/plugins/internal.py:251
msgid "Collapse All"
msgstr ""

#: ipaserver/plugins/internal.py:252
msgid "Expand All"
msgstr ""

#: ipaserver/plugins/internal.py:253
msgid "General"
msgstr ""

#: ipaserver/plugins/internal.py:254
msgid "Identity Settings"
msgstr ""

#: ipaserver/plugins/internal.py:255
msgid "Record Settings"
msgstr ""

#: ipaserver/plugins/internal.py:256
#, python-brace-format
msgid "${entity} ${primary_key} Settings"
msgstr ""

#: ipaserver/plugins/internal.py:257
msgid "Back to Top"
msgstr ""

#: ipaserver/plugins/internal.py:258
#, python-brace-format
msgid "${entity} ${primary_key} updated"
msgstr ""

#: ipaserver/plugins/internal.py:261
#, python-brace-format
msgid "${entity} successfully added"
msgstr ""

#: ipaserver/plugins/internal.py:262
msgid "Add custom value"
msgstr ""

#: ipaserver/plugins/internal.py:264
msgid "Available"
msgstr "사용 가능한"

#: ipaserver/plugins/internal.py:265
msgid "Some operations failed."
msgstr ""

#: ipaserver/plugins/internal.py:266
msgid "Operations Error"
msgstr ""

#: ipaserver/plugins/internal.py:267
msgid "Confirmation"
msgstr "확인"

#: ipaserver/plugins/internal.py:268
msgid "Custom value"
msgstr ""

#: ipaserver/plugins/internal.py:269
msgid "This page has unsaved changes. Please save or revert."
msgstr ""

#: ipaserver/plugins/internal.py:270
msgid "Unsaved Changes"
msgstr ""

#: ipaserver/plugins/internal.py:271
#, python-brace-format
msgid "Edit ${entity}"
msgstr ""

#: ipaserver/plugins/internal.py:272
msgid "Hide details"
msgstr ""

#: ipaserver/plugins/internal.py:274
#, python-brace-format
msgid "${product}, version: ${version}"
msgstr ""

#: ipaserver/plugins/internal.py:275
msgid "Prospective"
msgstr ""

#: ipaserver/plugins/internal.py:276
msgid "Redirection"
msgstr ""

#: ipaserver/plugins/internal.py:277
msgid "Select entries to be removed."
msgstr ""

#: ipaserver/plugins/internal.py:279
msgid "Result"
msgstr ""

#: ipaserver/plugins/internal.py:280
msgid "Show details"
msgstr ""

#: ipaserver/plugins/internal.py:281
msgid "Success"
msgstr ""

#: ipaserver/plugins/internal.py:282
msgid "Validation error"
msgstr ""

#: ipaserver/plugins/internal.py:283
msgid "Input form contains invalid or missing values."
msgstr ""

#: ipaserver/plugins/internal.py:286
msgid "Please try the following options:"
msgstr ""

#: ipaserver/plugins/internal.py:287
msgid "If the problem persists please contact the system administrator."
msgstr ""

#: ipaserver/plugins/internal.py:288
msgid "Refresh the page."
msgstr ""

#: ipaserver/plugins/internal.py:289
msgid "Reload the browser."
msgstr ""

#: ipaserver/plugins/internal.py:290
msgid "Return to the main page and retry the operation"
msgstr ""

#: ipaserver/plugins/internal.py:291
#, python-brace-format
msgid "An error has occurred (${error})"
msgstr ""

#: ipaserver/plugins/internal.py:295
msgid "HTTP Error"
msgstr ""

#: ipaserver/plugins/internal.py:296
msgid "Internal Error"
msgstr ""

#: ipaserver/plugins/internal.py:297
msgid "IPA Error"
msgstr ""

#: ipaserver/plugins/internal.py:298
msgid "No response"
msgstr ""

#: ipaserver/plugins/internal.py:299
msgid "Unknown Error"
msgstr ""

#: ipaserver/plugins/internal.py:300
msgid "URL"
msgstr ""

#: ipaserver/plugins/internal.py:303
#, python-brace-format
msgid "${primary_key} is managed by:"
msgstr ""

#: ipaserver/plugins/internal.py:304
#, python-brace-format
msgid "${primary_key} members:"
msgstr ""

#: ipaserver/plugins/internal.py:305
#, python-brace-format
msgid "${primary_key} is a member of:"
msgstr ""

#: ipaserver/plugins/internal.py:306
#, python-brace-format
msgid "${primary_key} member managers:"
msgstr ""

#: ipaserver/plugins/internal.py:309
msgid "Settings"
msgstr ""

#: ipaserver/plugins/internal.py:310 ipaserver/plugins/internal.py:1753
msgid "Search"
msgstr ""

#: ipaserver/plugins/internal.py:312
msgid "False"
msgstr ""

#: ipaserver/plugins/internal.py:315
#, python-brace-format
msgid "Allow user groups to create keytab of '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:318
#, python-brace-format
msgid "Allow user groups to retrieve keytab of '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:321
#, python-brace-format
msgid "Allow host groups to create keytab of '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:324
#, python-brace-format
msgid "Allow host groups to retrieve keytab of '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:327
#, python-brace-format
msgid "Allow hosts to create keytab of '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:330
#, python-brace-format
msgid "Allow hosts to retrieve keytab of '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:333
#, python-brace-format
msgid "Allow users to create keytab of '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:336
#, python-brace-format
msgid "Allow users to retrieve keytab of '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:338
msgid "Allowed to create keytab"
msgstr ""

#: ipaserver/plugins/internal.py:339
msgid "Allowed to retrieve keytab"
msgstr ""

#: ipaserver/plugins/internal.py:341
#, python-brace-format
msgid "Disallow user groups to create keytab of '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:344
#, python-brace-format
msgid "Disallow user groups to retrieve keytab of '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:347
#, python-brace-format
msgid "Disallow host groups to create keytab of '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:350
#, python-brace-format
msgid "Disallow host groups to retrieve keytab of '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:353
#, python-brace-format
msgid "Disallow hosts to create keytab of '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:356
#, python-brace-format
msgid "Disallow hosts to retrieve keytab of '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:359
#, python-brace-format
msgid "Disallow users to create keytab of '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:362
#, python-brace-format
msgid "Disallow users to retrieve keytab of '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:366
msgid "Add Kerberos Principal Alias"
msgstr ""

#: ipaserver/plugins/internal.py:367
msgid "New kerberos principal alias"
msgstr ""

#: ipaserver/plugins/internal.py:368
msgid "Remove Kerberos Alias"
msgstr ""

#: ipaserver/plugins/internal.py:369
#, python-brace-format
msgid "Do you want to remove kerberos alias ${alias}?"
msgstr ""

#: ipaserver/plugins/internal.py:372
msgid "Inherited from server configuration"
msgstr ""

#: ipaserver/plugins/internal.py:373
msgid "MS-PAC"
msgstr ""

#: ipaserver/plugins/internal.py:374
msgid "Override inherited settings"
msgstr ""

#: ipaserver/plugins/internal.py:375
msgid "PAD"
msgstr ""

#: ipaserver/plugins/internal.py:378
msgid "Authenticating"
msgstr ""

#: ipaserver/plugins/internal.py:380
msgid "Authentication with personal certificate failed"
msgstr ""

#: ipaserver/plugins/internal.py:382
msgid ""
"<i class=\"fa fa-info-circle\"></i> To log in with <strong>certificate</"
"strong>, please make sure you have valid personal certificate. "
msgstr ""

#: ipaserver/plugins/internal.py:386
msgid "Continue to next page"
msgstr ""

#: ipaserver/plugins/internal.py:388
msgid ""
"<i class=\"fa fa-info-circle\"></i> To log in with <strong>username and "
"password</strong>, enter them in the corresponding fields, then click 'Log "
"in'."
msgstr ""

#: ipaserver/plugins/internal.py:391
msgid "Login failed due to an unknown reason"
msgstr ""

#: ipaserver/plugins/internal.py:392
msgid "Logged In As"
msgstr ""

#: ipaserver/plugins/internal.py:393
msgid "Authentication with Kerberos failed"
msgstr ""

#: ipaserver/plugins/internal.py:395
#, python-brace-format
msgid ""
"<i class=\"fa fa-info-circle\"></i> To log in with <strong>Kerberos</"
"strong>, please make sure you have valid tickets (obtainable via kinit) and "
"<a href='${protocol}//${host}/ipa/config/ssbrowser.html'>configured</a> the "
"browser correctly, then click 'Log in'."
msgstr ""

#: ipaserver/plugins/internal.py:400
msgid "Loading"
msgstr ""

#: ipaserver/plugins/internal.py:402
msgid "Kerberos Principal you entered is expired"
msgstr ""

#: ipaserver/plugins/internal.py:403
msgid "Loading data"
msgstr ""

#: ipaserver/plugins/internal.py:404
msgid "Log in"
msgstr ""

#: ipaserver/plugins/internal.py:405
msgid "Log In Using Certificate"
msgstr ""

#: ipaserver/plugins/internal.py:406
msgid "Log in using personal certificate"
msgstr ""

#: ipaserver/plugins/internal.py:407 ipaserver/plugins/internal.py:1741
msgid "Log out"
msgstr ""

#: ipaserver/plugins/internal.py:408
msgid "Log out error"
msgstr ""

#: ipaserver/plugins/internal.py:410 ipaserver/plugins/internal.py:1726
msgid "Password or Password+One-Time Password"
msgstr ""

#: ipaserver/plugins/internal.py:411
#, python-brace-format
msgid "You will be redirected in ${count}s"
msgstr ""

#: ipaserver/plugins/internal.py:412
msgid "Sync OTP Token"
msgstr ""

#: ipaserver/plugins/internal.py:413
msgid "Synchronizing"
msgstr ""

#: ipaserver/plugins/internal.py:415
msgid "The user account you entered is locked"
msgstr ""

#: ipaserver/plugins/internal.py:418
msgid "number of passwords"
msgstr ""

#: ipaserver/plugins/internal.py:419
msgid "seconds"
msgstr ""

#: ipaserver/plugins/internal.py:422
msgid "Migrating"
msgstr ""

#: ipaserver/plugins/internal.py:424
msgid "There was a problem with your request. Please, try again later."
msgstr ""

#: ipaserver/plugins/internal.py:427
msgid "Password migration was not successful"
msgstr "비밀번호 이전이 성공하지 못했습니다"

#: ipaserver/plugins/internal.py:429
msgid ""
"<h1>Password Migration</h1><p>If you have been sent here by your "
"administrator, your personal information is being migrated to a new identity "
"management solution (IPA).</p><p>Please, enter your credentials in the form "
"to complete the process. Upon successful login your kerberos account will be "
"activated.</p>"
msgstr ""

#: ipaserver/plugins/internal.py:436 ipaserver/plugins/internal.py:1708
msgid "The password or username you entered is incorrect"
msgstr ""

#: ipaserver/plugins/internal.py:437
msgid "Password migration was successful"
msgstr ""

#: ipaserver/plugins/internal.py:441 ipaserver/plugins/internal.py:526
#: ipaserver/plugins/internal.py:1224
msgid "Attribute"
msgstr ""

#: ipaserver/plugins/internal.py:444
msgid "Add delegation"
msgstr ""

#: ipaserver/plugins/internal.py:445
msgid "Remove delegations"
msgstr ""

#: ipaserver/plugins/internal.py:448 ipaserver/plugins/internal.py:780
msgid "Add permission"
msgstr ""

#: ipaserver/plugins/internal.py:450
#, python-brace-format
msgid "Add privileges into permission '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:452
msgid "Remove permissions"
msgstr ""

#: ipaserver/plugins/internal.py:454
#, python-brace-format
msgid "Remove privileges from permission '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:458
msgid "Add privilege"
msgstr ""

#: ipaserver/plugins/internal.py:460
#, python-brace-format
msgid "Add privilege '${primary_key}' into permissions"
msgstr ""

#: ipaserver/plugins/internal.py:463
#, python-brace-format
msgid "Add roles into privilege '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:465
msgid "Remove privileges"
msgstr ""

#: ipaserver/plugins/internal.py:467
#, python-brace-format
msgid "Remove privilege '${primary_key}' from permissions"
msgstr ""

#: ipaserver/plugins/internal.py:470
#, python-brace-format
msgid "Remove roles from privilege '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:474
msgid "Role Settings"
msgstr ""

#: ipaserver/plugins/internal.py:475
msgid "Add role"
msgstr ""

#: ipaserver/plugins/internal.py:477
#, python-brace-format
msgid "Add user groups into role '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:480
#, python-brace-format
msgid "Add hosts into role '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:483
#, python-brace-format
msgid "Add host groups into role '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:486
#, python-brace-format
msgid "Add role '${primary_key}' into privileges"
msgstr ""

#: ipaserver/plugins/internal.py:489
#, python-brace-format
msgid "Add services into role '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:492
#, python-brace-format
msgid "Add users into role '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:494
msgid "Remove roles"
msgstr ""

#: ipaserver/plugins/internal.py:496
#, python-brace-format
msgid "Remove role '${primary_key}' from privileges"
msgstr ""

#: ipaserver/plugins/internal.py:499
#, python-brace-format
msgid "Remove user groups from role '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:502
#, python-brace-format
msgid "Remove hosts from role '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:505
#, python-brace-format
msgid "Remove host groups from role '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:508
#, python-brace-format
msgid "Remove services from role '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:511
#, python-brace-format
msgid "Remove users from role '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:515
msgid "Add self service permission"
msgstr ""

#: ipaserver/plugins/internal.py:516
msgid "Remove self service permissions"
msgstr ""

#: ipaserver/plugins/internal.py:519
msgid "Add rule"
msgstr ""

#: ipaserver/plugins/internal.py:521
#, python-brace-format
msgid "Add inclusive condition into '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:524
#, python-brace-format
msgid "Add exclusive condition into '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:528
msgid "Are you sure you want to change default group?"
msgstr ""

#: ipaserver/plugins/internal.py:530
msgid "Default host group"
msgstr ""

#: ipaserver/plugins/internal.py:531
msgid "Default user group"
msgstr ""

#: ipaserver/plugins/internal.py:532
msgid "Exclusive"
msgstr ""

#: ipaserver/plugins/internal.py:533
msgid "Expression"
msgstr ""

#: ipaserver/plugins/internal.py:534
msgid "Host group rule"
msgstr ""

#: ipaserver/plugins/internal.py:535
msgid "Host group rules"
msgstr ""

#: ipaserver/plugins/internal.py:536
msgid "Inclusive"
msgstr ""

#: ipaserver/plugins/internal.py:537
msgid "Remove auto membership rules"
msgstr ""

#: ipaserver/plugins/internal.py:539
#, python-brace-format
msgid "Remove exclusive conditions from rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:542
#, python-brace-format
msgid "Remove inclusive conditions from rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:544
msgid "User group rule"
msgstr ""

#: ipaserver/plugins/internal.py:545
msgid "User group rules"
msgstr ""

#: ipaserver/plugins/internal.py:548
msgid "Add automount key"
msgstr ""

#: ipaserver/plugins/internal.py:549
msgid "Remove automount keys"
msgstr ""

#: ipaserver/plugins/internal.py:552
msgid "Add automount location"
msgstr ""

#: ipaserver/plugins/internal.py:553
msgid "Automount Location Settings"
msgstr ""

#: ipaserver/plugins/internal.py:554
msgid "Remove automount locations"
msgstr ""

#: ipaserver/plugins/internal.py:557
msgid "Add automount map"
msgstr ""

#: ipaserver/plugins/internal.py:558
msgid "Map Type"
msgstr ""

#: ipaserver/plugins/internal.py:559
msgid "Direct"
msgstr ""

#: ipaserver/plugins/internal.py:560
msgid "Indirect"
msgstr ""

#: ipaserver/plugins/internal.py:561
msgid "Remove automount maps"
msgstr ""

#: ipaserver/plugins/internal.py:564
msgid "Add certificate authority"
msgstr ""

#: ipaserver/plugins/internal.py:565
msgid "Remove certificate authorities"
msgstr ""

#: ipaserver/plugins/internal.py:568
msgid "Add CA ACL"
msgstr ""

#: ipaserver/plugins/internal.py:570
#, python-brace-format
msgid "Add Certificate Authorities into CA ACL '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:574
#, python-brace-format
msgid "Add user groups into CA ACL '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:577
#, python-brace-format
msgid "Add host groups into CA ACL '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:580
#, python-brace-format
msgid "Add hosts into CA ACL '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:583
#, python-brace-format
msgid "Add certificate profiles into CA ACL '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:586
#, python-brace-format
msgid "Add services into CA ACL '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:589
#, python-brace-format
msgid "Add users into CA ACL '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:591
msgid "All"
msgstr ""

#: ipaserver/plugins/internal.py:592
msgid "Any CA"
msgstr ""

#: ipaserver/plugins/internal.py:593 ipaserver/plugins/internal.py:902
#: ipaserver/plugins/internal.py:1169 ipaserver/plugins/internal.py:1292
#: ipaserver/plugins/internal.py:1461
msgid "Any Host"
msgstr ""

#: ipaserver/plugins/internal.py:594 ipaserver/plugins/internal.py:903
msgid "Any Service"
msgstr ""

#: ipaserver/plugins/internal.py:595
msgid "Any Profile"
msgstr ""

#: ipaserver/plugins/internal.py:596 ipaserver/plugins/internal.py:904
#: ipaserver/plugins/internal.py:1170 ipaserver/plugins/internal.py:1293
#: ipaserver/plugins/internal.py:1462
msgid "Anyone"
msgstr ""

#: ipaserver/plugins/internal.py:597 ipaserver/plugins/internal.py:906
#: ipaserver/plugins/internal.py:1467
msgid "Rule status"
msgstr ""

#: ipaserver/plugins/internal.py:598
msgid "If no CAs are specified, requests to the default CA are allowed."
msgstr ""

#: ipaserver/plugins/internal.py:600
msgid "Remove CA ACLs"
msgstr ""

#: ipaserver/plugins/internal.py:602
#, python-brace-format
msgid "Remove Certificate Authorities from CA ACL '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:606
#, python-brace-format
msgid "Remove user groups from CA ACL '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:609
#, python-brace-format
msgid "Remove host groups from CA ACL '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:612
#, python-brace-format
msgid "Remove hosts from CA ACL '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:615
#, python-brace-format
msgid "Remove certificate profiles from CA ACL '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:618
#, python-brace-format
msgid "Remove services from CA ACL '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:621
#, python-brace-format
msgid "Remove users from CA ACL '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:623
msgid "Specified CAs"
msgstr ""

#: ipaserver/plugins/internal.py:624 ipaserver/plugins/internal.py:928
#: ipaserver/plugins/internal.py:1196 ipaserver/plugins/internal.py:1308
#: ipaserver/plugins/internal.py:1512
msgid "Specified Hosts and Groups"
msgstr ""

#: ipaserver/plugins/internal.py:625
msgid "Specified Profiles"
msgstr ""

#: ipaserver/plugins/internal.py:626 ipaserver/plugins/internal.py:929
msgid "Specified Services and Groups"
msgstr ""

#: ipaserver/plugins/internal.py:627 ipaserver/plugins/internal.py:930
#: ipaserver/plugins/internal.py:1197 ipaserver/plugins/internal.py:1309
#: ipaserver/plugins/internal.py:1513
msgid "Specified Users and Groups"
msgstr ""

#: ipaserver/plugins/internal.py:628
msgid "Permitted to have certificates issued"
msgstr ""

#: ipaserver/plugins/internal.py:631
msgid "Remove certificate profiles"
msgstr ""

#: ipaserver/plugins/internal.py:634
msgid "AA Compromise"
msgstr ""

#: ipaserver/plugins/internal.py:635
msgid "Add principal"
msgstr ""

#: ipaserver/plugins/internal.py:636
msgid "Affiliation Changed"
msgstr ""

#: ipaserver/plugins/internal.py:637 ipaserver/plugins/ca.py:351
#: ipaserver/plugins/ca.py:360 ipaserver/plugins/ca.py:379
#: ipaserver/plugins/ca.py:419
msgid "CA"
msgstr ""

