# SOME DESCRIPTIVE TITLE
# Copyright (C) YEAR Red Hat
# This file is distributed under the same license as the sssd-docs package.
#
# Translators:
# Adolfo Jayme Barrientos <fito@libreoffice.org>, 2012
# Carlos Antolín Lucas <carlosantolin@hotmail.es>, 2012
# beckerde <domingobecker@gmail.com>, 2013
# Eduardo Villagrán M <gotencool@gmail.com>, 2011
# Eduardo Villagrán M <gotencool@gmail.com>, 2011
# vareli <ehespinosa@ya.com>, 2013
# vareli <ehespinosa@ya.com>, 2013
# Daniel Cabrera <logan@fedoraproject.org>, 2011
# Emilio Herrera <ehespinosa57@gmail.com>, 2018. #zanata
# Emilio Herrera <ehespinosa57@gmail.com>, 2019. #zanata
# Emilio Herrera <ehespinosa57@gmail.com>, 2020. #zanata
msgid ""
msgstr ""
"Project-Id-Version: sssd-docs 2.3.0\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
"POT-Creation-Date: 2024-05-16 13:37+0200\n"
"PO-Revision-Date: 2021-10-27 15:05+0000\n"
"Last-Translator: Emilio Herrera <ehespinosa57@gmail.com>\n"
"Language-Team: Spanish <https://translate.fedoraproject.org/projects/sssd/"
"sssd-manpage-master/es/>\n"
"Language: es\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=n != 1;\n"
"X-Generator: Weblate 4.8\n"

#. type: Content of: <reference><title>
#: sssd.conf.5.xml:8 sssd-ldap.5.xml:5 pam_sss.8.xml:5 pam_sss_gss.8.xml:5
#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sss-certmap.5.xml:5
#: sssd-ipa.5.xml:5 sssd-ad.5.xml:5 sssd-sudo.5.xml:5 sssd.8.xml:5
#: sss_obfuscate.8.xml:5 sss_override.8.xml:5 sssd-krb5.5.xml:5
#: sss_cache.8.xml:5 sss_debuglevel.8.xml:5 sss_seed.8.xml:5 sssd-ifp.5.xml:5
#: sss_rpcidmapd.5.xml:5 sss_ssh_authorizedkeys.1.xml:5
#: sss_ssh_knownhostsproxy.1.xml:5 idmap_sss.8.xml:5 sssctl.8.xml:5
#: sssd-files.5.xml:5 sssd-session-recording.5.xml:5 sssd-kcm.8.xml:5
#: sssd-systemtap.5.xml:5 sssd-ldap-attributes.5.xml:5
#: sssd_krb5_localauth_plugin.8.xml:5
msgid "SSSD Manual pages"
msgstr "Páginas de manual de SSSD"

#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd.conf.5.xml:13 sssd.conf.5.xml:19
msgid "sssd.conf"
msgstr "sssd.conf"

#. type: Content of: <reference><refentry><refmeta><manvolnum>
#: sssd.conf.5.xml:14 sssd-ldap.5.xml:11 sssd-simple.5.xml:11
#: sss-certmap.5.xml:11 sssd-ipa.5.xml:11 sssd-ad.5.xml:11 sssd-sudo.5.xml:11
#: sssd-krb5.5.xml:11 sssd-ifp.5.xml:11 sss_rpcidmapd.5.xml:27
#: sssd-files.5.xml:11 sssd-session-recording.5.xml:11 sssd-systemtap.5.xml:11
#: sssd-ldap-attributes.5.xml:11
msgid "5"
msgstr "5"

#. type: Content of: <reference><refentry><refmeta><refmiscinfo>
#: sssd.conf.5.xml:15 sssd-ldap.5.xml:12 sssd-simple.5.xml:12
#: sss-certmap.5.xml:12 sssd-ipa.5.xml:12 sssd-ad.5.xml:12 sssd-sudo.5.xml:12
#: sssd-krb5.5.xml:12 sssd-ifp.5.xml:12 sss_rpcidmapd.5.xml:28
#: sssd-files.5.xml:12 sssd-session-recording.5.xml:12 sssd-kcm.8.xml:12
#: sssd-systemtap.5.xml:12 sssd-ldap-attributes.5.xml:12
msgid "File Formats and Conventions"
msgstr "Formatos de archivo y convenciones"

#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sssd.conf.5.xml:20
msgid "the configuration file for SSSD"
msgstr "El archivo de configuración de SSSD"

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd.conf.5.xml:24
msgid "FILE FORMAT"
msgstr "Formato de archivo"

#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sssd.conf.5.xml:32
#, no-wrap
msgid ""
"<replaceable>[section]</replaceable>\n"
"<replaceable>key</replaceable> = <replaceable>value</replaceable>\n"
"<replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n"
"            "
msgstr ""
"<replaceable>[section]</replaceable>\n"
"<replaceable>key</replaceable> = <replaceable>value</replaceable>\n"
"<replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n"
"            "

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:27
msgid ""
"The file has an ini-style syntax and consists of sections and parameters. A "
"section begins with the name of the section in square brackets and continues "
"until the next section begins. An example of section with single and multi-"
"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
"El archivo posee una sintaxis de tipo ini consistente de secciones y "
"parámetros. Una sección comienza con el nombre de dicha sección colocado "
"entre corchetes, y continua hasta que comienza la próxima sección. Este es "
"un ejemplo de una sección con parámetros de valores simples y múltiples: "
"<placeholder type=\"programlisting\" id=\"0\"/>"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:39
msgid ""
"The data types used are string (no quotes needed), integer and bool (with "
"values of <quote>TRUE/FALSE</quote>)."
msgstr ""
"Los tipos de datos utilizados son cadenas (no es necesario ingresarlos entre "
"comillas), enteros o booleanos (cuyos valores son <quote>TRUE/FALSE</quote>)."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:44
msgid ""
"A comment line starts with a hash sign (<quote>#</quote>) or a semicolon "
"(<quote>;</quote>).  Inline comments are not supported."
msgstr ""
"Una línea de comentario empieza con una almohadilla (<quote>#</quote>) o un "
"punto y coma (<quote>;</quote>).  Los comentarios en línea no están "
"soportados."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:50
msgid ""
"All sections can have an optional <replaceable>description</replaceable> "
"parameter. Its function is only as a label for the section."
msgstr ""
"Todas las secciones pueden tener un parámetro opcional de "
"<replaceable>descripción</replaceable>. Su función es solo la de servir como "
"etiqueta a tal sección."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:56
msgid ""
"<filename>sssd.conf</filename> must be a regular file, owned by root and "
"only root may read from or write to the file."
msgstr ""
"<filename>sssd.conf</filename> debe ser un archivo regular, cuyo dueño sea "
"el usuario root, y sólo este usuario podrá tener permisos de lectura y "
"escritura sobre él."

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd.conf.5.xml:62
msgid "CONFIGURATION SNIPPETS FROM INCLUDE DIRECTORY"
msgstr "FRAGMENTOS DE CONFIGURACIÓN DESDE EL DIRECTORIO INCLUDE"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:65
msgid ""
"The configuration file <filename>sssd.conf</filename> will include "
"configuration snippets using the include directory <filename>conf.d</"
"filename>. This feature is available if SSSD was compiled with libini "
"version 1.3.0 or later."
msgstr ""
"El fichero de configuración <filename>sssd.conf</filename> incluirá "
"fragmenteo de configuración usando el directorio include <filename>conf.d</"
"filename>. Esta característica está disponible si SSSD fue compilado con "
"libini versión 1.3.0 o posterior."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:72
msgid ""
"Any file placed in <filename>conf.d</filename> that ends in "
"<quote><filename>.conf</filename></quote> and does not begin with a dot "
"(<quote>.</quote>) will be used together with <filename>sssd.conf</filename> "
"to configure SSSD."
msgstr ""
"Cualquier fichero situado en <filename>conf.d</filename> que termine en "
"<quote><filename>.conf</filename></quote> y no empiece con un punto (<quote>."
"</quote>) será usado junto con <filename>sssd.conf</filename> para "
"configurar SSSD."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:80
msgid ""
"The configuration snippets from <filename>conf.d</filename> have higher "
"priority than <filename>sssd.conf</filename> and will override "
"<filename>sssd.conf</filename> when conflicts occur. If several snippets are "
"present in <filename>conf.d</filename>, then they are included in "
"alphabetical order (based on locale).  Files included later have higher "
"priority. Numerical prefixes (<filename>01_snippet.conf</filename>, "
"<filename>02_snippet.conf</filename> etc.) can help visualize the priority "
"(higher number means higher priority)."
msgstr ""
"Los fragmentos de configuración de <filename>conf.d</filename> tienen mayor "
"prioridad que los de <filename>sssd.conf</filename> y anularán "
"<filename>sssd.conf</filename> cuando ocurran conflictos. Si varios "
"fragmentos están presentes en <filename>conf.d</filename> serán incluidos en "
"orden alfabético (en base a la localización).  Los ficheros incluidos más "
"tarde tienen prioridad mas alta. Prefijos numéricos (<filename>01_snippet."
"conf</filename>, <filename>02_snippet.conf</filename> etc.) pueden ayudar a "
"visualizar la prioridad (números mas altos significan prioridad más alta)."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:94
msgid ""
"The snippet files require the same owner and permissions as <filename>sssd."
"conf</filename>. Which are by default root:root and 0600."
msgstr ""
"Los ficheros fragmentos requieren los mismos propietarios y permisos que "
"<filename>sssd.conf</filename>. Que son por defecto root:root y 0600."

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd.conf.5.xml:101
msgid "GENERAL OPTIONS"
msgstr "OPCIONES GENERALES"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:103
msgid "Following options are usable in more than one configuration sections."
msgstr ""
"Las siguientes opciones son útiles en más de una de las secciones de "
"configuración."

#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd.conf.5.xml:107
msgid "Options usable in all sections"
msgstr "Opciones utilizables en todas las secciones"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:111
msgid "debug_level (integer)"
msgstr "debug_level (entero)"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:115
msgid "debug (integer)"
msgstr "debug (entero)"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:118
msgid ""
"SSSD 1.14 and later also includes the <replaceable>debug</replaceable> alias "
"for <replaceable>debug_level</replaceable> as a convenience feature. If both "
"are specified, the value of <replaceable>debug_level</replaceable> will be "
"used."
msgstr ""
"SSSD 1.14 y posteriores también incluyen el alias <replaceable>debug</"
"replaceable> para <replaceable>debug_level</replaceable> como ua "
"característica de conveniencia. Si se usan ambas se usará el valor de "
"<replaceable>debug_level</replaceable>."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:128
msgid "debug_timestamps (bool)"
msgstr "debug_timestamps (bool)"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:131
msgid ""
"Add a timestamp to the debug messages.  If journald is enabled for SSSD "
"debug logging this option is ignored."
msgstr ""
"Añade una sello de tiempo a los mensajes de depuración.  Si journald está "
"habilitado para el registro de la depuración SSSD esta opción se ignora."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:136 sssd.conf.5.xml:173 sssd.conf.5.xml:358
#: sssd.conf.5.xml:714 sssd.conf.5.xml:729 sssd.conf.5.xml:952
#: sssd.conf.5.xml:1070 sssd.conf.5.xml:2198 sssd-ldap.5.xml:1073
#: sssd-ldap.5.xml:1176 sssd-ldap.5.xml:1245 sssd-ldap.5.xml:1752
#: sssd-ldap.5.xml:1817 sssd-ipa.5.xml:347 sssd-ad.5.xml:252 sssd-ad.5.xml:366
#: sssd-ad.5.xml:1200 sssd-ad.5.xml:1353 sssd-krb5.5.xml:358
msgid "Default: true"
msgstr "Predeterminado: true"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:141
msgid "debug_microseconds (bool)"
msgstr "debug_microseconds (bool)"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:144
msgid ""
"Add microseconds to the timestamp in debug messages.  If journald is enabled "
"for SSSD debug logging this option is ignored."
msgstr ""
"Añade microsegundos al sello de tiempo en los mensajes de depuración. Si "
"journald está habilitado para el registro de la depuración SSSD esta opción "
"se ignora."

#. type: Content of: <variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:149 sssd.conf.5.xml:652 sssd.conf.5.xml:949
#: sssd.conf.5.xml:2101 sssd.conf.5.xml:2168 sssd.conf.5.xml:4244
#: sssd-ldap.5.xml:313 sssd-ldap.5.xml:919 sssd-ldap.5.xml:938
#: sssd-ldap.5.xml:1148 sssd-ldap.5.xml:1601 sssd-ldap.5.xml:1841
#: sssd-ipa.5.xml:152 sssd-ipa.5.xml:254 sssd-ipa.5.xml:662 sssd-ad.5.xml:1106
#: sssd-krb5.5.xml:268 sssd-krb5.5.xml:330 sssd-krb5.5.xml:432
#: include/krb5_options.xml:163
msgid "Default: false"
msgstr "Predeterminado: false"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:154
msgid "debug_backtrace_enabled (bool)"
msgstr "debug_backtrace_enabled (bool)"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:157
msgid "Enable debug backtrace."
msgstr "Habilita el seguimiento de depuración."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:160
msgid ""
"In case SSSD is run with debug_level less than 9, everything is logged to a "
"ring buffer in memory and flushed to a log file on any error up to and "
"including `min(0x0040, debug_level)` (i.e. if debug_level is explicitly set "
"to 0 or 1 then only those error levels will trigger backtrace, otherwise up "
"to 2)."
msgstr ""
"En caso de que SSSD esté corriendo en debug_level menor de 9, todo se "
"registra en un bufer temporal en la memoria y se descarga en un archivo de "
"registro cualquier error incluyendo `min(0x0040, debug_level)` (i.e. si "
"debug_level se fija explícitamente a 0 o 1 estos niveles de error disparará "
"una traza, de lo contrario hasta 2)."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:169
msgid ""
"Feature is only supported for `logger == files` (i.e.  setting doesn't have "
"effect for other logger types)."
msgstr ""
"La característica sólo se soporta para `logger == files` (i.e. la "
"configuración no tiene efecto para otro tipo de registros)."

#. type: Content of: outside any tag (error?)
#: sssd.conf.5.xml:109 sssd.conf.5.xml:184 sssd-ldap.5.xml:1658
#: sssd-ldap.5.xml:1864 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82
#: sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274
#: sssd-systemtap.5.xml:330 sssd-ldap-attributes.5.xml:40
#: sssd-ldap-attributes.5.xml:661 sssd-ldap-attributes.5.xml:803
#: sssd-ldap-attributes.5.xml:892 sssd-ldap-attributes.5.xml:989
#: sssd-ldap-attributes.5.xml:1047 sssd-ldap-attributes.5.xml:1205
#: sssd-ldap-attributes.5.xml:1250 include/autofs_attributes.xml:1
#: include/krb5_options.xml:1
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr "<placeholder type=\"variablelist\" id=\"0\"/>"

#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd.conf.5.xml:182
msgid "Options usable in SERVICE and DOMAIN sections"
msgstr "Opciones utilizables en las secciones SERVICIO y DOMINIO"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:186
msgid "timeout (integer)"
msgstr "timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:189
msgid ""
"Timeout in seconds between heartbeats for this service. This is used to "
"ensure that the process is alive and capable of answering requests. Note "
"that after three missed heartbeats the process will terminate itself."
msgstr ""
"Tiempo de salid en segundos entre pulsaciones para este servicio. Se usa "
"para asegurar que el proceso está vivo y capaz de contestar peticiones. "
"Advierta que después de tres pulsaciones perdidas el servicio se terminará."

#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:196 sssd.conf.5.xml:1290 sssd.conf.5.xml:1767
#: sssd.conf.5.xml:4260 sssd-ldap.5.xml:766 include/ldap_id_mapping.xml:270
msgid "Default: 10"
msgstr "Predeterminado: 10"

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd.conf.5.xml:206
msgid "SPECIAL SECTIONS"
msgstr "SECCIONES ESPECIALES"

#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd.conf.5.xml:209
msgid "The [sssd] section"
msgstr "La sección [sssd]"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><title>
#: sssd.conf.5.xml:218
msgid "Section parameters"
msgstr "Parámetros de sección"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:220
msgid "config_file_version (integer)"
msgstr "config_file_version (entero)"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:223
msgid ""
"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use "
"version 2."
msgstr ""
"Indica cuál es la sintaxis del archivo de configuración. SSSD 0.6.0 y "
"posteriores utilizan versión 2."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:229
msgid "services"
msgstr "servicios"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:232
msgid ""
"Comma separated list of services that are started when sssd itself starts.  "
"<phrase condition=\"have_systemd\"> The services' list is optional on "
"platforms where systemd is supported, as they will either be socket or D-Bus "
"activated when needed.  </phrase>"
msgstr ""
"Lista separada por comas de los servicios que se han iniciado cuando el "
"mismo sssd se inició.  <phrase condition=\"have_systemd\"> La lista de "
"servicios es opcional sobre plataformas donde se soporta systemd, ya que "
"serán enchufados o activado D-Bus cuando sea necesario.  </phrase>"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:241
msgid ""
"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase> "
"<phrase condition=\"with_autofs\">, autofs</phrase> <phrase "
"condition=\"with_ssh\">, ssh</phrase> <phrase "
"condition=\"with_pac_responder\">, pac</phrase> <phrase "
"condition=\"with_ifp\">, ifp</phrase>"
msgstr ""
"Servicios soportados: nss, pam <phrase condition=\"with_sudo\">, sudo</"
"phrase> <phrase condition=\"with_autofs\">, autofs</phrase> <phrase "
"condition=\"with_ssh\">, ssh</phrase> <phrase "
"condition=\"with_pac_responder\">, pac</phrase> <phrase "
"condition=\"with_ifp\">, ifp</phrase>"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:249
msgid ""
"<phrase condition=\"have_systemd\"> By default, all services are disabled "
"and the administrator must enable the ones allowed to be used by executing: "
"\"systemctl enable sssd-@service@.socket\".  </phrase>"
msgstr ""
"<phrase condition=\"have_systemd\"> Por defecto, todos los servicios están "
"deshabilitados y el administrador debe habilitar aquellos que permita que se "
"usen para ejecución: \"systemctl enable sssd-@service@.socket\".  </phrase>"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:258 sssd.conf.5.xml:784
msgid "reconnection_retries (integer)"
msgstr "reconnection_retries (entero)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:261 sssd.conf.5.xml:787
msgid ""
"Number of times services should attempt to reconnect in the event of a Data "
"Provider crash or restart before they give up"
msgstr ""
"Cantidad de intentos de reconexión de los servicios ante una eventual caída "
"de datos del  proveedor, o de reiniciarse antes de abandonar"

#. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:266 sssd.conf.5.xml:792 sssd.conf.5.xml:3716
#: include/failover.xml:100
msgid "Default: 3"
msgstr "Predeterminado: 3"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:271
msgid "domains"
msgstr "dominios"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:274
msgid ""
"A domain is a database containing user information. SSSD can use more "
"domains at the same time, but at least one must be configured or SSSD won't "
"start.  This parameter describes the list of domains in the order you want "
"them to be queried.  A domain name is recommended to contain only "
"alphanumeric ASCII characters, dashes, dots and underscores. '/' character "
"is forbidden."
msgstr ""
"Un dominio es una base de datos que contiene información del usuario. SSSD "
"puede usar más dominios a la vez, pero al menos se debe configurar uno o "
"SSSD no arrancará. Este parámetro describe la lista de dominios en el orden "
"que usted desea que sean consultados. Se recomienda de que contenga sólo "
"caracteres ASCII alfanuméricos, guiones, puntos y guiones bajos. El carácter "
"\"/\" está prohibido."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:287 sssd.conf.5.xml:3548
msgid "re_expression (string)"
msgstr "re_expression (cadena)"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:290
msgid ""
"Default regular expression that describes how to parse the string containing "
"user name and domain into these components."
msgstr ""
"Expresión regular por defecto que describe como analizar la cadena que "
"contiene el nombre de usuario y el dominio en estos componentes."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:295
msgid ""
"Each domain can have an individual regular expression configured. For some "
"ID providers there are also default regular expressions. See DOMAIN SECTIONS "
"for more info on these regular expressions."
msgstr ""
"Cada dominio puede tener una expresión regular individual configurada. Para "
"algunos proveedores de ID hay también expresiones regulares por defecto. Vea "
"las SECCIONES DOMINIO para mas información sobre estas expresiones regulares."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:304 sssd.conf.5.xml:3605
msgid "full_name_format (string)"
msgstr "full_name_format (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:307 sssd.conf.5.xml:3608
msgid ""
"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
"manvolnum> </citerefentry>-compatible format that describes how to compose a "
"fully qualified name from user name and domain name components."
msgstr ""
"<citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
"manvolnum> </citerefentry>-formato compatible que describe como componer un "
"nombre de dominio totalmente cualificado y los componentes del nombre de "
"dominio."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:318 sssd.conf.5.xml:3619
msgid "%1$s"
msgstr "%1$s"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:319 sssd.conf.5.xml:3620
msgid "user name"
msgstr "nombre de usuario"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:322 sssd.conf.5.xml:3623
msgid "%2$s"
msgstr "%2$s"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:325 sssd.conf.5.xml:3626
msgid "domain name as specified in the SSSD config file."
msgstr ""
"nombre de dominio como se especifica en el fichero de configuración SSSD"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:331 sssd.conf.5.xml:3632
msgid "%3$s"
msgstr "%3$s"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:334 sssd.conf.5.xml:3635
msgid ""
"domain flat name. Mostly usable for Active Directory domains, both directly "
"configured or discovered via IPA trusts."
msgstr ""
"nombre plano de dominio. Principalmente usado por los dominios Active "
"Directory tanto los configurados directamente como los descubiertos por "
"medio de IPA de confianza."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:315 sssd.conf.5.xml:3616
msgid ""
"The following expansions are supported: <placeholder type=\"variablelist\" "
"id=\"0\"/>"
msgstr ""
"Son soportadas las siguientes expresiones: <placeholder "
"type=\"variablelist\" id=\"0\"/>"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:344
msgid ""
"Each domain can have an individual format string configured.  See DOMAIN "
"SECTIONS for more info on this option."
msgstr ""
"Cada dominio puede tener una cadena de formato individual configurada. Vea "
"SECCIONES DOMINIO para más información sobre esta opción."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:350
msgid "monitor_resolv_conf (boolean)"
msgstr "monitor_resolv_conf (booleano)"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:353
msgid ""
"Controls if SSSD should monitor the state of resolv.conf to identify when it "
"needs to update its internal DNS resolver."
msgstr ""
"Controla si SSSD monitorizaría el estado de resolv.conf para identificar "
"cuando necesita actualizar su interfaz de resolución DNS interno."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:363
msgid "try_inotify (boolean)"
msgstr "try_inotify (boolean)"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:366
msgid ""
"By default, SSSD will attempt to use inotify to monitor configuration files "
"changes and will fall back to polling every five seconds if inotify cannot "
"be used."
msgstr ""
"Por defecto, SSSD intentará usar inotify para monitorizar cambios en los "
"ficheros de configuración y volverá a sondear cada cinco segundos si inotify "
"no puede ser usado."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:372
msgid ""
"There are some limited situations where it is preferred that we should skip "
"even trying to use inotify. In these rare cases, this option should be set "
"to 'false'"
msgstr ""
"Existen algunas pocas situaciones en donde lo preferible es evitar el uso de "
"inotify. En estas raras excepciones, la opción debería ser definida en "
"'false' "

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:378
msgid ""
"Default: true on platforms where inotify is supported. False on other "
"platforms."
msgstr ""
"Predeterminado: 'true' en plataformas donde inotify tenga soporte. 'False' "
"en el resto de las plataformas."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:382
msgid ""
"Note: this option will have no effect on platforms where inotify is "
"unavailable. On these platforms, polling will always be used."
msgstr ""
"Nota: esta opción no tendrá efecto en plataformas donde inotify no se "
"encuenytre disponible. En estas plataformas, la consulta (polling) será "
"utilizada siempre."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:389
msgid "krb5_rcache_dir (string)"
msgstr "krb5_rcache_dir (cadena)"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:392
msgid ""
"Directory on the filesystem where SSSD should store Kerberos replay cache "
"files."
msgstr ""
"Directorio en el sistema de archivos donde SSSD debería guardar fichero de "
"reproducción de cache de Kerberos."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:396
msgid ""
"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct "
"SSSD to let libkrb5 decide the appropriate location for the replay cache."
msgstr ""
"Esta opción acepta un valor especial __LIBKRB5_DEFAULTS__ que instruirá a "
"SSSD para dejar a libkrb5 decidir la localización apropiada del escondrijo "
"de respuesta."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:402
msgid ""
"Default: Distribution-specific and specified at build-time. "
"(__LIBKRB5_DEFAULTS__ if not configured)"
msgstr ""
"Por defecto: Distribución específica y especificado en la acumulación de "
"tiempo. (si no se configura __LIBKRB5_DEFAULTS__)"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:409
msgid "user (string)"
msgstr "usuario (cadena)"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:412
msgid ""
"The user to drop the privileges to where appropriate to avoid running as the "
"root user.  Currently the only supported value is '&sssd_user_name;'."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:419
#, fuzzy
#| msgid ""
#| "The user to drop the privileges to where appropriate to avoid running as "
#| "the root user.  <phrase condition=\"have_systemd\"> This option does not "
#| "work when running socket-activated services, as the user set up to run "
#| "the processes is set up during compilation time.  The way to override the "
#| "systemd unit files is by creating the appropriate files in /etc/systemd/"
#| "system/.  Keep in mind that any change in the socket user, group or "
#| "permissions may result in a non-usable SSSD. The same may occur in case "
#| "of changes of the user running the NSS responder.  </phrase>"
msgid ""
"This option does not work when running socket-activated services, as the "
"user set up to run the processes is set up during compilation time.  The way "
"to override the systemd unit files is by creating the appropriate files in /"
"etc/systemd/system/.  Keep in mind that any change in the socket user, group "
"or permissions may result in a non-usable SSSD. The same may occur in case "
"of changes of the user running the NSS responder."
msgstr ""
"El usuario debe dejar los privilegios donde corresponda para evitar que se "
"ejecute como usuario root.  <phrase condition=\"have_systemd\"> Esta opción "
"no funciona cuando se están ejecutando servicios activados por socket, "
"puesto que el ajuste para que el usuario corra los procesos se fijan en el "
"momento de la compilación.  El modo de anular la unidad de ficheros systemd "
"es creando los ficheros apropiados en /etc/systemd/system/.  Tenga en cuenta "
"que cualquier cambio en el socket de usuario, grupo o permisos puede llevar "
"a un SSSD no utilizable. Lo mismo puede ocurrir en el caso de cambios del "
"usuario que ejecuta el contestador NSS.  </phrase>"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:433
msgid "Default: not set, process will run as root"
msgstr "Por defecto: no ajustado, los procesos correrán como root"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:438
msgid "default_domain_suffix (string)"
msgstr "default_domain_suffix (cadena)"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:441
msgid ""
"This string will be used as a default domain name for all names without a "
"domain name component. The main use case is environments where the primary "
"domain is intended for managing host policies and all users are located in a "
"trusted domain.  The option allows those users to log in just with their "
"user name without giving a domain name as well."
msgstr ""
"Esta cadena será usada como nombre de dominio por defecto para todos los "
"nombre sin un componente de nombre de dominio. El principal caso de uso es "
"en entornos donde el dominio principal está dirigido a gestionar las "
"políticas de host y todos los usuarios están localizados en un dominio "
"confiable. La opción permite a esos usuarios acceder sólo con su nombre de "
"usuario sin dar también un nombre de dominio."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:451
#, fuzzy
#| msgid ""
#| "Please note that if this option is set all users from the primary domain "
#| "have to use their fully qualified name, e.g. user@domain.name, to log in. "
#| "Setting this option changes default of use_fully_qualified_names to True. "
#| "It is not allowed to use this option together with "
#| "use_fully_qualified_names set to False. One exception from this rule are "
#| "domains with <quote>id_provider=files</quote> that always try to match "
#| "the behaviour of nss_files and therefore their output is not qualified "
#| "even when the default_domain_suffix option is used."
msgid ""
"Please note that if this option is set all users from the primary domain "
"have to use their fully qualified name, e.g. user@domain.name, to log in. "
"Setting this option changes default of use_fully_qualified_names to True. It "
"is not allowed to use this option together with use_fully_qualified_names "
"set to False.  <phrase condition=\"with_files_provider\"> One exception from "
"this rule are domains with <quote>id_provider=files</quote> that always try "
"to match the behaviour of nss_files and therefore their output is not "
"qualified even when the default_domain_suffix option is used.  </phrase>"
msgstr ""
"Por favor advierta que si esta opción está establecida todos los usuarios "
"del dominio primario tienen que usar su nombre totalmente cualificado, e.g. "
"user@domain.name, para acceder. El establecimiento de esta opción cambia el "
"comportamiento predeterminado de use_fully_qualified_names a True. No está "
"permitido el uso de esta opción junto con use_fully_qualified_names "
"establecido a False. Una excepción de esta regla son los dominios con "
"<quote>id_provider=files</quote> que siempre intentan igualar el "
"comportamiento de nss_files y por lo tanto su salida es no cualificada aún "
"cuando se use la opción default_domain_suffix."

#. type: Content of: <variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:468 sssd-ldap.5.xml:877 sssd-ldap.5.xml:889
#: sssd-ldap.5.xml:982 sssd-ad.5.xml:920 sssd-ad.5.xml:995 sssd-krb5.5.xml:468
#: sssd-ldap-attributes.5.xml:470 sssd-ldap-attributes.5.xml:978
#: include/ldap_id_mapping.xml:211 include/ldap_id_mapping.xml:222
#: include/krb5_options.xml:148
msgid "Default: not set"
msgstr "Predeterminado: no definido"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:473
msgid "override_space (string)"
msgstr "override_space (cadena)"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:476
msgid ""
"This parameter will replace spaces (space bar)  with the given character for "
"user and group names.  e.g. (_). User name &quot;john doe&quot; will be "
"&quot;john_doe&quot; This feature was added to help compatibility with shell "
"scripts that have difficulty handling spaces, due to the default field "
"separator in the shell."
msgstr ""
"Este parámetro reemplazará los espacios (barra espaciadora)  con los "
"caracteres dados para los nombres de usuario y grupos.  e.g. (_). Nombre de "
"usuario &quot;john doe&quot; será &quot;john_doe&quot; Esta característica "
"se ha añadido para ayudar a la compatibilidad los scripts de shell que "
"tienen dificultades con el manejo de espacios, debido al campo separador "
"predeterminado en el shell."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:485
msgid ""
"Please note it is a configuration error to use a replacement character that "
"might be used in user or group names. If a name contains the replacement "
"character SSSD tries to return the unmodified name but in general the result "
"of a lookup is undefined."
msgstr ""
"Por favor advierta que es un error de configuración usar un carácter de "
"reemplazo que pueda ser usado en los nombres de grupo o usuario. Si un "
"nombre contiene el carácter de reemplazo SSSD intentará devolver un nombre "
"no modificado pero en general el resultado de la búsqueda es indefinido."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:493
msgid "Default: not set (spaces will not be replaced)"
msgstr "Por defecto: no ajustado (los espacios no serán reemplazados)"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:498
msgid "certificate_verification (string)"
msgstr "certificate_verification (cadena)"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:506
msgid "no_ocsp"
msgstr "no_ocsp"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:508
msgid ""
"Disables Online Certificate Status Protocol (OCSP) checks. This might be "
"needed if the OCSP servers defined in the certificate are not reachable from "
"the client."
msgstr ""
"Deshabilita la comprobación de Protocolo de Estado de Certificado en Línea "
"(OCSP). Esto puede ser necesario si los servidores OCSP definidos en el "
"certificado no son alcanzables por el cliente."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:516
msgid "soft_ocsp"
msgstr "soft_ocsp"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:518
msgid ""
"If a connection cannot be established to an OCSP responder the OCSP check is "
"skipped.  This option should be used to allow authentication when the system "
"is offline and the OCSP responder cannot be reached."
msgstr ""
"Si no se puede establecer una conexión con un contestador OCSP la "
"comprobación OCSP es saltada. Esta opción debería ser usada para permitir la "
"autenticación cuando el sistema no está en línea y el contestador OCSP no "
"puede ser alcanzado."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:528
msgid "ocsp_dgst"
msgstr "ocsp_dgst"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:530
msgid ""
"Digest (hash) function used to create the certificate ID for the OCSP "
"request. Allowed values are:"
msgstr ""
"Función resumen (picadillo) usada para crear la ID del certificado para la "
"petición OCSP. Los valores permitidos son:"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd.conf.5.xml:534
msgid "sha1"
msgstr "sha1"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd.conf.5.xml:535
msgid "sha256"
msgstr "sha256"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd.conf.5.xml:536
msgid "sha384"
msgstr "sha384"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd.conf.5.xml:537
msgid "sha512"
msgstr "sha512"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:540
msgid "Default: sha1 (to allow compatibility with RFC5019-compliant responder)"
msgstr ""
"Predeterminado: sha1 (para permitir la compatibilidad con el contestador que "
"cumple el RFC50190)"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:546
msgid "no_verification"
msgstr "no_verification"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:548
msgid ""
"Disables verification completely.  This option should only be used for "
"testing."
msgstr ""
"Deshabilita la verificación completamente.  Esto opción solo se debería usar "
"para pruebas."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:554
msgid "partial_chain"
msgstr "partial_chain"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:556
msgid ""
"Allow verification to succeed even if a <replaceable>complete</replaceable> "
"chain cannot be built to a self-signed trust-anchor, provided it is possible "
"to construct a chain to a trusted certificate that might not be self-signed."
msgstr ""
"Permite la verificación exitosa incluso si la cadena <replaceable>complete</"
"replaceable> no se puede construir a un ancla de autoconfianza firmado, "
"siempre que sea posible construir una cadena a un certificado de confianza "
"que puede no estar autofirmado."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:565
msgid "ocsp_default_responder=URL"
msgstr "ocsp_default_responder=URL"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:567
msgid ""
"Sets the OCSP default responder which should be used instead of the one "
"mentioned in the certificate. URL must be replaced with the URL of the OCSP "
"default responder e.g.  http://example.com:80/ocsp."
msgstr ""
"Fija el contestador OCSP por defecto que será usando en lugar del mencionado "
"en el certificado. La URL debe ser reemplazada con la URL del contestador "
"OCSP por defecto e.g.  http://example.com:80/ocsp."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:577
msgid "ocsp_default_responder_signing_cert=NAME"
msgstr "ocsp_default_responder_signing_cert=NAME"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:579
msgid ""
"This option is currently ignored. All needed certificates must be available "
"in the PEM file given by pam_cert_db_path."
msgstr ""
"Esta opción se ignora actualmente. Todos los certificados necesarios deben "
"estar disponibles en el fichero PEM indicado por pam_cert_db_path."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:587
msgid "crl_file=/PATH/TO/CRL/FILE"
msgstr "crl_file=/PATH/TO/CRL/FILE"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:589
msgid ""
"Use the Certificate Revocation List (CRL) from the given file during the "
"verification of the certificate. The CRL must be given in PEM format, see "
"<citerefentry> <refentrytitle>crl</refentrytitle> <manvolnum>1ssl</"
"manvolnum> </citerefentry> for details."
msgstr ""
"Usa la Lista de Revocación de Certificado (CRL) del fichero dado durante la "
"verificación del certificado. La CRL se debe dar en formato PEM, vea "
"detalles en <citerefentry> <refentrytitle>crl</refentrytitle> "
"<manvolnum>1ssl</manvolnum> </citerefentry>."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:602
msgid "soft_crl"
msgstr "soft_crl"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:605
msgid ""
"If a Certificate Revocation List (CRL)  is expired ignore the CRL checks for "
"the related certificates. This option should be used to allow authentication "
"when the system is offline and the CRL cannot be renewed."
msgstr ""
"Si una Lista de Revocación de Certificado (CRL) expira ignora las "
"comprobaciones CRL para los certificados relacionados. Esta opción debería "
"ser usada para permitir la autenticación cuando el sistema está fuera de "
"linea y la CRL no puede ser renovada."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:501
msgid ""
"With this parameter the certificate verification can be tuned with a comma "
"separated list of options. Supported options are: <placeholder "
"type=\"variablelist\" id=\"0\"/>"
msgstr ""
"Con este parámetros la verificación del certificado se puede sintonizar con "
"una lista de opciones separadas por comas. Las opciones soportadas son: "
"<placeholder type=\"variablelist\" id=\"0\"/>"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:616
msgid "Unknown options are reported but ignored."
msgstr "Se informa de las opciones desconocidas pero son ignoradas."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:619
msgid "Default: not set, i.e. do not restrict certificate verification"
msgstr ""
"Por defecto: no fijado, i.e. no restringe la verificación de certificado"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:625
msgid "disable_netlink (boolean)"
msgstr "disable_netlink (boolean)"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:628
msgid ""
"SSSD hooks into the netlink interface to monitor changes to routes, "
"addresses, links and trigger certain actions."
msgstr ""
"SSSD se engancha en el interfaz netlink para monitorizar los cambios a "
"rutas, direcciones, enlaces y disparar ciertas acciones."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:633
msgid ""
"The SSSD state changes caused by netlink events may be undesirable and can "
"be disabled by setting this option to 'true'"
msgstr ""
"Los cambios en el estado de SSSD causados por eventos en enlace de red "
"pueden ser no deseados y pueden ser deshabilitados ajustando esta opción a "
"'true'"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:638
msgid "Default: false (netlink changes are detected)"
msgstr "Predeterminado: false (se detectan los cambio de enlace de red)"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:643
msgid "enable_files_domain (boolean)"
msgstr "enable_files_domain (boolean)"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:646
msgid ""
"When this option is enabled, SSSD prepends an implicit domain with "
"<quote>id_provider=files</quote> before any explicitly configured domains."
msgstr ""
"Cuando se habilita esta opción, SSSD antepone in dominio implícito con "
"<quote>id_provider=files</quote> antes de cualquier dominio explícito "
"configurado."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:657
msgid "domain_resolution_order"
msgstr "domain_resolution_order"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:660
msgid ""
"Comma separated list of domains and subdomains representing the lookup order "
"that will be followed.  The list doesn't have to include all possible "
"domains as the missing domains will be looked up based on the order they're "
"presented in the <quote>domains</quote> configuration option.  The "
"subdomains which are not listed as part of <quote>lookup_order</quote> will "
"be looked up in a random order for each parent domain."
msgstr ""
"Lista separada por comas de dominios y subdominios que representa el orden "
"de búsqueda que se seguirá.  La lista no tiene que incluir todos los "
"dominios posibles ya que los dominios que falten se buscarán en el orden que "
"se presentan en la opción de configuración <quote>domains</quote>.  Los "
"subdominios que no están listados como parte de <quote>lookup_order</quote> "
"serán buscados en un orden aleatorio por cada dominio padre."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:672
#, fuzzy
#| msgid ""
#| "Please, note that when this option is set the output format of all "
#| "commands is always fully-qualified even when using short names for input, "
#| "for all users but the ones managed by the files provider.  In case the "
#| "administrator wants the output not fully-qualified, the full_name_format "
#| "option can be used as shown below: <quote>full_name_format=%1$s</quote> "
#| "However, keep in mind that during login, login applications often "
#| "canonicalize the username by calling <citerefentry> "
#| "<refentrytitle>getpwnam</refentrytitle> <manvolnum>3</manvolnum> </"
#| "citerefentry> which, if a shortname is returned for a qualified input "
#| "(while trying to reach a user which exists in multiple domains) might re-"
#| "route the login attempt into the domain which uses shortnames, making "
#| "this workaround totally not recommended in cases where usernames may "
#| "overlap between domains."
msgid ""
"Please, note that when this option is set the output format of all commands "
"is always fully-qualified even when using short names for input <phrase "
"condition=\"with_files_provider\"> , for all users but the ones managed by "
"the files provider </phrase>.  In case the administrator wants the output "
"not fully-qualified, the full_name_format option can be used as shown below: "
"<quote>full_name_format=%1$s</quote> However, keep in mind that during "
"login, login applications often canonicalize the username by calling "
"<citerefentry> <refentrytitle>getpwnam</refentrytitle> <manvolnum>3</"
"manvolnum> </citerefentry> which, if a shortname is returned for a qualified "
"input (while trying to reach a user which exists in multiple domains) might "
"re-route the login attempt into the domain which uses shortnames, making "
"this workaround totally not recommended in cases where usernames may overlap "
"between domains."
msgstr ""
"Por favor, advierta que cuando se fija esta opción el formato de salida de "
"todos los comandos es siempre plenamente cualificado aunque se usen los "
"nombre cortos para la entrada, para todos los usuarios excepto los "
"gestionados por el proveedro de ficheros.  En caso de que el administrador "
"desee la salida no plenamente cualificada se debe usar los opción "
"full_name_format como se muestra abajo: <quote>full_name_format=%1$s</quote> "
"Sin embargo, tenga en cuenta que durante el acceso, las aplicaciones de "
"acceso con frecuencia canonicalizan el nombre de usuario llamando a "
"<citerefentry> <refentrytitle>getpwnam</refentrytitle> <manvolnum>3</"
"manvolnum> </citerefentry> que, si se devuelve un nombre corto para una "
"entrada cualificada (mientras que intenta alcanzar un usuario que existe en "
"múltiples dominios) debe re-enturar el intento de acceso hacia el dominio "
"que usa nombres cortos, haciendo este rodeo totalmente no recomendado en los "
"casos donde los nombres de usuarios se deben compartir entre dominios."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:700 sssd.conf.5.xml:1791 sssd.conf.5.xml:4310
#: sssd-ad.5.xml:187 sssd-ad.5.xml:327 sssd-ad.5.xml:341
msgid "Default: Not set"
msgstr "Por defecto: No definido"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:705
#, fuzzy
#| msgid "ad_gpo_implicit_deny (boolean)"
msgid "implicit_pac_responder (boolean)"
msgstr "ad_gpo_implicit_deny (booleano)"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:708
msgid ""
"The PAC responder is enabled automatically for the IPA and AD provider to "
"evaluate and check the PAC. If it has to be disabled set this option to "
"'false'."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:719
#, fuzzy
#| msgid "ad_gpo_ignore_unreadable (boolean)"
msgid "core_dumpable (boolean)"
msgstr "ad_gpo_ignore_unreadable (booleano)"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:722
msgid ""
"This option can be used for general system hardening: setting it to 'false' "
"forbids core dumps for all SSSD processes to avoid leaking plain text "
"passwords. See man page prctl:PR_SET_DUMPABLE for details."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:734
#, fuzzy
#| msgid "certificate_verification (string)"
msgid "passkey_verification (string)"
msgstr "certificate_verification (cadena)"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:742
#, fuzzy
#| msgid "certificate_verification (string)"
msgid "user_verification (boolean)"
msgstr "certificate_verification (cadena)"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:744
msgid ""
"Enable or disable the user verification (i.e. PIN, fingerprint)  during "
"authentication. If enabled, the PIN will always be requested."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:750
msgid ""
"The default is that the key settings decide what to do. In the IPA or "
"kerberos pre-authentication case, this value will be overwritten by the "
"server."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:737
#, fuzzy
#| msgid ""
#| "With this parameter the certificate verification can be tuned with a "
#| "comma separated list of options. Supported options are: <placeholder "
#| "type=\"variablelist\" id=\"0\"/>"
msgid ""
"With this parameter the passkey verification can be tuned with a comma "
"separated list of options. Supported options are: <placeholder "
"type=\"variablelist\" id=\"0\"/>"
msgstr ""
"Con este parámetros la verificación del certificado se puede sintonizar con "
"una lista de opciones separadas por comas. Las opciones soportadas son: "
"<placeholder type=\"variablelist\" id=\"0\"/>"

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sssd.conf.5.xml:211
msgid ""
"Individual pieces of SSSD functionality are provided by special SSSD "
"services that are started and stopped together with SSSD.  The services are "
"managed by a special service frequently called <quote>monitor</quote>. The "
"<quote>[sssd]</quote> section is used to configure the monitor as well as "
"some other important options like the identity domains.  <placeholder "
"type=\"variablelist\" id=\"0\"/>"
msgstr ""
"Trozos individuales de funcionalidad SSSD son suministrados por servicios "
"especiales SSSD que se inician y parar junto a SSSD. Los servicios son "
"gestionados por un servicio especial frecuentemente llamado <quote>monitor</"
"quote>. La sección <quote>[sssd]</quote> se usa para configurar el monitor "
"así como algunas otras opciones importantes como la identidad de dominios. "
"<placeholder type=\"variablelist\" id=\"0\"/>"

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd.conf.5.xml:769
msgid "SERVICES SECTIONS"
msgstr "SECCIONES DE SERVICIOS"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:771
msgid ""
"Settings that can be used to configure different services are described in "
"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
"section, for example, for NSS service, the section would be <quote>[nss]</"
"quote>"
msgstr ""
"Los ajustes que pueden ser utilizados para configurar diferentes servicios "
"se describe en esta sección. Ellos deben residir en la sección "
"[<replaceable>$NAME</replaceable>], por ejemplo, para el servicio NSS, la "
"sección sería <quote>[nss]</quote>"

#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd.conf.5.xml:778
msgid "General service configuration options"
msgstr "Opciones de configuración de servicios generales"

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sssd.conf.5.xml:780
msgid "These options can be used to configure any service."
msgstr "Estas opciones pueden usarse para configurar cualquier servicio."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:797
msgid "fd_limit"
msgstr "fd_limit"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:800
msgid ""
"This option specifies the maximum number of file descriptors that may be "
"opened at one time by this SSSD process. On systems where SSSD is granted "
"the CAP_SYS_RESOURCE capability, this will be an absolute setting. On "
"systems without this capability, the resulting value will be the lower value "
"of this or the limits.conf \"hard\" limit."
msgstr ""
"Esta opción especifica el número máximo de descriptores de ficheros que "
"pueden ser abiertos a la vez por este proceso SSSD. Sobre sistemas donde "
"SSSD ha alcanzado la capacidad CAP_SYS_RESOURCE, este será un ajuste "
"absoluto. Sobre sistemas sin esta capacidad, el valor resultante será el "
"valor más bajo de este o de limite “hard” en limits.conf."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:809
msgid "Default: 8192 (or limits.conf \"hard\" limit)"
msgstr "Por defecto: 8192 (o limite “hard” en limits.conf)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:814
msgid "client_idle_timeout"
msgstr "client_idle_timeout"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:817
msgid ""
"This option specifies the number of seconds that a client of an SSSD process "
"can hold onto a file descriptor without communicating on it. This value is "
"limited in order to avoid resource exhaustion on the system. The timeout "
"can't be shorter than 10 seconds. If a lower value is configured, it will be "
"adjusted to 10 seconds."
msgstr ""
"Esta opción especifica el número de segundos que un cliente de un proceso "
"SSSD puede conservar un descriptor de archivo sin comunicarse con él. Este "
"valor está limitado con el objetivo de evitar el agotamiento de recursos del "
"sistema. El tiempo de salida no puede ser más corto de 10 segundos. Si se "
"configura un valor más bajo será ajustado a 10 segundos."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:826
msgid "Default: 60, KCM: 300"
msgstr "Predeterminado: 60, KCM: 300"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:831
msgid "offline_timeout (integer)"
msgstr "offline_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:834
msgid ""
"When SSSD switches to offline mode the amount of time before it tries to go "
"back online will increase based upon the time spent disconnected.  By "
"default SSSD uses incremental behaviour to calculate delay in between "
"retries.  So, the wait time for a given retry will be longer than the wait "
"time for the previous ones.  After each unsuccessful attempt to go online, "
"the new interval is recalculated by the following:"
msgstr ""
"Cuando SSSD conmuta al modo fuera de línea la cantidad tiempo antes de que "
"intente volver a estar en línea se incrementará en base al tiempo que ha "
"estado desconectado. De modo predeterminado SSSD utiliza un comportamiento "
"incremental para calcular el retraso entre reintentos. De este modo, el "
"tiempo de espera para un reintento dado no será más largo que el tiempo de "
"los anteriores. Después de cada intento fracasado para estar en línea, el "
"nuevo intervalo se calcula mediante lo siguiente:"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:845 sssd.conf.5.xml:901
msgid ""
"new_delay = Minimum(old_delay * 2, offline_timeout_max) + random[0..."
"offline_timeout_random_offset]"
msgstr ""
"new_delay = Minimum(old_delay * 2, offline_timeout_max) + random[0..."
"offline_timeout_random_offset]"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:848
msgid ""
"The offline_timeout default value is 60.  The offline_timeout_max default "
"value is 3600.  The offline_timeout_random_offset default value is 30.  The "
"end result is amount of seconds before next retry."
msgstr ""
"El valor predeterminado de offline_timeout es 60. El valor predeterminado de "
"offline_timeout_max es 3600. El valor predeterminado de "
"offline_timeout_random_offset es 30. El resultado final es la cantidad de "
"segundos antes del próximo reintento."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:854
msgid ""
"Note that the maximum length of each interval is defined by "
"offline_timeout_max (apart of random part)."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:858 sssd.conf.5.xml:1201 sssd.conf.5.xml:1584
#: sssd.conf.5.xml:1880 sssd-ldap.5.xml:495
msgid "Default: 60"
msgstr "Predeterminado: 60"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:863
#, fuzzy
#| msgid "offline_timeout (integer)"
msgid "offline_timeout_max (integer)"
msgstr "offline_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:866
msgid ""
"Controls by how much the time between attempts to go online can be "
"incremented following unsuccessful attempts to go online."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:871
msgid "A value of 0 disables the incrementing behaviour."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:874
msgid ""
"The value of this parameter should be set in correlation to offline_timeout "
"parameter value."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:878
msgid ""
"With offline_timeout set to 60 (default value) there is no point in setting "
"offlinet_timeout_max to less than 120 as it will saturate instantly. General "
"rule here should be to set offline_timeout_max to at least 4 times "
"offline_timeout."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:884
msgid ""
"Although a value between 0 and offline_timeout may be specified, it has the "
"effect of overriding the offline_timeout value so is of little use."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:889
#, fuzzy
#| msgid "Default: 300"
msgid "Default: 3600"
msgstr "Predeterminado: 300"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:894
#, fuzzy
#| msgid "offline_timeout + random_offset"
msgid "offline_timeout_random_offset (integer)"
msgstr "offline_timeout + random_offset"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:897
msgid ""
"When SSSD is in offline mode it keeps probing backend servers in specified "
"time intervals:"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:904
msgid ""
"This parameter controls the value of the random offset used for the above "
"equation. Final random_offset value will be random number in range:"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:909
#, fuzzy
#| msgid "offline_timeout + random_offset"
msgid "[0 - offline_timeout_random_offset]"
msgstr "offline_timeout + random_offset"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:912
msgid "A value of 0 disables the random offset addition."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:915
#, fuzzy
#| msgid "Default: 300"
msgid "Default: 30"
msgstr "Predeterminado: 300"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:920
msgid "responder_idle_timeout"
msgstr "responder_idle_timeout"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:923
msgid ""
"This option specifies the number of seconds that an SSSD responder process "
"can be up without being used. This value is limited in order to avoid "
"resource exhaustion on the system.  The minimum acceptable value for this "
"option is 60 seconds.  Setting this option to 0 (zero) means that no timeout "
"will be set up to the responder.  This option only has effect when SSSD is "
"built with systemd support and when services are either socket or D-Bus "
"activated."
msgstr ""
"Esta opción especifica el número de segundos que un proceso contestador SSSD "
"puede estar levantado sin ser usado. Este valor está limitado con el "
"objetivo de evitar el agotamiento de recursos del sistema.  El valor mínimo "
"aceptable para esta opción es 60 segundos.  Fijar esta opción a 0 (cero) "
"significa que se le ajustarña tiempo de espera al contestador.  Esta opción "
"solo tiene efecto cuando SSSD está construido con soporte systemd y cuando "
"los servicios activados son socket o D-Bus."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:937 sssd.conf.5.xml:1214 sssd.conf.5.xml:2322
#: sssd-ldap.5.xml:332
msgid "Default: 300"
msgstr "Predeterminado: 300"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:942
msgid "cache_first"
msgstr "cache_first"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:945
msgid ""
"This option specifies whether the responder should query all caches before "
"querying the Data Providers."
msgstr ""
"Esta opción especifica si el contestador consultará todos los caches antes "
"de consultar a los Proveedores de Datos."

#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd.conf.5.xml:960
msgid "NSS configuration options"
msgstr "Opciones de configuración de NSS"

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sssd.conf.5.xml:962
msgid ""
"These options can be used to configure the Name Service Switch (NSS) service."
msgstr ""
"Estas opciones pueden ser usadas para configurar el servicio Name Service "
"Switch (NSS)."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:967
msgid "enum_cache_timeout (integer)"
msgstr "enum_cache_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:970
msgid ""
"How many seconds should nss_sss cache enumerations (requests for info about "
"all users)"
msgstr ""
"Cuantos segundos ocultaría enumeraciones nss_sss (peticiones de información "
"sobre todos los usuarios)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:974
msgid "Default: 120"
msgstr "Predeterminado: 120"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:979
msgid "entry_cache_nowait_percentage (integer)"
msgstr "entry_cache_nowait_percentage (entero)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:982
msgid ""
"The entry cache can be set to automatically update entries in the background "
"if they are requested beyond a percentage of the entry_cache_timeout value "
"for the domain."
msgstr ""
"La entrada a la cache puede ser fijada automáticamente para actualizar "
"entradas en segundo plano si hay peticiones más allá de un porcentanje del "
"valor de entry_cache_timeout para el dominio."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:988
msgid ""
"For example, if the domain's entry_cache_timeout is set to 30s and "
"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
"after 15 seconds past the last cache update will be returned immediately, "
"but the SSSD will go and update the cache on its own, so that future "
"requests will not need to block waiting for a cache update."
msgstr ""
"Por ejemplo, si entry_cache_timeout del dominio está fijado a 30 y "
"entry_cache_nowait_percentage está fijado a 50 (por ciento), las entradas "
"que vengan después de 15 segundos pasado el último cache serán devueltas "
"inmediatamente, pero SSSD irá y actualizará el cache por el mismo, de modo "
"que las futuras peticiones no necesitarán bloquearse a la espera de una "
"actualización del cache."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:998
msgid ""
"Valid values for this option are 0-99 and represent a percentage of the "
"entry_cache_timeout for each domain. For performance reasons, this "
"percentage will never reduce the nowait timeout to less than 10 seconds.  (0 "
"disables this feature)"
msgstr ""
"Los valores válidos para esta opción son 0-99 y representan un porcentaje de "
"entry_cache_timeout para cada dominio. Por razones de rendimiento, este "
"porcentaje nunca reducirá el tiempo de salida de no espera a menos de 10 "
"segundos. (0 deshabilita esta función)."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1006 sssd.conf.5.xml:2122
msgid "Default: 50"
msgstr "Predeterminado: 50"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1011
msgid "entry_negative_timeout (integer)"
msgstr "entry_negative_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1014
msgid ""
"Specifies for how many seconds nss_sss should cache negative cache hits "
"(that is, queries for invalid database entries, like nonexistent ones)  "
"before asking the back end again."
msgstr ""
"Especifica por cuantos segundos nss_sss escondería golpes negativos al cache "
"(esto es, consultas para entradas no válidas a la base de datos, como "
"entradas no existentes) antes de preguntar al punto final otra vez."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1020 sssd.conf.5.xml:1779 sssd.conf.5.xml:2146
msgid "Default: 15"
msgstr "Predeterminado: 15"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1025
msgid "local_negative_timeout (integer)"
msgstr "local_negative_timeout (integer)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1028
msgid ""
"Specifies for how many seconds nss_sss should keep local users and groups in "
"negative cache before trying to look it up in the back end again. Setting "
"the option to 0 disables this feature."
msgstr ""
"Especifica por cuantos segundos nss_sss mantendría a los usuarios y grupos "
"locales en cache negativo antes de intentar buscarlo en el extremo final "
"otra vez. Fijando la opción a 0 deshabilita esta característica."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1034
msgid "Default: 14400 (4 hours)"
msgstr "Por defecto: 14400 (4 horas)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1039
msgid "filter_users, filter_groups (string)"
msgstr "filter_users, filter_groups (cadena)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1042
msgid ""
"Exclude certain users or groups from being fetched from the sss NSS "
"database. This is particularly useful for system accounts. This option can "
"also be set per-domain or include fully-qualified names to filter only users "
"from the particular domain or by a user principal name (UPN)."
msgstr ""
"Excluye a ciertos usuarios o grupos de ser recuperados de la base de datos "
"sss NSS. Esto es particularmente útil para cuentas del sistema. Esta opción "
"puede ser también establecida por dominio o incluir nombres completos para "
"filtrar solo usuarios de un dominio concreto o por el nombre principal de "
"usuario (UPN)."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1050
msgid ""
"NOTE: The filter_groups option doesn't affect inheritance of nested group "
"members, since filtering happens after they are propagated for returning via "
"NSS. E.g. a group having a member group filtered out will still have the "
"member users of the latter listed."
msgstr ""
"AVISO: La opción filter_groups no afecta a la herencia de miembros de grupos "
"anidados, puesto que el filtrado sucede después de que hayan sido propagados "
"para volver por medio de NSS. E.g. un grupo que tenga un miembro del grupo "
"filtrado mantendrá los usuarios miembros del listado posterior."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1058
msgid "Default: root"
msgstr "Predeterminado: root"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1063
msgid "filter_users_in_groups (bool)"
msgstr "filter_users_in_groups (bool)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1066
msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
"Si usted desea filtrar usuarios aunque sean miembros del grupo, fije esta "
"opción a false."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1077
msgid "fallback_homedir (string)"
msgstr "fallback_homedir (cadena)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1080
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
msgstr ""
"Fija la plantilla por defecto para el direcorio home del usuario si no se ha "
"especificado una explícitamente por el proveedor de datos del dominio."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1085
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
"Los valores disponibles para esta opción son los mismos que para "
"override_homedir."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
#: sssd.conf.5.xml:1091
#, no-wrap
msgid ""
"fallback_homedir = /home/%u\n"
"                            "
msgstr ""
"fallback_homedir = /home/%u\n"
"                            "