#: ipaserver/plugins/internal.py:638
msgid "CA Compromise"
msgstr ""

#: ipaserver/plugins/internal.py:640 ipaserver/plugins/internal.py:1955
msgid "Certificates"
msgstr ""

#: ipaserver/plugins/internal.py:641
msgid "Certificate Hold"
msgstr ""

#: ipaserver/plugins/internal.py:642
msgid "Cessation of Operation"
msgstr ""

#: ipaserver/plugins/internal.py:643
msgid "Common Name"
msgstr ""

#: ipaserver/plugins/internal.py:645
msgid "the certificate with serial number "
msgstr ""

#: ipaserver/plugins/internal.py:646
msgid "Expires On"
msgstr ""

#: ipaserver/plugins/internal.py:647
msgid "Issued on from"
msgstr ""

#: ipaserver/plugins/internal.py:648
msgid "Issued on to"
msgstr ""

#: ipaserver/plugins/internal.py:649
msgid "Maximum serial number"
msgstr ""

#: ipaserver/plugins/internal.py:650
msgid "Minimum serial number"
msgstr ""

#: ipaserver/plugins/internal.py:652
msgid "Revoked on from"
msgstr ""

#: ipaserver/plugins/internal.py:653
msgid "Revoked on to"
msgstr ""

#: ipaserver/plugins/internal.py:655
msgid "Valid not after from"
msgstr ""

#: ipaserver/plugins/internal.py:656
msgid "Valid not after to"
msgstr ""

#: ipaserver/plugins/internal.py:657
msgid "Valid not before from"
msgstr ""

#: ipaserver/plugins/internal.py:658
msgid "Valid not before to"
msgstr ""

#: ipaserver/plugins/internal.py:659
msgid "Fingerprints"
msgstr ""

#: ipaserver/plugins/internal.py:660
msgid "Get Certificate"
msgstr ""

#: ipaserver/plugins/internal.py:661
msgid "Certificate Hold Removed"
msgstr ""

#: ipaserver/plugins/internal.py:663
#, python-brace-format
msgid "Issue new certificate for host '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:666
#, python-brace-format
msgid "Issue new certificate for service '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:669
#, python-brace-format
msgid "Issue new certificate for user '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:671
msgid "Issue new certificate"
msgstr ""

#: ipaserver/plugins/internal.py:672
msgid "Issued By"
msgstr ""

#: ipaserver/plugins/internal.py:673
msgid "Issued On"
msgstr ""

#: ipaserver/plugins/internal.py:674
msgid "Issued To"
msgstr ""

#: ipaserver/plugins/internal.py:675
msgid "Key Compromise"
msgstr ""

#: ipaserver/plugins/internal.py:676
msgid "No Valid Certificate"
msgstr ""

#: ipaserver/plugins/internal.py:677
msgid "New Certificate"
msgstr ""

#: ipaserver/plugins/internal.py:678
msgid "Certificate in base64 or PEM format"
msgstr ""

#: ipaserver/plugins/internal.py:679
msgid "Note"
msgstr ""

#: ipaserver/plugins/internal.py:681
msgid "Organizational Unit"
msgstr ""

#: ipaserver/plugins/internal.py:682
#, python-brace-format
msgid "${count} certificate(s) present"
msgstr ""

#: ipaserver/plugins/internal.py:683
msgid "Privilege Withdrawn"
msgstr ""

#: ipaserver/plugins/internal.py:684
msgid "Reason for Revocation"
msgstr ""

#: ipaserver/plugins/internal.py:686
msgid "Remove certificate hold"
msgstr ""

#: ipaserver/plugins/internal.py:687
msgid "Do you want to remove the certificate hold?"
msgstr ""

#: ipaserver/plugins/internal.py:688
msgid "Remove from CRL"
msgstr ""

#: ipaserver/plugins/internal.py:689
#, python-brace-format
msgid ""
"<ol> <li>Create a certificate database or use an existing one. To create a "
"new database:<br/> <code># certutil -N -d &lt;database path&gt;</code> </li> "
"<li>Create a CSR with subject <em>CN=&lt;${cn_name}&gt;,O=&lt;realm&gt;</"
"em>, for example:<br/> <code># certutil -R -d &lt;database path&gt; -a -g "
"&lt;key size&gt; -s 'CN=${cn},O=${realm}'${san}</code> </li> <li> Copy and "
"paste the CSR (from <em>-----BEGIN NEW CERTIFICATE REQUEST-----</em> to "
"<em>-----END NEW CERTIFICATE REQUEST-----</em>) into the text area below: </"
"li> </ol>"
msgstr ""

#: ipaserver/plugins/internal.py:690
#, python-brace-format
msgid " -8 '${cn}'"
msgstr ""

#: ipaserver/plugins/internal.py:691
msgid "Certificate requested"
msgstr ""

#: ipaserver/plugins/internal.py:693
msgid "Revoke certificate"
msgstr ""

#: ipaserver/plugins/internal.py:694
msgid ""
"Do you want to revoke this certificate? Select a reason from the pull-down "
"list."
msgstr ""

#: ipaserver/plugins/internal.py:695
msgid "Certificate Revoked"
msgstr ""

#: ipaserver/plugins/internal.py:696
msgid "REVOKED"
msgstr ""

#: ipaserver/plugins/internal.py:699
msgid "SHA1 Fingerprint"
msgstr ""

#: ipaserver/plugins/internal.py:700
msgid "SHA256 Fingerprint"
msgstr ""

#: ipaserver/plugins/internal.py:701 ipaserver/plugins/internal.py:1031
#: ipaserver/plugins/internal.py:1344 ipaserver/plugins/internal.py:1947
#: ipaserver/plugins/cert.py:1270
msgid "Status"
msgstr ""

#: ipaserver/plugins/internal.py:702
msgid "Superseded"
msgstr ""

#: ipaserver/plugins/internal.py:703
msgid "Unspecified"
msgstr "지정되지 않음"

#: ipaserver/plugins/internal.py:704
msgid "Valid Certificate Present"
msgstr ""

#: ipaserver/plugins/internal.py:705
msgid "Valid from"
msgstr ""

#: ipaserver/plugins/internal.py:706
msgid "Valid to"
msgstr ""

#: ipaserver/plugins/internal.py:707
msgid "Validity"
msgstr ""

#: ipaserver/plugins/internal.py:708
#, python-brace-format
msgid "Certificate for ${entity} ${primary_key}"
msgstr ""

#: ipaserver/plugins/internal.py:709
msgid "View Certificate"
msgstr ""

#: ipaserver/plugins/internal.py:712
msgid "Certificate Data"
msgstr ""

#: ipaserver/plugins/internal.py:713
msgid "Certificate For Match"
msgstr ""

#: ipaserver/plugins/internal.py:714
msgid "Certificate Mapping Match"
msgstr ""

#: ipaserver/plugins/internal.py:716
msgid "Matched Users"
msgstr ""

#: ipaserver/plugins/internal.py:717
msgid "User Login"
msgstr ""

#: ipaserver/plugins/internal.py:720
msgid "Add certificate identity mapping rule"
msgstr ""

#: ipaserver/plugins/internal.py:721
msgid "Add certificate mapping data"
msgstr ""

#: ipaserver/plugins/internal.py:724
msgid "Configuration string"
msgstr ""

#: ipaserver/plugins/internal.py:725
#, python-brace-format
msgid "Do you want to remove certificate mapping data ${data}?"
msgstr ""

#: ipaserver/plugins/internal.py:726
msgid "Remove certificate mapping data"
msgstr ""

#: ipaserver/plugins/internal.py:728
msgid "Issuer and subject"
msgstr ""

#: ipaserver/plugins/internal.py:729
msgid "Remove certificate identity mapping rules"
msgstr ""

#: ipaserver/plugins/internal.py:734
msgid "Group Options"
msgstr ""

#: ipaserver/plugins/internal.py:735
msgid "Search Options"
msgstr ""

#: ipaserver/plugins/internal.py:736
msgid "SELinux Options"
msgstr ""

#: ipaserver/plugins/internal.py:737
msgid "Server Options"
msgstr ""

#: ipaserver/plugins/internal.py:738
msgid "Service Options"
msgstr ""

#: ipaserver/plugins/internal.py:739
msgid "User Options"
msgstr ""

#: ipaserver/plugins/internal.py:744
msgid "Forward first"
msgstr ""

#: ipaserver/plugins/internal.py:745
msgid "Forwarding disabled"
msgstr ""

#: ipaserver/plugins/internal.py:746
msgid "Forward only"
msgstr ""

#: ipaserver/plugins/internal.py:747 ipaserver/plugins/internal.py:1470
#: ipaserver/plugins/internal.py:1576
msgid "Options"
msgstr ""

#: ipaserver/plugins/internal.py:748
msgid "Update System DNS Records"
msgstr ""

#: ipaserver/plugins/internal.py:749
msgid "Do you want to update system DNS records?"
msgstr ""

#: ipaserver/plugins/internal.py:750
msgid "System DNS records updated"
msgstr ""

#: ipaserver/plugins/internal.py:753
msgid "Add DNS forward zone"
msgstr ""

#: ipaserver/plugins/internal.py:754
msgid "Remove DNS forward zones"
msgstr ""

#: ipaserver/plugins/internal.py:757
msgid "Add DNS resource record"
msgstr ""

#: ipaserver/plugins/internal.py:759
msgid "DNS record was deleted because it contained no data."
msgstr ""

#: ipaserver/plugins/internal.py:760
msgid "Other Record Types"
msgstr ""

#: ipaserver/plugins/internal.py:761
msgid "Address not valid, can't redirect"
msgstr ""

#: ipaserver/plugins/internal.py:762
msgid "Create dns record"
msgstr ""

#: ipaserver/plugins/internal.py:763
msgid "Creating record."
msgstr ""

#: ipaserver/plugins/internal.py:764
msgid "Record creation failed."
msgstr ""

#: ipaserver/plugins/internal.py:765
msgid "Checking if record exists."
msgstr ""

#: ipaserver/plugins/internal.py:766
msgid "Record not found."
msgstr ""

#: ipaserver/plugins/internal.py:767
msgid "Redirection to PTR record"
msgstr ""

#: ipaserver/plugins/internal.py:768
#, python-brace-format
msgid "Zone found: ${zone}"
msgstr ""

#: ipaserver/plugins/internal.py:769
msgid "Target reverse zone not found."
msgstr ""

#: ipaserver/plugins/internal.py:770
msgid "Fetching DNS zones."
msgstr ""

#: ipaserver/plugins/internal.py:771
msgid "An error occurred while fetching dns zones."
msgstr ""

#: ipaserver/plugins/internal.py:772
msgid "You will be redirected to DNS Zone."
msgstr ""

#: ipaserver/plugins/internal.py:773
msgid "Remove DNS resource records"
msgstr ""

#: ipaserver/plugins/internal.py:774
msgid "Standard Record Types"
msgstr ""

#: ipaserver/plugins/internal.py:775
msgid "Records for DNS Zone"
msgstr ""

#: ipaserver/plugins/internal.py:776
msgid "Record Type"
msgstr ""

#: ipaserver/plugins/internal.py:779
msgid "Add DNS zone"
msgstr ""

#: ipaserver/plugins/internal.py:781
#, python-brace-format
msgid "Are you sure you want to add permission for DNS Zone ${object}?"
msgstr ""

#: ipaserver/plugins/internal.py:782
msgid "DNS Zone Settings"
msgstr ""

#: ipaserver/plugins/internal.py:783
msgid "Remove DNS zones"
msgstr ""

#: ipaserver/plugins/internal.py:784
msgid "Remove Permission"
msgstr ""

#: ipaserver/plugins/internal.py:785
#, python-brace-format
msgid "Are you sure you want to remove permission for DNS Zone ${object}?"
msgstr ""

#: ipaserver/plugins/internal.py:786
msgid "Skip DNS check"
msgstr ""

#: ipaserver/plugins/internal.py:787
msgid "Skip overlap check"
msgstr ""

#: ipaserver/plugins/internal.py:788
msgid "Do you want to check if new authoritative nameserver address is in DNS"
msgstr ""

#: ipaserver/plugins/internal.py:789
msgid "Authoritative nameserver change"
msgstr ""

#: ipaserver/plugins/internal.py:794
msgid "Level"
msgstr ""

#: ipaserver/plugins/internal.py:795
msgid "Set Domain Level"
msgstr ""

#: ipaserver/plugins/internal.py:798
msgid "Add user group"
msgstr ""

#: ipaserver/plugins/internal.py:800
#, python-brace-format
msgid "Add user groups into user group '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:803
#, python-brace-format
msgid "Add user group '${primary_key}' into user groups"
msgstr ""

#: ipaserver/plugins/internal.py:806
#, python-brace-format
msgid "Add user group '${primary_key}' into HBAC rules"
msgstr ""

#: ipaserver/plugins/internal.py:809
#, python-brace-format
msgid "Add user group '${primary_key}' into netgroups"
msgstr ""

#: ipaserver/plugins/internal.py:812
#, python-brace-format
msgid "Add user group '${primary_key}' into roles"
msgstr ""

#: ipaserver/plugins/internal.py:815
#, python-brace-format
msgid "Add user group '${primary_key}' into sudo rules"
msgstr ""

#: ipaserver/plugins/internal.py:818
#, python-brace-format
msgid "Add services into user group '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:821
#, python-brace-format
msgid "Add users into user group '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:824
#, python-brace-format
msgid "Add groups as member managers for user group '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:828
#, python-brace-format
msgid "Remove groups from member managers for user group '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:832
#, python-brace-format
msgid "Add users as member managers for user group '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:836
#, python-brace-format
msgid "Remove users from member managers for user group '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:840
#, python-brace-format
msgid "Add user ID override into user group '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:842
msgid "Group Settings"
msgstr ""

#: ipaserver/plugins/internal.py:843 ipaserver/plugins/internal.py:1171
#: ipaserver/plugins/internal.py:1465
msgid "External"
msgstr ""

#: ipaserver/plugins/internal.py:844 ipaserver/plugins/internal.py:1398
msgid "Groups"
msgstr ""

#: ipaserver/plugins/internal.py:845
msgid "Group categories"
msgstr ""

#: ipaserver/plugins/internal.py:846
msgid "Change to external group"
msgstr ""

#: ipaserver/plugins/internal.py:847
msgid "Change to POSIX group"
msgstr ""

#: ipaserver/plugins/internal.py:848
msgid "Non-POSIX"
msgstr ""

#: ipaserver/plugins/internal.py:849
msgid "POSIX"
msgstr ""

#: ipaserver/plugins/internal.py:850
msgid "Remove user groups"
msgstr ""

#: ipaserver/plugins/internal.py:852
#, python-brace-format
msgid "Remove user group '${primary_key}' from user groups"
msgstr ""

#: ipaserver/plugins/internal.py:855
#, python-brace-format
msgid "Remove user group '${primary_key}' from netgroups"
msgstr ""

#: ipaserver/plugins/internal.py:858
#, python-brace-format
msgid "Remove user group '${primary_key}' from roles"
msgstr ""

#: ipaserver/plugins/internal.py:861
#, python-brace-format
msgid "Remove user group '${primary_key}' from HBAC rules"
msgstr ""

#: ipaserver/plugins/internal.py:864
#, python-brace-format
msgid "Remove user group '${primary_key}' from sudo rules"
msgstr ""

#: ipaserver/plugins/internal.py:867
#, python-brace-format
msgid "Remove user groups from user group '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:870
#, python-brace-format
msgid "Remove services from user group '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:873
#, python-brace-format
msgid "Remove users from user group '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:876
#, python-brace-format
msgid "Remove user ID overrides from user group '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:878
msgid "Group Type"
msgstr ""

#: ipaserver/plugins/internal.py:882
msgid "Add HBAC rule"
msgstr ""

#: ipaserver/plugins/internal.py:884
#, python-brace-format
msgid "Add user groups into HBAC rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:887
#, python-brace-format
msgid "Add host groups into HBAC rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:890
#, python-brace-format
msgid "Add hosts into HBAC rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:893
#, python-brace-format
msgid "Add HBAC service groups into HBAC rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:897
#, python-brace-format
msgid "Add HBAC services into HBAC rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:900
#, python-brace-format
msgid "Add users into HBAC rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:905
msgid "Accessing"
msgstr ""

#: ipaserver/plugins/internal.py:907
msgid "Remove HBAC rules"
msgstr ""

#: ipaserver/plugins/internal.py:909
#, python-brace-format
msgid "Remove user groups from HBAC rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:912
#, python-brace-format
msgid "Remove host groups from HBAC rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:915
#, python-brace-format
msgid "Remove hosts from HBAC rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:918
#, python-brace-format
msgid "Remove HBAC service groups from HBAC rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:922
#, python-brace-format
msgid "Remove HBAC services from HBAC rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:925
#, python-brace-format
msgid "Remove users from HBAC rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:927
msgid "Via Service"
msgstr ""

#: ipaserver/plugins/internal.py:931 ipaserver/plugins/internal.py:1514
msgid "Who"
msgstr ""

#: ipaserver/plugins/internal.py:934
msgid "Add HBAC service"
msgstr ""

#: ipaserver/plugins/internal.py:936
#, python-brace-format
msgid "Add HBAC service '${primary_key}' into HBAC service groups"
msgstr ""

#: ipaserver/plugins/internal.py:939
msgid "Remove HBAC services"
msgstr ""

#: ipaserver/plugins/internal.py:941
#, python-brace-format
msgid "Remove HBAC service '${primary_key}' from HBAC service groups"
msgstr ""

#: ipaserver/plugins/internal.py:946
msgid "Add HBAC service group"
msgstr ""

#: ipaserver/plugins/internal.py:948
#, python-brace-format
msgid "Add HBAC services into HBAC service group '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:951
msgid "Remove HBAC service groups"
msgstr ""

#: ipaserver/plugins/internal.py:953
#, python-brace-format
msgid "Remove HBAC services from HBAC service group '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:959
msgid "Access Denied"
msgstr ""

#: ipaserver/plugins/internal.py:960
msgid "Access Granted"
msgstr ""

#: ipaserver/plugins/internal.py:961
msgid "Include Disabled"
msgstr ""

#: ipaserver/plugins/internal.py:962
msgid "Include Enabled"
msgstr ""

#: ipaserver/plugins/internal.py:963
msgid "HBAC Test"
msgstr ""

#: ipaserver/plugins/internal.py:964
msgid "Matched"
msgstr ""

#: ipaserver/plugins/internal.py:965
msgid "Missing values: "
msgstr ""

#: ipaserver/plugins/internal.py:966
msgid "New Test"
msgstr ""

#: ipaserver/plugins/internal.py:967
msgid "Rules"
msgstr ""

#: ipaserver/plugins/internal.py:968
msgid "Run Test"
msgstr ""

#: ipaserver/plugins/internal.py:969
#, python-brace-format
msgid "Specify external ${entity}"
msgstr ""

#: ipaserver/plugins/internal.py:970
msgid "Unmatched"
msgstr ""

#: ipaserver/plugins/internal.py:973
msgid "Add host"
msgstr ""

#: ipaserver/plugins/internal.py:975
#, python-brace-format
msgid "Add hosts managing host '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:978
#, python-brace-format
msgid "Add host '${primary_key}' into host groups"
msgstr ""

#: ipaserver/plugins/internal.py:981
#, python-brace-format
msgid "Add host '${primary_key}' into HBAC rules"
msgstr ""

#: ipaserver/plugins/internal.py:984
#, python-brace-format
msgid "Add host '${primary_key}' into netgroups"
msgstr ""

#: ipaserver/plugins/internal.py:987
#, python-brace-format
msgid "Add host '${primary_key}' into roles"
msgstr ""

#: ipaserver/plugins/internal.py:990
#, python-brace-format
msgid "Add host '${primary_key}' into sudo rules"
msgstr ""

#: ipaserver/plugins/internal.py:992
msgid "Host Certificate"
msgstr ""

#: ipaserver/plugins/internal.py:993 ipaserver/plugins/internal.py:1333
msgid "Host Name"
msgstr ""