#. type: Content of: <varlistentry><listitem><para>
#: sssd.conf.5.xml:1089 sssd.conf.5.xml:1651 sssd.conf.5.xml:1670
#: sssd.conf.5.xml:1747 sssd-krb5.5.xml:451 include/override_homedir.xml:66
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "ejemplo: <placeholder type=\"programlisting\" id=\"0\"/>"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1095
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
"Por defecto: no fijado (sin sustitución para los directorios home no fijados)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1101
msgid "override_shell (string)"
msgstr "override_shell (cadena)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1104
msgid ""
"Override the login shell for all users. This option supersedes any other "
"shell options if it takes effect and can be set either in the [nss] section "
"or per-domain."
msgstr ""
"Anula el shell de acceso para todos los usuarios. Esta opción reemplaza "
"cualquier otra opción de shell si tinene efecto y puede ser fijada bien en "
"la sección [nss] o por dominio."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1110
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr "Por defecto: no fijado (SSSD usará el valor recuperado desde LDAP)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1116
msgid "allowed_shells (string)"
msgstr "allowed_shells (cadena)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1119
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
"Restringe la shell de usuario a uno de los valores listados. El orden de "
"evaluación es:"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1122
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr "1. Si el shell está presente en <quote>/etc/shells</quote>, se usa."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1126
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
msgstr ""
"2. Si el shell está en la lista allowed_shells pero no en <quote>/etc/"
"shells</quote>, usa el valor del parámetro shell_fallback."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1131
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
msgstr ""
"3. Si el shell no está en la lista allowed_shells y tampoco en <quote>/etc/"
"shells</quote>, se usará un shell de no acceso."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1136
msgid "The wildcard (*) can be used to allow any shell."
msgstr "Se puede usar el comodín (*) para permitir cualquier shell."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1139
msgid ""
"The (*) is useful if you want to use shell_fallback in case that user's "
"shell is not in <quote>/etc/shells</quote> and maintaining list of all "
"allowed shells in allowed_shells would be to much overhead."
msgstr ""
"(*) es útil si usted desea usar shell_fallback en caso de que el shell del "
"usuario no esté en <quote>/etc/shells</quote> y las lista que mantiene todos "
"los shells permitidos en allowed_shells estuviera llena."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1146
msgid "An empty string for shell is passed as-is to libc."
msgstr "Una cadena vacía para el shell se pasa como-es a libc."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1149
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
msgstr ""
"<quote>/etc/shells</quote> es de sólo lectura en el inicio SSSD, lo que "
"significa que se requiere el reinicio del SSSD en el caso de que se instale "
"una nueva shell."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1153
msgid "Default: Not set. The user shell is automatically used."
msgstr "Por defecto: No fijado. La shell del usuario se usa automáticamente."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1158
msgid "vetoed_shells (string)"
msgstr "vetoed_shells (cadena)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1161
msgid "Replace any instance of these shells with the shell_fallback"
msgstr "Reemplaza cualquier instancia de estos shells con shell_fallback"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1166
msgid "shell_fallback (string)"
msgstr "shell_fallback (cadena)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1169
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
"La shell por defecto a usar si una shell permitida no está instalada en la "
"máquina."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1173
msgid "Default: /bin/sh"
msgstr "Predeterminado: /bin/sh"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1178
msgid "default_shell"
msgstr "default_shell"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1181
msgid ""
"The default shell to use if the provider does not return one during lookup. "
"This option can be specified globally in the [nss] section or per-domain."
msgstr ""
"El shell por defecto a usar si el proveedor no devuelve uno durante la "
"búsqueda. Esta opción puede ser especificada globalmente en la sección [nss] "
"o por dominio."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1187
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
"Por defecto: no fijado (Devuelve NULL si no se ha especificado una shell y "
"confía en libc para sustituir algo sensible cuando sea necesario, "
"normalmente /bin/sh)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1194 sssd.conf.5.xml:1577
msgid "get_domains_timeout (int)"
msgstr "get_domains_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1197 sssd.conf.5.xml:1580
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
"Especifica el tiempo en segundos por los cuales la lista de subdominios será "
"considerada válida."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1206
#, fuzzy
#| msgid "enum_cache_timeout (integer)"
msgid "memcache_timeout (integer)"
msgstr "enum_cache_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1209
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid. Setting this option to zero will disable the in-memory cache."
msgstr ""
"Especifica el tiempo en segundos por el cual os registros en la memoria "
"cache serán validos. Fijando esta opción o cero deshabilita la memoria cache."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1217
msgid ""
"WARNING: Disabling the in-memory cache will have significant negative impact "
"on SSSD's performance and should only be used for testing."
msgstr ""
"PRECAUCIÓN: Deshabilitar la memoria cache puede llevar a un impacto negativo "
"significativo sobre el rendimiento de SSSD y debería ser usado solo para "
"pruebas."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1223 sssd.conf.5.xml:1248 sssd.conf.5.xml:1273
#: sssd.conf.5.xml:1298 sssd.conf.5.xml:1325
msgid ""
"NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", "
"client applications will not use the fast in-memory cache."
msgstr ""
"AVISO: Si la variable de entorno SSS_NSS_USE_MEMCACHE estça fijada a \"NO\", "
"las aplicaciones clientes no usaran la memoria cache rápida."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1231
#, fuzzy
#| msgid "enum_cache_timeout (integer)"
msgid "memcache_size_passwd (integer)"
msgstr "enum_cache_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1234
#, fuzzy
#| msgid ""
#| "Specifies time in seconds for which records in the in-memory cache will "
#| "be valid. Setting this option to zero will disable the in-memory cache."
msgid ""
"Size (in megabytes) of the data table allocated inside fast in-memory cache "
"for passwd requests.  Setting the size to 0 will disable the passwd in-"
"memory cache."
msgstr ""
"Especifica el tiempo en segundos por el cual os registros en la memoria "
"cache serán validos. Fijando esta opción o cero deshabilita la memoria cache."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1240 sssd.conf.5.xml:2971 sssd-ldap.5.xml:549
msgid "Default: 8"
msgstr "Predeterminado: 8"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1243 sssd.conf.5.xml:1268 sssd.conf.5.xml:1293
#: sssd.conf.5.xml:1320
#, fuzzy
#| msgid ""
#| "WARNING: Disabling the in-memory cache will have significant negative "
#| "impact on SSSD's performance and should only be used for testing."
msgid ""
"WARNING: Disabled or too small in-memory cache can have significant negative "
"impact on SSSD's performance."
msgstr ""
"PRECAUCIÓN: Deshabilitar la memoria cache puede llevar a un impacto negativo "
"significativo sobre el rendimiento de SSSD y debería ser usado solo para "
"pruebas."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1256
#, fuzzy
#| msgid "enum_cache_timeout (integer)"
msgid "memcache_size_group (integer)"
msgstr "enum_cache_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1259
#, fuzzy
#| msgid ""
#| "Specifies time in seconds for which records in the in-memory cache will "
#| "be valid. Setting this option to zero will disable the in-memory cache."
msgid ""
"Size (in megabytes) of the data table allocated inside fast in-memory cache "
"for group requests.  Setting the size to 0 will disable the group in-memory "
"cache."
msgstr ""
"Especifica el tiempo en segundos por el cual os registros en la memoria "
"cache serán validos. Fijando esta opción o cero deshabilita la memoria cache."

#. type: Content of: <variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1265 sssd.conf.5.xml:1317 sssd.conf.5.xml:3737
#: sssd-ldap.5.xml:474 sssd-ldap.5.xml:526 include/failover.xml:116
#: include/krb5_options.xml:11
msgid "Default: 6"
msgstr "Predeterminado: 6"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1281
#, fuzzy
#| msgid "enum_cache_timeout (integer)"
msgid "memcache_size_initgroups (integer)"
msgstr "enum_cache_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1284
#, fuzzy
#| msgid ""
#| "Specifies time in seconds for which records in the in-memory cache will "
#| "be valid. Setting this option to zero will disable the in-memory cache."
msgid ""
"Size (in megabytes) of the data table allocated inside fast in-memory cache "
"for initgroups requests.  Setting the size to 0 will disable the initgroups "
"in-memory cache."
msgstr ""
"Especifica el tiempo en segundos por el cual os registros en la memoria "
"cache serán validos. Fijando esta opción o cero deshabilita la memoria cache."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1306
#, fuzzy
#| msgid "enum_cache_timeout (integer)"
msgid "memcache_size_sid (integer)"
msgstr "enum_cache_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1309
#, fuzzy
#| msgid ""
#| "Specifies time in seconds for which records in the in-memory cache will "
#| "be valid. Setting this option to zero will disable the in-memory cache."
msgid ""
"Size (in megabytes) of the data table allocated inside fast in-memory cache "
"for SID related requests.  Only SID-by-ID and ID-by-SID requests are "
"currently cached in fast in-memory cache.  Setting the size to 0 will "
"disable the SID in-memory cache."
msgstr ""
"Especifica el tiempo en segundos por el cual os registros en la memoria "
"cache serán validos. Fijando esta opción o cero deshabilita la memoria cache."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1333 sssd-ifp.5.xml:90
msgid "user_attributes (string)"
msgstr "user_attributes (string)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1336
msgid ""
"Some of the additional NSS responder requests can return more attributes "
"than just the POSIX ones defined by the NSS interface. The list of "
"attributes is controlled by this option. It is handled the same way as the "
"<quote>user_attributes</quote> option of the InfoPipe responder (see "
"<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> for details) but with no default values."
msgstr ""
"Algunas de las solicitudes de respuestas adicionales NSS pueden devolver mas "
"atributos que solos los de POXIS definido por el interfaz NSS. La lista de "
"atributos se controla con esta opción. Se maneja de la misma forma que la "
"opción <quote>user_attributes</quote> del contestador InfoPipe (see "
"<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> para mas detalles) pero sin valores "
"predeterminados."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1349
msgid ""
"To make configuration more easy the NSS responder will check the InfoPipe "
"option if it is not set for the NSS responder."
msgstr ""
"Para hacer mas fácil la configuración el contestador NSS comprobará la "
"opción InfoPipe si no está fijada para el contestador NSS."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1354
msgid "Default: not set, fallback to InfoPipe option"
msgstr "Por defecto: no ajustada, retroceder a opción InfoPipe"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1359
msgid "pwfield (string)"
msgstr "pwfield (cadena)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1362
msgid ""
"The value that NSS operations that return users or groups will return for "
"the <quote>password</quote> field."
msgstr ""
"El valor que las operaciones NSS que devuelven usuarios o grupos devolverán "
"para el campo <quote>password</quote>."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1367
#, fuzzy
#| msgid "Default: <quote>permit</quote>"
msgid "Default: <quote>*</quote>"
msgstr "Predeterminado: <quote>permit</quote>"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1370
#, fuzzy
#| msgid "This option can also be set per-domain."
msgid ""
"Note: This option can also be set per-domain which overwrites the value in "
"[nss] section."
msgstr "Esta opción puede ser también fijada por dominio."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1374
#, fuzzy
#| msgid ""
#| "Default: <quote>*</quote> (remote domains)  or <quote>x</quote> (the "
#| "files domain)"
msgid ""
"Default: <quote>not set</quote> (remote domains), <phrase "
"condition=\"with_files_provider\"> <quote>x</quote> (the files domain), </"
"phrase> <quote>x</quote> (proxy domain with nss_files and sssd-shadowutils "
"target)"
msgstr ""
"Por defecto: <quote>*</quote> (dominios remotos)  o <quote>x</quote> (los "
"ficheros de dominio)"

#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd.conf.5.xml:1386
msgid "PAM configuration options"
msgstr "Opciones de configuración PAM"

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sssd.conf.5.xml:1388
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
msgstr ""
"Estas opciones pueden ser usadas para configurar el servicio Pluggable "
"Authentication Module (PAM)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1393
msgid "offline_credentials_expiration (integer)"
msgstr "offline_credentials_expiration (entero)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1396
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
msgstr ""
"Si la autenticación del proveedor es fuera de línea, cuanto permitiríamos "
"los accesos escondidos (en días desde el último login en línea con éxito)."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1401 sssd.conf.5.xml:1414
msgid "Default: 0 (No limit)"
msgstr "Predeterminado: 0 (Sin límite)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1407
msgid "offline_failed_login_attempts (integer)"
msgstr "offline_failed_login_attempts (entero)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1410
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
msgstr ""
"Si la autenticación del proveedor es fuera de línea, cuantos intentos de "
"login fallados están permitidos."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1420
msgid "offline_failed_login_delay (integer)"
msgstr "offline_failed_login_delay (entero)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1423
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
msgstr ""
"El tiempo en minutos que ha de pasar después de que "
"offline_failed_login_attempts ha sido alcanzado antes de que un nuevo "
"intento de login sea posible."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1428
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
"authentication can enable offline authentication again."
msgstr ""
"Si se fija en 0 el usuario no puede autenticarse fuerta de línea si se ha "
"alcanzado offline_failed_login_attempts. Sólo una autenticación en línea con "
"éxito puede habilitar otra vez la autenticación fuera de línea."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1434 sssd.conf.5.xml:1544
msgid "Default: 5"
msgstr "Predeterminado: 5"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1440
msgid "pam_verbosity (integer)"
msgstr "pam_verbosity (entero)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1443
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
msgstr ""
"Controla qué tipo de mensajes se muestra al usuario durante la "
"autenticación. Cuanto mayor sea el número de mensajes más aparecen."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1448
msgid "Currently sssd supports the following values:"
msgstr "Actualmente sssd soporta los siguientes valores:"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1451
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr "<emphasis>0</emphasis>: no mostrar ningún mensaje"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1454
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr "<emphasis>1</emphasis>: mostrar sólo mensajes importantes"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1458
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr "<emphasis>2</emphasis>: mostrar mensajes informativos"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1461
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
"<emphasis>3</emphasis>: mostrar todos los mensajes e información de "
"depuración"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1465 sssd.8.xml:63
msgid "Default: 1"
msgstr "Predeterminado: 1"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1471
#, fuzzy
#| msgid "pam_response_filter (integer)"
msgid "pam_response_filter (string)"
msgstr "pam_response_filter (entero)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1474
msgid ""
"A comma separated list of strings which allows to remove (filter) data sent "
"by the PAM responder to pam_sss PAM module. There are different kind of "
"responses sent to pam_sss e.g. messages displayed to the user or environment "
"variables which should be set by pam_sss."
msgstr ""
"Una lista separada por comas de cadenas que permiten borrar (filtrar) datos "
"enviados por el contestador PAM al modulo PAM pam_sss PAM. Hay diferentes "
"clases de respuestas enviadas a pam_sss e.g. mensajes mostrados al usuario o "
"variables de entorno que deberían ser fijadas por pam_sss."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1482
msgid ""
"While messages already can be controlled with the help of the pam_verbosity "
"option this option allows to filter out other kind of responses as well."
msgstr ""
"Como los mensajes ya pueden ser controlados con la ayuda de la opción "
"pam_verbosity esta opción permite filtrar otra clase de respuestas también."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1489
msgid "ENV"
msgstr "ENV"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1490
msgid "Do not send any environment variables to any service."
msgstr "No envía ninguna variable de entorno a ningún servicio."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1493
msgid "ENV:var_name"
msgstr "ENV:var_name"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1494
msgid "Do not send environment variable var_name to any service."
msgstr "No envía la variable de entorno var_name a  ningún servicio."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1498
msgid "ENV:var_name:service"
msgstr "ENV:var_name:service"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1499
msgid "Do not send environment variable var_name to service."
msgstr "No envía la variable de entorno var_name al servicio."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1487
msgid ""
"Currently the following filters are supported: <placeholder "
"type=\"variablelist\" id=\"0\"/>"
msgstr ""
"Actualmente se soportan los siguientes filtros: <placeholder "
"type=\"variablelist\" id=\"0\"/>"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1506
msgid ""
"The list of strings can either be the list of filters which would set this "
"list of filters and overwrite the defaults. Or each element of the list can "
"be prefixed by a '+' or '-' character which would add the filter to the "
"existing default or remove it from the defaults, respectively. Please note "
"that either all list elements must have a '+' or '-' prefix or none. It is "
"considered as an error to mix both styles."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1517
#, fuzzy
#| msgid "Example: ENV:KRB5CCNAME:sudo-i"
msgid "Default: ENV:KRB5CCNAME:sudo, ENV:KRB5CCNAME:sudo-i"
msgstr "Ejemplo: ENV:KRB5CCNAME:sudo-i"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1520
msgid ""
"Example: -ENV:KRB5CCNAME:sudo-i will remove the filter from the default list"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1527
msgid "pam_id_timeout (integer)"
msgstr "pam_id_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1530
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
"ensure that authentication takes place with the latest information."
msgstr ""
"Para cualquier petición PAM mientras SSSD está en línea, SSSD intentará "
"inmediatamente actualizar la información de identidad escondida por el "
"usuario con el objetivo de asegurar que la autenticación tiene lugar con la "
"información más actual."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1536
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
"client-application basis) how long (in seconds) we can cache the identity "
"information to avoid excessive round-trips to the identity provider."
msgstr ""
"Una conversación PAM completa puede llevar a cabo múltiples peticiones PAM, "
"como gestión de cuenta y apertura de sesión. Esta opción controla (sobre una "
"base de por cliente-aplicación) cuanto (en segundos) podemos esconder la "
"información de identidad para evitar excesivos viajes de ida y vuelata al "
"proveedor de identidad."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1550
msgid "pam_pwd_expiration_warning (integer)"
msgstr "pam_pwd_expiration_warning (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1553 sssd.conf.5.xml:2995
msgid "Display a warning N days before the password expires."
msgstr "Mostrar una advertencia N días antes que la contraseña caduque."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1556
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password.  If this information is missing, sssd "
"cannot display a warning."
msgstr ""
"Por favor advierta que el servidor de punto final tiene que suministrar "
"información sobre el tiempo de expiración de la contraseña. Si esta "
"información desaparece, sssd no podrá mostrar un aviso."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1562 sssd.conf.5.xml:2998
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
msgstr ""
"Si está fijado cero, no se aplicará el filtro, esto es si se recibe una "
"advertencia de expiración desde el servidor final, se mostrará "
"automáticamente."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1567
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
msgstr ""
"Este ajuste puede ser anulado por el ajuste "
"<emphasis>pwd_expiration_warning</emphasis> para un dominio concreto."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1572 sssd.conf.5.xml:4003 sssd-ldap.5.xml:607 sssd.8.xml:79
msgid "Default: 0"
msgstr "Predeterminado: 0"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1589
msgid "pam_trusted_users (string)"
msgstr "pam_trusted_users (cadena)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1592
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to run PAM conversations against trusted domains.  Users not "
"included in this list can only access domains marked as public with "
"<quote>pam_public_domains</quote>.  User names are resolved to UIDs at "
"startup."
msgstr ""
"Especifica la lista separada por comas de valores de UID o nombres de "
"usuarios que tienen permitidas conversaciones PAM contra dominios de "
"confianza.  Los usuarios no incluidos en esta lista pueden solo acceder a "
"dominios marcadoscomo públicos con <quote>pam_public_domains</quote>.  Los "
"nombres de usuarios se resuelven a UIDs en el arranque."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1602
msgid "Default: All users are considered trusted by default"
msgstr "Por defecto: Todos los usuarios se consideran de confianza por defecto"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1606
msgid ""
"Please note that UID 0 is always allowed to access the PAM responder even in "
"case it is not in the pam_trusted_users list."
msgstr ""
"Por favor advierta que la UID 0 siempre permite el acceso al contestador PAM "
"aunque no está en la la lista pam_trusted_users."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1613
msgid "pam_public_domains (string)"
msgstr "pam_public_domains (cadena)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1616
msgid ""
"Specifies the comma-separated list of domain names that are accessible even "
"to untrusted users."
msgstr ""
"Especifica la lista separada por comas de nombres de dominios que son "
"accesibles hasta para los usuarios en los que no se confíe."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1620
msgid "Two special values for pam_public_domains option are defined:"
msgstr ""
"Hay definidos dos valores especiales para la opción pam_public_domains:"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1624
msgid ""
"all (Untrusted users are allowed to access all domains in PAM responder.)"
msgstr ""
"all (Los usuarios de no confianza están permitidos para acceder a todos los "
"dominios en el contestador PAM.)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1628
msgid ""
"none (Untrusted users are not allowed to access any domains PAM in "
"responder.)"
msgstr ""
"none (Los usuarios de no confianza no tienen permitido acceder a los "
"dominios PAM en el contestador.)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1632 sssd.conf.5.xml:1657 sssd.conf.5.xml:1676
#: sssd.conf.5.xml:1913 sssd.conf.5.xml:2733 sssd.conf.5.xml:3932
#: sssd-ldap.5.xml:1209
msgid "Default: none"
msgstr "Predeterminado: none"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1637
msgid "pam_account_expired_message (string)"
msgstr "pam_account_expired_message (cadena)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1640
msgid ""
"Allows a custom expiration message to be set, replacing the default "
"'Permission denied' message."
msgstr ""
"Permite configurar un mensaje de expiración personalizado, reemplazando el "
"mensaje predeterminado 'Permiso denegado'."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1645
msgid ""
"Note: Please be aware that message is only printed for the SSH service "
"unless pam_verbosity is set to 3 (show all messages and debug information)."
msgstr ""
"Nota: Por favor tenga cuidado que este mensaje solo se imprime por el "
"servicio SSH a no ser que pam_verbosity esté fijado a 3 (mostrar todos los "
"mensajes e información de depuración)."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
#: sssd.conf.5.xml:1653
#, no-wrap
msgid ""
"pam_account_expired_message = Account expired, please contact help desk.\n"
"                            "
msgstr ""
"pam_account_expired_message = Cuenta expirada, por favor contacte con la mesa de ayuda.\n"
"                            "

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1662
msgid "pam_account_locked_message (string)"
msgstr "pam_account_locked_message (cadena)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1665
msgid ""
"Allows a custom lockout message to be set, replacing the default 'Permission "
"denied' message."
msgstr ""
"Permite fijar un mensaje de bloqueo personalizado, reemplazando el mensaje "
"por defecto 'Permiso denegado'."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
#: sssd.conf.5.xml:1672
#, no-wrap
msgid ""
"pam_account_locked_message = Account locked, please contact help desk.\n"
"                            "
msgstr ""
"pam_account_locked_message = Cuenta bloqueada, por favor contacte con la mesa de ayuda.\n"
"                            "

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1681
#, fuzzy
#| msgid "pam_cert_auth (bool)"
msgid "pam_passkey_auth (bool)"
msgstr "pam_cert_auth (booleano)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1684
msgid "Enable passkey device based authentication."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1687 sssd.conf.5.xml:1999 sssd-ad.5.xml:1271
#: sss_rpcidmapd.5.xml:76 sssd-files.5.xml:145
msgid "Default: True"
msgstr "Predeterminado: True"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1692
msgid "passkey_debug_libfido2 (bool)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1695
msgid "Enable libfido2 library debug messages."
msgstr ""

#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1698 sssd.conf.5.xml:1712 sssd-ldap.5.xml:672
#: sssd-ldap.5.xml:693 sssd-ldap.5.xml:789 sssd-ldap.5.xml:1295
#: sssd-ad.5.xml:505 sssd-ad.5.xml:581 sssd-ad.5.xml:1126 sssd-ad.5.xml:1175
#: include/ldap_id_mapping.xml:250
msgid "Default: False"
msgstr "Por defecto: False"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1703
msgid "pam_cert_auth (bool)"
msgstr "pam_cert_auth (booleano)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1706
msgid ""
"Enable certificate based Smartcard authentication.  Since this requires "
"additional communication with the Smartcard which will delay the "
"authentication process this option is disabled by default."
msgstr ""
"Habilita un certificado en base a la autenticación Smartcard.  Como esto "
"requiere comunicación adicional con la Smartcard lo que dilatará el proceso "
"de autenticación esta opción está deshabilitada por defecto."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1717
msgid "pam_cert_db_path (string)"
msgstr "pam_cert_db_path (cadena)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1720
msgid "The path to the certificate database."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1723 sssd.conf.5.xml:2248 sssd.conf.5.xml:4424
msgid "Default:"
msgstr "Predeterminado:"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd.conf.5.xml:1725 sssd.conf.5.xml:2250
#, fuzzy
#| msgid ""
#| "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with "
#| "trusted CA certificates in PEM format)"
msgid ""
"/etc/sssd/pki/sssd_auth_ca_db.pem (path to a file with trusted CA "
"certificates in PEM format)"
msgstr ""
"/etc/sssd/pki/sssd_auth_ca_db.pem (Versión de OpenSSL, ruta a un fichero con "
"certificados CA de confianza en formato PEM)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1735
#, fuzzy
#| msgid "certificate_verification (string)"
msgid "pam_cert_verification (string)"
msgstr "certificate_verification (cadena)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1738
#, fuzzy
#| msgid ""
#| "With this parameter the certificate verification can be tuned with a "
#| "comma separated list of options. Supported options are: <placeholder "
#| "type=\"variablelist\" id=\"0\"/>"
msgid ""
"With this parameter the PAM certificate verification can be tuned with a "
"comma separated list of options that override the "
"<quote>certificate_verification</quote> value in <quote>[sssd]</quote> "
"section.  Supported options are the same of <quote>certificate_verification</"
"quote>."
msgstr ""
"Con este parámetros la verificación del certificado se puede sintonizar con "
"una lista de opciones separadas por comas. Las opciones soportadas son: "
"<placeholder type=\"variablelist\" id=\"0\"/>"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
#: sssd.conf.5.xml:1749
#, fuzzy, no-wrap
#| msgid ""
#| "pam_p11_allowed_services = +my_pam_service, -login\n"
#| "                            "
msgid ""
"pam_cert_verification = partial_chain\n"
"                            "
msgstr ""
"pam_p11_allowed_services = +my_pam_service, -login\n"
"                            "

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1753
msgid ""
"Default: not set, i.e. use default <quote>certificate_verification</quote> "
"option defined in <quote>[sssd]</quote> section."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1760
msgid "p11_child_timeout (integer)"
msgstr "p11_child_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1763
msgid "How many seconds will pam_sss wait for p11_child to finish."
msgstr "Cuantos segundos esperará pam_sss wait para que p11_child finalice."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1772
#, fuzzy
#| msgid "p11_child_timeout (integer)"
msgid "passkey_child_timeout (integer)"
msgstr "p11_child_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1775
#, fuzzy
#| msgid "How many seconds will pam_sss wait for p11_child to finish."
msgid ""
"How many seconds will the PAM responder wait for passkey_child to finish."
msgstr "Cuantos segundos esperará pam_sss wait para que p11_child finalice."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1784
msgid "pam_app_services (string)"
msgstr "pam_app_services (cadena)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1787
msgid ""
"Which PAM services are permitted to contact domains of type "
"<quote>application</quote>"
msgstr ""
"Cuales son los servicios PAM que tiene permitido contactar con dominios del "
"tipo <quote>application</quote>"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1796
#, fuzzy
#| msgid "pam_p11_allowed_services (integer)"
msgid "pam_p11_allowed_services (string)"
msgstr "pam_p11_allowed_services (entero)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1799
msgid ""
"A comma-separated list of PAM service names for which it will be allowed to "
"use Smartcards."
msgstr ""
"Una lista separada por comas de nombres de servicios PAM a los que les será "
"permitidos usar Smartcards."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
#: sssd.conf.5.xml:1814
#, no-wrap
msgid ""
"pam_p11_allowed_services = +my_pam_service, -login\n"
"                            "
msgstr ""
"pam_p11_allowed_services = +my_pam_service, -login\n"
"                            "