#: ipaserver/plugins/internal.py:994 ipaserver/plugins/internal.py:1331
msgid "Delete Key, Unprovision"
msgstr ""

#: ipaserver/plugins/internal.py:995
msgid "Host Settings"
msgstr ""

#: ipaserver/plugins/internal.py:996
msgid "Enrolled"
msgstr ""

#: ipaserver/plugins/internal.py:997
msgid "Enrollment"
msgstr ""

#: ipaserver/plugins/internal.py:998
msgid "Fully Qualified Host Name"
msgstr ""

#: ipaserver/plugins/internal.py:999
msgid "Generate OTP"
msgstr ""

#: ipaserver/plugins/internal.py:1000
msgid "Generated OTP"
msgstr ""

#: ipaserver/plugins/internal.py:1001
msgid "Kerberos Key"
msgstr ""

#: ipaserver/plugins/internal.py:1002 ipaserver/plugins/internal.py:1334
msgid "Kerberos Key Not Present"
msgstr ""

#: ipaserver/plugins/internal.py:1003
msgid "Kerberos Key Present, Host Provisioned"
msgstr ""

#: ipaserver/plugins/internal.py:1004 ipaserver/plugins/internal.py:1721
msgid "One-Time Password"
msgstr ""

#: ipaserver/plugins/internal.py:1005
msgid "One-Time Password Not Present"
msgstr ""

#: ipaserver/plugins/internal.py:1006
msgid "One-Time Password Present"
msgstr ""

#: ipaserver/plugins/internal.py:1007
msgid "Reset OTP"
msgstr ""

#: ipaserver/plugins/internal.py:1008
msgid "Reset One-Time Password"
msgstr ""

#: ipaserver/plugins/internal.py:1009
msgid "Set OTP"
msgstr ""

#: ipaserver/plugins/internal.py:1010
msgid "OTP set"
msgstr ""

#: ipaserver/plugins/internal.py:1011
msgid "Set One-Time Password"
msgstr ""

#: ipaserver/plugins/internal.py:1012
msgid "Remove hosts"
msgstr ""

#: ipaserver/plugins/internal.py:1014
#, python-brace-format
msgid "Remove hosts managing host '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1017
#, python-brace-format
msgid "Remove host '${primary_key}' from host groups"
msgstr ""

#: ipaserver/plugins/internal.py:1020
#, python-brace-format
msgid "Remove host '${primary_key}' from netgroups"
msgstr ""

#: ipaserver/plugins/internal.py:1023
#, python-brace-format
msgid "Remove host '${primary_key}' from roles"
msgstr ""

#: ipaserver/plugins/internal.py:1026
#, python-brace-format
msgid "Remove host '${primary_key}' from HBAC rules"
msgstr ""

#: ipaserver/plugins/internal.py:1029
#, python-brace-format
msgid "Remove host '${primary_key}' from sudo rules"
msgstr ""

#: ipaserver/plugins/internal.py:1032 ipaserver/plugins/internal.py:1345
msgid "Unprovision"
msgstr ""

#: ipaserver/plugins/internal.py:1033
msgid "Are you sure you want to unprovision this host?"
msgstr ""

#: ipaserver/plugins/internal.py:1034
msgid "Unprovisioning host"
msgstr ""

#: ipaserver/plugins/internal.py:1035
msgid "Host unprovisioned"
msgstr ""

#: ipaserver/plugins/internal.py:1038
msgid "Add host group"
msgstr ""

#: ipaserver/plugins/internal.py:1040
#, python-brace-format
msgid "Add hosts into host group '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1043
#, python-brace-format
msgid "Add host groups into host group '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1046
#, python-brace-format
msgid "Add host group '${primary_key}' into host groups"
msgstr ""

#: ipaserver/plugins/internal.py:1049
#, python-brace-format
msgid "Add host group '${primary_key}' into HBAC rules"
msgstr ""

#: ipaserver/plugins/internal.py:1052
#, python-brace-format
msgid "Add host group '${primary_key}' into netgroups"
msgstr ""

#: ipaserver/plugins/internal.py:1055
#, python-brace-format
msgid "Add host group '${primary_key}' into sudo rules"
msgstr ""

#: ipaserver/plugins/internal.py:1058
#, python-brace-format
msgid "Add groups as member managers for host group '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1062
#, python-brace-format
msgid "Remove groups from member managers for host group '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1066
#, python-brace-format
msgid "Add users as member managers for host group '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1070
#, python-brace-format
msgid "Remove users from member managers for host group '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1074
msgid "Host Group Settings"
msgstr ""

#: ipaserver/plugins/internal.py:1075
msgid "Remove host groups"
msgstr ""

#: ipaserver/plugins/internal.py:1077
#, python-brace-format
msgid "Remove host group '${primary_key}' from host groups"
msgstr ""

#: ipaserver/plugins/internal.py:1080
#, python-brace-format
msgid "Remove host group '${primary_key}' from netgroups"
msgstr ""

#: ipaserver/plugins/internal.py:1083
#, python-brace-format
msgid "Remove host group '${primary_key}' from HBAC rules"
msgstr ""

#: ipaserver/plugins/internal.py:1086
#, python-brace-format
msgid "Remove host group '${primary_key}' from sudo rules"
msgstr ""

#: ipaserver/plugins/internal.py:1089
#, python-brace-format
msgid "Remove hosts from host group '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1092
#, python-brace-format
msgid "Remove host groups from host group '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1096
msgid "Keycloak or Red Hat SSO"
msgstr ""

#: ipaserver/plugins/internal.py:1097
msgid "Google"
msgstr ""

#: ipaserver/plugins/internal.py:1098
msgid "Github"
msgstr ""

#: ipaserver/plugins/internal.py:1099
msgid "Microsoft or Azure"
msgstr ""

#: ipaserver/plugins/internal.py:1100
msgid "Okta"
msgstr ""

#: ipaserver/plugins/internal.py:1101
msgid "OAuth 2.0 client details"
msgstr ""

#: ipaserver/plugins/internal.py:1102
msgid "Identity provider details"
msgstr ""

#: ipaserver/plugins/internal.py:1103
msgid "Verify secret"
msgstr ""

#: ipaserver/plugins/internal.py:1106
msgid "User to override"
msgstr ""

#: ipaserver/plugins/internal.py:1107
msgid ""
"Enter trusted or IPA user login. Note: search doesn't list users from "
"trusted domains."
msgstr ""

#: ipaserver/plugins/internal.py:1108
msgid "Enter trusted user login."
msgstr ""

#: ipaserver/plugins/internal.py:1109 ipaserver/plugins/internal.py:1743
msgid "Profile"
msgstr ""

#: ipaserver/plugins/internal.py:1112
msgid "Group to override"
msgstr ""

#: ipaserver/plugins/internal.py:1113
msgid ""
"Enter trusted or IPA group name. Note: search doesn't list groups from "
"trusted domains."
msgstr ""

#: ipaserver/plugins/internal.py:1114
msgid "Enter trusted group name."
msgstr ""

#: ipaserver/plugins/internal.py:1117
msgid "Add ID view"
msgstr ""

#: ipaserver/plugins/internal.py:1118
msgid "Add group ID override"
msgstr ""

#: ipaserver/plugins/internal.py:1119
msgid "Add user ID override"
msgstr ""

#: ipaserver/plugins/internal.py:1120
#, python-brace-format
msgid "${primary_key} applies to:"
msgstr ""

#: ipaserver/plugins/internal.py:1121 ipaserver/plugins/internal.py:1122
msgid "Applied to hosts"
msgstr ""

#: ipaserver/plugins/internal.py:1123
msgid "Apply to host groups"
msgstr ""

#: ipaserver/plugins/internal.py:1125
#, python-brace-format
msgid "Apply ID view '${primary_key}' on hosts of host groups"
msgstr ""

#: ipaserver/plugins/internal.py:1127
msgid "Apply to hosts"
msgstr ""

#: ipaserver/plugins/internal.py:1129
#, python-brace-format
msgid "Apply ID view '${primary_key}' on hosts"
msgstr ""

#: ipaserver/plugins/internal.py:1132
#, python-brace-format
msgid "${primary_key} overrides:"
msgstr ""

#: ipaserver/plugins/internal.py:1133
msgid "Remove ID views"
msgstr ""

#: ipaserver/plugins/internal.py:1134
msgid "Remove user ID overrides"
msgstr ""

#: ipaserver/plugins/internal.py:1135
msgid "Remove group ID overrides"
msgstr ""

#: ipaserver/plugins/internal.py:1136
msgid "Un-apply from host groups"
msgstr ""

#: ipaserver/plugins/internal.py:1137
msgid "Un-apply ID Views from hosts of hostgroups"
msgstr ""

#: ipaserver/plugins/internal.py:1138
msgid "Un-apply"
msgstr ""

#: ipaserver/plugins/internal.py:1139
msgid "Un-apply from hosts"
msgstr ""

#: ipaserver/plugins/internal.py:1140
msgid "Un-apply ID Views from hosts"
msgstr ""

#: ipaserver/plugins/internal.py:1141
msgid "Are you sure you want to un-apply ID view from selected entries?"
msgstr ""

#: ipaserver/plugins/internal.py:1143
#, python-brace-format
msgid "Un-apply ID view '${primary_key}' from hosts"
msgstr ""

#: ipaserver/plugins/internal.py:1147 ipaserver/plugins/krbtpolicy.py:128
#: ipaserver/plugins/krbtpolicy.py:129
msgid "Kerberos Ticket Policy"
msgstr ""

#: ipaserver/plugins/internal.py:1150
msgid "Add netgroup"
msgstr ""

#: ipaserver/plugins/internal.py:1152
#, python-brace-format
msgid "Add netgroup '${primary_key}' into netgroups"
msgstr ""

#: ipaserver/plugins/internal.py:1155
#, python-brace-format
msgid "Add netgroups into netgroup '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1158
#, python-brace-format
msgid "Add user groups into netgroup '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1161
#, python-brace-format
msgid "Add hosts into netgroup '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1164
#, python-brace-format
msgid "Add host groups into netgroup '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1167
#, python-brace-format
msgid "Add users into netgroup '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1175
msgid "Netgroup Settings"
msgstr ""

#: ipaserver/plugins/internal.py:1177
msgid "Remove netgroups"
msgstr ""

#: ipaserver/plugins/internal.py:1179
#, python-brace-format
msgid "Remove netgroup '${primary_key}' from netgroups"
msgstr ""

#: ipaserver/plugins/internal.py:1182
#, python-brace-format
msgid "Remove user groups from netgroup '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1185
#, python-brace-format
msgid "Remove hosts from netgroup '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1188
#, python-brace-format
msgid "Remove host groups from netgroup '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1191
#, python-brace-format
msgid "Remove netgroups from netgroup '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1194
#, python-brace-format
msgid "Remove users from netgroup '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1203
msgid "Add OTP token"
msgstr ""

#: ipaserver/plugins/internal.py:1205
#, python-brace-format
msgid "Add users managing OTP token '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1207
#, python-brace-format
msgid ""
"You can use <a href=\"${link}\" target=\"_blank\">FreeOTP<a/> as a software "
"OTP token application."
msgstr ""

#: ipaserver/plugins/internal.py:1208
msgid "Configure your token"
msgstr ""

#: ipaserver/plugins/internal.py:1209
msgid ""
"Configure your token by scanning the QR code below. Click on the QR code if "
"you see this on the device you want to configure."
msgstr ""

#: ipaserver/plugins/internal.py:1210
msgid "OTP Token Settings"
msgstr ""

#: ipaserver/plugins/internal.py:1211
msgid "Disable token"
msgstr ""

#: ipaserver/plugins/internal.py:1212
msgid "Enable token"
msgstr ""

#: ipaserver/plugins/internal.py:1213
msgid "Remove OTP tokens"
msgstr ""

#: ipaserver/plugins/internal.py:1215
#, python-brace-format
msgid "Remove users managing OTP token '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1217
msgid "Show QR code"
msgstr ""

#: ipaserver/plugins/internal.py:1218
msgid "Show configuration uri"
msgstr ""

#: ipaserver/plugins/internal.py:1219
msgid "Counter-based (HOTP)"
msgstr ""

#: ipaserver/plugins/internal.py:1220
msgid "Time-based (TOTP)"
msgstr ""

#: ipaserver/plugins/internal.py:1223
msgid "Add Custom Attribute"
msgstr ""

#: ipaserver/plugins/internal.py:1226
msgid "Permission settings"
msgstr ""

#: ipaserver/plugins/internal.py:1227
msgid "Attribute breakdown"
msgstr ""

#: ipaserver/plugins/internal.py:1231
msgid "Privilege Settings"
msgstr ""

#: ipaserver/plugins/internal.py:1234
msgid "Public key:"
msgstr ""

#: ipaserver/plugins/internal.py:1235
msgid "Set public key"
msgstr ""

#: ipaserver/plugins/internal.py:1236 ipaserver/plugins/internal.py:1355
msgid "Show/Set key"
msgstr ""

#: ipaserver/plugins/internal.py:1237 ipaserver/plugins/internal.py:1356
msgid "Modified: key not set"
msgstr ""

#: ipaserver/plugins/internal.py:1238 ipaserver/plugins/internal.py:1357
msgid "Modified"
msgstr ""

#: ipaserver/plugins/internal.py:1239 ipaserver/plugins/internal.py:1358
msgid "New: key not set"
msgstr ""

#: ipaserver/plugins/internal.py:1240 ipaserver/plugins/internal.py:1359
msgid "New: key set"
msgstr ""

#: ipaserver/plugins/internal.py:1243
msgid "Add password policy"
msgstr ""

#: ipaserver/plugins/internal.py:1244 ipaserver/plugins/pwpolicy.py:302
msgid "Password Policy"
msgstr ""

#: ipaserver/plugins/internal.py:1245
msgid "Remove password policies"
msgstr ""

#: ipaserver/plugins/internal.py:1248
msgid "Add ID range"
msgstr ""

#: ipaserver/plugins/internal.py:1249
msgid "Range Settings"
msgstr ""

#: ipaserver/plugins/internal.py:1251 ipaserver/plugins/internal.py:1381
msgid "Base ID"
msgstr ""

#: ipaserver/plugins/internal.py:1252
msgid "Primary RID base"
msgstr ""

#: ipaserver/plugins/internal.py:1253 ipaserver/plugins/internal.py:1388
msgid "Range size"
msgstr ""

#: ipaserver/plugins/internal.py:1254
msgid "Domain SID"
msgstr ""

#: ipaserver/plugins/internal.py:1255
msgid "Secondary RID base"
msgstr ""

#: ipaserver/plugins/internal.py:1256
msgid "Remove ID ranges"
msgstr ""

#: ipaserver/plugins/internal.py:1259
msgid "Active Directory domain with POSIX attributes"
msgstr ""

#: ipaserver/plugins/internal.py:1260
msgid "Detect"
msgstr ""

#: ipaserver/plugins/internal.py:1261
msgid "Local domain"
msgstr ""

#: ipaserver/plugins/internal.py:1262
msgid "IPA trust"
msgstr ""

#: ipaserver/plugins/internal.py:1263
msgid "Active Directory winsync"
msgstr ""

#: ipaserver/plugins/internal.py:1266
msgid "Add RADIUS server"
msgstr ""

#: ipaserver/plugins/internal.py:1267
msgid "RADIUS Proxy Server Settings"
msgstr ""

#: ipaserver/plugins/internal.py:1268
msgid "Remove RADIUS servers"
msgstr ""

#: ipaserver/plugins/internal.py:1272
msgid "Check DNS"
msgstr ""

#: ipaserver/plugins/internal.py:1273
msgid "Do you also want to perform DNS check?"
msgstr ""

#: ipaserver/plugins/internal.py:1274
msgid "Force Update"
msgstr ""

#: ipaserver/plugins/internal.py:1279
msgid "Add SELinux user map"
msgstr ""

#: ipaserver/plugins/internal.py:1281
#, python-brace-format
msgid "Add user groups into SELinux user map '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1284
#, python-brace-format
msgid "Add host groups into SELinux user map '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1287
#, python-brace-format
msgid "Add hosts into SELinux user map '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1290
#, python-brace-format
msgid "Add users into SELinux user map '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1295
msgid "Remove selinux user maps"
msgstr ""

#: ipaserver/plugins/internal.py:1297
#, python-brace-format
msgid "Remove user groups from SELinux user map '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1300
#, python-brace-format
msgid "Remove host groups from SELinux user map '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1303
#, python-brace-format
msgid "Remove hosts from SELinux user map '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1306
#, python-brace-format
msgid "Remove users from SELinux user map '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1313
msgid "Server Roles"
msgstr ""

#: ipaserver/plugins/internal.py:1314
msgid "Server Role"
msgstr ""

#: ipaserver/plugins/internal.py:1317
msgid "Warning: Consider service replication"
msgstr ""

#: ipaserver/plugins/internal.py:1318
msgid ""
"It is strongly recommended to keep the following services installed on more "
"than one server:"
msgstr ""

#: ipaserver/plugins/internal.py:1319
msgid "Delete Server"
msgstr ""

#: ipaserver/plugins/internal.py:1320
msgid ""
"Deleting a server removes it permanently from the topology. Note that this "
"is a non-reversible action."
msgstr ""

#: ipaserver/plugins/internal.py:1323
msgid "Add service"
msgstr ""

#: ipaserver/plugins/internal.py:1325
#, python-brace-format
msgid "Add hosts managing service '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1328
#, python-brace-format
msgid "Add service '${primary_key}' into roles"
msgstr ""

#: ipaserver/plugins/internal.py:1330
msgid "Service Certificate"
msgstr ""

#: ipaserver/plugins/internal.py:1332
msgid "Service Settings"
msgstr ""

#: ipaserver/plugins/internal.py:1335
msgid "Provisioning"
msgstr ""

#: ipaserver/plugins/internal.py:1336
msgid "Remove services"
msgstr ""

#: ipaserver/plugins/internal.py:1338
#, python-brace-format
msgid "Remove service '${primary_key}' from roles"
msgstr ""

#: ipaserver/plugins/internal.py:1341
#, python-brace-format
msgid "Remove hosts managing service '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1346
msgid "Are you sure you want to unprovision this service?"
msgstr ""

#: ipaserver/plugins/internal.py:1347
msgid "Unprovisioning service"
msgstr ""

#: ipaserver/plugins/internal.py:1348
msgid "Service unprovisioned"
msgstr ""

#: ipaserver/plugins/internal.py:1349
msgid "Kerberos Key Present, Service Provisioned"
msgstr ""

#: ipaserver/plugins/internal.py:1352
msgid "SSH public keys"
msgstr ""

#: ipaserver/plugins/internal.py:1353
msgid "SSH public key:"
msgstr ""

#: ipaserver/plugins/internal.py:1354
msgid "Set SSH key"
msgstr "SSH 키 설정"

#: ipaserver/plugins/internal.py:1362
msgid "Are you sure you want to activate selected users?"
msgstr ""

#: ipaserver/plugins/internal.py:1363
#, python-brace-format
msgid "Are you sure you want to activate ${object}?"
msgstr ""

#: ipaserver/plugins/internal.py:1364
#, python-brace-format
msgid "${count} user(s) activated"
msgstr ""

#: ipaserver/plugins/internal.py:1365
msgid "Add stage user"
msgstr ""

#: ipaserver/plugins/internal.py:1366
msgid "Stage users"
msgstr ""

#: ipaserver/plugins/internal.py:1367
msgid "Preserved users"
msgstr ""

#: ipaserver/plugins/internal.py:1368
msgid "Remove preserved users"
msgstr ""

#: ipaserver/plugins/internal.py:1369
msgid "Remove stage users"
msgstr ""

#: ipaserver/plugins/internal.py:1370
msgid "Are you sure you want to stage selected users?"
msgstr ""

#: ipaserver/plugins/internal.py:1371
#, python-brace-format
msgid "${count} users(s) staged"
msgstr ""

#: ipaserver/plugins/internal.py:1372
#, python-brace-format
msgid "Are you sure you want to stage ${object}?"
msgstr ""