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1803
msgid ""
"It is possible to add another PAM service name to the default set by using "
"<quote>+service_name</quote> or to explicitly remove a PAM service name from "
"the default set by using <quote>-service_name</quote>. For example, in order "
"to replace a default PAM service name for authentication with Smartcards (e."
"g. <quote>login</quote>) with a custom PAM service name (e.g. "
"<quote>my_pam_service</quote>), you would use the following configuration: "
"<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
"Es posible añadir otro nombre de servicio PAM al conjunto predeterminado "
"usando <quote>+service_name</quote> o quitar explícitamente nombre de "
"servicio PAM de los predeterminados usando <quote>-service_name</quote>. Por "
"ejemplo, con el objetivo de reemplazar un nombre de servicio PAM por "
"autenticación con Smartcards (e.g. <quote>login</quote>) con un nombre de "
"servicio PAM personalizado (e.g. <quote>my_pam_service</quote>), debería "
"usar la siguiente configuración: <placeholder type=\"programlisting\" "
"id=\"0\"/>"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1818 sssd-ad.5.xml:644 sssd-ad.5.xml:753 sssd-ad.5.xml:811
#: sssd-ad.5.xml:869 sssd-ad.5.xml:947
msgid "Default: the default set of PAM service names includes:"
msgstr ""
"Predeterminado: el conjunto predeterminado de nombres de servicio PAM "
"incluye:"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd.conf.5.xml:1823 sssd-ad.5.xml:648
msgid "login"
msgstr "login"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd.conf.5.xml:1828 sssd-ad.5.xml:653
msgid "su"
msgstr "su"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd.conf.5.xml:1833 sssd-ad.5.xml:658
msgid "su-l"
msgstr "su-l"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd.conf.5.xml:1838 sssd-ad.5.xml:673
msgid "gdm-smartcard"
msgstr "gdm-smartcard"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd.conf.5.xml:1843 sssd-ad.5.xml:668
msgid "gdm-password"
msgstr "gdm-password"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd.conf.5.xml:1848 sssd-ad.5.xml:678
msgid "kdm"
msgstr "kdm"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd.conf.5.xml:1853 sssd-ad.5.xml:956
msgid "sudo"
msgstr "sudo"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd.conf.5.xml:1858 sssd-ad.5.xml:961
msgid "sudo-i"
msgstr "sudo-i"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd.conf.5.xml:1863
msgid "gnome-screensaver"
msgstr "gnome-screensaver"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1871
msgid "p11_wait_for_card_timeout (integer)"
msgstr "p11_wait_for_card_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1874
msgid ""
"If Smartcard authentication is required how many extra seconds in addition "
"to p11_child_timeout should the PAM responder wait until a Smartcard is "
"inserted."
msgstr ""
"Si se requiere la autenticación con Smartcard cuantos segundos extras se "
"añaden a p11_child_timeout para que el contestador PAM espera hasta que se "
"inserte la Smartcard."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1885
msgid "p11_uri (string)"
msgstr "p11_uri (cadena)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1888
msgid ""
"PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the "
"selection of devices used for Smartcard authentication. By default SSSD's "
"p11_child will search for a PKCS#11 slot (reader)  where the 'removable' "
"flags is set and read the certificates from the inserted token from the "
"first slot found. If multiple readers are connected p11_uri can be used to "
"tell p11_child to use a specific reader."
msgstr ""
"PKCS#11 URI (ver detalles en RFC-7512) que puede ser usada para restringir "
"la selección de dspositivos usados por la autenticación Smartcard. Por "
"defecto p11_child de SSSD buscará una ranura (lector) PKCS#11 donde este "
"establecida la bandera 'removable' y lee los certificados de la ficha "
"insertada en la primera ranura encontrada. Si están conectados múltiples "
"lectores p11_uri puede ser usado para decir a p11_child que use un lector "
"específico."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
#: sssd.conf.5.xml:1901
#, fuzzy, no-wrap
#| msgid ""
#| "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n"
#| "                            "
msgid ""
"p11_uri = pkcs11:slot-description=My%20Smartcard%20Reader\n"
"                            "
msgstr ""
"p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n"
"                            "

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
#: sssd.conf.5.xml:1905
#, fuzzy, no-wrap
#| msgid ""
#| "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n"
#| "                            "
msgid ""
"p11_uri = pkcs11:library-description=OpenSC%20smartcard%20framework;slot-id=2\n"
"                            "
msgstr ""
"p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n"
"                            "

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1899
msgid ""
"Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder "
"type=\"programlisting\" id=\"1\"/> To find suitable URI please check the "
"debug output of p11_child. As an alternative the GnuTLS utility 'p11tool' "
"with e.g. the '--list-all' will show PKCS#11 URIs as well."
msgstr ""
"Ejemplo: <placeholder type=\"programlisting\" id=\"0\"/> o <placeholder "
"type=\"programlisting\" id=\"1\"/> Para encontrar la URI adecuada compruebe "
"por favor la salida de depuración de p11_child. Como alternativa la utilidad "
"GnuTLS 'p11tool' con e.g. '--list-all' mostrará PKCS#11 URIs también."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1918
msgid "pam_initgroups_scheme"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1926
msgid "always"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1927
msgid ""
"Always do an online lookup, please note that pam_id_timeout still applies"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1931
msgid "no_session"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1932
msgid ""
"Only do an online lookup if there is no active session of the user, i.e. if "
"the user is currently not logged in"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:1937
msgid "never"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1938
msgid ""
"Never force an online lookup, use the data from the cache as long as they "
"are not expired"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1921
msgid ""
"The PAM responder can force an online lookup to get the current group "
"memberships of the user trying to log in. This option controls when this "
"should be done and the following values are allowed: <placeholder "
"type=\"variablelist\" id=\"0\"/>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1945
msgid "Default: no_session"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:1950 sssd.conf.5.xml:4363
#, fuzzy
#| msgid "pam_app_services (string)"
msgid "pam_gssapi_services"
msgstr "pam_app_services (cadena)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1953
#, fuzzy
#| msgid "Comma separated list of users who are allowed to log in."
msgid ""
"Comma separated list of PAM services that are allowed to try GSSAPI "
"authentication using pam_sss_gss.so module."
msgstr "Lista separada por comas de usuarios a los está permitido el acceso."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1958
msgid ""
"To disable GSSAPI authentication, set this option to <quote>-</quote> (dash)."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1962 sssd.conf.5.xml:1993 sssd.conf.5.xml:2031
msgid ""
"Note: This option can also be set per-domain which overwrites the value in "
"[pam] section. It can also be set for trusted domain which overwrites the "
"value in the domain section."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
#: sssd.conf.5.xml:1970
#, fuzzy, no-wrap
#| msgid ""
#| "pam_p11_allowed_services = +my_pam_service, -login\n"
#| "                            "
msgid ""
"pam_gssapi_services = sudo, sudo-i\n"
"                            "
msgstr ""
"pam_p11_allowed_services = +my_pam_service, -login\n"
"                            "

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1968 sssd.conf.5.xml:3926
msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "Ejemplo: <placeholder type=\"programlisting\" id=\"0\"/>"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1974
msgid "Default: - (GSSAPI authentication is disabled)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:1979 sssd.conf.5.xml:4364
msgid "pam_gssapi_check_upn"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1982
msgid ""
"If True, SSSD will require that the Kerberos user principal that "
"successfully authenticated through GSSAPI can be associated with the user "
"who is being authenticated. Authentication will fail if the check fails."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:1989
msgid ""
"If False, every user that is able to obtained required service ticket will "
"be authenticated."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2004
msgid "pam_gssapi_indicators_map"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2007
msgid ""
"Comma separated list of authentication indicators required to be present in "
"a Kerberos ticket to access a PAM service that is allowed to try GSSAPI "
"authentication using pam_sss_gss.so module."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2013
msgid ""
"Each element of the list can be either an authentication indicator name or a "
"pair <quote>service:indicator</quote>. Indicators not prefixed with the PAM "
"service name will be required to access any PAM service configured to be "
"used with <option>pam_gssapi_services</option>. A resulting list of "
"indicators per PAM service is then checked against indicators in the "
"Kerberos ticket during authentication by pam_sss_gss.so. Any indicator from "
"the ticket that matches the resulting list of indicators for the PAM service "
"would grant access. If none of the indicators in the list match, access will "
"be denied. If the resulting list of indicators for the PAM service is empty, "
"the check will not prevent the access."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2026
msgid ""
"To disable GSSAPI authentication indicator check, set this option to <quote>-"
"</quote> (dash). To disable the check for a specific PAM service, add "
"<quote>service:-</quote>."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2037
msgid ""
"Following authentication indicators are supported by IPA Kerberos "
"deployments:"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd.conf.5.xml:2040
msgid ""
"pkinit -- pre-authentication using X.509 certificates -- whether stored in "
"files or on smart cards."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd.conf.5.xml:2043
msgid ""
"hardened -- SPAKE pre-authentication or any pre-authentication wrapped in a "
"FAST channel."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd.conf.5.xml:2046
msgid "radius -- pre-authentication with the help of a RADIUS server."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd.conf.5.xml:2049
msgid ""
"otp -- pre-authentication using integrated two-factor authentication (2FA or "
"one-time password, OTP) in IPA."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd.conf.5.xml:2052
msgid "idp -- pre-authentication using external identity provider."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
#: sssd.conf.5.xml:2062
#, fuzzy, no-wrap
#| msgid ""
#| "pam_p11_allowed_services = +my_pam_service, -login\n"
#| "                            "
msgid ""
"pam_gssapi_indicators_map = sudo:pkinit, sudo-i:pkinit\n"
"                            "
msgstr ""
"pam_p11_allowed_services = +my_pam_service, -login\n"
"                            "

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2057
msgid ""
"Example: to require access to SUDO services only for users which obtained "
"their Kerberos tickets with a X.509 certificate pre-authentication (PKINIT), "
"set <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2066
#, fuzzy
#| msgid "Default: not set (no substitution for unset home directories)"
msgid "Default: not set (use of authentication indicators is not required)"
msgstr ""
"Por defecto: no fijado (sin sustitución para los directorios home no fijados)"

#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd.conf.5.xml:2074
msgid "SUDO configuration options"
msgstr "SUDO opciones de configuración"

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sssd.conf.5.xml:2076
msgid ""
"These options can be used to configure the sudo service.  The detailed "
"instructions for configuration of <citerefentry> <refentrytitle>sudo</"
"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to work with "
"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
"</citerefentry> are in the manual page <citerefentry> <refentrytitle>sssd-"
"sudo</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>."
msgstr ""
"Se pueden usar estas opciones para configurar el servicio sudo.  Las "
"instrucciones detalladas para la configuración de <citerefentry> "
"<refentrytitle>sudo</refentrytitle> <manvolnum>8</manvolnum> </citerefentry> "
"para trabajar con <citerefentry> <refentrytitle>sssd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> están en la página de manual "
"<citerefentry> <refentrytitle>sssd-sudo</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry>."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2093
msgid "sudo_timed (bool)"
msgstr "sudo_timed (booleano)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2096
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
msgstr ""
"Si se evalúan o no los atributos sudoNotBefore y sudoNotAfter que implementa "
"entradas de sudoers dependientes del tiempo."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2108
msgid "sudo_threshold (integer)"
msgstr "sudo_threshold (entero)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2111
msgid ""
"Maximum number of expired rules that can be refreshed at once. If number of "
"expired rules is below threshold, those rules are refreshed with "
"<quote>rules refresh</quote> mechanism. If the threshold is exceeded a "
"<quote>full refresh</quote> of sudo rules is triggered instead. This "
"threshold number also applies to IPA sudo command and command group searches."
msgstr ""
"Número máxio de reflas expiradas que pueden ser refrescadas a la vez. Si el "
"número de reglas expiradas está por debajo del umbral son refrescadas con el "
"mecanismo <quote>refrescar reglas</quote> mechanism. SI se supera el umbral "
"un <quote>refresco total</quote> de reglas sudo se dispara en su lugar. Este "
"umbral también se aplica al comando IPA sudo y a las búsquedas de grupo de "
"comando."

#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd.conf.5.xml:2130
msgid "AUTOFS configuration options"
msgstr "Opciones de configuración AUTOFS"

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sssd.conf.5.xml:2132
msgid "These options can be used to configure the autofs service."
msgstr "Estas opciones pueden ser usadas para configurar el servicio autofs."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2136
msgid "autofs_negative_timeout (integer)"
msgstr "autofs_negative_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2139
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
"before asking the back end again."
msgstr ""
"Especifica cuantos segundos debería el respondedor negativo autofs esconder "
"golpes (esto es, consultas a entradas de mapa no válidad, como las no "
"existentes) antes de preguntar al punto final otra vez."

#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd.conf.5.xml:2155
msgid "SSH configuration options"
msgstr "Opciones de configuración SSH"

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sssd.conf.5.xml:2157
msgid "These options can be used to configure the SSH service."
msgstr "Estas opciones se pueden usar para configurar el servicio SSH."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2161
msgid "ssh_hash_known_hosts (bool)"
msgstr "ssh_hash_known_hosts (booleano)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2164
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
"Si se pican o no los nombres y las direcciones de host en fichero gestionado "
"known_host. "

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2173
msgid "ssh_known_hosts_timeout (integer)"
msgstr "ssh_known_hosts_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2176
msgid ""
"How many seconds to keep a host in the managed known_hosts file after its "
"host keys were requested."
msgstr ""
"Cuantos segundos se mantiene un host en el fichero known_hosts gestionados "
"después de que se hayan pedido sus claves de host."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2180
msgid "Default: 180"
msgstr "Por defecto: 180"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2185
msgid "ssh_use_certificate_keys (bool)"
msgstr "ssh_use_certificate_keys (booleano)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2188
msgid ""
"If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh "
"keys derived from the public key of X.509 certificates stored in the user "
"entry as well. See <citerefentry> <refentrytitle>sss_ssh_authorizedkeys</"
"refentrytitle> <manvolnum>1</manvolnum> </citerefentry> for details."
msgstr ""
"Si se ajusta a true <command>sss_ssh_authorizedkeys</command> devolverá "
"claves ssh derivadas de la clave pública de los certificados X.509 "
"almacenados en la entrada de usuario también. Vea detalles en <citerefentry> "
"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle> <manvolnum>1</"
"manvolnum> </citerefentry> for details."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2203
msgid "ssh_use_certificate_matching_rules (string)"
msgstr "ssh_use_certificate_matching_rules (cadena)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2206
msgid ""
"By default the ssh responder will use all available certificate matching "
"rules to filter the certificates so that ssh keys are only derived from the "
"matching ones. With this option the used rules can be restricted with a "
"comma separated list of mapping and matching rule names. All other rules "
"will be ignored."
msgstr ""
"Por defecto el contestador ssh usará todos los certificados disponibles que "
"coincidan con las reglas para filtrar los certificados de modo que las "
"claves ssh solo se derivarán a los que coincidan. Con esta opción las reglas "
"usadas pueden ser restringidas con una lista separada por comas de nombres "
"de reglas que coincidan y mapeen. Todas las demás reglas serán ignoradas."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2215
msgid ""
"There are two special key words 'all_rules' and 'no_rules' which will enable "
"all or no rules, respectively. The latter means that no certificates will be "
"filtered out and ssh keys will be generated from all valid certificates."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2222
msgid ""
"If no rules are configured using 'all_rules' will enable a default rule "
"which enables all certificates suitable for client authentication.  This is "
"the same behavior as for the PAM responder if certificate authentication is "
"enabled."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2229
msgid ""
"A non-existing rule name is considered an error.  If as a result no rule is "
"selected all certificates will be ignored."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2234
msgid ""
"Default: not set, equivalent to 'all_rules', all found rules or the default "
"rule are used"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2240
msgid "ca_db (string)"
msgstr "ca_db (cadena)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2243
msgid ""
"Path to a storage of trusted CA certificates. The option is used to validate "
"user certificates before deriving public ssh keys from them."
msgstr ""
"Ruta al almacenamiento de certificados CA de confianza. Esta opción se usa "
"para validar los certificados de usuario antes de derivar las claves "
"públicas ssh de ellos."

#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd.conf.5.xml:2263
msgid "PAC responder configuration options"
msgstr "Opciones de configuración del respondedor PAC"

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sssd.conf.5.xml:2265
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
"PAC data during a GSSAPI authentication to the PAC responder. The sub-domain "
"provider collects domain SID and ID ranges of the domain the client is "
"joined to and of remote trusted domains from the local domain controller. If "
"the PAC is decoded and evaluated some of the following operations are done:"
msgstr ""
"El contestador PAC trabaja junto con el plugin de autorización de datos para "
"MIT Kerberos sssd_pac_plugin.so y un proveedor de sub dominios. El plugin "
"envía los datos PAC durante la autenticación GSSAPI al contestador PAC. El "
"proveedor de sub dominio recoge el SID de dominio y los rangos de ID del "
"dominio al que el cliente se ha unido y de los dominios remotos de confianza "
"desde el controlador local de dominio. Si el PAC es decodificado y evaluado "
"se hacen algunas de las siguientes operaciones:"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
#: sssd.conf.5.xml:2274
msgid ""
"If the remote user does not exist in the cache, it is created. The UID is "
"determined with the help of the SID, trusted domains will have UPGs and the "
"GID will have the same value as the UID. The home directory is set based on "
"the subdomain_homedir parameter. The shell will be empty by default, i.e. "
"the system defaults are used, but can be overwritten with the default_shell "
"parameter."
msgstr ""
"Si el usuario remoto no existe en la cache, se crea. Se determina la UID con "
"la ayuda del SID, los dominios de confianza tendrán UPGs y el GID tendrá el "
"mismo valor que la UID. El directorio home se ajusta en base al parámetro "
"subdomain_homedir. La shell estará vacía por defecto, i.e. se usa el sistema "
"predeterminado, pero se puede sustituir con el parámetro default_shell."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
#: sssd.conf.5.xml:2282
msgid ""
"If there are SIDs of groups from domains sssd knows about, the user will be "
"added to those groups."
msgstr ""
"Si se conocen los SIDs de los grupos de los dominios, se añadirá el usuario "
"a esos grupos."

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sssd.conf.5.xml:2288
msgid "These options can be used to configure the PAC responder."
msgstr "Estas opciones pueden ser usadas para configurar el respondedor PAC."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2292 sssd-ifp.5.xml:66
msgid "allowed_uids (string)"
msgstr "allowed_uids (cadena)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2295
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
"startup."
msgstr ""
"Especifica la lista separada por comas de los valores UID o nombres de "
"usuario que tiene el acceso permitido al respondedor PAC."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2301
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
"Por defecto: 0 (sólo el usuario root tiene permitido el acceso al "
"respondedor PAC)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2305
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
"access the PAC responder, which would be the typical case, you have to add 0 "
"to the list of allowed UIDs as well."
msgstr ""
"Por favor advierta que aunque la UID 0 se usa por defecto será anulada con "
"esta opción. Si usted deses todavía permitir al usuario root acceder al "
"respondedor PAC, que sería el caso típico, usted tiene que añadir 0 a la "
"lista de UIDs permitidas también."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2314
msgid "pac_lifetime (integer)"
msgstr "pac_lifetime (entero)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2317
msgid ""
"Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC "
"data can be used to determine the group memberships of a user."
msgstr ""
"Tiempo de vida de la entrada PAC en segundos. Tanto como la PAC es válida "
"los datos PAC pueden ser usados para determinar la membresia de grupo de un "
"usuario."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2327
#, fuzzy
#| msgid "ldap_schema (string)"
msgid "pac_check (string)"
msgstr "ldap_schema (cadena)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2330
msgid ""
"Apply additional checks on the PAC of the Kerberos ticket which is available "
"in Active Directory and FreeIPA domains, if configured. Please note that "
"Kerberos ticket validation must be enabled to be able to check the PAC, i.e. "
"the krb5_validate option must be set to 'True' which is the default for the "
"IPA and AD provider. If krb5_validate is set to 'False' the PAC checks will "
"be skipped."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2344
msgid "no_check"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2346
msgid ""
"The PAC must not be present and even if it is present no additional checks "
"will be done."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2352
msgid "pac_present"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2354
msgid ""
"The PAC must be present in the service ticket which SSSD will request with "
"the help of the user's TGT. If the PAC is not available the authentication "
"will fail."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2362
msgid "check_upn"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2364
msgid ""
"If the PAC is present check if the user principal name (UPN) information is "
"consistent."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2370
msgid "check_upn_allow_missing"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2372
msgid ""
"This option should be used together with 'check_upn' and handles the case "
"where a UPN is set on the server-side but is not read by SSSD. The typical "
"example is a FreeIPA domain where 'ldap_user_principal' is set to a not "
"existing attribute name.  This was typically done to work-around issues in "
"the handling of enterprise principals. But this is fixed since quite some "
"time and FreeIPA can handle enterprise principals just fine and there is no "
"need anymore to set 'ldap_user_principal'."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2384
msgid ""
"Currently this option is set by default to avoid regressions in such "
"environments. A log message will be added to the system log and SSSD's debug "
"log in case a UPN is found in the PAC but not in SSSD's cache. To avoid this "
"log message it would be best to evaluate if the 'ldap_user_principal' option "
"can be removed.  If this is not possible, removing 'check_upn' will skip the "
"test and avoid the log message."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2398
msgid "upn_dns_info_present"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2400
msgid "The PAC must contain the UPN-DNS-INFO buffer, implies 'check_upn'."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2405
msgid "check_upn_dns_info_ex"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2407
msgid ""
"If the PAC is present and the extension to the UPN-DNS-INFO buffer is "
"available check if the information in the extension is consistent."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2414
msgid "upn_dns_info_ex_present"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2416
msgid ""
"The PAC must contain the extension of the UPN-DNS-INFO buffer, implies "
"'check_upn_dns_info_ex', 'upn_dns_info_present' and 'check_upn'."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2340
#, fuzzy
#| msgid ""
#| "The following expansions are supported: <placeholder "
#| "type=\"variablelist\" id=\"0\"/>"
msgid ""
"The following options can be used alone or in a comma-separated list: "
"<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
"Son soportadas las siguientes expresiones: <placeholder "
"type=\"variablelist\" id=\"0\"/>"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2426
msgid ""
"Default: no_check (AD and IPA provider 'check_upn, check_upn_allow_missing, "
"check_upn_dns_info_ex')"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd.conf.5.xml:2435
msgid "Session recording configuration options"
msgstr "Opciones de configuración de la grabación de sesión"

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sssd.conf.5.xml:2437
msgid ""
"Session recording works in conjunction with <citerefentry> "
"<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </"
"citerefentry>, a part of tlog package, to log what users see and type when "
"they log in on a text terminal.  See also <citerefentry> <refentrytitle>sssd-"
"session-recording</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>."
msgstr ""
"Trabajos de grabación de sesión en conjunto con <citerefentry> "
"<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </"
"citerefentry>, una parte del paquete tlog, para registrar lo que los "
"usuarios ven y el tipo cuando ellos lo registran en un terminal de texto.  "
"Vea también <citerefentry> <refentrytitle>sssd-session-recording</"
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>."

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sssd.conf.5.xml:2450
msgid "These options can be used to configure session recording."
msgstr "Se pueden usar estas opciones para configurar la grabación de sesión."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:64
msgid "scope (string)"
msgstr "scope (cadena)"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2461 sssd-session-recording.5.xml:71
msgid "\"none\""
msgstr "\"none\""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2464 sssd-session-recording.5.xml:74
msgid "No users are recorded."
msgstr "NO se grabaron usuarios."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2469 sssd-session-recording.5.xml:79
msgid "\"some\""
msgstr "\"some\""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2472 sssd-session-recording.5.xml:82
msgid ""
"Users/groups specified by <replaceable>users</replaceable> and "
"<replaceable>groups</replaceable> options are recorded."
msgstr ""
"Usuarios/grupos especificados por las opciones <replaceable>users</"
"replaceable> y<replaceable>groups</replaceable> son grabados."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:91
msgid "\"all\""
msgstr "\"all\""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2484 sssd-session-recording.5.xml:94
msgid "All users are recorded."
msgstr "Se graban todos los usuarios."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2457 sssd-session-recording.5.xml:67
msgid ""
"One of the following strings specifying the scope of session recording: "
"<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
"Una de las siguientes cadena especifica el alcande de la sesión de "
"grabación: <placeholder type=\"variablelist\" id=\"0\"/>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2491 sssd-session-recording.5.xml:101
msgid "Default: \"none\""
msgstr "Predeterminado: \"none\""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2496 sssd-session-recording.5.xml:106
msgid "users (string)"
msgstr "users (cadena)"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2499 sssd-session-recording.5.xml:109
msgid ""
"A comma-separated list of users which should have session recording enabled. "
"Matches user names as returned by NSS. I.e. after the possible space "
"replacement, case changes, etc."
msgstr ""
"Una lista separada por comas de usuarios que deberían tener el registro de "
"sesión habilitado. Coincide con los nombres de usuario que son devueltos por "
"NSS. I.e. después de las posibles sustituciones de espacios, cambios de "
"mayúsculas/minúsculas, etc."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2505 sssd-session-recording.5.xml:115
msgid "Default: Empty. Matches no users."
msgstr "Predeterminado: Vacío. No hay usuarios coincidentes."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2510 sssd-session-recording.5.xml:120
msgid "groups (string)"
msgstr "groups (cadena)"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2513 sssd-session-recording.5.xml:123
msgid ""
"A comma-separated list of groups, members of which should have session "
"recording enabled. Matches group names as returned by NSS. I.e. after the "
"possible space replacement, case changes, etc."
msgstr ""
"Una lista separada por comas de grupos, cuyos miembros tendrían habilitado "
"la grabación de sesión. Coincide con los nombres de grupo devueltos por NSS. "
"I.e. después de los posibles cambios de espacio, cambios de mayúsculas/"
"minúsculas, etc."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2519 sssd.conf.5.xml:2551 sssd-session-recording.5.xml:129
#: sssd-session-recording.5.xml:161
msgid ""
"NOTE: using this option (having it set to anything) has a considerable "
"performance cost, because each uncached request for a user requires "
"retrieving and matching the groups the user is member of."
msgstr ""
"AVISO: el uso de esta opción (teniéndolo ajustado a cualquiera) tiene un "
"costo considerable de rendimiento, puesto que cada petición sin caché para "
"un usuario requiere a recuperación y el emparejado de los grupos a los que "
"pertenece el usuario."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2526 sssd-session-recording.5.xml:136
msgid "Default: Empty. Matches no groups."
msgstr "Predeterminado: Vacío. No empareja grupos."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2531 sssd-session-recording.5.xml:141
#, fuzzy
#| msgid "users (string)"
msgid "exclude_users (string)"
msgstr "users (cadena)"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2534 sssd-session-recording.5.xml:144
msgid ""
"A comma-separated list of users to be excluded from recording, only "
"applicable with 'scope=all'."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2538 sssd-session-recording.5.xml:148
#, fuzzy
#| msgid "Default: Empty. Matches no users."
msgid "Default: Empty. No users excluded."
msgstr "Predeterminado: Vacío. No hay usuarios coincidentes."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2543 sssd-session-recording.5.xml:153
#, fuzzy
#| msgid "groups (string)"
msgid "exclude_groups (string)"
msgstr "groups (cadena)"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2546 sssd-session-recording.5.xml:156
msgid ""
"A comma-separated list of groups, members of which should be excluded from "
"recording. Only applicable with 'scope=all'."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2558 sssd-session-recording.5.xml:168
#, fuzzy
#| msgid "Default: Empty. Matches no groups."
msgid "Default: Empty. No groups excluded."
msgstr "Predeterminado: Vacío. No empareja grupos."