#: ipaserver/plugins/internal.py:1373
msgid "Are you sure you want to restore selected users?"
msgstr ""

#: ipaserver/plugins/internal.py:1374
#, python-brace-format
msgid "Are you sure you want to restore ${object}?"
msgstr ""

#: ipaserver/plugins/internal.py:1375
#, python-brace-format
msgid "${count} user(s) restored"
msgstr ""

#: ipaserver/plugins/internal.py:1376
msgid "User categories"
msgstr ""

#: ipaserver/plugins/internal.py:1379
msgid "Add subid"
msgstr ""

#: ipaserver/plugins/internal.py:1380
msgid "Assigned subids"
msgstr ""

#: ipaserver/plugins/internal.py:1382
msgid "DNA remaining"
msgstr ""

#: ipaserver/plugins/internal.py:1389
msgid "Remaining subids"
msgstr ""

#: ipaserver/plugins/internal.py:1390
msgid "Subordinate ID Statistics"
msgstr ""

#: ipaserver/plugins/internal.py:1393
msgid "Add sudo command"
msgstr ""

#: ipaserver/plugins/internal.py:1395
#, python-brace-format
msgid "Add sudo command '${primary_key}' into sudo command groups"
msgstr ""

#: ipaserver/plugins/internal.py:1399
msgid "Remove sudo commands"
msgstr ""

#: ipaserver/plugins/internal.py:1401
#, python-brace-format
msgid "Remove sudo command '${primary_key}' from sudo command groups"
msgstr ""

#: ipaserver/plugins/internal.py:1406
msgid "Add sudo command group"
msgstr ""

#: ipaserver/plugins/internal.py:1408
#, python-brace-format
msgid "Add sudo commands into sudo command group '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1412
msgid "Remove sudo command groups"
msgstr ""

#: ipaserver/plugins/internal.py:1414
#, python-brace-format
msgid "Remove sudo commands from sudo command group '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1419
msgid "Add sudo rule"
msgstr ""

#: ipaserver/plugins/internal.py:1420
msgid "Add sudo option"
msgstr ""

#: ipaserver/plugins/internal.py:1422
#, python-brace-format
msgid "Add allow sudo commands into sudo rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1426
#, python-brace-format
msgid "Add allow sudo command groups into sudo rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1430
#, python-brace-format
msgid "Add deny sudo commands into sudo rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1434
#, python-brace-format
msgid "Add deny sudo command groups into sudo rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1438
#, python-brace-format
msgid "Add user groups into sudo rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1441
#, python-brace-format
msgid "Add host groups into sudo rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1444
#, python-brace-format
msgid "Add hosts into sudo rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1447
#, python-brace-format
msgid "Add RunAs users into sudo rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1450
#, python-brace-format
msgid "Add RunAs user groups into sudo rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1453
#, python-brace-format
msgid "Add RunAs groups into sudo rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1456
#, python-brace-format
msgid "Add users into sudo rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1458
msgid "Allow"
msgstr ""

#: ipaserver/plugins/internal.py:1459
msgid "Any Command"
msgstr ""

#: ipaserver/plugins/internal.py:1460
msgid "Any Group"
msgstr ""

#: ipaserver/plugins/internal.py:1463
msgid "Run Commands"
msgstr ""

#: ipaserver/plugins/internal.py:1464
msgid "Deny"
msgstr ""

#: ipaserver/plugins/internal.py:1466
msgid "Access this host"
msgstr ""

#: ipaserver/plugins/internal.py:1468
msgid "Option added"
msgstr ""

#: ipaserver/plugins/internal.py:1469
#, python-brace-format
msgid "${count} option(s) removed"
msgstr ""

#: ipaserver/plugins/internal.py:1471
msgid "Remove sudo rules"
msgstr ""

#: ipaserver/plugins/internal.py:1473
#, python-brace-format
msgid "Remove allow sudo commands from sudo rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1477
#, python-brace-format
msgid "Remove allow sudo command groups from sudo rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1481
#, python-brace-format
msgid "Remove deny sudo commands from sudo rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1485
#, python-brace-format
msgid "Remove deny sudo command groups from sudo rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1489
#, python-brace-format
msgid "Remove user groups from sudo rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1492
#, python-brace-format
msgid "Remove host groups from sudo rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1495
#, python-brace-format
msgid "Remove hosts from sudo rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1498
#, python-brace-format
msgid "Remove RunAs users from sudo rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1501
#, python-brace-format
msgid "Remove RunAs user groups from sudo rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1504
#, python-brace-format
msgid "Remove RunAs groups from sudo rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1507
#, python-brace-format
msgid "Remove users from sudo rule '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1509
msgid "As Whom"
msgstr ""

#: ipaserver/plugins/internal.py:1510
msgid "Specified Commands and Groups"
msgstr ""

#: ipaserver/plugins/internal.py:1511
msgid "Specified Groups"
msgstr ""

#: ipaserver/plugins/internal.py:1517
msgid "Remove sudo options"
msgstr ""

#: ipaserver/plugins/internal.py:1520
msgid "Autogenerated"
msgstr ""

#: ipaserver/plugins/internal.py:1521
msgid "Segment details"
msgstr ""

#: ipaserver/plugins/internal.py:1522
msgid "Replication configuration"
msgstr ""

#: ipaserver/plugins/internal.py:1523
#, python-brace-format
msgid "Managed topology requires minimal domain level ${domainlevel}"
msgstr ""

#: ipaserver/plugins/internal.py:1526
msgid "Add IPA location"
msgstr ""

#: ipaserver/plugins/internal.py:1528
#, python-brace-format
msgid "Add IPA server into IPA location '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1530
msgid "Remove IPA locations"
msgstr ""

#: ipaserver/plugins/internal.py:1532
#, python-brace-format
msgid "Remove IPA servers from IPA location '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1536
msgid "Add topology segment"
msgstr ""

#: ipaserver/plugins/internal.py:1537
msgid "Remove topology segments"
msgstr ""

#: ipaserver/plugins/internal.py:1540
msgid "Account"
msgstr ""

#: ipaserver/plugins/internal.py:1541
msgid "Add trust"
msgstr ""

#: ipaserver/plugins/internal.py:1542
msgid "Administrative account"
msgstr ""

#: ipaserver/plugins/internal.py:1543
msgid "SID blocklists"
msgstr ""

#: ipaserver/plugins/internal.py:1544
msgid "Trust Settings"
msgstr ""

#: ipaserver/plugins/internal.py:1546
msgid "Establish using"
msgstr ""

#: ipaserver/plugins/internal.py:1547
msgid "Fetch domains"
msgstr ""

#: ipaserver/plugins/internal.py:1550
msgid "Pre-shared password"
msgstr ""

#: ipaserver/plugins/internal.py:1551
msgid "Remove trusts"
msgstr ""

#: ipaserver/plugins/internal.py:1552
msgid "Remove domains"
msgstr ""

#: ipaserver/plugins/internal.py:1556
msgid "Alternative UPN suffixes"
msgstr ""

#: ipaserver/plugins/internal.py:1560
msgid "User attributes for SMB services"
msgstr ""

#: ipaserver/plugins/internal.py:1563
msgid "Path to a script executed on a Windows system at logon"
msgstr ""

#: ipaserver/plugins/internal.py:1566
msgid "Path to a user profile, in UNC format \\\\server\\share\\"
msgstr ""

#: ipaserver/plugins/internal.py:1569
msgid "Path to a user home directory, in UNC format"
msgstr ""

#: ipaserver/plugins/internal.py:1572
msgid "Drive to mount a home directory"
msgstr ""

#: ipaserver/plugins/internal.py:1579
msgid "Account Settings"
msgstr ""

#: ipaserver/plugins/internal.py:1580
msgid "Account Status"
msgstr ""

#: ipaserver/plugins/internal.py:1581
msgid "Active users"
msgstr ""

#: ipaserver/plugins/internal.py:1582
msgid "Add user"
msgstr ""

#: ipaserver/plugins/internal.py:1584
#, python-brace-format
msgid "Add user '${primary_key}' into user groups"
msgstr ""

#: ipaserver/plugins/internal.py:1587
#, python-brace-format
msgid "Add user '${primary_key}' into HBAC rules"
msgstr ""

#: ipaserver/plugins/internal.py:1590
#, python-brace-format
msgid "Add user '${primary_key}' into netgroups"
msgstr ""

#: ipaserver/plugins/internal.py:1593
#, python-brace-format
msgid "Add user '${primary_key}' into roles"
msgstr ""

#: ipaserver/plugins/internal.py:1596
#, python-brace-format
msgid "Add user '${primary_key}' into sudo rules"
msgstr ""

#: ipaserver/plugins/internal.py:1598
msgid "Auto assign subordinate ids"
msgstr ""

#: ipaserver/plugins/internal.py:1600
#, python-brace-format
msgid ""
"Are you sure you want to auto-assign a subordinate id to user ${object}?"
msgstr ""

#: ipaserver/plugins/internal.py:1603
msgid "Contact Settings"
msgstr ""

#: ipaserver/plugins/internal.py:1604
msgid "Delete mode"
msgstr ""

#: ipaserver/plugins/internal.py:1605
msgid "Employee Information"
msgstr ""

#: ipaserver/plugins/internal.py:1606
msgid "Error changing account status"
msgstr ""

#: ipaserver/plugins/internal.py:1607
msgid "Password expiration"
msgstr ""

#: ipaserver/plugins/internal.py:1608
msgid "Mailing Address"
msgstr ""

#: ipaserver/plugins/internal.py:1609
msgid "Misc. Information"
msgstr ""

#: ipaserver/plugins/internal.py:1610
msgid "delete"
msgstr ""

#: ipaserver/plugins/internal.py:1611
msgid "preserve"
msgstr ""

#: ipaserver/plugins/internal.py:1612
msgid "No private group"
msgstr ""

#: ipaserver/plugins/internal.py:1613
msgid "Remove users"
msgstr ""

#: ipaserver/plugins/internal.py:1615
#, python-brace-format
msgid "Remove user '${primary_key}' from user groups"
msgstr ""

#: ipaserver/plugins/internal.py:1618
#, python-brace-format
msgid "Remove user '${primary_key}' from netgroups"
msgstr ""

#: ipaserver/plugins/internal.py:1621
#, python-brace-format
msgid "Remove user '${primary_key}' from roles"
msgstr ""

#: ipaserver/plugins/internal.py:1624
#, python-brace-format
msgid "Remove user '${primary_key}' from HBAC rules"
msgstr ""

#: ipaserver/plugins/internal.py:1627
#, python-brace-format
msgid "Remove user '${primary_key}' from sudo rules"
msgstr ""

#: ipaserver/plugins/internal.py:1629
#, python-brace-format
msgid ""
"Are you sure you want to ${action} the user?<br/>The change will take effect "
"immediately."
msgstr ""

#: ipaserver/plugins/internal.py:1630
#, python-brace-format
msgid "Click to ${action}"
msgstr ""

#: ipaserver/plugins/internal.py:1631
msgid "Unlock"
msgstr ""

#: ipaserver/plugins/internal.py:1632
#, python-brace-format
msgid "Are you sure you want to unlock user ${object}?"
msgstr ""

#: ipaserver/plugins/internal.py:1635
msgid "Add vault"
msgstr ""

#: ipaserver/plugins/internal.py:1637
#, python-brace-format
msgid "Add user groups into members of vault '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1640
#, python-brace-format
msgid "Add services into members of vault '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1643
#, python-brace-format
msgid "Add users into members of vault '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1646
#, python-brace-format
msgid "Add user groups into owners of vault '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1649
#, python-brace-format
msgid "Add services into owners of vault '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1652
#, python-brace-format
msgid "Add users into owners of vault '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1655
msgid ""
"Secrets can be added/retrieved to vault only by using vault-archive and "
"vault-retrieve from CLI."
msgstr ""

#: ipaserver/plugins/internal.py:1659
msgid ""
"Content of 'standard' vaults can be seen by users with higher privileges "
"(admins)."
msgstr ""

#: ipaserver/plugins/internal.py:1662
msgid "Asymmetric"
msgstr ""

#: ipaserver/plugins/internal.py:1663
msgid "Vaults Config"
msgstr ""

#: ipaserver/plugins/internal.py:1665
msgid "Members"
msgstr ""

#: ipaserver/plugins/internal.py:1666
msgid "My User Vaults"
msgstr ""

#: ipaserver/plugins/internal.py:1667
msgid "Owners"
msgstr ""

#: ipaserver/plugins/internal.py:1668
msgid "Remove vaults"
msgstr "저장소 제거"

#: ipaserver/plugins/internal.py:1670
#, python-brace-format
msgid "Remove user groups from members of vault '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1673
#, python-brace-format
msgid "Remove services from members of vault '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1676
#, python-brace-format
msgid "Remove users from members of vault '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1679
#, python-brace-format
msgid "Remove user groups from owners of vault '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1682
#, python-brace-format
msgid "Remove services from owners of vault '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1685
#, python-brace-format
msgid "Remove users from owners of vault '${primary_key}'"
msgstr ""

#: ipaserver/plugins/internal.py:1688
msgid "Service Vaults"
msgstr ""

#: ipaserver/plugins/internal.py:1689
msgid "Shared"
msgstr ""

#: ipaserver/plugins/internal.py:1690
msgid "Shared Vaults"
msgstr "공유 저장소"

#: ipaserver/plugins/internal.py:1691
msgid "Standard"
msgstr ""

#: ipaserver/plugins/internal.py:1692
msgid "Symmetric"
msgstr ""

#: ipaserver/plugins/internal.py:1693
msgid "Vault Type"
msgstr ""

#: ipaserver/plugins/internal.py:1695
msgid ""
"Only standard vaults can be created in WebUI, use CLI for other types of "
"vaults."
msgstr ""

#: ipaserver/plugins/internal.py:1699
msgid "User Vaults"
msgstr ""

#: ipaserver/plugins/internal.py:1704
msgid "Current password is required"
msgstr ""

#: ipaserver/plugins/internal.py:1705
#, python-brace-format
msgid "Your password expires in ${days} days."
msgstr ""

#: ipaserver/plugins/internal.py:1706
msgid "First OTP"
msgstr ""

#: ipaserver/plugins/internal.py:1710
msgid "New password is required"
msgstr ""

#: ipaserver/plugins/internal.py:1713
msgid ""
"<i class=\"fa fa-info-circle\"></i> <strong>OTP (One-Time Password):</"
"strong>Generate new OTP code for each OTP field."
msgstr ""

#: ipaserver/plugins/internal.py:1717
msgid ""
"<i class=\"fa fa-info-circle\"></i> <strong>OTP (One-Time Password):</"
"strong>Leave blank if you are not using OTP tokensfor authentication."
msgstr ""

#: ipaserver/plugins/internal.py:1722
msgid "Token synchronization failed"
msgstr ""

#: ipaserver/plugins/internal.py:1723
msgid "The username, password or token codes are not correct"
msgstr ""

#: ipaserver/plugins/internal.py:1724
msgid "Token was synchronized"
msgstr ""

#: ipaserver/plugins/internal.py:1727
msgid "Password change complete"
msgstr ""

#: ipaserver/plugins/internal.py:1729
msgid "Your password has expired. Please enter a new password."
msgstr ""

#: ipaserver/plugins/internal.py:1730
msgid "Passwords must match"
msgstr ""

#: ipaserver/plugins/internal.py:1731
msgid "Password reset was not successful."
msgstr ""

#: ipaserver/plugins/internal.py:1733
msgid "Reset your password."
msgstr "자신의 비밀번호를 초기화합니다."

#: ipaserver/plugins/internal.py:1734
msgid "Second OTP"
msgstr ""

#: ipaserver/plugins/internal.py:1736
msgid "Verify Password"
msgstr ""

#: ipaserver/plugins/internal.py:1746
msgid "Are you sure you want to delete selected entries?"
msgstr ""

#: ipaserver/plugins/internal.py:1747
#, python-brace-format
msgid "${count} item(s) deleted"
msgstr ""

#: ipaserver/plugins/internal.py:1748
msgid "Are you sure you want to disable selected entries?"
msgstr ""

#: ipaserver/plugins/internal.py:1749
#, python-brace-format
msgid "${count} item(s) disabled"
msgstr ""

#: ipaserver/plugins/internal.py:1750
msgid "Are you sure you want to enable selected entries?"
msgstr ""

#: ipaserver/plugins/internal.py:1751
#, python-brace-format
msgid "${count} item(s) enabled"
msgstr ""

#: ipaserver/plugins/internal.py:1752
msgid "Some entries were not deleted"
msgstr ""

#: ipaserver/plugins/internal.py:1755
msgid "Quick Links"
msgstr ""

#: ipaserver/plugins/internal.py:1756
msgid "Select All"
msgstr ""

#: ipaserver/plugins/internal.py:1757
#, python-brace-format
msgid ""
"Query returned more results than the configured size limit. Displaying the "
"first ${counter} results."
msgstr ""

#: ipaserver/plugins/internal.py:1758
msgid "Unselect All"
msgstr ""

#: ipaserver/plugins/internal.py:1762
msgid ""
"<h1>Browser Kerberos Setup</h1>\n"
"\n"
msgstr ""

#: ipaserver/plugins/internal.py:1766
msgid ""
"<h2>Firefox</h2>\n"
"\n"
"<p>\n"
"            You can configure Firefox to use Kerberos for Single Sign-on. "
"The following instructions will guide you in configuring your web browser to "
"send your Kerberos credentials to the appropriate Key Distribution Center "
"which enables Single Sign-on.\n"
"</p>\n"
"\n"
msgstr ""

#: ipaserver/plugins/internal.py:1778
msgid ""
"<ol>\n"
"<li>\n"
"<p>\n"
"<a href=\"ca.crt\" id=\"ca-link\" class=\"btn btn-default\">Import "
"Certificate Authority certificate</a>\n"
"</p>\n"
"<p>\n"
"                    Make sure you select <b>all three</b> checkboxes.\n"
"</p>\n"
"</li>\n"
"<li>\n"
"                In the address bar of Firefox, type <code>about:config</"
"code> to display the list of current configuration options.\n"
"</li>\n"
"<li>\n"
"                In the Filter field, type <code>negotiate</code> to restrict "
"the list of options.\n"
"</li>\n"
"<li>\n"
"                Double-click the <code>network.negotiate-auth.trusted-uris</"
"code> entry to display the Enter string value dialog box.\n"
"</li>\n"
"<li>\n"
"                Enter the name of the domain against which you want to "
"authenticate, for example, <code class=\"example-domain\">.example.com</"
"code>.\n"
"</li>\n"
"<li><a href=\"../ui/index.html\" id=\"return-link\" class=\"btn btn-"
"default\">Return to Web UI</a></li>\n"
"</ol>\n"
"\n"
msgstr ""

#: ipaserver/plugins/internal.py:1814
msgid ""
"<h2>Chrome</h2>\n"
"\n"
"<p>\n"
"            You can configure Chrome to use Kerberos for Single Sign-on. The "
"following instructions will guide you in configuring your web browser to "
"send your Kerberos credentials to the appropriate Key Distribution Center "
"which enables Single Sign-on.\n"
"</p>\n"
"\n"
msgstr ""

#: ipaserver/plugins/internal.py:1826
msgid ""
"<h3>Import CA Certificate</h3>\n"
"<ol>\n"
"<li>\n"
"                Download the <a href=\"ca.crt\">CA certificate</a>. "
"Alternatively, if the host is also an IdM client, you can find the "
"certificate in /etc/ipa/ca.crt.\n"
"</li>\n"
"<li>\n"
"                Click the menu button with the <em>Customize and control "
"Google Chrome</em> tooltip, which is by default in the top right-hand corner "
"of Chrome, and click <em>Settings</em>.\n"
"</li>\n"
"<li>\n"
"                Click <em>Show advanced settings</em> to display more "
"options, and then click the <em>Manage certificates</em> button located "
"under the HTTPS/SSL heading.\n"
"</li>\n"
"<li>\n"
"                In the <em>Authorities</em> tab, click the <em>Import</em> "
"button at the bottom.\n"
"</li>\n"
"<li>Select the CA certificate file that you downloaded in the first step.</"
"li>\n"
"</ol>\n"
"\n"
msgstr ""