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd.conf.5.xml:2568
msgid "DOMAIN SECTIONS"
msgstr "SECCIONES DE DOMINIO"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para>
#: sssd.conf.5.xml:2575 sssd.conf.5.xml:4054 sssd.conf.5.xml:4055
#: sssd.conf.5.xml:4058
msgid "enabled"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2578
msgid ""
"Explicitly enable or disable the domain. If <quote>true</quote>, the domain "
"is always <quote>enabled</quote>. If <quote>false</quote>, the domain is "
"always <quote>disabled</quote>. If this option is not set, the domain is "
"enabled only if it is listed in the domains option in the <quote>[sssd]</"
"quote> section."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2590
msgid "domain_type (string)"
msgstr "domain_type (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2593
msgid ""
"Specifies whether the domain is meant to be used by POSIX-aware clients such "
"as the Name Service Switch or by applications that do not need POSIX data to "
"be present or generated. Only objects from POSIX domains are available to "
"the operating system interfaces and utilities."
msgstr ""
"Especifica si el dominio está destinado a ser usado por clientes atentos a "
"POSIX como Name Service Switch o por aplicaciones que no necesitan datos "
"POSIX presentes o generados. Solo los objetos de dominios POSIX están "
"disponibles para las interfaces y utilidades de sistema operativo."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2601
msgid ""
"Allowed values for this option are <quote>posix</quote> and "
"<quote>application</quote>."
msgstr ""
"Los valores permitidos para esta opción son <quote>posix</quote> y "
"<quote>application</quote>."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2605
msgid ""
"POSIX domains are reachable by all services. Application domains are only "
"reachable from the InfoPipe responder (see <citerefentry> "
"<refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry>) and the PAM responder."
msgstr ""
"Los dominios POSIX son alcanzables por todos los servicios. Los dominios "
"aplicación son solo alcanzables desde el contestador InfoPipe (vea "
"<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry>) y el contestador PAM."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2613
msgid ""
"NOTE: The application domains are currently well tested with "
"<quote>id_provider=ldap</quote> only."
msgstr ""
"AVISO: LOs dominios aplicación actualmente están bien probados solamente con "
"<quote>id_provider=ldap</quote>."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2617
msgid ""
"For an easy way to configure a non-POSIX domains, please see the "
"<quote>Application domains</quote> section."
msgstr ""
"Para una manera fácil de configurar dominios no POSIX, vea la sección "
"<quote>Dominios aplicación</quote>."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2621
msgid "Default: posix"
msgstr "Predeterminado: posix"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2627
msgid "min_id,max_id (integer)"
msgstr "min_id, max_id (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2630
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
msgstr ""
"Límites de UID y GID para el dominio. Si un dominio contiene una entrada que "
"está fuera de estos límites, ésta es ignorada."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2635
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
"primary group memberships, those that are in range will be reported as "
"expected."
msgstr ""
"Para usuarios, esto afecta al límite primario GID. El usuario no será "
"devuelto a NSS si bien la UID o el GID primario está fuera de rango. Para "
"los miembros de grupos no primarios, aquellos que estén en rango serán "
"reportados como en espera."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2642
msgid ""
"These ID limits affect even saving entries to cache, not only returning them "
"by name or ID."
msgstr ""
"Estos límites de ID afectan aunque se guarden entrada en la caché, no solo "
"devolviéndolas por nombre o ID."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2646
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr "Predeterminado: 1 para min_id, 0 (sin límite) para max_id"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2652
msgid "enumerate (bool)"
msgstr "enumerar (bool)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2655
msgid ""
"Determines if a domain can be enumerated, that is, whether the domain can "
"list all the users and group it contains. Note that it is not required to "
"enable enumeration in order for secondary groups to be displayed. This "
"parameter can have one of the following values:"
msgstr ""
"Determina si un dominio puede ser enumerado, esto es, si el dominio puede "
"listar tods los usuarios y grupos que contiene. Advierta que no requiere "
"habilitar la enumeración con el objetivo de visualizar grupos secundarios. "
"Este parámetros puede tener uno de los siguientes valores:"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2663
msgid "TRUE = Users and groups are enumerated"
msgstr "TRUE = Usuarios y grupos son enumerados"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2666
msgid "FALSE = No enumerations for this domain"
msgstr "FALSE = Sin enumeraciones para este dominio"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2669 sssd.conf.5.xml:2950 sssd.conf.5.xml:3127
msgid "Default: FALSE"
msgstr "Predeterminado: FALSE"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2672
msgid ""
"Enumerating a domain requires SSSD to download and store ALL user and group "
"entries from the remote server."
msgstr ""
"Enumerar un dominio requiere que SSSD descargue y almacene TODAS las "
"entradas de usuario y grupo del servidor remoto."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2677
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
"to fully complete enumerations.  During this time, individual requests for "
"information will go directly to LDAP, though it may be slow, due to the "
"heavy enumeration processing. Saving a large number of entries to cache "
"after the enumeration completes might also be CPU intensive as the "
"memberships have to be recomputed. This can lead to the <quote>sssd_be</"
"quote> process becoming unresponsive or even restarted by the internal "
"watchdog."
msgstr ""
"Aviso: Habilitar la enumeración tiene un impacto moderado en el rendimiento "
"sobre SSSD mientras está corriendo la enumeración. Puede llevar varios "
"minutos después de que SSSD inicie una enumeración completa total.  Durante "
"este tiempo, las peticiones individuales de información irán directamente a "
"LDAP, piense que puede ser lento, debido al pesado procesamiento de la "
"enumeración. El guardar gran número de entradas en la caché después de una "
"enumeración completa puede ser también intensiva para la CPU puesto que la "
"membresía debe ser vuelta a computar. Esto puede llevar a que el proceso "
"<quote>sssd_be</quote> no responda o que sea reiniciado por el perro "
"guardián interno."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2692
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
msgstr ""
"Mientras está corriendo la primera enumeración, peticiones para el usuario "
"completo o listas de grupo pueden no devolver resultados hasta que se "
"completen."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2697
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
"enumeration lookups are completed successfully.  For more information, refer "
"to the man pages for the specific id_provider in use."
msgstr ""
"Adicionalmente, la habilitación de la enumeración puede incrementar el "
"tiempo necesario para detectar la desconexión de red, tanto como los tiempos "
"de espera necesarios para asegurar que las búsquedas de enumeración se han "
"completado. Para más información vea las páginas de manual para el "
"específico id_provider en uso."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2705
msgid ""
"For the reasons cited above, enabling enumeration is not recommended, "
"especially in large environments."
msgstr ""
"Por las razones citadas arriba, no se recomienda habilitar la enumeración, "
"especialmente en entornos grandes."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2713
msgid "subdomain_enumerate (string)"
msgstr "subdomain_enumerate (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2720
msgid "all"
msgstr "all"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2721
msgid "All discovered trusted domains will be enumerated"
msgstr "Se enumerarán todos los dominios de confianza descubiertos"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2724
msgid "none"
msgstr "none"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2725
msgid "No discovered trusted domains will be enumerated"
msgstr "No serán enumerados dominios de confianza descubiertos"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2716
msgid ""
"Whether any of autodetected trusted domains should be enumerated. The "
"supported values are: <placeholder type=\"variablelist\" id=\"0\"/> "
"Optionally, a list of one or more domain names can enable enumeration just "
"for these trusted domains."
msgstr ""
"Si se debe enumerar alguno de los dominios de confianza autodetectados. Los "
"valores soportados son: <placeholder type=\"variablelist\" id=\"0\"/> "
"Opcionalmente, una lista de uno o más nombres de dominio puede habilitar la "
"enumeración solo para estos dominios de confianza."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2739
msgid "entry_cache_timeout (integer)"
msgstr "entry_cache_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2742
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
msgstr ""
"Cuántos segundos debe considerar nss_sss  como válidas las entradas antes de "
"volver a consultar al backend"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2746
msgid ""
"The cache expiration timestamps are stored as attributes of individual "
"objects in the cache. Therefore, changing the cache timeout only has effect "
"for newly added or expired entries.  You should run the <citerefentry> "
"<refentrytitle>sss_cache</refentrytitle> <manvolnum>8</manvolnum> </"
"citerefentry> tool in order to force refresh of entries that have already "
"been cached."
msgstr ""
"Los sellos de tiempo de expiración de caché son almacenados somo atributos "
"de los objetos individuales en caché. Por lo tanto, el cambio del tiempo de "
"expiración de la caché solo tendrá efecto para las entradas más nuevas o "
"expiradas.  Debería ejecutar la herramienta <citerefentry> "
"<refentrytitle>sss_cache</refentrytitle> <manvolnum>8</manvolnum> </"
"citerefentry> con el objetivo de forzar el refresco de las entradas que ya "
"están en la caché."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2759
msgid "Default: 5400"
msgstr "Predeterminado: 5400"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2765
msgid "entry_cache_user_timeout (integer)"
msgstr "entry_cache_user_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2768
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
msgstr ""
"Cuantos segundos debería nss_sss considerar las entradas de usuario válidas "
"antes de preguntar al punto final otra vez."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2772 sssd.conf.5.xml:2785 sssd.conf.5.xml:2798
#: sssd.conf.5.xml:2811 sssd.conf.5.xml:2825 sssd.conf.5.xml:2838
#: sssd.conf.5.xml:2852 sssd.conf.5.xml:2866 sssd.conf.5.xml:2879
msgid "Default: entry_cache_timeout"
msgstr "Por defecto: entry_cache_timeout"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2778
msgid "entry_cache_group_timeout (integer)"
msgstr "entry_cache_group_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2781
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
msgstr ""
"Cuantos segundos debería nss_sss considerar las entradas de grupo válidas "
"antes de preguntar al punto final otra vez."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2791
msgid "entry_cache_netgroup_timeout (integer)"
msgstr "entry_cache_netgroup_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2794
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
msgstr ""
"Cuantos segundos debería nss_sss considerar las entradas de grupo de red "
"válidas antes de preguntar al punto final otra vez."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2804
msgid "entry_cache_service_timeout (integer)"
msgstr "entry_cache_service_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2807
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
msgstr ""
"Cuantos segundos debería nss_sss considerar las entradas de servicio válidas "
"antes de preguntar al punto final otra vez."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2817
msgid "entry_cache_resolver_timeout (integer)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2820
msgid ""
"How many seconds should nss_sss consider hosts and networks entries valid "
"before asking the backend again"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2831
msgid "entry_cache_sudo_timeout (integer)"
msgstr "entry_cache_sudo_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2834
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
"Cuantos segundos debería considerar las regulas sudo válidas antes de "
"preguntar al backend otra vez."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2844
msgid "entry_cache_autofs_timeout (integer)"
msgstr "entry_cache_autofs_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2847
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
"Cuantos segundos deberá considerar el servicio autofs los mapas de "
"automontaje válidos antes de preguntar al punto final otra vez."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2858
msgid "entry_cache_ssh_host_timeout (integer)"
msgstr "entry_cache_ssh_host_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2861
msgid ""
"How many seconds to keep a host ssh key after refresh. IE how long to cache "
"the host key for."
msgstr ""
"Cuantos segundos mantener una clave ssh de host después de refrescar. IE "
"cuanto guardar en caché la clave de host."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2872
msgid "entry_cache_computer_timeout (integer)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2875
msgid ""
"How many seconds to keep the local computer entry before asking the backend "
"again"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2885
msgid "refresh_expired_interval (integer)"
msgstr "refresh_expired_interval (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2888
msgid ""
"Specifies how many seconds SSSD has to wait before triggering a background "
"refresh task which will refresh all expired or nearly expired records."
msgstr ""
"Especifica cuantos segundos tiene que esperar SSSD antes de disparar una "
"tarea de refresco en segundo plano que refrescará todos los registros "
"expirados o a punto de hacerlo."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2893
msgid ""
"The background refresh will process users, groups and netgroups in the "
"cache. For users who have performed the initgroups (get group membership for "
"user, typically ran at login)  operation in the past, both the user entry "
"and the group membership are updated."
msgstr ""
"El refresco en segundo plano procesará usuarios, grupos y netgroups en el "
"cache. Para usuarios que han llevado a cabo el anteriormente initgroups "
"(obtener la membresía de grupo para el usuario, normalmente ejecutando "
"login), tanto la entrada usuario y la membresia de grupo son actualizados."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2901
msgid "This option is automatically inherited for all trusted domains."
msgstr ""
"Esta opción se hereda automáticamente para todos los dominios de confianza."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2905
msgid "You can consider setting this value to 3/4 * entry_cache_timeout."
msgstr "Usted puede considerar ajustar este valor a 3/4 * entry_cache_timeout."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2909
msgid ""
"Cache entry will be refreshed by background task when 2/3 of cache timeout "
"has already passed.  If there are existing cached entries, the background "
"task will refer to their original cache timeout values instead of current "
"configuration value.  This may lead to a situation in which background "
"refresh task appears to not be working. This is done by design to improve "
"offline mode operation and reuse of existing valid cache entries.  To make "
"this change instant the user may want to manually invalidate existing cache."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2922 sssd-ldap.5.xml:361 sssd-ldap.5.xml:1738
#: sssd-ipa.5.xml:270
msgid "Default: 0 (disabled)"
msgstr "Predeterminado: 0 (deshabilitado)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2928
msgid "cache_credentials (bool)"
msgstr "cache_credentials (bool)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2931
msgid ""
"Determines if user credentials are also cached in the local LDB cache. The "
"cached credentials refer to passwords, which includes the first (long term) "
"factor of two-factor authentication, not other authentication mechanisms. "
"Passkey and Smartcard authentications are expected to work offline as long "
"as a successful online authentication is recorded in the cache without "
"additional configuration."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2942
msgid ""
"Take a note that while credentials are stored as a salted SHA512 hash, this "
"still potentially poses some security risk in case an attacker manages to "
"get access to a cache file (normally requires privileged access) and to "
"break a password using brute force attack."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2956
msgid "cache_credentials_minimal_first_factor_length (int)"
msgstr "cache_credentials_minimal_first_factor_length (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2959
msgid ""
"If 2-Factor-Authentication (2FA) is used and credentials should be saved "
"this value determines the minimal length the first authentication factor "
"(long term password) must have to be saved as SHA512 hash into the cache."
msgstr ""
"Si se usa 2-Factor-Authentication (2FA) y las credenciales deberían ser "
"guardadas este valor determina la longitud mínima del primer factor de "
"autenticación (contraseña de largo plazo) que debe ser guardado como hash "
"SHA512 en el caché."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2966
msgid ""
"This should avoid that the short PINs of a PIN based 2FA scheme are saved in "
"the cache which would make them easy targets for brute-force attacks."
msgstr ""
"Esto evitaría que los PINs cortos de un esquema de PIN basado en 2FA se "
"guarden en caché lo que les haría objetivos fáciles de ataques de fuerza "
"bruta."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2977
msgid "account_cache_expiration (integer)"
msgstr "account_cache_expiration (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2980
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever.  The "
"value of this parameter must be greater than or equal to "
"offline_credentials_expiration."
msgstr ""
"Entradas de números de días que son dejadas en el cache después del último "
"login con éxito antes de ser borrado durante la limpieza de la cache. 0 "
"significa mantener para siempre. El valor de este parámetro debe ser más "
"grande o igual que offline_credentials_expiration."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:2987
msgid "Default: 0 (unlimited)"
msgstr "Predeterminado: 0 (ilimitado)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:2992
msgid "pwd_expiration_warning (integer)"
msgstr "pwd_expiration_warning (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3003
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password.  If this information is missing, sssd "
"cannot display a warning. Also an auth provider has to be configured for the "
"backend."
msgstr ""
"Por favor advierta que el servidor de backend tiene que suministrar "
"información sobre la hora expiración de la contraseña. Si esta información "
"está desaparecida, sssd no puede mostrar un aviso. También se tiene que "
"configurar un proveedor de autorización para el backend."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3010
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr "Por defecto: 7 (Kerberos), 0 (LDAP)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:3016
msgid "id_provider (string)"
msgstr "id_provider (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3019
msgid ""
"The identification provider used for the domain.  Supported ID providers are:"
msgstr ""
"El proveedor de identificación usado por el dominio. Los proveedores de ID "
"soportados son:"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3023
msgid "<quote>proxy</quote>: Support a legacy NSS provider."
msgstr "<quote>proxy</quote>: Soporta un proveedor NSS heredado."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3026
msgid ""
"<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-"
"files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
"information on how to mirror local users and groups into SSSD."
msgstr ""
"<quote>files</quote>: Proveedor de FICHEROS. Vea <citerefentry> "
"<refentrytitle>sssd-files</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> para más información sobre como hacer espejo de usuarios y "
"grupos locales en SSSD."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3034
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
"information on configuring LDAP."
msgstr ""
"<quote>ldap</quote>: Proveedor LDAP. Vea <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> para más "
"información sobre la configuración de LDAP."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3042 sssd.conf.5.xml:3153 sssd.conf.5.xml:3204
#: sssd.conf.5.xml:3267
#, fuzzy
#| msgid ""
#| "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
#| "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
#| "<manvolnum>5</manvolnum> </citerefentry> for more information on "
#| "configuring FreeIPA."
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Identity Management provider. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> for more information on configuring FreeIPA."
msgstr ""
"<quote>ipa</quote>: Proveedor FreeIPA y Red Hat Enterprise Identity "
"Management. Vea <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
"<manvolnum>5</manvolnum> </citerefentry> para más información sobre la "
"configuración de FreeIPA."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3051 sssd.conf.5.xml:3162 sssd.conf.5.xml:3213
#: sssd.conf.5.xml:3276
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> for more information on configuring Active Directory."
msgstr ""
"<quote>ad</quote>: Proveedor Active Directory. Vea <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> para más información sobre la configuración de Active "
"Directory."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:3062
msgid "use_fully_qualified_names (bool)"
msgstr "use_fully_qualified_names (bool)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3065
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
msgstr ""
"Utiliza el nombre completo y el dominio (formateado en el formato "
"nombre_completo de dominio) como el nombre de acceso del usuario reportado a "
"NSS."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3070
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
"<command>getent passwd test</command> wouldn't find the user while "
"<command>getent passwd test@LOCAL</command> would."
msgstr ""
"Si es TRUE, todas las peticiones a este dominio deben usar nombres "
"totalmente cualificados. Por ejemplo, si se usa en el dominio LOCAL que "
"contiene un usuario “test”, <command>getent passwd test</command> no "
"encontraría al usuario mientras que <command>getent passwd test@LOCAL</"
"command> lo haría."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3078
msgid ""
"NOTE: This option has no effect on netgroup lookups due to their tendency to "
"include nested netgroups without qualified names. For netgroups, all domains "
"will be searched when an unqualified name is requested."
msgstr ""
"AVISO: Esta opción no tiene efecto sobre búsquedas de grupo de red debido a "
"su tendencia a incluir grupos de red anidados sin nombres cualificados. Para "
"grupos de red, se buscará en todos los dominios cuando se pida un no no "
"cualificado."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3085
msgid ""
"Default: FALSE (TRUE for trusted domain/sub-domains or if "
"default_domain_suffix is used)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:3092
msgid "ignore_group_members (bool)"
msgstr "ignore_group_members (bool)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3095
msgid "Do not return group members for group lookups."
msgstr "No devuelve miembros de grupo para búsquedas de grupo."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3098
msgid ""
"If set to TRUE, the group membership attribute is not requested from the "
"ldap server, and group members are not returned when processing group lookup "
"calls, such as <citerefentry> <refentrytitle>getgrnam</refentrytitle> "
"<manvolnum>3</manvolnum> </citerefentry> or <citerefentry> "
"<refentrytitle>getgrgid</refentrytitle> <manvolnum>3</manvolnum> </"
"citerefentry>.  As an effect, <quote>getent group $groupname</quote> would "
"return the requested group as if it was empty."
msgstr ""
"Si se fija a TRUE, no se pide el atributo de membresía de grupo al servidor "
"ldap y los miembros no son devueltos cuando se procesan llamadas de "
"búsqueda, como <citerefentry> <refentrytitle>getgrnam</refentrytitle> "
"<manvolnum>3</manvolnum> </citerefentry> o <citerefentry> "
"<refentrytitle>getgrgid</refentrytitle> <manvolnum>3</manvolnum> </"
"citerefentry>.  Como efecto, <quote>getent group $groupname</quote> debería "
"devolver el grupo pedido como si estuviera vacío."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3116
msgid ""
"Enabling this option can also make access provider checks for group "
"membership significantly faster, especially for groups containing many "
"members."
msgstr ""
"Habilitar esta opción puede también hacer acceso a las comprobaciones de "
"proveedor ara membresía de grupo significativamente más rápidas, "
"especialmente para grupos que contienen muchos miembros."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3122 sssd.conf.5.xml:3848 sssd-ldap.5.xml:327
#: sssd-ldap.5.xml:356 sssd-ldap.5.xml:409 sssd-ldap.5.xml:469
#: sssd-ldap.5.xml:490 sssd-ldap.5.xml:521 sssd-ldap.5.xml:544
#: sssd-ldap.5.xml:583 sssd-ldap.5.xml:602 sssd-ldap.5.xml:626
#: sssd-ldap.5.xml:1053 sssd-ldap.5.xml:1086
msgid ""
"This option can be also set per subdomain or inherited via "
"<emphasis>subdomain_inherit</emphasis>."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:3132
msgid "auth_provider (string)"
msgstr "auth_provider (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3135
msgid ""
"The authentication provider used for the domain.  Supported auth providers "
"are:"
msgstr ""
"El proveedor de autenticación usado por el dominio.  Los proveedores de "
"autenticación soportados son:"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3139 sssd.conf.5.xml:3197
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> for more information on configuring LDAP."
msgstr ""
"<quote>ldap</quote> para autenticación nativa LDAP. Vea <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> para más información sobre la configuración LDAP."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3146
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> for more information on configuring Kerberos."
msgstr ""
"<quote>krb5</quote> para autenticación Kerberos. Vea <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> para más información sobre la configuración de Kerberos."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3170
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
"<quote>proxy</quote> para la reinstalación de la autenticación a algún otro "
"objetivo PAM."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3173
msgid "<quote>none</quote> disables authentication explicitly."
msgstr "<quote>none</quote> deshabilita la autenticación explícitamente."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3176
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
msgstr ""
"Por defecto: <quote>id_provider</quote> se usa si se ha fijado y puede "
"manejar las peticiones de autenticación."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:3182
msgid "access_provider (string)"
msgstr "access_provider (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3185
msgid ""
"The access control provider used for the domain.  There are two built-in "
"access providers (in addition to any included in installed backends)  "
"Internal special providers are:"
msgstr ""
"El proveedor de control de acceso usado por el dominio. Hay dos provedores "
"de acceso integrados (además de cualquiera instalado en los finales). Los "
"proveedores especiales internos son:"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3191
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
msgstr ""
"<quote>permit</quote> siempre permite el acceso. Es el proveedor de acceso "
"sólo permitido para un dominio local."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3194
msgid "<quote>deny</quote> always deny access."
msgstr "<quote>deny</quote> siempre niega el acceso."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3221
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
"manvolnum></citerefentry> for more information on configuring the simple "
"access module."
msgstr ""
"<quote>simple</quote> control de acceso basado en listas de acceso o "
"denegación. Vea <citerefentry> <refentrytitle>sssd-simple</refentrytitle> "
"<manvolnum>5</manvolnum></citerefentry> para más información sobre la "
"configuración del módulo de acceso sencillo."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3228
msgid ""
"<quote>krb5</quote>: .k5login based access control.  See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></"
"citerefentry> for more information on configuring Kerberos."
msgstr ""
"<quote>krb5</quote>: .k5login basado en control de acceso.  Vea "
"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</"
"manvolnum></citerefentry> para más información sobre la configuración de "
"Kerberos."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3235
msgid "<quote>proxy</quote> for relaying access control to another PAM module."
msgstr ""
"<quote>proxy</quote> para transmitir control de acceso a otro módulo PAM."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3238
msgid "Default: <quote>permit</quote>"
msgstr "Predeterminado: <quote>permit</quote>"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:3243
msgid "chpass_provider (string)"
msgstr "chpass_provider (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3246
msgid ""
"The provider which should handle change password operations for the domain.  "
"Supported change password providers are:"
msgstr ""
"El proveedor que debería manejar las operaciones de cambio de password para "
"el dominio. Los proveedores de cambio de passweord soportados son:"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3251
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> for more information on configuring LDAP."
msgstr ""
"<quote>ldap</quote> para cambiar una contraseña almacenada en un servidor "
"LDAP. Vea <citerefentry> <refentrytitle>sssd-ldap</refentrytitle> "
"<manvolnum>5</manvolnum> </citerefentry> para más información sobre la "
"configuración de LDAP."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3259
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> for more information on configuring Kerberos."
msgstr ""
"<quote>krb5</quote> para cambiar una contraseña Kerberos. Vea <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> para más información sobre configurar Kerberos."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3284
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
"<quote>proxy</quote> para la reinstalación de cambios de password en algunos "
"otros objetivos PAM."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3288
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
"<quote>none</quote> deniega explícitamente los cambios en la contraseña."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3291
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
msgstr ""
"Por defecto: <quote>auth_provider</quote> se utiliza si se ha fijado y se "
"puede manejar las peticiones de cambio de password."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:3298
msgid "sudo_provider (string)"
msgstr "sudo_provider (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3301
msgid "The SUDO provider used for the domain.  Supported SUDO providers are:"
msgstr ""
"El proveedor SUDO usado por el dominio. Los proveedores SUDO soportados son:"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3305
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> for more information on configuring LDAP."
msgstr ""
"<quote>ldap</quote> para reglas almacenadas en LDAP. Vea <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> para más información sobre la configuración LDAP."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3313
msgid ""
"<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default "
"settings."
msgstr ""
"<quote>ipa</quote> lo mismo que <quote>ldap</quote> pero con ajustes "
"predeterminados IPA."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3317
msgid ""
"<quote>ad</quote> the same as <quote>ldap</quote> but with AD default "
"settings."
msgstr ""
"<quote>ad</quote> lo mismo que <quote>ldap</quote> pero con ajustes "
"predeterminados AD."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3321
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr "<quote>none</quote>deshabilita SUDO explícitamente."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3324 sssd.conf.5.xml:3410 sssd.conf.5.xml:3480
#: sssd.conf.5.xml:3505 sssd.conf.5.xml:3541
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
"Por defecto: el valor de <quote>id_provider</quote> se usa si está fijado."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3328
msgid ""
"The detailed instructions for configuration of sudo_provider are in the "
"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
"<manvolnum>5</manvolnum> </citerefentry>.  There are many configuration "
"options that can be used to adjust the behavior. Please refer to "
"\"ldap_sudo_*\" in <citerefentry> <refentrytitle>sssd-ldap</refentrytitle> "
"<manvolnum>5</manvolnum> </citerefentry>."
msgstr ""
"Las instrucciones detalladas para la configuración de sudo_provider están el "
"la página de manual <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
"<manvolnum>5</manvolnum> </citerefentry>.  Hay muchas opciones de "
"configuración que se puden usar para ajustar el comportamiento. Vea por "
"favor \"ldap_sudo_*\" en <citerefentry> <refentrytitle>sssd-ldap</"
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3343
msgid ""
"<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the "
"background unless the sudo provider is explicitly disabled. Set "
"<emphasis>sudo_provider = None</emphasis> to disable all sudo-related "
"activity in SSSD if you do not want to use sudo with SSSD at all."
msgstr ""
"<emphasis>AVISO:</emphasis> Las reglas sudo son periódicamente descargadas "
"en segundo plano a no ser que proveedor sudo esté explícitamente "
"deshabilitado. Ajuste <emphasis>sudo_provider = None</emphasis> para "
"deshabilitatr toda la actividad relacionada con sudo en SSSD si usted no "
"desea usar sudo cn SSSD mas."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:3353
msgid "selinux_provider (string)"
msgstr "selinux_provider (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3356
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends.  Supported selinux "
"providers are:"
msgstr ""
"El proveedor que manejaría la carga de los ajustes selinux. Advierta que "
"este proveedor será llamado justo después de que el proveedor de acceso "
"finalice. Los proveedores selinux soportados son:"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3362
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> for more information on configuring IPA."
msgstr ""
"<quote>ipa</quote> para cargar ajustes selinux desde un servidor IPA. Vea "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> para más información sobre la configuración de "
"IPA."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3370
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
"<quote>none</quote> deshabilita ir a buscar los ajustes selinux "
"explícitamente."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3373
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
"Por defecto: <quote>id_provider</quote> se usa si está fijado y puede "
"manejar las peticiones de carga selinux."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:3379
msgid "subdomains_provider (string)"
msgstr "subdomains_provider (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3382
msgid ""
"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider.  Supported subdomain providers are:"
msgstr ""
"El proveedor que debería manejar el atractivo de subdominios. Este valor "
"debería ser siempre el mismo que id_provider. Los proveedores de subdominio "
"soportados son:"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3388
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> for more information on configuring IPA."
msgstr ""
"<quote>ipa</quote> para cargar una lista de subdominios desde un servidor "
"IPA. Vea <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
"<manvolnum>5</manvolnum> </citerefentry> para más información sobre la "
"configuración de IPA."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3397
msgid ""
"<quote>ad</quote> to load a list of subdomains from an Active Directory "
"server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> "
"<manvolnum>5</manvolnum> </citerefentry> for more information on configuring "
"the AD provider."
msgstr ""
"<quote>ad</quote> para descargar una lista de subdominios desde un servidor "
"Active Directory. Vea <citerefentry> <refentrytitle>sssd-ad</refentrytitle> "
"<manvolnum>5</manvolnum> </citerefentry> para más información sobre la "
"configuración del proveedor AD."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3406
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
"<quote>none</quote> deshabilita el buscador de subdominios explícitamente."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:3416
msgid "session_provider (string)"
msgstr "session_provider (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3419
msgid ""
"The provider which configures and manages user session related tasks. The "
"only user session task currently provided is the integration with Fleet "
"Commander, which works only with IPA.  Supported session providers are:"
msgstr ""
"El proveedor que configura y gestiona las tareas relacionadas con la sesión "
"de usuario. La única tarea de usuario que actualmente se provee es la "
"integración con Fleet Commander, que trabaja solo con IPA.  Los proveedores "
"de sesiones soportados son:"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3426
msgid "<quote>ipa</quote> to allow performing user session related tasks."
msgstr ""
"<quote>ipa</quote> para permitir llevar a cabo tareas relacionadas con la "
"sesión de usuario."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3430
msgid ""
"<quote>none</quote> does not perform any kind of user session related tasks."
msgstr ""
"<quote>none</quote> no lleva a cabo ninguna tarea relacionada con la sesión "
"de usuario."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3434
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can perform "
"session related tasks."
msgstr ""
"Predeterminado: <quote>id_provider</quote> se usa si está ajustado y puede "
"llevar a cabo tareas relacionadas con la sesión de usuario."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3438
msgid ""
"<emphasis>NOTE:</emphasis> In order to have this feature working as expected "
"SSSD must be running as \"root\" and not as the unprivileged user."
msgstr ""
"<emphasis>AVISO:</emphasis> Con el objetivo de tener esta característica "
"trabajando como se espera SSSD se debe correr como \"root\" y o como usuario "
"sin privilegios."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:3446
msgid "autofs_provider (string)"
msgstr "autofs_provider (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3449
msgid ""
"The autofs provider used for the domain.  Supported autofs providers are:"
msgstr ""
"El proveedor autofs usado por el dominio. Los proveedores autofs soportados "
"son:"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3453
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> for more information on configuring LDAP."
msgstr ""
"<quote>ldap</quote> para cargar mapas almacenados en LDAP. Vea "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> para más información sobre la configuración de "
"LDAP."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3460
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> for more information on configuring IPA."
msgstr ""
"<quote>ipa</quote> para cargar mapas almacenados en un servidor IPA. Vea "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> para más información sobre la configuración de "
"IPA."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3468
msgid ""
"<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> for more information on configuring the AD provider."
msgstr ""
"<quote>ad</quote> para cargar mapas almacenados en un servidor AD. Vea "
"<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> para más información sobre como configurar un "
"proveedor AD."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3477
msgid "<quote>none</quote> disables autofs explicitly."
msgstr "<quote>none</quote> deshabilita autofs explícitamente."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:3487
msgid "hostid_provider (string)"
msgstr "hostid_provider (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3490
msgid ""
"The provider used for retrieving host identity information.  Supported "
"hostid providers are:"
msgstr ""
"El proveedor usado para recuperar información de identidad de host. Los "
"proveedores de hostid soportados son:"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3494
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> for more information on configuring IPA."
msgstr ""
"<quote>ipa</quote> para cargar la identidad del equipo almacenada en un "
"servidor IPA. Vea <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
"<manvolnum>5</manvolnum> </citerefentry> para más información sobre la "
"configuración de IPA."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3502
msgid "<quote>none</quote> disables hostid explicitly."
msgstr "<quote>none</quote> deshabilita hostid explícitamente."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:3512
msgid "resolver_provider (string)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3515
msgid ""
"The provider which should handle hosts and networks lookups. Supported "
"resolver providers are:"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3519
msgid ""
"<quote>proxy</quote> to forward lookups to another NSS library. See "
"<quote>proxy_resolver_lib_name</quote>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3523
msgid ""
"<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> for more information on configuring LDAP."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3530
msgid ""
"<quote>ad</quote> to fetch hosts and networks stored in AD. See "
"<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> for more information on configuring the AD "
"provider."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3538
msgid "<quote>none</quote> disallows fetching hosts and networks explicitly."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3551
msgid ""
"Regular expression for this domain that describes how to parse the string "
"containing user name and domain into these components.  The \"domain\" can "
"match either the SSSD configuration domain name, or, in the case of IPA "
"trust subdomains and Active Directory domains, the flat (NetBIOS) name of "
"the domain."
msgstr ""
"Expresión regular para este dominio que describe como analizar "
"gramaticalmente la cadena que contiene el nombre de usuario y el dominio en "
"estos componentes.  El \"dominio\" puede coincidir bien con el nombre de "
"dominio de configuración SSSD o en el caso de subdominios de confianza IPA y "
"dominios Active Directory, el nombre plano (NetBIOS) del dominio."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3560
#, fuzzy
#| msgid ""
#| "Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
#| "\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
#| "P&lt;name&gt;[^@\\\\]+)$))</quote> which allows three different styles "
#| "for user names:"
msgid ""
"Default: <quote>^((?P&lt;name&gt;.+)@(?P&lt;domain&gt;[^@]*)|(?P&lt;name&gt;"
"[^@]+))$</quote> which allows two different styles for user names:"
msgstr ""
"Por defecto para el proveedor AD e IPA: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
"P&lt;name&gt;[^@\\\\]+)$))</quote> que permite tres estilos diferentes de "
"nombres de usuario:"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd.conf.5.xml:3565 sssd.conf.5.xml:3579
msgid "username"
msgstr "nombre de usuario"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd.conf.5.xml:3568 sssd.conf.5.xml:3582
msgid "username@domain.name"
msgstr "username@domain.name"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3573
#, fuzzy
#| msgid ""
#| "Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
#| "\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
#| "P&lt;name&gt;[^@\\\\]+)$))</quote> which allows three different styles "
#| "for user names:"
msgid ""
"Default for the AD and IPA provider: <quote>^(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+))|((?P&lt;name&gt;.+)@(?P&lt;domain&gt;[^@]+))|((?P&lt;"
"name&gt;[^@\\\\]+)))$</quote> which allows three different styles for user "
"names:"
msgstr ""
"Por defecto para el proveedor AD e IPA: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
"P&lt;name&gt;[^@\\\\]+)$))</quote> que permite tres estilos diferentes de "
"nombres de usuario:"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd.conf.5.xml:3585
msgid "domain\\username"
msgstr "dominio/nombre_de_usuario"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3588
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
"Mientras los primeros dos corresponden al valor por defecto general el "
"tercero se introduce para permitir una fácil integración de usuarios desde "
"dominios Windows."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3593
msgid ""
"The default re_expression uses the <quote>@</quote> character as a separator "
"between the name and the domain. As a result of this setting the default "
"does not accept the <quote>@</quote> character in short names (as it is "
"allowed in Windows group names). If a user wishes to use short names with "
"<quote>@</quote> they must create their own re_expression."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3645
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr "Predeterminado: <quote>%1$s@%2$s</quote>."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:3651
msgid "lookup_family_order (string)"
msgstr "lookup_family_order (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3654
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
msgstr ""
"Suministra la capacidad para seleccionar la familia de dirección preferente "
"a usar cuando se lleven a cabo búsquedas DNS."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3658
msgid "Supported values:"
msgstr "Valores soportados:"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3661
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr "ipv4_first: Intenta buscar dirección IPv4, si falla, intenta IPv6"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3664
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr "ipv4_only: Sólo intenta resolver nombres de host a direccones IPv4."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3667
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr "ipv6_first: Intenta buscar dirección IPv6, si falla, intenta IPv4"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3670
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr "ipv6_only: Sólo intenta resolver nombres de host a direccones IPv6."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3673
msgid "Default: ipv4_first"
msgstr "Predeterminado: ipv4_first"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:3679
#, fuzzy
#| msgid "dns_resolver_timeout (integer)"
msgid "dns_resolver_server_timeout (integer)"
msgstr "dns_resolver_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3682
msgid ""
"Defines the amount of time (in milliseconds)  SSSD would try to talk to DNS "
"server before trying next DNS server."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3687
msgid ""
"The AD provider will use this option for the CLDAP ping timeouts as well."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3691 sssd.conf.5.xml:3711 sssd.conf.5.xml:3732
msgid ""
"Please see the section <quote>FAILOVER</quote> for more information about "
"the service resolution."
msgstr ""
"Por favor vea la sección <quote>RECUPERACIÓN DE FALLOS</quote> para más "
"información sobre la resolución del servicio."

#. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3696 sssd-ldap.5.xml:645 include/failover.xml:84
msgid "Default: 1000"
msgstr "Predeterminado: 1000"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:3702
#, fuzzy
#| msgid "dns_resolver_timeout (integer)"
msgid "dns_resolver_op_timeout (integer)"
msgstr "dns_resolver_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3705
msgid ""
"Defines the amount of time (in seconds) to wait to resolve single DNS query "
"(e.g. resolution of a hostname or an SRV record)  before trying the next "
"hostname or DNS discovery."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:3722
msgid "dns_resolver_timeout (integer)"
msgstr "dns_resolver_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3725
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the "
"internal fail over service before assuming that the service is unreachable. "
"If this timeout is reached, the domain will continue to operate in offline "
"mode."
msgstr ""
"Define la cantidad de tiempo (en segundos) a esperar una respuesta de un "
"fallo interno sobre un servicio ntes de asumir que ese servicio es "
"inalcanzable. ISi se alcanza este tiempo de salida, el dominio continuará "
"trabajando en modo offline."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:3743
#, fuzzy
#| msgid "dns_resolver_timeout (integer)"
msgid "dns_resolver_use_search_list (bool)"
msgstr "dns_resolver_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3746
msgid ""
"Normally, the DNS resolver searches the domain list defined in the "
"\"search\" directive from the resolv.conf file. This can lead to delays in "
"environments with improperly configured DNS."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3752
msgid ""
"If fully qualified domain names (or _srv_) are used in the SSSD "
"configuration, setting this option to FALSE can prevent unnecessary DNS "
"lookups in such environments."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3758
msgid "Default: TRUE"
msgstr "Predeterminado: TRUE"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:3764
msgid "dns_discovery_domain (string)"
msgstr "dns_discovery_domain (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3767
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
msgstr ""
"Si el descubridor de servicio se usa en el punto final, especifica la parte "
"de dominio de la pregunta al descubridor de servicio DNS."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3771
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
"Predeterminado: Utilizar la parte del dominio del nombre de host del equipo"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:3777
#, fuzzy
#| msgid "p11_wait_for_card_timeout (integer)"
msgid "failover_primary_timeout (integer)"
msgstr "p11_wait_for_card_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3780
msgid ""
"When no primary server is currently available, SSSD fail overs to a backup "
"server. This option defines the amount of time (in seconds) to wait before "
"SSSD tries to reconnect to a primary server again."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3787
msgid "Note: The minimum value is 31."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3790
#, fuzzy
#| msgid "Default: 3"
msgid "Default: 31"
msgstr "Predeterminado: 3"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:3796
msgid "override_gid (integer)"
msgstr "override_gid (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3799
msgid "Override the primary GID value with the one specified."
msgstr "Anula el valor primario GID con el especificado."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:3805
msgid "case_sensitive (string)"
msgstr "case_sensitive (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:3812
msgid "True"
msgstr "True"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3815
msgid "Case sensitive. This value is invalid for AD provider."
msgstr ""
"Distingue mayúsculas y minúsculas. Este valor es invalido para el proveedor "
"AD."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:3821
msgid "False"
msgstr "False"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3823
msgid "Case insensitive."
msgstr "No sensible a mayúsculas minúsculas."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:3827
msgid "Preserving"
msgstr "Preserving"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3830
msgid ""
"Same as False (case insensitive), but does not lowercase names in the result "
"of NSS operations. Note that name aliases (and in case of services also "
"protocol names) are still lowercased in the output."
msgstr ""
"Igual que False (no sensible a mayúsculas minúsculas.), pero sin minúsculas "
"en los nombres en el resultado de las operaciones NSS. Advierta que los "
"nombres de alias (y en el caso de servicios también los nombres de "
"protocolo) están en minúsculas en la salida."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3838
msgid ""
"If you want to set this value for trusted domain with IPA provider, you need "
"to set it on both the client and SSSD on the server."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3808
#, fuzzy
#| msgid ""
#| "The available options are: <placeholder type=\"variablelist\" id=\"0\"/>"
msgid ""
"Treat user and group names as case sensitive.  Possible option values are: "
"<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
"Las opciones disponibles son: <placeholder type=\"variablelist\" id=\"0\"/>"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3853
msgid "Default: True (False for AD provider)"
msgstr "Predeterminado: True (False para proveedor AD)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:3859
msgid "subdomain_inherit (string)"
msgstr "subdomain_inherit (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3862
msgid ""
"Specifies a list of configuration parameters that should be inherited by a "
"subdomain. Please note that only selected parameters can be inherited.  "
"Currently the following options can be inherited:"
msgstr ""
"Especifica una lista de parámetros de configuración que deberían ser "
"heredados por un subdominio. Por favor advierta que solo pueden ser "
"heredados parámetros seleccionados.  Actualmente se pueden heredar las "
"siguientes opciones:"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3868
#, fuzzy
#| msgid "ldap_search_timeout (integer)"
msgid "ldap_search_timeout"
msgstr "ldap_search_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3871
#, fuzzy
#| msgid "ldap_network_timeout (integer)"
msgid "ldap_network_timeout"
msgstr "ldap_network_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3874
#, fuzzy
#| msgid "ldap_opt_timeout (integer)"
msgid "ldap_opt_timeout"
msgstr "ldap_opt_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3877
#, fuzzy
#| msgid "ldap_connection_expire_timeout (integer)"
msgid "ldap_offline_timeout"
msgstr "ldap_connection_expire_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3880
#, fuzzy
#| msgid "ldap_enumeration_refresh_timeout (integer)"
msgid "ldap_enumeration_refresh_timeout"
msgstr "ldap_enumeration_refresh_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3883
#, fuzzy
#| msgid "ldap_enumeration_refresh_timeout (integer)"
msgid "ldap_enumeration_refresh_offset"
msgstr "ldap_enumeration_refresh_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3886
msgid "ldap_purge_cache_timeout"
msgstr "ldap_purge_cache_timeout"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3889
#, fuzzy
#| msgid "ldap_purge_cache_timeout"
msgid "ldap_purge_cache_offset"
msgstr "ldap_purge_cache_timeout"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3892
msgid ""
"ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab "
"is not set explicitly)"
msgstr ""
"ldap_krb5_keytab (se deberá usar el valor de krb5_keytab si no se ha fijado "
"explícitamente ldap_krb5_keytab)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3896
#, fuzzy
#| msgid "ldap_krb5_ticket_lifetime (integer)"
msgid "ldap_krb5_ticket_lifetime"
msgstr "ldap_krb5_ticket_lifetime (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3899
#, fuzzy
#| msgid "ldap_enumeration_search_timeout (integer)"
msgid "ldap_enumeration_search_timeout"
msgstr "ldap_enumeration_search_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3902
#, fuzzy
#| msgid "ldap_connection_expire_timeout (integer)"
msgid "ldap_connection_expire_timeout"
msgstr "ldap_connection_expire_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3905
#, fuzzy
#| msgid "ldap_connection_expire_timeout (integer)"
msgid "ldap_connection_expire_offset"
msgstr "ldap_connection_expire_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3908
#, fuzzy
#| msgid "ldap_connection_expire_timeout (integer)"
msgid "ldap_connection_idle_timeout"
msgstr "ldap_connection_expire_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:3911 sssd-ldap.5.xml:401
msgid "ldap_use_tokengroups"
msgstr "ldap_use_tokengroups"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3914
msgid "ldap_user_principal"
msgstr "ldap_user_principal"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3917
msgid "ignore_group_members"
msgstr "ignore_group_members"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3920
#, fuzzy
#| msgid "auto_private_groups (string)"
msgid "auto_private_groups"
msgstr "auto_private_groups (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3923
#, fuzzy
#| msgid "Case insensitive."
msgid "case_sensitive"
msgstr "No sensible a mayúsculas minúsculas."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
#: sssd.conf.5.xml:3928
#, no-wrap
msgid ""
"subdomain_inherit = ldap_purge_cache_timeout\n"
"                            "
msgstr ""
"subdomain_inherit = ldap_purge_cache_timeout\n"
"                            "

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3935
msgid "Note: This option only works with the IPA and AD provider."
msgstr "Aviso: Esta opción solo trabaja con el proveedor IPA y AD."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:3942
msgid "subdomain_homedir (string)"
msgstr "subdomain_homedir (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:3953
msgid "%F"
msgstr "%F"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3954
msgid "flat (NetBIOS) name of a subdomain."
msgstr "flat (NetBIOS) nombre de un subdominio."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3945
msgid ""
"Use this homedir as default value for all subdomains within this domain in "
"IPA AD trust.  See <emphasis>override_homedir</emphasis> for info about "
"possible values. In addition to those, the expansion below can only be used "
"with <emphasis>subdomain_homedir</emphasis>.  <placeholder "
"type=\"variablelist\" id=\"0\"/>"
msgstr ""
"Use este directorio home como valor predeterminado para todos los "
"subdominios dentro de este dominio en IPA AD de confianza.  Vea "
"<emphasis>override_homedir</emphasis> para información sobre los posibles "
"valores. Además de esto, la expansión de abajo sólo puede ser usada con "
"<emphasis>subdomain_homedir</emphasis>.  <placeholder type=\"variablelist\" "
"id=\"0\"/>"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3959
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
"Este valor puede ser anulado por la opción <emphasis>override_homedir</"
"emphasis>."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3963
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr "Por defecto: <filename>/home/%d/%u</filename>"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:3968
msgid "realmd_tags (string)"
msgstr "realmd_tags (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3971
msgid ""
"Various tags stored by the realmd configuration service for this domain."
msgstr ""
"Diversas banderas almacenadas por el servicio de configuración realmd para "
"este dominio."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:3977
msgid "cached_auth_timeout (int)"
msgstr "cached_auth_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3980
msgid ""
"Specifies time in seconds since last successful online authentication for "
"which user will be authenticated using cached credentials while SSSD is in "
"the online mode. If the credentials are incorrect, SSSD falls back to online "
"authentication."
msgstr ""
"Especifica el tiempo en segundos desde la última autenticación en línea con "
"éxito por las cuales el usuario serán autenticado usando las credenciales en "
"cache mientras SSSD está en modo en línea. Si las credenciales son "
"incorrectas, SSSD cae de nuevo a la autenticación en linea."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3988
msgid ""
"This option's value is inherited by all trusted domains. At the moment it is "
"not possible to set a different value per trusted domain."
msgstr ""
"Este valor de opción es heredado por todos los dominios de confianza. En "
"este momento no es posible establecer un valor diferente por dominio de "
"confianza."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3993
msgid "Special value 0 implies that this feature is disabled."
msgstr "El valor especial 0 implica que esta función está deshabilitada."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:3997
msgid ""
"Please note that if <quote>cached_auth_timeout</quote> is longer than "
"<quote>pam_id_timeout</quote> then the back end could be called to handle "
"<quote>initgroups.</quote>"
msgstr ""
"Por favor advierta que si <quote>cached_auth_timeout</quote> es mayor que "
"<quote>pam_id_timeout</quote> el otro extremo podría ser llamado para "
"gestionar <quote>initgroups.</quote>"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:4008
#, fuzzy
#| msgid "ldap_pwd_policy (string)"
msgid "local_auth_policy (string)"
msgstr "ldap_pwd_policy (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4011
msgid ""
"Local authentication methods policy. Some backends (i.e. LDAP, proxy "
"provider) only support a password based authentication, while others can "
"handle PKINIT based Smartcard authentication (AD, IPA), two-factor "
"authentication (IPA), or other methods against a central instance. By "
"default in such cases authentication is only performed with the methods "
"supported by the backend. With this option additional methods can be enabled "
"which are evaluated and checked locally."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4023
msgid ""
"There are three possible values for this option: match, only, enable. "
"<quote>match</quote> is used to match offline and online states for Kerberos "
"methods. <quote>only</quote> ignores the online methods and only offer the "
"local ones. enable allows explicitly defining the methods for local "
"authentication. As an example, <quote>enable:passkey</quote>, only enables "
"passkey for local authentication. Multiple enable values should be comma-"
"separated, such as <quote>enable:passkey, enable:smartcard</quote>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4036
msgid ""
"The following table shows which authentication methods, if configured "
"properly, are currently enabled or disabled for each backend, with the "
"default local_auth_policy: <quote>match</quote>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry>
#: sssd.conf.5.xml:4049
#, fuzzy
#| msgid "ldap_pwd_policy (string)"
msgid "local_auth_policy = match (default)"
msgstr "ldap_pwd_policy (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry>
#: sssd.conf.5.xml:4050
msgid "Passkey"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry>
#: sssd.conf.5.xml:4051
#, fuzzy
#| msgid "gdm-smartcard"
msgid "Smartcard"
msgstr "gdm-smartcard"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd.conf.5.xml:4054 sssd-ldap.5.xml:189
msgid "IPA"
msgstr "IPA"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd.conf.5.xml:4057 sssd-ldap.5.xml:194
msgid "AD"
msgstr "AD"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para>
#: sssd.conf.5.xml:4057 sssd.conf.5.xml:4060 sssd.conf.5.xml:4061
msgid "disabled"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry>
#: sssd.conf.5.xml:4060
msgid "LDAP"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4065
msgid ""
"Please note that if local Smartcard authentication is enabled and a "
"Smartcard is present, Smartcard authentication will be preferred over the "
"authentication methods supported by the backend.  I.e. there will be a PIN "
"prompt instead of e.g. a password prompt."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
#: sssd.conf.5.xml:4077
#, no-wrap
msgid ""
"[domain/shadowutils]\n"
"id_provider = proxy\n"
"proxy_lib_name = files\n"
"auth_provider = none\n"
"local_auth_policy = only\n"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4073
msgid ""
"The following configuration example allows local users to authenticate "
"locally using any enabled method (i.e. smartcard, passkey).  <placeholder "
"type=\"programlisting\" id=\"0\"/>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4085
msgid ""
"It is expected that the <quote>files</quote> provider ignores the "
"local_auth_policy option and supports Smartcard authentication by default."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4090
#, fuzzy
#| msgid "Default: mail"
msgid "Default: match"
msgstr "Predeterminado: mail"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:4095
msgid "auto_private_groups (string)"
msgstr "auto_private_groups (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:4101
msgid "true"
msgstr "true"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4104
msgid ""
"Create user's private group unconditionally from user's UID number.  The GID "
"number is ignored in this case."
msgstr ""
"crear el grupo privado de usuario incondicionalmente desde el número UID del "
"usuario.  El número GID se ignora en este caso."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4108
msgid ""
"NOTE: Because the GID number and the user private group are inferred from "
"the UID number, it is not supported to have multiple entries with the same "
"UID or GID number with this option. In other words, enabling this option "
"enforces uniqueness across the ID space."
msgstr ""
"AVISO: Puesto que el número GID y el grupo privado de usuario se infieren de "
"número UID, no está soportado tener múltiples entrada con los mismos UID o "
"GID con esta opción. En otras palabras, habilitando esta opción se fuerza la "
"unicidad den el espacio de ID."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:4117
msgid "false"
msgstr "false"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4120
msgid ""
"Always use the user's primary GID number. The GID number must refer to a "
"group object in the LDAP database."
msgstr ""
"Use siempre el número GID primario del usuario. El número GID debe referirse "
"a un  objeto grupo en las base de datos LDAP."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:4126
msgid "hybrid"
msgstr "hybrid"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4129
msgid ""
"A primary group is autogenerated for user entries whose UID and GID numbers "
"have the same value and at the same time the GID number does not correspond "
"to a real group object in LDAP.  If the values are the same, but the primary "
"GID in the user entry is also used by a group object, the primary GID of the "
"user resolves to that group object."
msgstr ""
"Se autogenera un grupo primario para las entradas de usuario cuyos números "
"UID y GID tienen el mismo valor y al mismo tiempo el número GID no "
"corresponde un objeto grupo real en LDAP.  Si los valores son los mismos "
"pero el GID primario en la entrada de usuario es también usado por un objeto "
"grupo, el GID primario del usuario se resuelve al de ese objeto grupo."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4142
msgid ""
"If the UID and GID of a user are different, then the GID must correspond to "
"a group entry, otherwise the GID is simply not resolvable."
msgstr ""
"Si el UID y el GID de un usuario son diferentes, el GID debe corresponder a "
"una entrada de grupo, de otro modo el GID simplemente no se puede resolver."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4149
msgid ""
"This feature is useful for environments that wish to stop maintaining a "
"separate group objects for the user private groups, but also wish to retain "
"the existing user private groups."
msgstr ""
"Esta característica es útil para entornos que desean parar manteniendo un "
"grupo separado de objetos grupos para el usuario de grupos privados, pero "
"también desea retener los grupos privados existentes del usuario."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4098
msgid ""
"This option takes any of three available values: <placeholder "
"type=\"variablelist\" id=\"0\"/>"
msgstr ""
"Esta opción toma cualquiera de los tres valores disponibles: <placeholder "
"type=\"variablelist\" id=\"0\"/>"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4161
msgid ""
"For subdomains, the default value is False for subdomains that use assigned "
"POSIX IDs and True for subdomains that use automatic ID-mapping."
msgstr ""
"Para subdominios el valor por defecto es False par subdominios que usan "
"POSIX IDs asignados y True para subdominios que usan mapeo de ID automático."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
#: sssd.conf.5.xml:4169
#, no-wrap
msgid ""
"[domain/forest.domain/sub.domain]\n"
"auto_private_groups = false\n"
msgstr ""
"[domain/forest.domain/sub.domain]\n"
"auto_private_groups = false\n"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
#: sssd.conf.5.xml:4175
#, no-wrap
msgid ""
"[domain/forest.domain]\n"
"subdomain_inherit = auto_private_groups\n"
"auto_private_groups = false\n"
msgstr ""
"[domain/forest.domain]\n"
"subdomain_inherit = auto_private_groups\n"
"auto_private_groups = false\n"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4166
msgid ""
"The value of auto_private_groups can either be set per subdomains in a "
"subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or "
"globally for all subdomains in the main domain section using the "
"subdomain_inherit option: <placeholder type=\"programlisting\" id=\"1\"/>"
msgstr ""
"El valor de auto_private_groups puede bien ser establecido por subdominios "
"en una subsección, por ejemplo: <placeholder type=\"programlisting\" "
"id=\"0\"/> o globalmente para todos los subdominios en la sección principal "
"dominio usando la opción subdomain_inherit: <placeholder "
"type=\"programlisting\" id=\"1\"/>"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:2570
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
"Estas opciones de configuración pueden estar presentes en la sección "
"configuración de dominio, esto es, en una sección llamada <quote>[domain/"
"<replaceable>NAME</replaceable>]</quote> <placeholder type=\"variablelist\" "
"id=\"0\"/>"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:4190
msgid "proxy_pam_target (string)"
msgstr "proxy_pam_target (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4193
msgid "The proxy target PAM proxies to."
msgstr "El proxy de destino PAM próximo a."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4196
#, fuzzy
#| msgid ""
#| "Default: not set by default, you have to take an existing pam "
#| "configuration or create a new one and add the service name here."
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here. As an alternative you can "
"enable local authentication with the local_auth_policy option."
msgstr ""
"Por defecto: no se fija por defecto, usted tiene que coger una configuración "
"pam existente o crear una nueva y añadir el nombre de servicio aquí."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:4206
msgid "proxy_lib_name (string)"
msgstr "proxy_lib_name (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4209
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
"for example _nss_files_getpwent."
msgstr ""
"El nombre de la librería NSS para usar en los dominios proxy. Las funciones "
"NSS buscadas dentro de la librería están el formato de "
"_nss_$(libName)_$(function), por ejemplo _nss_files_getpwent."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:4219
msgid "proxy_resolver_lib_name (string)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4222
msgid ""
"The name of the NSS library to use for hosts and networks lookups in proxy "
"domains. The NSS functions searched for in the library are in the form of "
"_nss_$(libName)_$(function), for example _nss_dns_gethostbyname2_r."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:4233
msgid "proxy_fast_alias (boolean)"
msgstr "proxy_fast_alias (booleano)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4236
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
"name was an alias. Setting this option to true would cause the SSSD to "
"perform the ID lookup from cache for performance reasons."
msgstr ""
"Cuando un usuario o grupo es buscado por nombre en el proveedor proxy, una "
"segunda búsqueda por ID es llevada a cabo para “estandarizar” el nombre en "
"el caso de que el nombre pedido fuera un alias. Fijando esta opción a true "
"se causaría que SSSD lleve a cabo una búsqueda de ID desde el escondrijo por "
"razones de rendimiento."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:4250
msgid "proxy_max_children (integer)"
msgstr "proxy_max_children (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4253
msgid ""
"This option specifies the number of pre-forked proxy children. It is useful "
"for high-load SSSD environments where sssd may run out of available child "
"slots, which would cause some issues due to the requests being queued."
msgstr ""
"Esta opción especifica el número de hijos proxy pre-bifurcados. Es útil para "
"entornor SSSD de alta carga donde sssd puede quedarse sin espacios para "
"hijos disponibles, lo que podría causar errores debido a las peticiones que "
"son encoladas."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:4186
msgid ""
"Options valid for proxy domains.  <placeholder type=\"variablelist\" "
"id=\"0\"/>"
msgstr ""
"Opciones válidas para dominios proxy.  <placeholder type=\"variablelist\" "
"id=\"0\"/>"

#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd.conf.5.xml:4269
msgid "Application domains"
msgstr "Dominios de aplicaciones"

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sssd.conf.5.xml:4271
msgid ""
"SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</"
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to "
"applications as a gateway to an LDAP directory where users and groups are "
"stored. However, contrary to the traditional SSSD deployment where all users "
"and groups either have POSIX attributes or those attributes can be inferred "
"from the Windows SIDs, in many cases the users and groups in the application "
"support scenario have no POSIX attributes.  Instead of setting a "
"<quote>[domain/<replaceable>NAME</replaceable>]</quote> section, the "
"administrator can set up an <quote>[application/<replaceable>NAME</"
"replaceable>]</quote> section that internally represents a domain with type "
"<quote>application</quote> optionally inherits settings from a tradition "
"SSSD domain."
msgstr ""
"SSSD, con su interfaz D-Bus (see <citerefentry> <refentrytitle>sssd-ifp</"
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) es atractivo para "
"las aplicaciones como puerta de entrada a un directorio LDAP donde se "
"almacenan usuarios y grupos. Sin embargo, de modo distinto al tradicional "
"despliegue SSSD donde todos los usuarios y grupos bien tienen atributos "
"POSIX o esos atributos se pueden inferir desde los Windows SIDs, en muchos "
"casos los usuarios y grupos en el escenario de soporte de la aplicación no "
"tienen atributos POSIX.  En lugar de establecer una sección <quote>[domain/"
"<replaceable>NAME</replaceable>]</quote>, el administrador puede configurar "
"una sección <quote>[application/<replaceable>NAME</replaceable>]</quote> que "
"internamente represente un dominio con un tipo <quote>application</quote> "
"que opcionalmente herede ajustes de un dominio SSSD tradicional."

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sssd.conf.5.xml:4291
msgid ""
"Please note that the application domain must still be explicitly enabled in "
"the <quote>domains</quote> parameter so that the lookup order between the "
"application domain and its POSIX sibling domain is set correctly."
msgstr ""
"Por favor advierta que el dominio de aplicación debe aún ser habilitado "
"explícitamente en el parámetros <quote>domains</quote> de modo que la orden "
"de búsqueda entre el dominio de aplicación y su dominio POSIX hermano está "
"establecido correctamente."

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
#: sssd.conf.5.xml:4297
msgid "Application domain parameters"
msgstr "Parámetros de dominio de aplicación"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd.conf.5.xml:4299
msgid "inherit_from (string)"
msgstr "inherit_from (cadena)"

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4302
msgid ""
"The SSSD POSIX-type domain the application domain inherits all settings "
"from. The application domain can moreover add its own settings to the "
"application settings that augment or override the <quote>sibling</quote> "
"domain settings."
msgstr ""
"En el dominio tipo SSSD POSIX el dominio de aplicación hereda todos los "
"ajustes. El dominio de aplicación puede además añadir sus propios ajustes a "
"los ajustes de aplicación que aumentan o anulan los ajustes del dominio "
"<quote>hermano</quote>."

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sssd.conf.5.xml:4316
msgid ""
"The following example illustrates the use of an application domain. In this "
"setup, the POSIX domain is connected to an LDAP server and is used by the OS "
"through the NSS responder. In addition, the application domain also requests "
"the telephoneNumber attribute, stores it as the phone attribute in the cache "
"and makes the phone attribute reachable through the D-Bus interface."
msgstr ""
"El siguiente ejemplo ilustra el uso de un dominio de aplicación. En este "
"ajuste, el dominio POSIX está conectado a un servidor LDAP y se usa por el "
"SO a través de un contestador NSS. Además, el dominio de aplicación también "
"pide el atributo telephoneNumber, lo almacena como el atributo phone en la "
"cache y hace al atributo phone alcanzable a través del interfaz D-Bus."

#. type: Content of: <reference><refentry><refsect1><refsect2><programlisting>
#: sssd.conf.5.xml:4324
#, no-wrap
msgid ""
"[sssd]\n"
"domains = appdom, posixdom\n"
"\n"
"[ifp]\n"
"user_attributes = +phone\n"
"\n"
"[domain/posixdom]\n"
"id_provider = ldap\n"
"ldap_uri = ldap://ldap.example.com\n"
"ldap_search_base = dc=example,dc=com\n"
"\n"
"[application/appdom]\n"
"inherit_from = posixdom\n"
"ldap_user_extra_attrs = phone:telephoneNumber\n"
msgstr ""
"[sssd]\n"
"domains = appdom, posixdom\n"
"\n"
"[ifp]\n"
"user_attributes = +phone\n"
"\n"
"[domain/posixdom]\n"
"id_provider = ldap\n"
"ldap_uri = ldap://ldap.example.com\n"
"ldap_search_base = dc=example,dc=com\n"
"\n"
"[application/appdom]\n"
"inherit_from = posixdom\n"
"ldap_user_extra_attrs = phone:telephoneNumber\n"

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd.conf.5.xml:4344
msgid "TRUSTED DOMAIN SECTION"
msgstr "SECCIÓN DE DOMINIO DE CONFIANZA"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:4346
msgid ""
"Some options used in the domain section can also be used in the trusted "
"domain section, that is, in a section called <quote>[domain/"
"<replaceable>DOMAIN_NAME</replaceable>/<replaceable>TRUSTED_DOMAIN_NAME</"
"replaceable>]</quote>.  Where DOMAIN_NAME is the actual joined-to base "
"domain. Please refer to examples below for explanation.  Currently supported "
"options in the trusted domain section are:"
msgstr ""
"Algunas opciones usadas en la sección dominio puede ser usadas también en la "
"sección dominio de confianza, esto es, en una sección llamada<quote>[domain/"
"<replaceable>DOMAIN_NAME</replaceable>/<replaceable>TRUSTED_DOMAIN_NAME</"
"replaceable>]</quote>.  Donde DOMAIN_NAME es el dominio base real. Por favor "
"vea los ejemplos de abajo para una explicación.  Actualmente las opciones "
"soportadas en la sección de dominio de confianza son:"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:4353
msgid "ldap_search_base,"
msgstr "ldap_search_base,"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:4354
msgid "ldap_user_search_base,"
msgstr "ldap_user_search_base,"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:4355
msgid "ldap_group_search_base,"
msgstr "ldap_group_search_base,"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:4356
msgid "ldap_netgroup_search_base,"
msgstr "ldap_netgroup_search_base,"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:4357
msgid "ldap_service_search_base,"
msgstr "ldap_service_search_base,"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:4358
msgid "ldap_sasl_mech,"
msgstr "ldap_sasl_mech,"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:4359
msgid "ad_server,"
msgstr "ad_server,"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:4360
msgid "ad_backup_server,"
msgstr "ad_backup_server,"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:4361
msgid "ad_site,"
msgstr "ad_site,"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
#: sssd.conf.5.xml:4362 sssd-ipa.5.xml:884
msgid "use_fully_qualified_names"
msgstr "use_fully_qualified_names"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:4366
msgid ""
"For more details about these options see their individual description in the "
"manual page."
msgstr ""
"Para más detalles sobre estas opciones vea su descripción individual en la "
"página de manual."

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd.conf.5.xml:4372
msgid "CERTIFICATE MAPPING SECTION"
msgstr "SECCIÓN DE MAPEO DEL CERTIFICADO"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:4374
msgid ""
"To allow authentication with Smartcards and certificates SSSD must be able "
"to map certificates to users. This can be done by adding the full "
"certificate to the LDAP object of the user or to a local override. While "
"using the full certificate is required to use the Smartcard authentication "
"feature of SSH (see <citerefentry> <refentrytitle>sss_ssh_authorizedkeys</"
"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> for details) it "
"might be cumbersome or not even possible to do this for the general case "
"where local services use PAM for authentication."
msgstr ""
"Para permitir la autenticación con Smartcards y certificados SSSD debe ser "
"capaz de mapear los certificados con los usuarios. Esto puede ser hecho "
"añadiendo el certificado completo al objeto LDAP del usuario o a una "
"anulación local. Mientras requierir el uso del certificado completo para "
"usar la característica autenticación Smartcard de SSH (ver <citerefentry> "
"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle> <manvolnum>8</"
"manvolnum> </citerefentry> para más detalles) puede ser engorroso o no "
"siempre posible de hacer esto en el caso general donde los servicios locales "
"usan autenticación PAM."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:4388
msgid ""
"To make the mapping more flexible mapping and matching rules were added to "
"SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> "
"<manvolnum>5</manvolnum> </citerefentry> for details)."
msgstr ""
"Para hacer que la asignación sea más flexible, se agregaron reglas de "
"asignación y coincidencia a SSSD (ver más detalles en <citerefentry> "
"<refentrytitle>sss-certmap</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry>)."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:4397
msgid ""
"A mapping and matching rule can be added to the SSSD configuration in a "
"section on its own with a name like <quote>[certmap/"
"<replaceable>DOMAIN_NAME</replaceable>/<replaceable>RULE_NAME</"
"replaceable>]</quote>.  In this section the following options are allowed:"
msgstr ""
"Un regla de mapeo y coincidencia puede ser añadida a la configuración SSSD "
"en una sección en si misma con un nombre como <quote>[certmap/"
"<replaceable>DOMAIN_NAME</replaceable>/<replaceable>RULE_NAME</"
"replaceable>]</quote>.  En esta sección están permitidas las siguientes "
"opciones:"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.conf.5.xml:4404
msgid "matchrule (string)"
msgstr "matchrule (cadena)"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4407
msgid ""
"Only certificates from the Smartcard which matches this rule will be "
"processed, all others are ignored."
msgstr ""
"Solo los certificados de la Smartcard que coincidan con esta regla serán "
"procesados, los demás son ignorados."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4411
msgid ""
"Default: KRB5:&lt;EKU&gt;clientAuth, i.e. only certificates which have the "
"Extended Key Usage <quote>clientAuth</quote>"
msgstr ""
"Predeterminado: KRB5:&lt;EKU&gt;clientAuth, i.e. solo los certificados que "
"tengan Extended Key Usage <quote>clientAuth</quote>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.conf.5.xml:4418
msgid "maprule (string)"
msgstr "maprule (cadena)"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4421
msgid "Defines how the user is found for a given certificate."
msgstr "Define como se encuentra un usuario desde un certificado dado."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd.conf.5.xml:4427
msgid ""
"LDAP:(userCertificate;binary={cert!bin})  for LDAP based providers like "
"<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>."
msgstr ""
"LDAP:(userCertificate;binary={cert!bin})  para proveedores basados en LDAP "
"como <quote>ldap</quote>, <quote>AD</quote> o <quote>ipa</quote>."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd.conf.5.xml:4433
msgid ""
"The RULE_NAME for the <quote>files</quote> provider which tries to find a "
"user with the same name."
msgstr ""
"El RULE_NAME para el proveedor de <quote>ficheros</quote> que intenta "
"encontrar un usuario con el mismo nombre."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.conf.5.xml:4442
msgid "domains (string)"
msgstr "domains (cadena)"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4445
msgid ""
"Comma separated list of domain names the rule should be applied. By default "
"a rule is only valid in the domain configured in sssd.conf. If the provider "
"supports subdomains this option can be used to add the rule to subdomains as "
"well."
msgstr ""
"Lista separada por comas de nombrs de dominios a los que la regla debería "
"ser aplicada. Por defecto una regla solo es válida en el dominio configurado "
"en sssd.conf. Si el proveedor soporta subdominios esta opción puede ser "
"usada para añadir la regla a los subdominios también."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4452
msgid "Default: the configured domain in sssd.conf"
msgstr "Predetermiado: el dominio configurado en sssd.conf"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.conf.5.xml:4457
msgid "priority (integer)"
msgstr "priority (entero)"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4460
msgid ""
"Unsigned integer value defining the priority of the rule. The higher the "
"number the lower the priority.  <quote>0</quote> stands for the highest "
"priority while <quote>4294967295</quote> is the lowest."
msgstr ""
"Valor entero sin signo que define la prioridad de la regla. El número más "
"alto la prioridad más baja.  <quote>0</quote> se mantiene para la prioridad "
"más alte mientras que <quote>4294967295</quote> es la más baja."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4466
msgid "Default: the lowest priority"
msgstr "Predeterminado: la prioridad más baja"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:4472
msgid ""
"To make the configuration simple and reduce the amount of configuration "
"options the <quote>files</quote> provider has some special properties:"
msgstr ""
"Para hacer la configuración sencilla y reducir la cantidad de opciones de "
"configuración el proveedor de <quote>ficheros</quote> tiene algunas "
"propiedades especiales:"

#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
#: sssd.conf.5.xml:4478
msgid ""
"if maprule is not set the RULE_NAME name is assumed to be the name of the "
"matching user"
msgstr ""
"si maprule no está establecido el nombre RULE_NAME se asume como en del "
"usuario coincidente"

#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
#: sssd.conf.5.xml:4484
msgid ""
"if a maprule is used both a single user name or a template like "
"<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. "
"<quote>(username)</quote> or <quote>({subject_rfc822_name.short_name})</"
"quote>"
msgstr ""
"si se usa una maprule tanto un único nombre de usuario como una plantilla "
"como <quote>{subject_rfc822_name.short_name}</quote> debe ir entre llaves "
"como e.g. <quote>(username)</quote> or <quote>({subject_rfc822_name."
"short_name})</quote>"

#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
#: sssd.conf.5.xml:4493
msgid "the <quote>domains</quote> option is ignored"
msgstr "la opción <quote>domains</quote> es ignorada"

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd.conf.5.xml:4501
msgid "PROMPTING CONFIGURATION SECTION"
msgstr "SECCIÓN DE CONFIGURACIÓN INICIAL"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:4503
msgid ""
"If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</"
"filename>)  exists SSSD's PAM module pam_sss will ask SSSD to figure out "
"which authentication methods are available for the user trying to log in.  "
"Based on the results pam_sss will prompt the user for appropriate "
"credentials."
msgstr ""
"Si existe un fichero especial(<filename>/var/lib/sss/pubconf/"
"pam_preauth_available</filename>)  el módulo PAM de SSSD pam_sss le pedirá a "
"SSSD que descubra que métodos de autenticación están disponibles para el "
"usuario que intenta iniciar sesión. En base a los resultados pam_sss pedirá "
"al usuario las credenciales apropiadas."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:4511
msgid ""
"With the growing number of authentication methods and the possibility that "
"there are multiple ones for a single user the heuristic used by pam_sss to "
"select the prompting might not be suitable for all use cases. The following "
"options should provide a better flexibility here."
msgstr ""
"Con el creciente número de métodos de autenticación y la la posibilidad de "
"que haya múltiples para un único usuario la heurística usada por pam_sss "
"para seleccionar la solicitud podría no ser adecuada para todos los casos. "
"Las siguientes opciones deberían suministrar una mejor flexibilidad aquí."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:4523
msgid "[prompting/password]"
msgstr "[prompting/password]"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:4526
msgid "password_prompt"
msgstr "password_prompt"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4527
msgid "to change the string of the password prompt"
msgstr "cambiar la cadena de solicitud de contraseña"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4525
msgid ""
"to configure password prompting, allowed options are: <placeholder "
"type=\"variablelist\" id=\"0\"/>"
msgstr ""
"para configurar la solicitud de contraseña, las opciones permitidas son: "
"<placeholder type=\"variablelist\" id=\"0\"/>"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:4535
msgid "[prompting/2fa]"
msgstr "[prompting/2fa]"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:4539
msgid "first_prompt"
msgstr "first_prompt"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4540
msgid "to change the string of the prompt for the first factor"
msgstr "para cambiar la cadena de la solicitud del primer factor"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:4543
msgid "second_prompt"
msgstr "second_prompt"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4544
msgid "to change the string of the prompt for the second factor"
msgstr "para cambiar la cadena de la solicitud para el segundo factor"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:4547
msgid "single_prompt"
msgstr "single_prompt"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4548
#, fuzzy
#| msgid ""
#| "boolean value, if True there will be only a single prompt using the value "
#| "of first_prompt where it is expected that both factors are entered as a "
#| "single string"
msgid ""
"boolean value, if True there will be only a single prompt using the value of "
"first_prompt where it is expected that both factors are entered as a single "
"string. Please note that both factors have to be entered here, even if the "
"second factor is optional."
msgstr ""
"valor booleano, si True habrá una única pregunta usando el valor de "
"first_prompt donde se espera que ambos factores se introduzcan como una "
"única cadena"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4537
msgid ""
"to configure two-factor authentication prompting, allowed options are: "
"<placeholder type=\"variablelist\" id=\"0\"/> If the second factor is "
"optional and it should be possible to log in either only with the password "
"or with both factors two-step prompting has to be used."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:4565
#, fuzzy
#| msgid "[prompting/password]"
msgid "[prompting/passkey]"
msgstr "[prompting/password]"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd.conf.5.xml:4571 sssd-ad.5.xml:1021
msgid "interactive"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4573
msgid ""
"boolean value, if True prompt a message and wait before testing the presence "
"of a passkey device.  Recommended if your device doesn’t have a tactile "
"trigger."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:4581
#, fuzzy
#| msgid "first_prompt"
msgid "interactive_prompt"
msgstr "first_prompt"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4583
#, fuzzy
#| msgid "to change the string of the password prompt"
msgid "to change the message of the interactive prompt."
msgstr "cambiar la cadena de solicitud de contraseña"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:4588
msgid "touch"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4590
msgid ""
"boolean value, if True prompt a message to remind the user to touch the "
"device."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:4596
#, fuzzy
#| msgid "first_prompt"
msgid "touch_prompt"
msgstr "first_prompt"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4598
#, fuzzy
#| msgid "to change the string of the password prompt"
msgid "to change the message of the touch prompt."
msgstr "cambiar la cadena de solicitud de contraseña"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:4567
#, fuzzy
#| msgid ""
#| "to configure two-factor authentication prompting, allowed options are: "
#| "<placeholder type=\"variablelist\" id=\"0\"/>"
msgid ""
"to configure passkey authentication prompting, allowed options are: "
"<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
"para configurar la consulta de autenticación de dos factores, las opciones "
"permitidas son: <placeholder type=\"variablelist\" id=\"0\"/>"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:4518
#, fuzzy
#| msgid ""
#| "Each supported authentication method has its own configuration subsection "
#| "under <quote>[prompting/...]</quote>. Currently there are: <placeholder "
#| "type=\"variablelist\" id=\"0\"/> <placeholder type=\"variablelist\" "
#| "id=\"1\"/>"
msgid ""
"Each supported authentication method has its own configuration subsection "
"under <quote>[prompting/...]</quote>. Currently there are: <placeholder "
"type=\"variablelist\" id=\"0\"/> <placeholder type=\"variablelist\" id=\"1\"/"
"> <placeholder type=\"variablelist\" id=\"2\"/>"
msgstr ""
"Cada método de autenticación soportado tiene su propia subsección de "
"configuración bajo <quote>[prompting/...]</quote>. Actualmente hay: "
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder "
"type=\"variablelist\" id=\"1\"/>"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:4609
msgid ""
"It is possible to add a subsection for specific PAM services, e.g. "
"<quote>[prompting/password/sshd]</quote> to individual change the prompting "
"for this service."
msgstr ""
"Es posible añadir una subsección para servicios PAM específicos, e.g. "
"<quote>[prompting/password/sshd]</quote> para el cambio individual de la "
"pregunta para este servicio."

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd.conf.5.xml:4616 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43
msgid "EXAMPLES"
msgstr "EJEMPLOS"

#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sssd.conf.5.xml:4622
#, no-wrap
msgid ""
"[sssd]\n"
"domains = LDAP\n"
"services = nss, pam\n"
"config_file_version = 2\n"
"\n"
"[nss]\n"
"filter_groups = root\n"
"filter_users = root\n"
"\n"
"[pam]\n"
"\n"
"[domain/LDAP]\n"
"id_provider = ldap\n"
"ldap_uri = ldap://ldap.example.com\n"
"ldap_search_base = dc=example,dc=com\n"
"\n"
"auth_provider = krb5\n"
"krb5_server = kerberos.example.com\n"
"krb5_realm = EXAMPLE.COM\n"
"cache_credentials = true\n"
"\n"
"min_id = 10000\n"
"max_id = 20000\n"
"enumerate = False\n"
msgstr ""
"[sssd]\n"
"domains = LDAP\n"
"services = nss, pam\n"
"config_file_version = 2\n"
"\n"
"[nss]\n"
"filter_groups = root\n"
"filter_users = root\n"
"\n"
"[pam]\n"
"\n"
"[domain/LDAP]\n"
"id_provider = ldap\n"
"ldap_uri = ldap://ldap.example.com\n"
"ldap_search_base = dc=example,dc=com\n"
"\n"
"auth_provider = krb5\n"
"krb5_server = kerberos.example.com\n"
"krb5_realm = EXAMPLE.COM\n"
"cache_credentials = true\n"
"\n"
"min_id = 10000\n"
"max_id = 20000\n"
"enumerate = False\n"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:4618
msgid ""
"1. The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
"configuring domains for more details.  <placeholder type=\"programlisting\" "
"id=\"0\"/>"
msgstr ""
"1. El siguiente ejemplo muestra una configuración SSSD típica.No describe la "
"configuración de los dominios en si mismos - vea la documentación sobre "
"configuración de dominios para mas detalles.  <placeholder "
"type=\"programlisting\" id=\"0\"/>"

#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sssd.conf.5.xml:4655
#, no-wrap
msgid ""
"[domain/ipa.com/child.ad.com]\n"
"use_fully_qualified_names = false\n"
msgstr ""
"[domain/ipa.com/child.ad.com]\n"
"use_fully_qualified_names = false\n"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:4649
msgid ""
"2. The following example shows configuration of IPA AD trust where the AD "
"forest consists of two domains in a parent-child structure.  Suppose IPA "
"domain (ipa.com) has trust with AD domain(ad.com).  ad.com has child domain "
"(child.ad.com). To enable shortnames in the child domain the following "
"configuration should be used.  <placeholder type=\"programlisting\" id=\"0\"/"
">"
msgstr ""
"2. El siguiente ejemplo muestra la configuración de confianza IPA AD el "
"bosque AD consta de dos dominios en una estructura padre-hijo.  Supone que "
"el dominio IPA (ipa.com) tiene confianza con el dominio AD (ad.com).  ad.com "
"tiene dominio hijo (child.ad.com). Para habilitar nombres cortos en el "
"dominio hijo se debería usar la siguiente configuración.  <placeholder "
"type=\"programlisting\" id=\"0\"/>"

#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sssd.conf.5.xml:4666
#, fuzzy, no-wrap
#| msgid ""
#| "[certmap/my.domain/rule_name]\n"
#| "matchrule = &lt;ISSUER&gt;^CN=My-CA,DC=MY,DC=DOMAIN$\n"
#| "maprule = (userCertificate;binary={cert!bin})\n"
#| "domains = my.domain, your.domain\n"
#| "priority = 10\n"
#| "\n"
#| "[certmap/files/myname]\n"
#| "matchrule = &lt;ISSUER&gt;^CN=My-CA,DC=MY,DC=DOMAIN$&lt;SUBJECT&gt;^CN=User.Name,DC=MY,DC=DOMAIN$\n"
msgid ""
"[certmap/my.domain/rule_name]\n"
"matchrule = &lt;ISSUER&gt;^CN=My-CA,DC=MY,DC=DOMAIN$\n"
"maprule = (userCertificate;binary={cert!bin})\n"
"domains = my.domain, your.domain\n"
"priority = 10\n"
msgstr ""
"[certmap/my.domain/rule_name]\n"
"matchrule = &lt;ISSUER&gt;^CN=My-CA,DC=MY,DC=DOMAIN$\n"
"maprule = (userCertificate;binary={cert!bin})\n"
"domains = my.domain, your.domain\n"
"priority = 10\n"
"\n"
"[certmap/files/myname]\n"
"matchrule = &lt;ISSUER&gt;^CN=My-CA,DC=MY,DC=DOMAIN$&lt;SUBJECT&gt;^CN=User.Name,DC=MY,DC=DOMAIN$\n"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:4660
#, fuzzy
#| msgid ""
#| "3. The following example shows the configuration for two certificate "
#| "mapping rules. The first is valid for the configured domain <quote>my."
#| "domain</quote> and additionally for the subdomains <quote>your.domain</"
#| "quote> and uses the full certificate in the search filter. The second "
#| "example is valid for the domain <quote>files</quote> where it is assumed "
#| "the files provider is used for this domain and contains a matching rule "
#| "for the local user <quote>myname</quote>.  <placeholder "
#| "type=\"programlisting\" id=\"0\"/>"
msgid ""
"3. The following example shows the configuration of a certificate mapping "
"rule. It is valid for the configured domain <quote>my.domain</quote> and "
"additionally for the subdomains <quote>your.domain</quote> and uses the full "
"certificate in the search filter.  <placeholder type=\"programlisting\" "
"id=\"0\"/>"
msgstr ""
"3. El siguiente ejemplo muestra la configuración para dos reglas de mapeo de "
"certificado. La primera es válida para el dominio configurado <quote>my."
"domain</quote> y adicionalmente para los subdominios <quote>your.domain</"
"quote> y usa el certificado completo en el filtro de búsqueda. El segundo "
"ejemplo es válido para el dominio <quote>files</quote> donde se asume que el "
"proveedor de ficheros se usa por este dominio y contiene la regla de "
"coincidencia para el usuario local <quote>myname</quote>.  <placeholder "
"type=\"programlisting\" id=\"0\"/>"

#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16
msgid "sssd-ldap"
msgstr "sssd-ldap"

#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sssd-ldap.5.xml:17
msgid "SSSD LDAP provider"
msgstr "Proveedor SSSD LDAP"

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-ldap.5.xml:21 pam_sss.8.xml:63 pam_sss_gss.8.xml:30
#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sss-certmap.5.xml:21
#: sssd-ipa.5.xml:21 sssd-ad.5.xml:21 sssd-sudo.5.xml:21 sssd.8.xml:29
#: sss_obfuscate.8.xml:30 sss_override.8.xml:30 sssd-krb5.5.xml:21
#: sss_cache.8.xml:29 sss_debuglevel.8.xml:30 sss_seed.8.xml:31
#: sssd-ifp.5.xml:21 sss_ssh_authorizedkeys.1.xml:30
#: sss_ssh_knownhostsproxy.1.xml:31 idmap_sss.8.xml:20 sssctl.8.xml:30
#: sssd-files.5.xml:21 sssd-session-recording.5.xml:21 sssd-kcm.8.xml:21
#: sssd-systemtap.5.xml:21 sssd-ldap-attributes.5.xml:21
#: sssd_krb5_localauth_plugin.8.xml:20
msgid "DESCRIPTION"
msgstr "DESCRIPCION"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ldap.5.xml:23
msgid ""
"This manual page describes the configuration of LDAP domains for "
"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
"</citerefentry>.  Refer to the <quote>FILE FORMAT</quote> section of the "
"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> manual page for detailed syntax information."
msgstr ""
"Esta página de manual describe la configuración de dominios LDAP para "
"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
"</citerefentry>. Vea la sección <quote>FILE FORMAT</quote> de la página de "
"manual <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> para información detallada de la sintáxis."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ldap.5.xml:35
msgid "You can configure SSSD to use more than one LDAP domain."
msgstr "Puede configurar SSSD para usar más de un dominio LDAP."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ldap.5.xml:38
#, fuzzy
#| msgid ""
#| "LDAP back end supports id, auth, access and chpass providers. If you want "
#| "to authenticate against an LDAP server either TLS/SSL or LDAPS is "
#| "required. <command>sssd</command> <emphasis>does not</emphasis> support "
#| "authentication over an unencrypted channel.  If the LDAP server is used "
#| "only as an identity provider, an encrypted channel is not needed. Please "
#| "refer to <quote>ldap_access_filter</quote> config option for more "
#| "information about using LDAP as an access provider."
msgid ""
"LDAP back end supports id, auth, access and chpass providers. If you want to "
"authenticate against an LDAP server either TLS/SSL or LDAPS is required. "
"<command>sssd</command> <emphasis>does not</emphasis> support authentication "
"over an unencrypted channel.  Even if the LDAP server is used only as an "
"identity provider, an encrypted channel is strongly recommended. Please "
"refer to <quote>ldap_access_filter</quote> config option for more "
"information about using LDAP as an access provider."
msgstr ""
"El punto final de LDAP soporta proveedores de id, auth, acceso y chpass. Si "
"usted desea autenticarse contra un servidor LDAP se requiere bien TLS/SSL o "
"LDAPS. <command>sssd</command> <emphasis>no</emphasis> soporta autenticación "
"sobre un canal no esncriptado. Si el servidor LDAP se usa sólo como un "
"proveedor de identidad, no se necesita un canal encriptado. Por favor vea la "
"opción de configuración <quote>ldap_access_filter</quote> para más "
"información sobre la utilización de LDAP como proveedor de acceso."