#: ipaserver/plugins/internal.py:1855
msgid ""
"<h3>\n"
"            Enable SPNEGO (Simple and Protected GSSAPI Negotiation "
"Mechanism) to Use Kerberos Authentication\n"
"            in Chrome\n"
"</h3>\n"
"<ol>\n"
"<li>\n"
"                Make sure you have the necessary directory created by "
"running:\n"
"<div><code>\n"
"                    [root@client]# mkdir -p /etc/opt/chrome/policies/"
"managed/\n"
"</code></div>\n"
"</li>\n"
"<li>\n"
"                Create a new <code>/etc/opt/chrome/policies/managed/mydomain."
"json</code> file with write privileges limited to the system administrator "
"or root, and include the following line:\n"
"<div><code>\n"
"                    { \"AuthServerWhitelist\": \"*<span class=\"example-"
"domain\">.example.com</span>\" }\n"
"</code></div>\n"
"<div>\n"
"                    You can do this by running:\n"
"</div>\n"
"<div><code>\n"
"                    [root@server]# echo '{ \"AuthServerWhitelist\": \"*<span "
"class=\"example-domain\">.example.com</span>\" }' > /etc/opt/chrome/policies/"
"managed/mydomain.json\n"
"</code></div>\n"
"</li>\n"
"</ol>\n"
"<ol>\n"
"<p>\n"
"<strong>Note:</strong> If using Chromium, use <code>/etc/chromium/policies/"
"managed/</code> instead of <code>/etc/opt/chrome/policies/managed/</code> "
"for the two SPNEGO Chrome configuration steps above.\n"
"</p>\n"
"</ol>\n"
"\n"
msgstr ""

#: ipaserver/plugins/internal.py:1900
msgid ""
"<h2>Internet Explorer</h2>\n"
"<p><strong>WARNING:</strong> Internet Explorer is no longer a supported "
"browser.</p>\n"
"<p>\n"
"            Once you are able to log into the workstation with your kerberos "
"key you are now able to use that ticket in Internet Explorer.\n"
"</p>\n"
"<p>\n"
msgstr ""

#: ipaserver/plugins/internal.py:1911
msgid ""
"<strong>Log into the Windows machine using an account of your Kerberos realm "
"(administrative domain)</strong>\n"
"</p>\n"
"<p>\n"
"<strong>In Internet Explorer, click Tools, and then click Internet Options.</"
"strong>\n"
"</p>\n"
"<div>\n"
"<ol>\n"
"<li>Click the Security tab</li>\n"
"<li>Click Local intranet</li>\n"
"<li>Click Sites </li>\n"
"<li>Click Advanced </li>\n"
"<li>Add your domain to the list</li>\n"
"</ol>\n"
"<ol>\n"
"<li>Click the Security tab</li>\n"
"<li>Click Local intranet</li>\n"
"<li>Click Custom Level</li>\n"
"<li>Select Automatic logon only in Intranet zone</li>\n"
"</ol>\n"
"\n"
"<ol>\n"
"<li> Visit a kerberized web site using IE (You must use the fully-qualified "
"Domain Name in the URL)</li>\n"
"<li><strong> You are all set.</strong></li>\n"
"</ol>\n"
"</div>\n"
"\n"
msgstr ""

#: ipaserver/plugins/internal.py:1948
msgid "Working"
msgstr ""

#: ipaserver/plugins/internal.py:1951
msgid "Audit"
msgstr ""

#: ipaserver/plugins/internal.py:1952
msgid "Authentication"
msgstr ""

#: ipaserver/plugins/internal.py:1954
msgid "Automount"
msgstr ""

#: ipaserver/plugins/internal.py:1956
msgid "DNS"
msgstr ""

#: ipaserver/plugins/internal.py:1957
msgid "Host-Based Access Control"
msgstr ""

#: ipaserver/plugins/internal.py:1958
msgid "Identity"
msgstr ""

#: ipaserver/plugins/internal.py:1960
msgid "Network Services"
msgstr ""

#: ipaserver/plugins/internal.py:1961
msgid "Policy"
msgstr ""

#: ipaserver/plugins/internal.py:1962
msgid "Role-Based Access Control"
msgstr ""

#: ipaserver/plugins/internal.py:1963
msgid "Subordinate IDs"
msgstr ""

#: ipaserver/plugins/internal.py:1964
msgid "Sudo"
msgstr ""

#: ipaserver/plugins/internal.py:1965
msgid "Topology"
msgstr ""

#: ipaserver/plugins/internal.py:1968
msgid "True"
msgstr ""

#: ipaserver/plugins/internal.py:1970
msgid ""
"<h1>Unable to verify your Kerberos credentials</h1>\n"
"<p>\n"
"            Please make sure that you have valid Kerberos tickets "
"(obtainable via <strong>kinit</strong>), and that you have configured your "
"browser correctly.\n"
"</p>\n"
"\n"
"<h2>Browser configuration</h2>\n"
"\n"
"<div id=\"first-time\">\n"
"<p>\n"
"                If this is your first time, please <a href=\"ssbrowser."
"html\">configure your browser</a>.\n"
"</p>\n"
"</div>\n"
msgstr ""

#: ipaserver/plugins/internal.py:1987
msgid "API Browser"
msgstr ""

#: ipaserver/plugins/internal.py:1988
msgid "First"
msgstr ""

#: ipaserver/plugins/internal.py:1989
msgid "Last"
msgstr ""

#: ipaserver/plugins/internal.py:1990
msgid "Next"
msgstr ""

#: ipaserver/plugins/internal.py:1991
msgid "Page"
msgstr ""

#: ipaserver/plugins/internal.py:1992
msgid "Prev"
msgstr ""

#: ipaserver/plugins/internal.py:1993
msgid "Undo"
msgstr ""

#: ipaserver/plugins/internal.py:1994
msgid "Undo this change."
msgstr ""

#: ipaserver/plugins/internal.py:1995
msgid "Undo All"
msgstr ""

#: ipaserver/plugins/internal.py:1996
msgid "Undo all changes in this field."
msgstr ""

#: ipaserver/plugins/internal.py:1998
msgid "Text does not match field pattern"
msgstr ""

#: ipaserver/plugins/internal.py:1999
msgid "Must be an UTC date/time value (e.g., \"2014-01-20 17:58:01Z\")"
msgstr ""

#: ipaserver/plugins/internal.py:2000
msgid "Must be a decimal number"
msgstr ""

#: ipaserver/plugins/internal.py:2001
msgid "Format error"
msgstr ""

#: ipaserver/plugins/internal.py:2002
msgid "Must be an integer"
msgstr ""

#: ipaserver/plugins/internal.py:2003
msgid "Not a valid IP address"
msgstr ""

#: ipaserver/plugins/internal.py:2004
msgid "Not a valid IPv4 address"
msgstr ""

#: ipaserver/plugins/internal.py:2005
msgid "Not a valid IPv6 address"
msgstr ""

#: ipaserver/plugins/internal.py:2006
#, python-brace-format
msgid "Maximum value is ${value}"
msgstr ""

#: ipaserver/plugins/internal.py:2007
#, python-brace-format
msgid "Minimum value is ${value}"
msgstr ""

#: ipaserver/plugins/internal.py:2008
msgid "Not a valid network address (examples: 2001:db8::/64, 192.0.2.0/24)"
msgstr ""

#: ipaserver/plugins/internal.py:2009
msgid "Parse error"
msgstr ""

#: ipaserver/plugins/internal.py:2010
msgid "Must be a positive number"
msgstr ""

#: ipaserver/plugins/internal.py:2011
#, python-brace-format
msgid "'${port}' is not a valid port"
msgstr ""

#: ipaserver/plugins/internal.py:2012
msgid "Required field"
msgstr ""

#: ipaserver/plugins/internal.py:2013
msgid "Unsupported value"
msgstr ""

#: ipaserver/plugins/krbtpolicy.py:86
msgid "kerberos ticket policy settings"
msgstr ""

#: ipaserver/plugins/krbtpolicy.py:152
msgid "OTP max life"
msgstr ""

#: ipaserver/plugins/krbtpolicy.py:153
msgid "OTP token maximum ticket life (seconds)"
msgstr ""

#: ipaserver/plugins/krbtpolicy.py:157
msgid "OTP max renew"
msgstr ""

#: ipaserver/plugins/krbtpolicy.py:158
msgid "OTP token ticket maximum renewable age (seconds)"
msgstr ""

#: ipaserver/plugins/krbtpolicy.py:162
msgid "RADIUS max life"
msgstr ""

#: ipaserver/plugins/krbtpolicy.py:163
msgid "RADIUS maximum ticket life (seconds)"
msgstr ""

#: ipaserver/plugins/krbtpolicy.py:167
msgid "RADIUS max renew"
msgstr ""

#: ipaserver/plugins/krbtpolicy.py:168
msgid "RADIUS ticket maximum renewable age (seconds)"
msgstr ""

#: ipaserver/plugins/krbtpolicy.py:172
msgid "PKINIT max life"
msgstr ""

#: ipaserver/plugins/krbtpolicy.py:173
msgid "PKINIT maximum ticket life (seconds)"
msgstr ""

#: ipaserver/plugins/krbtpolicy.py:177
msgid "PKINIT max renew"
msgstr ""

#: ipaserver/plugins/krbtpolicy.py:178
msgid "PKINIT ticket maximum renewable age (seconds)"
msgstr ""

#: ipaserver/plugins/krbtpolicy.py:182
msgid "Hardened max life"
msgstr ""

#: ipaserver/plugins/krbtpolicy.py:183
msgid "Hardened ticket maximum ticket life (seconds)"
msgstr ""

#: ipaserver/plugins/krbtpolicy.py:187
msgid "Hardened max renew"
msgstr ""

#: ipaserver/plugins/krbtpolicy.py:188
msgid "Hardened ticket maximum renewable age (seconds)"
msgstr ""

#: ipaserver/plugins/krbtpolicy.py:192
msgid "IdP max life"
msgstr ""

#: ipaserver/plugins/krbtpolicy.py:193
msgid "External Identity Provider ticket maximum ticket life (seconds)"
msgstr ""

#: ipaserver/plugins/krbtpolicy.py:198
msgid "IdP max renew"
msgstr ""

#: ipaserver/plugins/krbtpolicy.py:199
msgid "External Identity Provider ticket maximum renewable age (seconds)"
msgstr ""

#: ipaserver/plugins/krbtpolicy.py:284
#, python-format
msgid "Ticket policy for %s could not be read"
msgstr ""

#: ipaserver/plugins/krbtpolicy.py:304
msgid "Default ticket policy could not be read"
msgstr ""

#: ipaserver/plugins/migration.py:46
msgid ""
"\n"
"Migration to IPA\n"
"\n"
"Migrate users and groups from an LDAP server to IPA.\n"
"\n"
"This performs an LDAP query against the remote server searching for\n"
"users and groups in a container. In order to migrate passwords you need\n"
"to bind as a user that can read the userPassword attribute on the remote\n"
"server. This is generally restricted to high-level admins such as\n"
"cn=Directory Manager in 389-ds (this is the default bind user).\n"
"\n"
"The default user container is ou=People.\n"
"\n"
"The default group container is ou=Groups.\n"
"\n"
"Users and groups that already exist on the IPA server are skipped.\n"
"\n"
"Two LDAP schemas define how group members are stored: RFC2307 and\n"
"RFC2307bis. RFC2307bis uses member and uniquemember to specify group\n"
"members, RFC2307 uses memberUid. The default schema is RFC2307bis.\n"
"\n"
"The schema compat feature allows IPA to reformat data for systems that\n"
"do not support RFC2307bis. It is recommended that this feature is disabled\n"
"during migration to reduce system overhead. It can be re-enabled after\n"
"migration. To migrate with it enabled use the \"--with-compat\" option.\n"
"\n"
"Migrated users do not have Kerberos credentials, they have only their\n"
"LDAP password. To complete the migration process, users need to go\n"
"to http://ipa.example.com/ipa/migration and authenticate using their\n"
"LDAP password in order to generate their Kerberos credentials.\n"
"\n"
"Migration is disabled by default. Use the command ipa config-mod to\n"
"enable it:\n"
"\n"
" ipa config-mod --enable-migration=TRUE\n"
"\n"
"If a base DN is not provided with --basedn then IPA will use either\n"
"the value of defaultNamingContext if it is set or the first value\n"
"in namingContexts set in the root of the remote LDAP server.\n"
"\n"
"Users are added as members to the default user group. This can be a\n"
"time-intensive task so during migration this is done in a batch\n"
"mode for every 100 users. As a result there will be a window in which\n"
"users will be added to IPA but will not be members of the default\n"
"user group.\n"
"\n"
"EXAMPLES:\n"
"\n"
" The simplest migration, accepting all defaults:\n"
"   ipa migrate-ds ldap://ds.example.com:389\n"
"\n"
" Specify the user and group container. This can be used to migrate user\n"
" and group data from an IPA v1 server:\n"
"   ipa migrate-ds --user-container='cn=users,cn=accounts' \\\n"
"       --group-container='cn=groups,cn=accounts' \\\n"
"       ldap://ds.example.com:389\n"
"\n"
" Since IPA v2 server already contain predefined groups that may collide "
"with\n"
" groups in migrated (IPA v1) server (for example admins, ipausers), users\n"
" having colliding group as their primary group may happen to belong to\n"
" an unknown group on new IPA v2 server.\n"
" Use --group-overwrite-gid option to overwrite GID of already existing "
"groups\n"
" to prevent this issue:\n"
"    ipa migrate-ds --group-overwrite-gid \\\n"
"        --user-container='cn=users,cn=accounts' \\\n"
"        --group-container='cn=groups,cn=accounts' \\\n"
"        ldap://ds.example.com:389\n"
"\n"
" Migrated users or groups may have object class and accompanied attributes\n"
" unknown to the IPA v2 server. These object classes and attributes may be\n"
" left out of the migration process:\n"
"    ipa migrate-ds --user-container='cn=users,cn=accounts' \\\n"
"       --group-container='cn=groups,cn=accounts' \\\n"
"       --user-ignore-objectclass=radiusprofile \\\n"
"       --user-ignore-attribute=radiusgroupname \\\n"
"       ldap://ds.example.com:389\n"
"\n"
"LOGGING\n"
"\n"
"Migration will log warnings and errors to the Apache error log. This\n"
"file should be evaluated post-migration to correct or investigate any\n"
"issues that were discovered.\n"
"\n"
"For every 100 users migrated an info-level message will be displayed to\n"
"give the current progress and duration to make it possible to track\n"
"the progress of migration.\n"
"\n"
"If the log level is debug, either by setting debug = True in\n"
"/etc/ipa/default.conf or /etc/ipa/server.conf, then an entry will be "
"printed\n"
"for each user added plus a summary when the default user group is\n"
"updated.\n"
msgstr ""

#: ipaserver/plugins/migration.py:145
#, python-format
msgid ""
"Kerberos principal %s already exists. Use 'ipa user-mod' to set it manually."
msgstr ""

#: ipaserver/plugins/migration.py:146
#, python-format
msgid ""
"Unable to determine if Kerberos principal %s already exists. Use 'ipa user-"
"mod' to set it manually."
msgstr ""

#: ipaserver/plugins/migration.py:147
msgid ""
"Failed to add user to the default group. Use 'ipa group-add-member' to add "
"manually."
msgstr ""

#: ipaserver/plugins/migration.py:148
msgid "Migration of LDAP search reference is not supported."
msgstr ""

#: ipaserver/plugins/migration.py:149
msgid "Malformed DN"
msgstr ""

#: ipaserver/plugins/migration.py:194
#, python-format
msgid "%(user)s is not a POSIX user"
msgstr ""

#: ipaserver/plugins/migration.py:461
msgid ""
". Check GID of the existing group. Use --group-overwrite-gid option to "
"overwrite the GID"
msgstr ""

#: ipaserver/plugins/migration.py:476
msgid "Invalid LDAP URI."
msgstr ""

#: ipaserver/plugins/migration.py:678
#, python-format
msgid "%s to exclude from migration"
msgstr ""

#: ipaserver/plugins/migration.py:680
msgid ""
"search results for objects to be migrated\n"
"have been truncated by the server;\n"
"migration process might be incomplete\n"
msgstr ""

#: ipaserver/plugins/migration.py:769
#, python-format
msgid ""
"%(container)s LDAP search did not return any result (search base: "
"%(search_base)s, objectclass: %(objectclass)s)"
msgstr ""

#: ipaserver/plugins/migration.py:804 ipaserver/plugins/user.py:593
msgid "Default group for new users not found"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:43
msgid ""
"\n"
"Password policy\n"
"\n"
"A password policy sets limitations on IPA passwords, including maximum\n"
"lifetime, minimum lifetime, the number of passwords to save in\n"
"history, the number of character classes required (for stronger passwords)\n"
"and the minimum password length.\n"
"\n"
"By default there is a single, global policy for all users. You can also\n"
"create a password policy to apply to a group. Each user is only subject\n"
"to one password policy, either the group policy or the global policy. A\n"
"group policy stands alone; it is not a super-set of the global policy plus\n"
"custom settings.\n"
"\n"
"Each group password policy requires a unique priority setting. If a user\n"
"is in multiple groups that have password policies, this priority determines\n"
"which password policy is applied. A lower value indicates a higher priority\n"
"policy.\n"
"\n"
"Group password policies are automatically removed when the groups they\n"
"are associated with are removed.\n"
"\n"
"Grace period defines the number of LDAP logins allowed after expiration.\n"
"-1 means do not enforce expiration to match previous behavior. 0 allows\n"
"no additional logins after expiration.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Modify the global policy:\n"
"   ipa pwpolicy-mod --minlength=10\n"
"\n"
" Add a new group password policy:\n"
"   ipa pwpolicy-add --maxlife=90 --minlife=1 --history=10 --minclasses=3 --"
"minlength=8 --priority=10 localadmins\n"
"\n"
" Display the global password policy:\n"
"   ipa pwpolicy-show\n"
"\n"
" Display a group password policy:\n"
"   ipa pwpolicy-show localadmins\n"
"\n"
" Display the policy that would be applied to a given user:\n"
"   ipa pwpolicy-show --user=tuser1\n"
"\n"
" Modify a group password policy:\n"
"   ipa pwpolicy-mod --minclasses=2 localadmins\n"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:96
msgid "Class of Service object used for linking policies with groups"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:147
#, python-format
msgid "priority must be a unique value (%(prio)d already used by %(gname)s)"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:175
msgid "Add Class of Service entry"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:198
msgid "Delete Class of Service entry"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:204
msgid "Modify Class of Service entry"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:222
msgid "Display Class of Service entry"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:228
msgid "Search for Class of Service entry"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:241
msgid "password policy"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:242
msgid "password policies"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:301
msgid "Password Policies"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:374
msgid "Max repeat"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:375
msgid "Maximum number of same consecutive characters"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:383
msgid "Max sequence"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:384
msgid "The max. length of monotonic character sequences (abcd)"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:392
msgid "Dictionary check"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:393
msgid "Check if the password is a dictionary word"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:399
msgid "User check"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:400
msgid "Check if the password contains the username"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:406
msgid "Grace login limit"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:407
msgid "Number of LDAP authentications allowed after expiration"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:482
msgid ""
"Minimum length must be >= 6 if maxrepeat, maxsequence, dictcheck or "
"usercheck are defined"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:508
msgid "Maximum password life must be equal to or greater than the minimum."
msgstr ""

#: ipaserver/plugins/pwpolicy.py:567
msgid "cannot delete global password policy"
msgstr ""

#: ipaserver/plugins/pwpolicy.py:603
msgid "priority cannot be set on global policy"
msgstr ""

#: ipaserver/plugins/selinuxusermap.py:89
msgid "HBAC rule and local members cannot both be set"
msgstr ""

#: ipaserver/plugins/selinuxusermap.py:128
msgid "Invalid SELinux user name, must match {}"
msgstr ""

#: ipaserver/plugins/selinuxusermap.py:142
#, python-brace-format
msgid "Invalid MLS value, must match {mls}, where max level {mls_max}"
msgstr ""

#: ipaserver/plugins/selinuxusermap.py:147
#, python-brace-format
msgid "Invalid MCS value, must match {mcs}, where max category {mcs_max}"
msgstr ""

#: ipaserver/plugins/selinuxusermap.py:161
msgid "SELinux user map list not found in configuration"
msgstr ""

#: ipaserver/plugins/selinuxusermap.py:166
#, python-format
msgid "SELinux user %(user)s not found in ordering list (in config)"
msgstr ""

#: ipaserver/plugins/selinuxusermap.py:176
msgid "SELinux User Map rule"
msgstr ""

#: ipaserver/plugins/selinuxusermap.py:177
msgid "SELinux User Map rules"
msgstr ""

#: ipaserver/plugins/selinuxusermap.py:233
msgid "SELinux User Maps"
msgstr ""

#: ipaserver/plugins/selinuxusermap.py:234
msgid "SELinux User Map"
msgstr ""

#: ipaserver/plugins/selinuxusermap.py:309
#, python-format
msgid "HBAC rule %(rule)s not found"
msgstr ""

#: ipaserver/plugins/selinuxusermap.py:330
#, python-format
msgid "Added SELinux User Map \"%(value)s\""
msgstr ""

#: ipaserver/plugins/selinuxusermap.py:368
#, python-format
msgid "Deleted SELinux User Map \"%(value)s\""
msgstr ""

#: ipaserver/plugins/selinuxusermap.py:376
#, python-format
msgid "Modified SELinux User Map \"%(value)s\""
msgstr ""

#: ipaserver/plugins/selinuxusermap.py:449
#, python-format
msgid "%(count)d SELinux User Map matched"
msgid_plural "%(count)d SELinux User Maps matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/selinuxusermap.py:499
#, python-format
msgid "Enabled SELinux User Map \"%(value)s\""
msgstr ""

#: ipaserver/plugins/selinuxusermap.py:529
#, python-format
msgid "Disabled SELinux User Map \"%(value)s\""
msgstr ""

#: ipaserver/plugins/service.py:60
msgid ""
"\n"
"Services\n"
"\n"
"A IPA service represents a service that runs on a host. The IPA service\n"
"record can store a Kerberos principal, an SSL certificate, or both.\n"
"\n"
"An IPA service can be managed directly from a machine, provided that\n"
"machine has been given the correct permission. This is true even for\n"
"machines other than the one the service is associated with. For example,\n"
"requesting an SSL certificate using the host service principal credentials\n"
"of the host. To manage a service using host credentials you need to\n"
"kinit as the host:\n"
"\n"
" # kinit -kt /etc/krb5.keytab host/ipa.example.com@EXAMPLE.COM\n"
"\n"
"Adding an IPA service allows the associated service to request an SSL\n"
"certificate or keytab, but this is performed as a separate step; they\n"
"are not produced as a result of adding the service.\n"
"\n"
"Only the public aspect of a certificate is stored in a service record;\n"
"the private key is not stored.\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a new IPA service:\n"
"   ipa service-add HTTP/web.example.com\n"
"\n"
" Allow a host to manage an IPA service certificate:\n"
"   ipa service-add-host --hosts=web.example.com HTTP/web.example.com\n"
"   ipa role-add-member --hosts=web.example.com certadmin\n"
"\n"
" Override a default list of supported PAC types for the service:\n"
"   ipa service-mod HTTP/web.example.com --pac-type=MS-PAC\n"
"\n"
"   A typical use case where overriding the PAC type is needed is NFS.\n"
"   Currently the related code in the Linux kernel can only handle Kerberos\n"
"   tickets up to a maximal size. Since the PAC data can become quite large "
"it\n"
"   is recommended to set --pac-type=NONE for NFS services.\n"
"\n"
" Delete an IPA service:\n"
"   ipa service-del HTTP/web.example.com\n"
"\n"
" Find all IPA services associated with a host:\n"
"   ipa service-find web.example.com\n"
"\n"
" Find all HTTP services:\n"
"   ipa service-find HTTP\n"
"\n"
" Disable the service Kerberos key and SSL certificate:\n"
"   ipa service-disable HTTP/web.example.com\n"
"\n"
" Request a certificate for an IPA service:\n"
"   ipa cert-request --principal=HTTP/web.example.com example.csr\n"
msgstr ""

#: ipaserver/plugins/service.py:113
msgid ""
"\n"
" Allow user to create a keytab:\n"
"   ipa service-allow-create-keytab HTTP/web.example.com --users=tuser1\n"
msgstr ""

#: ipaserver/plugins/service.py:116
msgid ""
"\n"
" Generate and retrieve a keytab for an IPA service:\n"
"   ipa-getkeytab -s ipa.example.com -p HTTP/web.example.com -k /etc/httpd/"
"httpd.keytab\n"
"\n"
msgstr ""

#: ipaserver/plugins/service.py:180
msgid "Trusted to authenticate as user"
msgstr ""

#: ipaserver/plugins/service.py:181
msgid "The service is allowed to authenticate on behalf of a client"
msgstr ""

#: ipaserver/plugins/service.py:226
#, python-format
msgid "authentication indicators not allowed in service \"%s\""
msgstr ""

#: ipaserver/plugins/service.py:242
msgid "Malformed principal"
msgstr ""

#: ipaserver/plugins/service.py:321
msgid "{} is required by the IPA master"
msgstr ""

#: ipaserver/plugins/service.py:395
msgid "service"
msgstr ""

#: ipaserver/plugins/service.py:396
msgid "services"
msgstr ""

#: ipaserver/plugins/service.py:512
msgid "Service principal alias"
msgstr ""

#: ipaserver/plugins/service.py:520
msgid "Base-64 encoded service certificate"
msgstr ""

#: ipaserver/plugins/service.py:571
msgid ""
"Defines an allow list for Authentication Indicators. Use 'otp' to allow OTP-"
"based 2FA authentications. Use 'radius' to allow RADIUS-based 2FA "
"authentications. Use 'pkinit' to allow PKINIT-based 2FA authentications. Use "
"'hardened' to allow brute-force hardened password authentication by SPAKE or "
"FAST. With no indicator specified, all authentication mechanisms are allowed."
msgstr ""

#: ipaserver/plugins/service.py:596
msgid "NONE value cannot be combined with other PAC types"
msgstr ""

#: ipaserver/plugins/service.py:648
msgid "Add a new IPA service."
msgstr ""

#: ipaserver/plugins/service.py:650 ipaserver/plugins/service.py:719
#, python-format
msgid "Added service \"%(value)s\""
msgstr ""

#: ipaserver/plugins/service.py:656
msgid "force principal name even if host not in DNS"
msgstr ""

#: ipaserver/plugins/service.py:659
msgid "Skip host check"
msgstr ""

#: ipaserver/plugins/service.py:660
msgid ""
"force service to be created even when host object does not exist to manage it"
msgstr ""

#: ipaserver/plugins/service.py:678 ipaserver/plugins/service.py:787
#, python-format
msgid "The host '%s' does not exist to add a service to."
msgstr ""

#: ipaserver/plugins/service.py:717
msgid "Add a new SMB service."
msgstr ""

#: ipaserver/plugins/service.py:733
msgid "SMB service NetBIOS name"
msgstr ""

#: ipaserver/plugins/service.py:847
#, python-format
msgid "Deleted service \"%(value)s\""
msgstr ""

#: ipaserver/plugins/service.py:867
#, python-format
msgid "Modified service \"%(value)s\""
msgstr ""

#: ipaserver/plugins/service.py:918
#, python-format
msgid "%(count)d service matched"
msgid_plural "%(count)d services matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/service.py:1117
#, python-format
msgid "Disabled service \"%(value)s\""
msgstr ""

#: ipaserver/plugins/service.py:1158
#, python-format
msgid "Added certificates to service principal \"%(value)s\""
msgstr ""

#: ipaserver/plugins/service.py:1165
#, python-format
msgid "Removed certificates from service principal \"%(value)s\""
msgstr ""

#: ipaserver/plugins/service.py:1181
msgid "Add new principal alias to a service"
msgstr ""

#: ipaserver/plugins/service.py:1182
#, python-format
msgid "Added new aliases to the service principal \"%(value)s\""
msgstr ""

#: ipaserver/plugins/service.py:1193
msgid "Remove principal alias from a service"
msgstr ""

#: ipaserver/plugins/service.py:1194
#, python-format
msgid "Removed aliases to the service principal \"%(value)s\""
msgstr ""

#: ipaserver/plugins/stageuser.py:65
msgid ""
"\n"
"Stageusers\n"
"\n"
"Manage stage user entries.\n"
"\n"
"Stage user entries are directly under the container: \"cn=stage users,\n"
"cn=accounts, cn=provisioning, SUFFIX\".\n"
"Users can not authenticate with those entries (even if the entries\n"
"contain credentials). Those entries are only candidate to become Active "
"entries.\n"
"\n"
"Active user entries are Posix users directly under the container: "
"\"cn=accounts, SUFFIX\".\n"
"Users can authenticate with Active entries, at the condition they have\n"
"credentials.\n"
"\n"
"Deleted user entries are Posix users directly under the container: "
"\"cn=deleted users,\n"
"cn=accounts, cn=provisioning, SUFFIX\".\n"
"Users can not authenticate with those entries, even if the entries contain "
"credentials.\n"
"\n"
"The stage user container contains entries:\n"
"    - created by 'stageuser-add' commands that are Posix users,\n"
"    - created by external provisioning system.\n"
"\n"
"A valid stage user entry MUST have:\n"
"    - entry RDN is 'uid',\n"
"    - ipaUniqueID is 'autogenerate'.\n"
"\n"
"IPA supports a wide range of username formats, but you need to be aware of "
"any\n"
"restrictions that may apply to your particular environment. For example,\n"
"usernames that start with a digit or usernames that exceed a certain length\n"
"may cause problems for some UNIX systems.\n"
"Use 'ipa config-mod' to change the username format allowed by IPA tools.\n"
"\n"
"\n"
"EXAMPLES:\n"
"\n"
" Add a new stageuser:\n"
"   ipa stageuser-add --first=Tim --last=User --password tuser1\n"
"\n"
" Add a stageuser from the deleted users container:\n"
"   ipa stageuser-add  --first=Tim --last=User --from-delete tuser1\n"
"\n"
msgstr ""

#: ipaserver/plugins/stageuser.py:128
msgid "Stage Users"
msgstr ""

#: ipaserver/plugins/stageuser.py:129
msgid "Stage User"
msgstr ""

#: ipaserver/plugins/stageuser.py:130
msgid "stage user"
msgstr ""

#: ipaserver/plugins/stageuser.py:131
msgid "stage users"
msgstr ""

#: ipaserver/plugins/stageuser.py:278
#, python-format
msgid "Added stage user \"%(value)s\""
msgstr ""

#: ipaserver/plugins/stageuser.py:297
msgid "givenname is required"
msgstr ""

#: ipaserver/plugins/stageuser.py:300
msgid "sn is required"
msgstr ""

#: ipaserver/plugins/stageuser.py:431
#, python-format
msgid "Deleted stage user \"%(value)s\""
msgstr ""

#: ipaserver/plugins/stageuser.py:437
#, python-format
msgid "Modified stage user \"%(value)s\""
msgstr ""

#: ipaserver/plugins/stageuser.py:484 ipaserver/plugins/user.py:883
#, python-format
msgid "%(count)d user matched"
msgid_plural "%(count)d users matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/stageuser.py:508
#, python-format
msgid "Activate a stage user \"%(value)s\""
msgstr ""

#: ipaserver/plugins/stageuser.py:521
msgid "Entry RDN is not 'uid'"
msgstr ""

#: ipaserver/plugins/stageuser.py:527
#, python-format
msgid "Entry has no '%(attribute)s'"
msgstr ""

#: ipaserver/plugins/stageuser.py:703
#, python-format
msgid "active user with name \"%(user)s\" already exists"
msgstr ""

#: ipaserver/plugins/stageuser.py:767
#, python-format
msgid "Stage user %s activated"
msgstr ""

#: ipaserver/plugins/stageuser.py:784
msgid "Add one or more certificates to the stageuser entry"
msgstr ""

#: ipaserver/plugins/stageuser.py:785
#, python-format
msgid "Added certificates to stageuser \"%(value)s\""
msgstr ""

#: ipaserver/plugins/stageuser.py:790
msgid "Remove one or more certificates to the stageuser entry"
msgstr ""

#: ipaserver/plugins/stageuser.py:791
#, python-format
msgid "Removed certificates from stageuser \"%(value)s\""
msgstr ""

#: ipaserver/plugins/stageuser.py:796
msgid "Add new principal alias to the stageuser entry"
msgstr ""

#: ipaserver/plugins/stageuser.py:797
#, python-format
msgid "Added new aliases to stageuser \"%(value)s\""
msgstr ""

#: ipaserver/plugins/stageuser.py:802
msgid "Remove principal alias from the stageuser entry"
msgstr ""

#: ipaserver/plugins/stageuser.py:803
#, python-format
msgid "Removed aliases from stageuser \"%(value)s\""
msgstr ""

#: ipaserver/plugins/stageuser.py:808
msgid "Add one or more certificate mappings to the stage user entry."
msgstr ""

#: ipaserver/plugins/stageuser.py:814
msgid "Remove one or more certificate mappings from the stage user entry."
msgstr ""

#: ipaserver/plugins/idviews.py:72 ipaserver/plugins/idviews.py:123
#: ipaserver/plugins/idviews.py:131 ipaserver/plugins/idviews.py:352
#: ipaserver/plugins/idviews.py:843
msgid "ID View"
msgstr ""

#: ipaserver/plugins/idviews.py:74
msgid "system ID View"
msgstr ""

#: ipaserver/plugins/idviews.py:124 ipaserver/plugins/idviews.py:130
msgid "ID Views"
msgstr ""

#: ipaserver/plugins/idviews.py:145
msgid "User object overrides"
msgstr ""

#: ipaserver/plugins/idviews.py:149
msgid "Group object overrides"
msgstr ""

#: ipaserver/plugins/idviews.py:153
msgid "Hosts the view applies to"
msgstr ""

#: ipaserver/plugins/idviews.py:197
#, python-format
msgid "Added ID View \"%(value)s\""
msgstr ""

#: ipaserver/plugins/idviews.py:214
#, python-format
msgid "Deleted ID View \"%(value)s\""
msgstr ""

#: ipaserver/plugins/idviews.py:227
#, python-format
msgid "Modified an ID View \"%(value)s\""
msgstr ""

#: ipaserver/plugins/idviews.py:243
#, python-format
msgid "%(count)d ID View matched"
msgid_plural "%(count)d ID Views matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/idviews.py:353
msgid "Default Trust View cannot be applied on hosts"
msgstr ""

#: ipaserver/plugins/idviews.py:381 ipaserver/plugins/idviews.py:414
msgid "not found"
msgstr ""

#: ipaserver/plugins/idviews.py:395
msgid "ID View cannot be applied to IPA master"
msgstr ""

#: ipaserver/plugins/idviews.py:412
msgid "ID View already applied"
msgstr ""

#: ipaserver/plugins/idviews.py:432
msgid "value"
msgstr ""

#: ipaserver/plugins/idviews.py:445
#, python-format
msgid "ID View applied to %i host."
msgstr ""

#: ipaserver/plugins/idviews.py:446
#, python-format
msgid "ID View applied to %i hosts."
msgstr ""

#: ipaserver/plugins/idviews.py:488
#, python-format
msgid "ID View cleared from %i host."
msgstr ""

#: ipaserver/plugins/idviews.py:489
#, python-format
msgid "ID View cleared from %i hosts."
msgstr ""

#: ipaserver/plugins/idviews.py:557
msgid ""
"You are trying to reference a magic private group which is not allowed to be "
"overridden. Try overriding the GID attribute of the corresponding user "
"instead."
msgstr ""

#: ipaserver/plugins/idviews.py:595
msgid "IPA object"
msgstr ""

#: ipaserver/plugins/idviews.py:596
msgid ""
"system IPA objects (e.g. system groups, user private groups) cannot be "
"overridden"
msgstr ""

#: ipaserver/plugins/idviews.py:690
#, python-format
msgid "Anchor '%(anchor)s' could not be resolved."
msgstr ""

#: ipaserver/plugins/idviews.py:844
msgid "Default Trust View cannot contain IPA users"
msgstr ""

#: ipaserver/plugins/idviews.py:888
msgid "Add a new ID override."
msgstr ""

#: ipaserver/plugins/idviews.py:889
#, python-format
msgid "Added ID override \"%(value)s\""
msgstr ""

#: ipaserver/plugins/idviews.py:904
msgid "Delete an ID override."
msgstr ""

#: ipaserver/plugins/idviews.py:905
#, python-format
msgid "Deleted ID override \"%(value)s\""
msgstr ""

#: ipaserver/plugins/idviews.py:928
msgid "Modify an ID override."
msgstr ""

#: ipaserver/plugins/idviews.py:929
#, python-format
msgid "Modified an ID override \"%(value)s\""
msgstr ""

#: ipaserver/plugins/idviews.py:936
msgid "ID override"
msgstr ""

#: ipaserver/plugins/idviews.py:937
msgid "ID overrides cannot be renamed"
msgstr ""

#: ipaserver/plugins/idviews.py:949
msgid "Search for an ID override."
msgstr ""

#: ipaserver/plugins/idviews.py:950
#, python-format
msgid "%(count)d ID override matched"
msgid_plural "%(count)d ID overrides matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/idviews.py:962
msgid "Display information about an ID override."
msgstr "ID 재정의에 대한 정보를 표시합니다."

#: ipaserver/plugins/idviews.py:974 ipaserver/plugins/idviews.py:978
msgid "User ID override"
msgstr ""

#: ipaserver/plugins/idviews.py:975 ipaserver/plugins/idviews.py:977
msgid "User ID overrides"
msgstr ""

#: ipaserver/plugins/idviews.py:1097 ipaserver/plugins/idviews.py:1101
msgid "Group ID override"
msgstr ""

#: ipaserver/plugins/idviews.py:1098 ipaserver/plugins/idviews.py:1100
msgid "Group ID overrides"
msgstr ""

#: ipaserver/plugins/idviews.py:1142
msgid "Add one or more certificates to the idoverrideuser entry"
msgstr ""

#: ipaserver/plugins/idviews.py:1143
#, python-format
msgid "Added certificates to idoverrideuser \"%(value)s\""
msgstr ""

#: ipaserver/plugins/idviews.py:1165
msgid "Remove one or more certificates to the idoverrideuser entry"
msgstr ""

#: ipaserver/plugins/idviews.py:1166
#, python-format
msgid "Removed certificates from idoverrideuser \"%(value)s\""
msgstr ""

#: ipaserver/plugins/idviews.py:1190
#, python-format
msgid "Added User ID override \"%(value)s\""
msgstr ""

#: ipaserver/plugins/idviews.py:1215
#, python-format
msgid "Deleted User ID override \"%(value)s\""
msgstr ""

#: ipaserver/plugins/idviews.py:1221
#, python-format
msgid "Modified an User ID override \"%(value)s\""
msgstr ""

#: ipaserver/plugins/idviews.py:1253
#, python-format
msgid "%(count)d User ID override matched"
msgid_plural "%(count)d User ID overrides matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/idviews.py:1289
#, python-format
msgid "Added Group ID override \"%(value)s\""
msgstr ""

#: ipaserver/plugins/idviews.py:1295
#, python-format
msgid "Deleted Group ID override \"%(value)s\""
msgstr ""

#: ipaserver/plugins/idviews.py:1301
#, python-format
msgid "Modified an Group ID override \"%(value)s\""
msgstr ""

#: ipaserver/plugins/idviews.py:1307
#, python-format
msgid "%(count)d Group ID override matched"
msgid_plural "%(count)d Group ID overrides matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/ldap2.py:278
msgid "Could not read UPG Definition originfilter. Check your permissions."
msgstr ""

#: ipaserver/plugins/ca.py:21
msgid ""
"\n"
"Manage Certificate Authorities\n"
msgstr ""

#: ipaserver/plugins/ca.py:23
msgid ""
"\n"
"Subordinate Certificate Authorities (Sub-CAs) can be added for scoped "
"issuance\n"
"of X.509 certificates.\n"
msgstr ""

#: ipaserver/plugins/ca.py:26
msgid ""
"\n"
"CAs are enabled on creation, but their use is subject to CA ACLs unless the\n"
"operator has permission to bypass CA ACLs.\n"
msgstr ""

#: ipaserver/plugins/ca.py:29
msgid ""
"\n"
"All CAs except the 'IPA' CA can be disabled or re-enabled.  Disabling a CA\n"
"prevents it from issuing certificates but does not affect the validity of "
"its\n"
"certificate.\n"
msgstr ""

#: ipaserver/plugins/ca.py:33
msgid ""
"\n"
"CAs (all except the 'IPA' CA) can be deleted.  Deleting a CA causes its "
"signing\n"
"certificate to be revoked and its private key deleted.\n"
msgstr ""

#: ipaserver/plugins/ca.py:38
msgid ""
"\n"
"  Create new CA, subordinate to the IPA CA (requires permission\n"
"  \"System: Add CA\"):\n"
"\n"
"    ipa ca-add puppet --desc \"Puppet\" \\\n"
"        --subject \"CN=Puppet CA,O=EXAMPLE.COM\"\n"
msgstr ""

#: ipaserver/plugins/ca.py:44
msgid ""
"\n"
"  Disable a CA (requires permission \"System: Modify CA\"):\n"
"\n"
"    ipa ca-disable puppet\n"
msgstr ""

#: ipaserver/plugins/ca.py:48
msgid ""
"\n"
"  Re-enable a CA (requires permission \"System: Modify CA\"):\n"
"\n"
"    ipa ca-enable puppet\n"
msgstr ""

#: ipaserver/plugins/ca.py:52
msgid ""
"\n"
"  Delete a CA (requires permission \"System: Delete CA\"; also requires\n"
"  CA to be disabled first):\n"
"\n"
"    ipa ca-del puppet\n"
msgstr ""

#: ipaserver/plugins/ca.py:69 ipaserver/plugins/ca.py:80
msgid "Certificate Authority"
msgstr ""

#: ipaserver/plugins/ca.py:70 ipaserver/plugins/ca.py:79
msgid "Certificate Authorities"
msgstr ""

#: ipaserver/plugins/ca.py:87
msgid "Name for referencing the CA"
msgstr ""

#: ipaserver/plugins/ca.py:92
msgid "Description of the purpose of the CA"
msgstr ""

#: ipaserver/plugins/ca.py:96
msgid "Authority ID"
msgstr ""

#: ipaserver/plugins/ca.py:97
msgid "Dogtag Authority ID"
msgstr ""

#: ipaserver/plugins/ca.py:102 ipaserver/plugins/ca.py:296
msgid "Subject DN"
msgstr ""

#: ipaserver/plugins/ca.py:103
msgid "Subject Distinguished Name"
msgstr ""

#: ipaserver/plugins/ca.py:108 ipaserver/plugins/cert.py:426
msgid "Issuer DN"
msgstr ""

#: ipaserver/plugins/ca.py:109
msgid "Issuer Distinguished Name"
msgstr ""

#: ipaserver/plugins/ca.py:115 ipaserver/plugins/cert.py:354
msgid "Base-64 encoded certificate."
msgstr ""

#: ipaserver/plugins/ca.py:120 ipaserver/plugins/cert.py:359
msgid "Certificate chain"
msgstr ""

#: ipaserver/plugins/ca.py:121 ipaserver/plugins/cert.py:360
msgid "X.509 certificate chain"
msgstr ""

#: ipaserver/plugins/ca.py:127
msgid "RSN Version"
msgstr ""

#: ipaserver/plugins/ca.py:128
msgid "Random Serial Number Version"
msgstr ""

#: ipaserver/plugins/ca.py:228
msgid "Search for CAs."
msgstr ""

#: ipaserver/plugins/ca.py:230
#, python-format
msgid "%(count)d CA matched"
msgid_plural "%(count)d CAs matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/ca.py:247 ipaserver/plugins/cert.py:596
msgid "Include certificate chain in output"
msgstr ""

#: ipaserver/plugins/ca.py:253
msgid "Display the properties of a CA."
msgstr ""

#: ipaserver/plugins/ca.py:270
msgid "Create a CA."
msgstr ""

#: ipaserver/plugins/ca.py:271
#, python-format
msgid "Created CA \"%(value)s\""
msgstr ""

#: ipaserver/plugins/ca.py:281
#, python-format
msgid "Insufficient 'add' privilege for entry '%s'."
msgstr ""

#: ipaserver/plugins/ca.py:297
#, python-format
msgid "Unrecognized attributes: %(attrs)s"
msgstr ""

#: ipaserver/plugins/ca.py:312
#, python-format
msgid "Subject DN is already used by CA '%s'"
msgstr ""

#: ipaserver/plugins/ca.py:336
msgid "Delete a CA (must be disabled first)."
msgstr ""

#: ipaserver/plugins/ca.py:338
#, python-format
msgid "Deleted CA \"%(value)s\""
msgstr ""

#: ipaserver/plugins/ca.py:347
msgid "Insufficient privilege to delete a CA."
msgstr ""

#: ipaserver/plugins/ca.py:353
msgid "IPA CA cannot be deleted"
msgstr ""

#: ipaserver/plugins/ca.py:362
msgid "Must be disabled first"
msgstr ""

#: ipaserver/plugins/ca.py:370
msgid "Modify CA configuration."
msgstr ""

#: ipaserver/plugins/ca.py:371
#, python-format
msgid "Modified CA \"%(value)s\""
msgstr ""

#: ipaserver/plugins/ca.py:397
msgid "Insufficient privilege to modify a CA."
msgstr ""

#: ipaserver/plugins/ca.py:413
msgid "Disable a CA."
msgstr ""

#: ipaserver/plugins/ca.py:414
#, python-format
msgid "Disabled CA \"%(value)s\""
msgstr ""

#: ipaserver/plugins/ca.py:421
msgid "IPA CA cannot be disabled"
msgstr ""

#: ipaserver/plugins/ca.py:431
msgid "Enable a CA."
msgstr ""

#: ipaserver/plugins/ca.py:432
#, python-format
msgid "Enabled CA \"%(value)s\""
msgstr ""

#: ipaserver/plugins/cert.py:69
msgid ""
"\n"
"IPA certificate operations\n"
msgstr ""

#: ipaserver/plugins/cert.py:71
msgid ""
"\n"
"Implements a set of commands for managing server SSL certificates.\n"
msgstr ""

#: ipaserver/plugins/cert.py:73
msgid ""
"\n"
"Certificate requests exist in the form of a Certificate Signing Request "
"(CSR)\n"
"in PEM format.\n"
msgstr ""

#: ipaserver/plugins/cert.py:76
msgid ""
"\n"
"The dogtag CA uses just the CN value of the CSR and forces the rest of the\n"
"subject to values configured in the server.\n"
msgstr ""

#: ipaserver/plugins/cert.py:79
msgid ""
"\n"
"A certificate is stored with a service principal and a service principal\n"
"needs a host.\n"
msgstr ""

#: ipaserver/plugins/cert.py:82
msgid ""
"\n"
"In order to request a certificate:\n"
msgstr ""

#: ipaserver/plugins/cert.py:84
msgid ""
"\n"
"* The host must exist\n"
"* The service must exist (or you use the --add option to automatically add "
"it)\n"
msgstr ""

#: ipaserver/plugins/cert.py:87
msgid ""
"\n"
"SEARCHING:\n"
msgstr ""

#: ipaserver/plugins/cert.py:89
msgid ""
"\n"
"Certificates may be searched on by certificate subject, serial number,\n"
"revocation reason, validity dates and the issued date.\n"
msgstr ""

#: ipaserver/plugins/cert.py:92
msgid ""
"\n"
"When searching on dates the _from date does a >= search and the _to date\n"
"does a <= search. When combined these are done as an AND.\n"
msgstr ""

#: ipaserver/plugins/cert.py:95
msgid ""
"\n"
"Dates are treated as GMT to match the dates in the certificates.\n"
msgstr ""

#: ipaserver/plugins/cert.py:97
msgid ""
"\n"
"The date format is YYYY-mm-dd.\n"
msgstr ""

#: ipaserver/plugins/cert.py:101
msgid ""
"\n"
" Request a new certificate and add the principal:\n"
"   ipa cert-request --add --principal=HTTP/lion.example.com example.csr\n"
msgstr ""

#: ipaserver/plugins/cert.py:104
msgid ""
"\n"
" Retrieve an existing certificate:\n"
"   ipa cert-show 1032\n"
msgstr ""

#: ipaserver/plugins/cert.py:107
msgid ""
"\n"
" Revoke a certificate (see RFC 5280 for reason details):\n"
"   ipa cert-revoke --revocation-reason=6 1032\n"
msgstr ""

#: ipaserver/plugins/cert.py:110
msgid ""
"\n"
" Remove a certificate from revocation hold status:\n"
"   ipa cert-remove-hold 1032\n"
msgstr ""

#: ipaserver/plugins/cert.py:113
msgid ""
"\n"
" Check the status of a signing request:\n"
"   ipa cert-status 10\n"
msgstr ""

#: ipaserver/plugins/cert.py:116
msgid ""
"\n"
" Search for certificates by hostname:\n"
"   ipa cert-find --subject=ipaserver.example.com\n"
msgstr ""

#: ipaserver/plugins/cert.py:119
msgid ""
"\n"
" Search for revoked certificates by reason:\n"
"   ipa cert-find --revocation-reason=5\n"
msgstr ""

#: ipaserver/plugins/cert.py:122
msgid ""
"\n"
" Search for certificates based on issuance date\n"
"   ipa cert-find --issuedon-from=2013-02-01 --issuedon-to=2013-02-07\n"
msgstr ""

#: ipaserver/plugins/cert.py:125
msgid ""
"\n"
" Search for certificates owned by a specific user:\n"
"   ipa cert-find --user=user\n"
msgstr ""

#: ipaserver/plugins/cert.py:128
msgid ""
"\n"
" Examine a certificate:\n"
"   ipa cert-find --file=cert.pem --all\n"
msgstr ""

#: ipaserver/plugins/cert.py:131
msgid ""
"\n"
" Verify that a certificate is owned by a specific user:\n"
"   ipa cert-find --file=cert.pem --user=user\n"
msgstr ""

#: ipaserver/plugins/cert.py:134
msgid ""
"\n"
"IPA currently immediately issues (or declines) all certificate requests so\n"
"the status of a request is not normally useful. This is for future use\n"
"or the case where a CA does not immediately issue a certificate.\n"
msgstr ""

#: ipaserver/plugins/cert.py:138
msgid ""
"\n"
"The following revocation reasons are supported:\n"
"\n"
msgstr ""

#: ipaserver/plugins/cert.py:141
msgid "    * 0 - unspecified\n"
msgstr ""

#: ipaserver/plugins/cert.py:142
msgid "    * 1 - keyCompromise\n"
msgstr ""

#: ipaserver/plugins/cert.py:143
msgid "    * 2 - cACompromise\n"
msgstr ""

#: ipaserver/plugins/cert.py:144
msgid "    * 3 - affiliationChanged\n"
msgstr ""

#: ipaserver/plugins/cert.py:145
msgid "    * 4 - superseded\n"
msgstr ""

#: ipaserver/plugins/cert.py:146
msgid "    * 5 - cessationOfOperation\n"
msgstr ""

#: ipaserver/plugins/cert.py:147
msgid "    * 6 - certificateHold\n"
msgstr ""

#: ipaserver/plugins/cert.py:148
msgid "    * 8 - removeFromCRL\n"
msgstr ""

#: ipaserver/plugins/cert.py:149
msgid "    * 9 - privilegeWithdrawn\n"
msgstr ""

#: ipaserver/plugins/cert.py:150
msgid "    * 10 - aACompromise\n"
msgstr ""

#: ipaserver/plugins/cert.py:151
msgid ""
"\n"
"Note that reason code 7 is not used.  See RFC 5280 for more details:\n"
msgstr ""

#: ipaserver/plugins/cert.py:153
msgid ""
"\n"
"http://www.ietf.org/rfc/rfc5280.txt\n"
"\n"
msgstr ""

#: ipaserver/plugins/cert.py:289
#, python-format
msgid ""
"Principal '%(principal)s' is not permitted to use CA '%(ca)s' with profile "
"'%(profile_id)s' for certificate issuance."
msgstr ""

#: ipaserver/plugins/cert.py:309
msgid "enabledService/configuredService not in ipaConfigString kdc entry"
msgstr ""

#: ipaserver/plugins/cert.py:313
#, python-format
msgid "Host '%(hostname)s' is not an active KDC"
msgstr ""

#: ipaserver/plugins/cert.py:347
msgid "Issuing CA"
msgstr ""

#: ipaserver/plugins/cert.py:348
msgid "Name of issuing CA"
msgstr ""

#: ipaserver/plugins/cert.py:370
msgid "Subject email address"
msgstr ""

#: ipaserver/plugins/cert.py:375
msgid "Subject DNS name"
msgstr ""

#: ipaserver/plugins/cert.py:380
msgid "Subject X.400 address"
msgstr ""

#: ipaserver/plugins/cert.py:385
msgid "Subject directory name"
msgstr ""

#: ipaserver/plugins/cert.py:390
msgid "Subject EDI Party name"
msgstr ""

#: ipaserver/plugins/cert.py:395
msgid "Subject URI"
msgstr ""

#: ipaserver/plugins/cert.py:400
msgid "Subject IP Address"
msgstr ""

#: ipaserver/plugins/cert.py:405
msgid "Subject OID"
msgstr "대상 OID"

#: ipaserver/plugins/cert.py:410
msgid "Subject UPN"
msgstr ""

#: ipaserver/plugins/cert.py:415
msgid "Subject Kerberos principal name"
msgstr ""

#: ipaserver/plugins/cert.py:420
msgid "Subject Other Name"
msgstr ""

#: ipaserver/plugins/cert.py:458
msgid "Serial number (hex)"
msgstr "일련 번호 (16 진수)"

#: ipaserver/plugins/cert.py:581
msgid "Request status"
msgstr ""

#: ipaserver/plugins/cert.py:627
msgid ""
"automatically add the principal if it doesn't exist (service principals only)"
msgstr ""

#: ipaserver/plugins/cert.py:676
#, python-format
msgid "krbtgt certs can use only the %s profile"
msgstr ""

#: ipaserver/plugins/cert.py:728
msgid "No Common Name was found in subject of request."
msgstr ""

#: ipaserver/plugins/cert.py:736
#, python-format
msgid ""
"hostname in subject of request '%(cn)s' does not match name or aliases of "
"principal '%(principal)s'"
msgstr ""

#: ipaserver/plugins/cert.py:742
#, python-format
msgid ""
"hostname in subject of request '%(cn)s' does not match principal hostname "
"'%(hostname)s'"
msgstr ""

#: ipaserver/plugins/cert.py:751
msgid "DN commonName does not match user's login"
msgstr ""

#: ipaserver/plugins/cert.py:765
msgid "DN emailAddress does not match any of user's email addresses"
msgstr ""

#: ipaserver/plugins/cert.py:774
#, python-format
msgid ""
"Insufficient 'write' privilege to the 'userCertificate' attribute of entry "
"'%s'."
msgstr ""

#: ipaserver/plugins/cert.py:795 ipaserver/plugins/cert.py:913
#, python-format
msgid "subject alt name type %s is forbidden for user principals"
msgstr ""

#: ipaserver/plugins/cert.py:840
#, python-format
msgid ""
"The service principal for subject alt name %s in certificate request does "
"not exist"
msgstr ""

#: ipaserver/plugins/cert.py:871
#, python-format
msgid ""
"Insufficient privilege to create a certificate with subject alt name '%s'."
msgstr ""

#: ipaserver/plugins/cert.py:889
#, python-format
msgid "Principal '%s' in subject alt name does not match requested principal"
msgstr ""

#: ipaserver/plugins/cert.py:898
msgid "RFC822Name does not match any of user's email addresses"
msgstr ""

#: ipaserver/plugins/cert.py:905
#, python-format
msgid "subject alt name type %s is forbidden for non-user principals"
msgstr ""

#: ipaserver/plugins/cert.py:922
#, python-format
msgid "Subject alt name type %s is forbidden"
msgstr ""

#: ipaserver/plugins/cert.py:940
#, python-format
msgid "CA '%s' is disabled"
msgstr ""

#: ipaserver/plugins/cert.py:1027
msgid "'add' option"
msgstr ""

#: ipaserver/plugins/cert.py:1031
msgid "The principal for this request doesn't exist."
msgstr ""

#: ipaserver/plugins/cert.py:1147
#, python-format
msgid "IP address in subjectAltName (%s) unreachable from DNS names"
msgstr ""

#: ipaserver/plugins/cert.py:1164
#, python-format
msgid "IP address in subjectAltName (%s) does not have PTR record"
msgstr ""

#: ipaserver/plugins/cert.py:1176
#, python-format
msgid "PTR record for SAN IP (%s) does not match A/AAAA records"
msgstr ""

#: ipaserver/plugins/cert.py:1275
msgid "Revoked"
msgstr ""

#: ipaserver/plugins/cert.py:1281
msgid ""
"Reason for revoking the certificate (0-10). Type \"ipa help cert\" for "
"revocation reason details. "
msgstr ""

#: ipaserver/plugins/cert.py:1303
#, python-format
msgid "Owner %s"
msgstr ""

#: ipaserver/plugins/cert.py:1390
#, python-format
msgid ""
"Certificate with serial number %(serial)s issued by CA '%(ca)s' not found"
msgstr ""

#: ipaserver/plugins/cert.py:1459
msgid "7 is not a valid revocation reason"
msgstr ""

#: ipaserver/plugins/cert.py:1559
msgid "Status of the certificate"
msgstr ""

#: ipaserver/plugins/cert.py:1565
msgid "Results should contain primary key attribute only (\"certificate\")"
msgstr ""

#: ipaserver/plugins/cert.py:1581
#, python-format
msgid "%(count)d certificate matched"
msgid_plural "%(count)d certificates matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/cert.py:1603
#, python-format
msgid "Search for certificates with these owner %s."
msgstr ""

#: ipaserver/plugins/cert.py:1614
#, python-format
msgid "Search for certificates without these owner %s."
msgstr ""

#: ipaserver/plugins/sudorule.py:43
msgid ""
"\n"
"Sudo Rules\n"
msgstr ""

#: ipaserver/plugins/sudorule.py:45
msgid ""
"\n"
"Sudo (su \"do\") allows a system administrator to delegate authority to\n"
"give certain users (or groups of users) the ability to run some (or all)\n"
"commands as root or another user while providing an audit trail of the\n"
"commands and their arguments.\n"
msgstr ""

#: ipaserver/plugins/sudorule.py:50
msgid ""
"\n"
"IPA provides a means to configure the various aspects of Sudo:\n"
"   Users: The user(s)/group(s) allowed to invoke Sudo.\n"
"   Hosts: The host(s)/hostgroup(s) which the user is allowed to to invoke "
"Sudo.\n"
"   Allow Command: The specific command(s) permitted to be run via Sudo.\n"
"   Deny Command: The specific command(s) prohibited to be run via Sudo.\n"
"   RunAsUser: The user(s) or group(s) of users whose rights Sudo will be "
"invoked with.\n"
"   RunAsGroup: The group(s) whose gid rights Sudo will be invoked with.\n"
"   Options: The various Sudoers Options that can modify Sudo's behavior.\n"
msgstr ""

#: ipaserver/plugins/sudorule.py:59
msgid ""
"\n"
"Each option needs to be added separately and no validation is done whether\n"
"the option is known by sudo or is in a valid format. Environment variables\n"
"also need to be set individually. For example env_keep=\"FOO BAR\" in "
"sudoers\n"
"needs be represented as --sudooption env_keep=FOO --sudooption "
"env_keep+=BAR.\n"
msgstr ""

#: ipaserver/plugins/sudorule.py:64
msgid ""
"\n"
"An order can be added to a sudorule to control the order in which they\n"
"are evaluated (if the client supports it). This order is an integer and\n"
"must be unique.\n"
msgstr ""

#: ipaserver/plugins/sudorule.py:68
msgid ""
"\n"
"IPA provides a designated binddn to use with Sudo located at:\n"
"uid=sudo,cn=sysaccounts,cn=etc,dc=example,dc=com\n"
msgstr ""

#: ipaserver/plugins/sudorule.py:71
msgid ""
"\n"
"To enable the binddn run the following command to set the password:\n"
"LDAPTLS_CACERT=/etc/ipa/ca.crt /usr/bin/ldappasswd -S -W -H ldap://ipa."
"example.com -ZZ -D \"cn=Directory Manager\" uid=sudo,cn=sysaccounts,cn=etc,"
"dc=example,dc=com\n"
msgstr ""

#: ipaserver/plugins/sudorule.py:78
msgid ""
"\n"
" Create a new rule:\n"
"   ipa sudorule-add readfiles\n"
msgstr ""

#: ipaserver/plugins/sudorule.py:81
msgid ""
"\n"
" Add sudo command object and add it as allowed command in the rule:\n"
"   ipa sudocmd-add /usr/bin/less\n"
"   ipa sudorule-add-allow-command readfiles --sudocmds /usr/bin/less\n"
msgstr ""

#: ipaserver/plugins/sudorule.py:85
msgid ""
"\n"
" Add a host to the rule:\n"
"   ipa sudorule-add-host readfiles --hosts server.example.com\n"
msgstr ""

#: ipaserver/plugins/sudorule.py:88
msgid ""
"\n"
" Add a user to the rule:\n"
"   ipa sudorule-add-user readfiles --users jsmith\n"
msgstr ""

#: ipaserver/plugins/sudorule.py:91
msgid ""
"\n"
" Add a special Sudo rule for default Sudo server configuration:\n"
"   ipa sudorule-add defaults\n"
msgstr ""

#: ipaserver/plugins/sudorule.py:94
msgid ""
"\n"
" Set a default Sudo option:\n"
"   ipa sudorule-add-option defaults --sudooption '!authenticate'\n"
msgstr ""

#: ipaserver/plugins/sudorule.py:97
msgid ""
"\n"
" Set multiple default Sudo options:\n"
"   ipa sudorule-add-option defaults --sudooption '!authenticate'    --"
"sudooption mail_badpass\n"
msgstr ""

#: ipaserver/plugins/sudorule.py:101
msgid ""
"\n"
" Set SELinux type and role transitions on a rule:\n"
"   ipa sudorule-add-option sysadmin_sudo --sudooption type=unconfined_t\n"
"   ipa sudorule-add-option sysadmin_sudo --sudooption role=unconfined_r\n"
msgstr ""

#: ipaserver/plugins/sudorule.py:120
msgid "this option has been deprecated."
msgstr ""

#: ipaserver/plugins/sudorule.py:148
msgid "sudo rules"
msgstr ""

#: ipaserver/plugins/sudorule.py:236
msgid "Sudo Rules"
msgstr ""

#: ipaserver/plugins/sudorule.py:237
msgid "Sudo Rule"
msgstr ""

#: ipaserver/plugins/sudorule.py:372
#, python-format
msgid "order must be a unique value (%(order)d already used by %(rule)s)"
msgstr ""

#: ipaserver/plugins/sudorule.py:403
#, python-format
msgid "Added Sudo Rule \"%(value)s\""
msgstr ""

#: ipaserver/plugins/sudorule.py:410
#, python-format
msgid "Deleted Sudo Rule \"%(value)s\""
msgstr ""

#: ipaserver/plugins/sudorule.py:417
#, python-format
msgid "Modified Sudo Rule \"%(value)s\""
msgstr ""

#: ipaserver/plugins/sudorule.py:436
#, python-format
msgid ""
"%(type)s category cannot be set to 'all' while there are allowed %(objects)s"
msgstr ""

#: ipaserver/plugins/sudorule.py:442 ipaserver/plugins/user.py:165
msgid "users"
msgstr ""

#: ipaserver/plugins/sudorule.py:452
msgid "command"
msgstr ""

#: ipaserver/plugins/sudorule.py:452
msgid "commands"
msgstr ""

#: ipaserver/plugins/sudorule.py:458
msgid "runAs user"
msgstr "runAs 사용자"

#: ipaserver/plugins/sudorule.py:458
msgid "runAs users"
msgstr "runAs 사용자"

#: ipaserver/plugins/sudorule.py:463
msgid "group runAs"
msgstr ""

#: ipaserver/plugins/sudorule.py:463
msgid "runAs groups"
msgstr ""

#: ipaserver/plugins/sudorule.py:484
#, python-format
msgid "%(count)d Sudo Rule matched"
msgid_plural "%(count)d Sudo Rules matched"
msgstr[0] ""
msgstr[1] ""

#: ipaserver/plugins/sudorule.py:556
msgid "commands cannot be added when command category='all'"
msgstr ""

#: ipaserver/plugins/sudorule.py:818 ipaserver/plugins/sudorule.py:940
msgid "users cannot be added when runAs user or runAs group category='all'"
msgstr ""

#: ipaserver/plugins/sudorule.py:825
#, python-format
msgid "RunAsUser does not accept '%(name)s' as a user name"
msgstr ""

#: ipaserver/plugins/sudorule.py:833
#, python-format
msgid "RunAsUser does not accept '%(name)s' as a group name"
msgstr ""

#: ipaserver/plugins/sudorule.py:947
#, python-format
msgid "RunAsGroup does not accept '%(name)s' as a group name"
msgstr ""

#: ipaserver/plugins/user.py:497
#, python-format
msgid "Added user \"%(value)s\""
msgstr ""

#: ipaserver/plugins/user.py:596
msgid "Default group for new users is not POSIX"
msgstr ""

#: ipaserver/plugins/user.py:704
#, python-format
msgid "Deleted user \"%(value)s\""
msgstr ""

#: ipaserver/plugins/user.py:705
#, python-format
msgid "Preserved user \"%(value)s\""
msgstr ""

#: ipaserver/plugins/user.py:723
#, python-format
msgid "%s: user is already preserved"
msgstr ""

#: ipaserver/plugins/user.py:847
#, python-format
msgid "Modified user \"%(value)s\""
msgstr ""

#: ipaserver/plugins/user.py:961
#, python-format
msgid "Undeleted user account \"%(value)s\""
msgstr ""

#: ipaserver/plugins/user.py:975
#, python-format
msgid "user \"%s\" is already active"
msgstr ""

#: ipaserver/plugins/user.py:1006
#, python-format
msgid "Staged user account \"%(value)s\""
msgstr ""

#: ipaserver/plugins/user.py:1101
#, python-format
msgid "Disabled user account \"%(value)s\""
msgstr ""

#: ipaserver/plugins/user.py:1123
#, python-format
msgid "Enabled user account \"%(value)s\""
msgstr ""

#: ipaserver/plugins/user.py:1140
msgid ""
"\n"
"    Unlock a user account\n"
"\n"
"    An account may become locked if the password is entered incorrectly too\n"
"    many times within a specific time period as controlled by password\n"
"    policy. A locked account is a temporary condition and may be unlocked "
"by\n"
"    an administrator."
msgstr ""

#: ipaserver/plugins/user.py:1149
#, python-format
msgid "Unlocked account \"%(value)s\""
msgstr ""

#: ipaserver/plugins/user.py:1181
msgid "Failed logins"
msgstr ""

#: ipaserver/plugins/user.py:1185
msgid "Last successful authentication"
msgstr ""

#: ipaserver/plugins/user.py:1189
msgid "Last failed authentication"
msgstr ""

#: ipaserver/plugins/user.py:1193
msgid "Time now"
msgstr ""

#: ipaserver/plugins/user.py:1197
msgid "Password grace count"
msgstr ""

#: ipaserver/plugins/user.py:1204
msgid ""
"\n"
"    Lockout status of a user account\n"
"\n"
"    An account may become locked if the password is entered incorrectly too\n"
"    many times within a specific time period as controlled by password\n"
"    policy. A locked account is a temporary condition and may be unlocked "
"by\n"
"    an administrator.\n"
"\n"
"    This connects to each IPA master and displays the lockout status on\n"
"    each one.\n"
"\n"
"    To determine whether an account is locked on a given server you need\n"
"    to compare the number of failed logins and the time of the last "
"failure.\n"
"    For an account to be locked it must exceed the maxfail failures within\n"
"    the failinterval duration as specified in the password policy "
"associated\n"
"    with the user.\n"
"\n"
"    The failed login counter is modified only when a user attempts a log in\n"
"    so it is possible that an account may appear locked but the last failed\n"
"    login attempt is older than the lockouttime of the password policy. "
"This\n"
"    means that the user may attempt a login again. "
msgstr ""

#: ipaserver/plugins/user.py:1260
#, python-format
msgid "%(host)s failed: %(error)s"
msgstr ""

#: ipaserver/plugins/user.py:1300
#, python-format
msgid "%(host)s failed"
msgstr ""

#: ipaserver/plugins/user.py:1310
#, python-format
msgid "Account disabled: %(disabled)s"
msgstr ""

#: ipaserver/plugins/user.py:1318
#, python-format
msgid "Added certificates to user \"%(value)s\""
msgstr ""

#: ipaserver/plugins/user.py:1324
#, python-format
msgid "Removed certificates from user \"%(value)s\""
msgstr ""

#: ipaserver/plugins/user.py:1349
msgid "Add new principal alias to the user entry"
msgstr ""

#: ipaserver/plugins/user.py:1350
#, python-format
msgid "Added new aliases to user \"%(value)s\""
msgstr ""

#: ipaserver/plugins/user.py:1355
msgid "Remove principal alias from the user entry"
msgstr ""

#: ipaserver/plugins/user.py:1356
#, python-format
msgid "Removed aliases from user \"%(value)s\""
msgstr ""

#: ipaserver/servroles.py:296
#, python-format
msgid "all masters must have %(role)s role enabled"
msgstr ""

#: ipaserver/servroles.py:401
#, python-format
msgid "must have %(role)s role enabled"
msgstr ""

#: ipaserver/servroles.py:443
msgid "must be enabled only on a single master"
msgstr ""

#: ipaserver/rpcserver.py:556
msgid "Request must be a dict"
msgstr ""

#: ipaserver/rpcserver.py:558
msgid "Request is missing \"method\""
msgstr ""

#: ipaserver/rpcserver.py:560
msgid "Request is missing \"params\""
msgstr ""

#: ipaserver/rpcserver.py:565
msgid "params must be a list"
msgstr ""

#: ipaserver/rpcserver.py:567
msgid "params must contain [args, options]"
msgstr ""

#: ipaserver/rpcserver.py:570
msgid "params[0] (aka args) must be a list"
msgstr ""

#: ipaserver/rpcserver.py:573
msgid "params[1] (aka options) must be a dict"
msgstr ""

#: ipaserver/topology.py:14
#, python-format
msgid ""
"\n"
"Replication topology in suffix '%(suffix)s' is disconnected:\n"
"%(errors)s"
msgstr ""

#: ipaserver/topology.py:18
#, python-format
msgid ""
"\n"
"Removal of '%(hostname)s' leads to disconnected topology in suffix "
"'%(suffix)s':\n"
"%(errors)s"
msgstr ""

#: ipaserver/topology.py:120
#, python-format
msgid "Topology does not allow server %(server)s to replicate with servers:"
msgstr ""

#: ipaserver/dcerpc.py:87
msgid ""
"\n"
"Classes to manage trust joins using DCE-RPC calls\n"
"\n"
"The code in this module relies heavily on samba4-python package\n"
"and Samba4 python bindings.\n"
msgstr ""

#: ipaserver/dcerpc.py:107
msgid "CIFS server denied your credentials"
msgstr ""

#: ipaserver/dcerpc.py:111
msgid "communication with CIFS server was unsuccessful"
msgstr ""

#: ipaserver/dcerpc.py:117 ipaserver/dcerpc.py:1376
msgid "AD domain controller"
msgstr ""

#: ipaserver/dcerpc.py:118
msgid "unsupported functional level"
msgstr ""

#: ipaserver/dcerpc.py:121
msgid ""
"AD domain controller complains about communication sequence. It may mean "
"unsynchronized time on both sides, for example"
msgstr ""

#: ipaserver/dcerpc.py:129 ipaserver/dcerpc.py:135 ipaserver/dcerpc.py:138
msgid "Cannot find specified domain or server name"
msgstr ""

#: ipaserver/dcerpc.py:141 ipaserver/dcerpc.py:147
msgid ""
"AD DC was unable to reach any IPA domain controller. Most likely it is a DNS "
"or firewall issue"
msgstr ""

#: ipaserver/dcerpc.py:151
msgid "At least the domain or IP address should be specified"
msgstr ""

#: ipaserver/dcerpc.py:189
#, python-format
msgid ""
"CIFS server communication error: code \"%(num)s\", message "
"\"%(message)s\" (both may be \"None\")"
msgstr ""

#: ipaserver/dcerpc.py:293
msgid "no trusted domain is configured"
msgstr ""

#: ipaserver/dcerpc.py:301
msgid "domain is not configured"
msgstr ""

#: ipaserver/dcerpc.py:308
msgid "SID is not valid"
msgstr ""

#: ipaserver/dcerpc.py:323
msgid "SID does not match exactlywith any trusted domain's SID"
msgstr ""

#: ipaserver/dcerpc.py:334
msgid "SID does not match any trusted domain"
msgstr ""

#: ipaserver/dcerpc.py:376 ipaserver/dcerpc.py:383 ipaserver/dcerpc.py:711
msgid "Trust setup"
msgstr ""

#: ipaserver/dcerpc.py:377
msgid "Our domain is not configured"
msgstr ""

#: ipaserver/dcerpc.py:384
msgid "No trusted domain is not configured"
msgstr ""

#: ipaserver/dcerpc.py:390 ipaserver/dcerpc.py:406 ipaserver/dcerpc.py:424
#: ipaserver/dcerpc.py:430 ipaserver/dcerpc.py:438 ipaserver/dcerpc.py:453
#: ipaserver/dcerpc.py:461 ipaserver/dcerpc.py:525 ipaserver/dcerpc.py:581
msgid "trusted domain object"
msgstr ""

#: ipaserver/dcerpc.py:391
msgid "domain is not trusted"
msgstr ""

#: ipaserver/dcerpc.py:407
msgid "no trusted domain matched the specified flat name"
msgstr ""

#: ipaserver/dcerpc.py:411
msgid "trusted domain object not found"
msgstr ""

#: ipaserver/dcerpc.py:425
msgid "Object does not belong to a trusted domain"
msgstr ""

#: ipaserver/dcerpc.py:431
msgid "SSSD was unable to resolve the object to a valid SID"
msgstr ""

#: ipaserver/dcerpc.py:439 ipaserver/dcerpc.py:582
msgid "Ambiguous search, user domain was not specified"
msgstr ""

#: ipaserver/dcerpc.py:454 ipaserver/dcerpc.py:526
msgid "Trusted domain did not return a unique object"
msgstr ""

#: ipaserver/dcerpc.py:462
msgid "Trusted domain did not return a valid SID for the object"
msgstr ""

#: ipaserver/dcerpc.py:566 ipaserver/dcerpc.py:577
msgid "trusted domain user not found"
msgstr ""

#: ipaserver/dcerpc.py:712
msgid "Cannot retrieve trusted domain GC list"
msgstr ""

#: ipaserver/dcerpc.py:861
msgid "CIFS credentials object"
msgstr ""

#: ipaserver/dcerpc.py:899
#, python-format
msgid "CIFS server %(host)s denied your credentials"
msgstr ""

#: ipaserver/dcerpc.py:904
#, python-format
msgid "Cannot establish LSA connection to %(host)s. Is CIFS server running?"
msgstr ""

#: ipaserver/dcerpc.py:1338
#, python-format
msgid ""
"the IPA server and the remote domain cannot share the same NetBIOS name: %s"
msgstr ""

#: ipaserver/dcerpc.py:1365
#, python-brace-format
msgid ""
"There is already a trust to {ipa_domain} with unsupported type {trust_type}. "
"Please remove it manually on AD DC side."
msgstr ""

#: ipaserver/dcerpc.py:1502
#, python-format
msgid ""
"IPA master denied trust validation requests from AD DC %(count)d times. Most "
"likely AD DC contacted a replica that has no trust information replicated "
"yet. Additionally, please check that AD DNS is able to resolve %(records)s "
"SRV records to the correct IPA server."
msgstr ""

#: ipaserver/dcerpc.py:1567 ipaserver/dcerpc.py:1697
msgid "Credentials"
msgstr ""

#: ipaserver/dcerpc.py:1568
msgid "Missing credentials for cross-forest communication"
msgstr ""

#: ipaserver/dcerpc.py:1698
msgid ""
"Non-Kerberos user name was specified, please provide user@REALM variant "
"instead"
msgstr ""

#: ipatests/test_ipalib/test_frontend.py:206
#, python-format
msgid "must equal %r"
msgstr ""

#: ipatests/test_ipalib/test_parameters.py:232
msgid "Hello world"
msgstr ""

#: ipatests/test_xmlrpc/test_radiusproxy_plugin.py:63
#: ipatests/test_xmlrpc/test_radiusproxy_plugin.py:71
#, python-format
msgid "%s: RADIUS proxy server not found"
msgstr ""

#: ipatests/test_xmlrpc/test_radiusproxy_plugin.py:119
#, python-format
msgid "RADIUS proxy server with name \"%s\" already exists"
msgstr ""

#: ipatests/test_xmlrpc/test_radiusproxy_plugin.py:178
msgid "must be at least 1"
msgstr ""

#: util/ipa_krb5.c:813 util/ipa_krb5.c:828
msgid "Out of memory\n"
msgstr ""

#: util/ipa_krb5.c:846
msgid "Warning unrecognized encryption type.\n"
msgstr ""

#: util/ipa_krb5.c:860
msgid "Warning unrecognized salt type.\n"
msgstr ""

#: util/ipa_krb5.c:900
msgid "Out of memory!?\n"
msgstr ""

#: util/ipa_krb5.c:935
msgid "Enctype comparison failed!\n"
msgstr ""

#: util/ipa_krb5.c:988
msgid "Password is too long!\n"
msgstr ""

#: util/ipa_krb5.c:1004
msgid "Failed to create random key!\n"
msgstr ""

#: util/ipa_krb5.c:1017 util/ipa_krb5.c:1035 util/ipa_krb5.c:1043
#: util/ipa_krb5.c:1083
msgid "Failed to create key!\n"
msgstr ""

#: util/ipa_krb5.c:1069
msgid "Bad or unsupported salt type.\n"
msgstr ""

#: util/ipa_ldap.c:79
#, c-format
msgid "Unable to initialize connection to ldap server %1$s: %2$s\n"
msgstr ""

#: util/ipa_ldap.c:89
msgid "Unable to set LDAP_OPT_PROTOCOL_VERSION\n"
msgstr ""

#: util/ipa_ldap.c:97
msgid "Unable to set LDAP_OPT_X_SASL_NOCANON\n"
msgstr ""

#: util/ipa_ldap.c:126
msgid "Unable to set LDAP_OPT_X_TLS_CACERTFILE\n"
msgstr ""

#: util/ipa_ldap.c:133
msgid "Unable to set LDAP_OPT_X_TLS_REQUIRE_CERT\n"
msgstr ""

#: util/ipa_ldap.c:140
msgid "Unable to set LDAP_OPT_X_TLS_PROTOCOL_MIN\n"
msgstr ""

#: util/ipa_ldap.c:147
msgid ""
"Unable to create new TLS context (OpenSSL failed to initialize or to load "
"certificates)\n"
msgstr ""

#: util/ipa_ldap.c:156
msgid "Unable to initialize STARTTLS session\n"
msgstr ""