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-ldap.5.xml:50 sssd-simple.5.xml:69 sssd-ipa.5.xml:82 sssd-ad.5.xml:130
#: sssd-krb5.5.xml:63 sssd-ifp.5.xml:60 sssd-files.5.xml:77
#: sssd-session-recording.5.xml:58 sssd-kcm.8.xml:202
msgid "CONFIGURATION OPTIONS"
msgstr "OPCIONES DE CONFIGURACIÓN"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:67
msgid "ldap_uri, ldap_backup_uri (string)"
msgstr "ldap_uri, ldap_backup_uri (string)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:70
msgid ""
"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD "
"should connect in the order of preference. Refer to the <quote>FAILOVER</"
"quote> section for more information on failover and server redundancy.  If "
"neither option is specified, service discovery is enabled. For more "
"information, refer to the <quote>SERVICE DISCOVERY</quote> section."
msgstr ""
"Especifica una lista separada por comas de URIs del servidor LDAP al que "
"SSSD se conectaría en orden de preferencia. Vea la sección "
"<quote>CONMUTACIÓN EN ERROR</quote> para más información sobre la "
"conmutación en error y la redundancia de servidor. Si no hay opción "
"especificada, se habilita el descubridor de servicio. Para más información, "
"vea la sección <quote>DESCUBRIDOR DE SERVICIOS</quote>"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:77
msgid "The format of the URI must match the format defined in RFC 2732:"
msgstr ""
"El formato de la URI debe coincidir con el formato definido en RFC 2732:"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:80
msgid "ldap[s]://&lt;host&gt;[:port]"
msgstr "ldap[s]://&lt;host&gt;[:port]"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:83
msgid ""
"For explicit IPv6 addresses, &lt;host&gt; must be enclosed in brackets []"
msgstr ""
"Para direcciones IPv6 explícitas, &lt;host&gt; debe estar entre corchetes []"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:86
msgid "example: ldap://[fc00::126:25]:389"
msgstr "ejemplo: ldap://[fc00::126:25]:389"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:92
msgid "ldap_chpass_uri, ldap_chpass_backup_uri (string)"
msgstr "ldap_chpass_uri, ldap_chpass_backup_uri (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:95
msgid ""
"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD "
"should connect in the order of preference to change the password of a user. "
"Refer to the <quote>FAILOVER</quote> section for more information on "
"failover and server redundancy."
msgstr ""
"Especifica la lista separada por comas de URIs de los servidores LDAP a los "
"que SSSD se conectaría con el objetivo preferente de cambiar la contraseña "
"de un usuario. Vea la sección <quote>FAILOVER</quote> para más información "
"sobre failover y redundancia de servidor."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:102
msgid "To enable service discovery ldap_chpass_dns_service_name must be set."
msgstr ""
"Para habilitar el servicio descubrimiento ldap_chpass_dns_service_name debe "
"ser establecido."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:106
msgid "Default: empty, i.e. ldap_uri is used."
msgstr "Por defecto: vacio, esto es ldap_uri se está usando."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:112
msgid "ldap_search_base (string)"
msgstr "ldap_search_base (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:115
msgid "The default base DN to use for performing LDAP user operations."
msgstr ""
"El DN base por defecto que se usará para realizar operaciones LDAP de "
"usuario."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:119
msgid ""
"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the "
"syntax:"
msgstr ""
"Desde SSSD 1.7.0, SSSD soporta múltiples bases de búsqueda usando la "
"sintaxis:"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:123
msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]"
msgstr "search_base[?scope?[filter][?search_base?scope?[filter]]*]"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:126
msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"."
msgstr "El alcance puede ser uno de “base”, “onlevel” o “subtree”."

#. type: Content of: <listitem><para>
#: sssd-ldap.5.xml:129 include/ldap_search_bases.xml:18
msgid ""
"The filter must be a valid LDAP search filter as specified by http://www."
"ietf.org/rfc/rfc2254.txt"
msgstr ""
"El filtro debe ser un filtro de búsqueda LDAP válido como se especifica en "
"http://www.ietf.org/rfc/rfc2254.txt"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:133 sssd-ad.5.xml:311 sss_override.8.xml:143
#: sss_override.8.xml:240 sssd-ldap-attributes.5.xml:453
msgid "Examples:"
msgstr "Ejemplos:"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:136
msgid ""
"ldap_search_base = dc=example,dc=com (which is equivalent to)  "
"ldap_search_base = dc=example,dc=com?subtree?"
msgstr ""
"ldap_search_base = dc=example,dc=com (que es equivalente a) ldap_search_base "
"= dc=example,dc=com?subtree?"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:141
msgid ""
"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?"
"(host=thishost)?dc=example.com?subtree?"
msgstr ""
"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?"
"(host=thishost)?dc=example.com?subtree?"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:144
msgid ""
"Note: It is unsupported to have multiple search bases which reference "
"identically-named objects (for example, groups with the same name in two "
"different search bases). This will lead to unpredictable behavior on client "
"machines."
msgstr ""
"Nota: No está soportado tener múltiples bases de búsqueda que se referencien "
"a objetos nombrados idénticamente (por ejemplo, grupos con el mismo nombre "
"en dos bases de búsqueda diferentes). Esto llevara a comportamientos "
"impredecibles sobre máquinas cliente."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:151
msgid ""
"Default: If not set, the value of the defaultNamingContext or namingContexts "
"attribute from the RootDSE of the LDAP server is used. If "
"defaultNamingContext does not exist or has an empty value namingContexts is "
"used.  The namingContexts attribute must have a single value with the DN of "
"the search base of the LDAP server to make this work. Multiple values are "
"are not supported."
msgstr ""
"Por defecto: no se fija, se usa el valor de los atributos "
"defaultNamingContext o namingContexts  de RootDSE del servidor LDAP usado. "
"Si defaultNamingContext no existe o tiene un valor vacío se usa "
"namingContexts. El atributo namingContexts debe tener un único valor con el "
"DN de la base de búsqueda del servidor LDAP para hacer este trabajo. No se "
"soportan múltiples valores."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:165
msgid "ldap_schema (string)"
msgstr "ldap_schema (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:168
msgid ""
"Specifies the Schema Type in use on the target LDAP server.  Depending on "
"the selected schema, the default attribute names retrieved from the servers "
"may vary.  The way that some attributes are handled may also differ."
msgstr ""
"Especifica el Tipo de Esquema en uso en el servidor LDAP objetivo. "
"Dependiendo del esquema seleccionado, los nombres de atributos por defecto "
"que se recuperan de los servidores pueden variar. La manera en que algunos "
"atributos son manejados puede también diferir."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:175
msgid "Four schema types are currently supported:"
msgstr "Cuatro tipos de esquema son actualmente soportados:"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ldap.5.xml:179
msgid "rfc2307"
msgstr "rfc2307"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ldap.5.xml:184
msgid "rfc2307bis"
msgstr "rfc2307bis"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:200
msgid ""
"The main difference between these schema types is how group memberships are "
"recorded in the server.  With rfc2307, group members are listed by name in "
"the <emphasis>memberUid</emphasis> attribute.  With rfc2307bis and IPA, "
"group members are listed by DN and stored in the <emphasis>member</emphasis> "
"attribute.  The AD schema type sets the attributes to correspond with Active "
"Directory 2008r2 values."
msgstr ""
"La principal diferencia entre estos tipos de esquemas es como las "
"afiliaciones de grupo son grabadas en el servidor. Con rfc2307, los miembros "
"de grupos son listados por nombre en el atributo  <emphasis>memberUid</"
"emphasis>. Con rfc2307bis e IPA, los miembros de grupo son listados por DN y "
"almacenados en el atributo <emphasis>member</emphasis>. El tipo de esquema "
"AD fija los atributos para corresponderse con los valores Active Directory "
"2008r2."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:210
msgid "Default: rfc2307"
msgstr "Predeterminado: rfc2307"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:216
msgid "ldap_pwmodify_mode (string)"
msgstr "ldap_pwmodify_mode (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:219
msgid "Specify the operation that is used to modify user password."
msgstr ""
"Especifica la operación que se usa para modificar la contraseña de usuario."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:223
msgid "Two modes are currently supported:"
msgstr "Actualmente se soportan dos modos:"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ldap.5.xml:227
msgid "exop - Password Modify Extended Operation (RFC 3062)"
msgstr "exop - Operación Extendida de Modificación de Contraseña (RFC 3062)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ldap.5.xml:233
msgid "ldap_modify - Direct modification of userPassword (not recommended)."
msgstr "ldap_modify - Modificación directa de userPassword (no recomendado)."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:240
msgid ""
"Note: First, a new connection is established to verify current password by "
"binding as the user that requested password change. If successful, this "
"connection is used to change the password therefore the user must have write "
"access to userPassword attribute."
msgstr ""
"Aviso: Primero, se establece una nueva conexión para verificar la contraseña "
"acutal uniendo con el usuario que ha pedido el cambio de contraseña. Si "
"tiene éxito, esta conexión se usa para el cambio de contraseña por lo tanto "
"el usuario debe haber escrito el atributo de acceos a userPassword."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:248
msgid "Default: exop"
msgstr "Predeterminado: exop"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:254
msgid "ldap_default_bind_dn (string)"
msgstr "ldap_default_bind_dn (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:257
msgid "The default bind DN to use for performing LDAP operations."
msgstr ""
"El enlazador DN por defecto a usar para llevar a cabo operaciones LDAP."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:264
msgid "ldap_default_authtok_type (string)"
msgstr "ldap_default_authtok_type (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:267
msgid "The type of the authentication token of the default bind DN."
msgstr "El tipo de ficha de autenticación del enlazador DN por defecto."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:271
msgid "The two mechanisms currently supported are:"
msgstr "Los dos mecanismos actualmente soportados son:"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:274
msgid "password"
msgstr "contraseña"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:277
msgid "obfuscated_password"
msgstr "obfuscated_password"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:280
msgid "Default: password"
msgstr "Por defecto: contraseña"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:283
msgid ""
"See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> manual page for more information."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:294
msgid "ldap_default_authtok (string)"
msgstr "ldap_default_authtok (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:297
msgid "The authentication token of the default bind DN."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:303
msgid "ldap_force_upper_case_realm (boolean)"
msgstr "ldap_force_upper_case_realm (boolean)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:306
msgid ""
"Some directory servers, for example Active Directory, might deliver the "
"realm part of the UPN in lower case, which might cause the authentication to "
"fail. Set this option to a non-zero value if you want to use an upper-case "
"realm."
msgstr ""
"Algunos servidores de directorio, por ejemplo Active Directory, pueden "
"entregar la parte real del UPN en minúsculas, lo que puede causar fallos de "
"autenticación. Fije esta opción en un valor distinto de cero si usted desea "
"usar mayúsculas reales."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:319
msgid "ldap_enumeration_refresh_timeout (integer)"
msgstr "ldap_enumeration_refresh_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:322
msgid ""
"Specifies how many seconds SSSD has to wait before refreshing its cache of "
"enumerated records."
msgstr ""
"Especifica cuantos segundos SSSD tiene que esperar antes de refrescar su "
"escondrijo de los registros enumerados."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:338
msgid "ldap_purge_cache_timeout (integer)"
msgstr "ldap_purge_cache_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:341
msgid ""
"Determine how often to check the cache for inactive entries (such as groups "
"with no members and users who have never logged in) and remove them to save "
"space."
msgstr ""
"Determina la frecuencia de comprobación del cache para entradas inactivas "
"(como grupos sin miembros y usuarios que nunca han accedido) y borrarlos "
"para guardar espacio."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:347
msgid ""
"Setting this option to zero will disable the cache cleanup operation. Please "
"note that if enumeration is enabled, the cleanup task is required in order "
"to detect entries removed from the server and can't be disabled. By default, "
"the cleanup task will run every 3 hours with enumeration enabled."
msgstr ""
"Estableciendo esta opción a cero deshabilitará la operación de limpieza del "
"caché. Por favor advierta que si la enumeración está habilitada, se requiere "
"la tarea de limpieza con el objetivo de detectar entradas borradas desde el "
"servidor y no pueden ser deshabilitadas. Por defecto, la tarea de limpieza "
"correrá cada tres horas con la enumeración habilitada."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:367
msgid "ldap_group_nesting_level (integer)"
msgstr "ldap_group_nesting_level (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:370
msgid ""
"If ldap_schema is set to a schema format that supports nested groups (e.g. "
"RFC2307bis), then this option controls how many levels of nesting SSSD will "
"follow. This option has no effect on the RFC2307 schema."
msgstr ""
"Si ldap_schema está fijado en un formato de esquema que soporte los grupos "
"anidados (por ejemplo, RFC2307bis), entonces esta opción controla cuantos "
"niveles de anidamiento seguirá SSSD. Este opción no tiene efecto en el "
"esquema RFC2307."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:377
msgid ""
"Note: This option specifies the guaranteed level of nested groups to be "
"processed for any lookup. However, nested groups beyond this limit "
"<emphasis>may be</emphasis> returned if previous lookups already resolved "
"the deeper nesting levels.  Also, subsequent lookups for other groups may "
"enlarge the result set for original lookup if re-queried."
msgstr ""
"Aviso: Esta opción especifica el nivel garantizado d grupos anidados a ser "
"procesados para cualquier búsqueda. Sin embargo, los grupos anidados detrás "
"de este límite <emphasis>pueden ser</emphasis> devueltos si las búsquedas "
"anteriores ya resueltas en os niveles más profundos de anidamiento.  "
"También, las búsquedas subsiguientes para otros grupos pueden agrandar el "
"conjunto de resultados de la búsqueda origina si se requiere."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:386
msgid ""
"If ldap_group_nesting_level is set to 0 then no nested groups are processed "
"at all. However, when connected to Active-Directory Server 2008 and later "
"using <quote>id_provider=ad</quote> it is furthermore required to disable "
"usage of Token-Groups by setting ldap_use_tokengroups to false in order to "
"restrict group nesting."
msgstr ""
"Si ldap_group_nesting_level está establecido a 0 no se procesan de ninguna "
"manera grupos anidados. Sin embargo, cuando está conectado a Active-"
"Directory Server 2008 y posteriores usando <quote>id_provider=ad</quote> se "
"recomienda además deshabilitar la utilización de Token-Groups estableciendo "
"ldap_use_tokengroups a false con el objetivo de restringir el anidamiento de "
"grupos."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:395
msgid "Default: 2"
msgstr "Predeterminado: 2"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:404
msgid ""
"This options enables or disables use of Token-Groups attribute when "
"performing initgroup for users from Active Directory Server 2008 and later."
msgstr ""
"Esta opción habilita o deshabilita el uso del atributo Token-Groups cuando "
"lleva a cabo un initgroup para usuarios de Active Directory Server 2008 y "
"posteriores."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:414
msgid "Default: True for AD and IPA otherwise False."
msgstr "Predeterminado: True para AD e IPA en otro caso False."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:420
msgid "ldap_host_search_base (string)"
msgstr "ldap_host_search_base (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:423
msgid "Optional. Use the given string as search base for host objects."
msgstr "Opcional. Usa la cadena dada como base de búsqueda para objetos host."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:427 sssd-ipa.5.xml:462 sssd-ipa.5.xml:481 sssd-ipa.5.xml:500
#: sssd-ipa.5.xml:519
msgid ""
"See <quote>ldap_search_base</quote> for information about configuring "
"multiple search bases."
msgstr ""
"Vea <quote>ldap_search_base</quote> para información sobre la configuración "
"de múltiples bases de búsqueda."

#. type: Content of: <listitem><para>
#: sssd-ldap.5.xml:432 sssd-ipa.5.xml:467 include/ldap_search_bases.xml:27
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr "Predeterminado: el valor de <emphasis>ldap_search_base</emphasis>"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:439
msgid "ldap_service_search_base (string)"
msgstr "ldap_service_search_base (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:444
msgid "ldap_iphost_search_base (string)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:449
msgid "ldap_ipnetwork_search_base (string)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:454
msgid "ldap_search_timeout (integer)"
msgstr "ldap_search_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:457
msgid ""
"Specifies the timeout (in seconds) that ldap searches are allowed to run "
"before they are cancelled and cached results are returned (and offline mode "
"is entered)"
msgstr ""
"Especifica el tiempo de salida (en segundos) que la búsqueda ldap está "
"permitida para correr antes que de quea cancelada y los resultados "
"escondidos devueltos (y se entra en modo fuera de línea)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:463
msgid ""
"Note: this option is subject to change in future versions of the SSSD. It "
"will likely be replaced at some point by a series of timeouts for specific "
"lookup types."
msgstr ""
"Nota: esta opción será sujeto de cambios en las futuras versiones del SSSD. "
"Probablemente será sustituido en algunos puntos por una serie de tiempos de "
"espera para tipos específicos de búsqueda."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:480
msgid "ldap_enumeration_search_timeout (integer)"
msgstr "ldap_enumeration_search_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:483
msgid ""
"Specifies the timeout (in seconds) that ldap searches for user and group "
"enumerations are allowed to run before they are cancelled and cached results "
"are returned (and offline mode is entered)"
msgstr ""
"Especifica el tiempo de espera (en segundos) en los que las búsquedas ldap "
"de enumeraciones de usuario y grupo están permitidas de correr antes de que "
"sean canceladas y devueltos los resultados escondidos (y se entra en modo "
"fuera de línea)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:501
msgid "ldap_network_timeout (integer)"
msgstr "ldap_network_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:504
msgid ""
"Specifies the timeout (in seconds) after which the <citerefentry> "
"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/"
"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</"
"manvolnum> </citerefentry> following a <citerefentry> "
"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </"
"citerefentry> returns in case of no activity."
msgstr ""
"Especifica el tiempo de salida (en segudos) después del cual <citerefentry> "
"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/"
"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</"
"manvolnum> </citerefentry> siguiendo un <citerefentry> "
"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </"
"citerefentry> vuelve en caso de no actividad."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:532
msgid "ldap_opt_timeout (integer)"
msgstr "ldap_opt_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:535
msgid ""
"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs "
"will abort if no response is received. Also controls the timeout when "
"communicating with the KDC in case of SASL bind, the timeout of an LDAP bind "
"operation, password change extended operation and the StartTLS operation."
msgstr ""
"Especifica un tiempo de espera (en segundos) después del cual las llamadas a "
"LDAP APIs asíncronos se abortarán si no se recibe respuesta. También "
"controla el tiempo de espera cuando se comunica con el KDC en caso de enlace "
"SASL, el tiempo de espera de una operación de enlace LDAP, la operación de "
"cambio extendido de contraseña y las operación StartTLS."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:555
msgid "ldap_connection_expire_timeout (integer)"
msgstr "ldap_connection_expire_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:558
msgid ""
"Specifies a timeout (in seconds) that a connection to an LDAP server will be "
"maintained. After this time, the connection will be re-established. If used "
"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. "
"the TGT lifetime)  will be used."
msgstr ""
"Especifica un tiempo de espera (en segundos) en el que se mantendrá una "
"conexión a un servidor LDAP. Después de este tiempo, la conexión será "
"restablecida. Si su usa en paralelo con SASL/GSSAPI, se usará el valor más "
"temprano (este valor contra el tiempo de vida TGT)."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:566
msgid ""
"If the connection is idle (not actively running an operation) within "
"<emphasis>ldap_opt_timeout</emphasis> seconds of expiration, then it will be "
"closed early to ensure that a new query cannot require the connection to "
"remain open past its expiration.  This implies that connections will always "
"be closed immediately and will never be reused if "
"<emphasis>ldap_connection_expire_timeout &lt;= ldap_opt_timout</emphasis>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:578
msgid ""
"This timeout can be extended of a random value specified by "
"<emphasis>ldap_connection_expire_offset</emphasis>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:588 sssd-ldap.5.xml:631 sssd-ldap.5.xml:1713
msgid "Default: 900 (15 minutes)"
msgstr "Predeterminado: 900 (15 minutos)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:594
msgid "ldap_connection_expire_offset (integer)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:597
msgid ""
"Random offset between 0 and configured value is added to "
"<emphasis>ldap_connection_expire_timeout</emphasis>."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:613
#, fuzzy
#| msgid "ldap_connection_expire_timeout (integer)"
msgid "ldap_connection_idle_timeout (integer)"
msgstr "ldap_connection_expire_timeout (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:616
#, fuzzy
#| msgid ""
#| "Specifies a timeout (in seconds) that a connection to an LDAP server will "
#| "be maintained. After this time, the connection will be re-established. If "
#| "used in parallel with SASL/GSSAPI, the sooner of the two values (this "
#| "value vs. the TGT lifetime)  will be used."
msgid ""
"Specifies a timeout (in seconds) that an idle connection to an LDAP server "
"will be maintained.  If the connection is idle for more than this time then "
"the connection will be closed."
msgstr ""
"Especifica un tiempo de espera (en segundos) en el que se mantendrá una "
"conexión a un servidor LDAP. Después de este tiempo, la conexión será "
"restablecida. Si su usa en paralelo con SASL/GSSAPI, se usará el valor más "
"temprano (este valor contra el tiempo de vida TGT)."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:622
msgid "You can disable this timeout by setting the value to 0."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:637
msgid "ldap_page_size (integer)"
msgstr "ldap_page_size (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:640
msgid ""
"Specify the number of records to retrieve from LDAP in a single request. "
"Some LDAP servers enforce a maximum limit per-request."
msgstr ""
"Especifica el número de registros a recuperar desde una única petición LDAP. "
"Algunos servidores LDAP hacen cumplir un límite máximo por petición."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:651
msgid "ldap_disable_paging (boolean)"
msgstr "ldap_disable_paging (booleano)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:654
msgid ""
"Disable the LDAP paging control. This option should be used if the LDAP "
"server reports that it supports the LDAP paging control in its RootDSE but "
"it is not enabled or does not behave properly."
msgstr ""
"Deshabilita el control de paginación LDAP. Esta opción se debería usar si el "
"servidor LDAP reporta que soporta el control de paginación LDAP en sus "
"RootDSE pero no está habilitado o no se comporta apropiadamente."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:660
msgid ""
"Example: OpenLDAP servers with the paging control module installed on the "
"server but not enabled will report it in the RootDSE but be unable to use it."
msgstr ""
"Ejemplo: los servidores OpenLDAP con el módulo de control de paginación "
"instalado sobre el servidor pero no habilitado lo reportarán en el RootDSE "
"pero es incapaz de usarlo."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:666
msgid ""
"Example: 389 DS has a bug where it can only support a one paging control at "
"a time on a single connection. On busy clients, this can result in some "
"requests being denied."
msgstr ""
"Ejemplo: 389 DS tiene un bug donde puede sólo soportar un control de "
"paginación a la vez en una única conexión. Sobre clientes ocupados, esto "
"puede ocasionar que algunas peticiones sean denegadas."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:678
msgid "ldap_disable_range_retrieval (boolean)"
msgstr "ldap_disable_range_retrieval (booleano)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:681
msgid "Disable Active Directory range retrieval."
msgstr "Deshabilitar la recuperación del rango de Active Directory."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:684
msgid ""
"Active Directory limits the number of members to be retrieved in a single "
"lookup using the MaxValRange policy (which defaults to 1500 members). If a "
"group contains more members, the reply would include an AD-specific range "
"extension. This option disables parsing of the range extension, therefore "
"large groups will appear as having no members."
msgstr ""
"Active Directory limita el número de miembros a recuperar en una única "
"búsqueda usando la política MaxValRange (que está predeterminada a 1500 "
"miembros). Si un grupo contiene mas miembros, la replica incluiría una "
"extensión de rango específica AD. Esta opción deshabilita el análisis de la "
"extensión del rango, por eso grupos grandes aparecerán como si no tuvieran "
"miembros."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:699
msgid "ldap_sasl_minssf (integer)"
msgstr "ldap_sasl_minssf (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:702
msgid ""
"When communicating with an LDAP server using SASL, specify the minimum "
"security level necessary to establish the connection. The values of this "
"option are defined by OpenLDAP."
msgstr ""
"Cuando se está comunicando con un servidor LDAP usando SASL, especifica el "
"nivel de seguridad mínimo necesario para establecer la conexión. Los valores "
"de esta opción son definidos por OpenLDAP."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:708 sssd-ldap.5.xml:724
msgid "Default: Use the system default (usually specified by ldap.conf)"
msgstr ""
"Por defecto: Usa el sistema por defecto (normalmente especificado por ldap."
"conf)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:715
msgid "ldap_sasl_maxssf (integer)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:718
msgid ""
"When communicating with an LDAP server using SASL, specify the maximal "
"security level necessary to establish the connection. The values of this "
"option are defined by OpenLDAP."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:731
msgid "ldap_deref_threshold (integer)"
msgstr "ldap_deref_threshold (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:734
msgid ""
"Specify the number of group members that must be missing from the internal "
"cache in order to trigger a dereference lookup. If less members are missing, "
"they are looked up individually."
msgstr ""
"Especifica el número de miembros del grupo que deben estar desaparecidos "
"desde el escondrijo interno con el objetivo de disparar una búsqueda "
"deference. Si hay menos miembros desaparecidos, se buscarán individualmente."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:740
msgid ""
"You can turn off dereference lookups completely by setting the value to 0. "
"Please note that there are some codepaths in SSSD, like the IPA HBAC "
"provider, that are only implemented using the dereference call, so even with "
"dereference explicitly disabled, those parts will still use dereference if "
"the server supports it and advertises the dereference control in the rootDSE "
"object."
msgstr ""
"Puede desactivar las búsquedas de desreferencia completamente estableciendo "
"el valor a 0. Tenga en cuenta que hay algunas rutas de código en SSSD, como "
"el proveedor IPA HBAC, que solo son implementadas usando la llamada de "
"desreferencia, de modo que solo con la desreferencia explícitamente "
"deshabilitada aquellas partes usarán todavía la desreferencia si el servidor "
"lo soporta y auncia el control de la desreferencia en el objeto rootDSE."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:751
msgid ""
"A dereference lookup is a means of fetching all group members in a single "
"LDAP call.  Different LDAP servers may implement different dereference "
"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active "
"Directory."
msgstr ""
"Una búsqueda dereference es un medio de descargar todos los miembros del "
"grupo en una única llamada LDAP. Servidores diferentes LDAP pueden "
"implementar diferentes métodos dereference. Los servidores actualmente "
"soportados son 389/RHDS, OpenLDAP y Active Directory."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:759
msgid ""
"<emphasis>Note:</emphasis> If any of the search bases specifies a search "
"filter, then the dereference lookup performance enhancement will be disabled "
"regardless of this setting."
msgstr ""
"<emphasis>Nota:</emphasis> Si alguna de las bases de búsqueda especifica un "
"filtro de búsqueda, la mejora del rendimiento de la búsqueda dereference "
"será deshabilitado sin tener en cuenta este ajuste."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:772
#, fuzzy
#| msgid "ad_gpo_ignore_unreadable (boolean)"
msgid "ldap_ignore_unreadable_references (bool)"
msgstr "ad_gpo_ignore_unreadable (booleano)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:775
msgid ""
"Ignore unreadable LDAP entries referenced in group's member attribute. If "
"this parameter is set to false an error will be returned and the operation "
"will fail instead of just ignoring the unreadable entry."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:782
msgid ""
"This parameter may be useful when using the AD provider and the computer "
"account that sssd uses to connect to AD does not have access to a particular "
"entry or LDAP sub-tree for security reasons."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:795
msgid "ldap_tls_reqcert (string)"
msgstr "ldap_tls_reqcert (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:798
msgid ""
"Specifies what checks to perform on server certificates in a TLS session, if "
"any. It can be specified as one of the following values:"
msgstr ""
"Especifica que comprobaciones llevar a cabo sobre los certificados del "
"servidor en una sesión TLS, si las hay. Puede ser especificado como uno de "
"los siguientes valores:"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:804
msgid ""
"<emphasis>never</emphasis> = The client will not request or check any server "
"certificate."
msgstr ""
"<emphasis>never</emphasis> = El cliente no pedirá o comprobará ningún "
"certificado de servidor."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:808
msgid ""
"<emphasis>allow</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
"is provided, it will be ignored and the session proceeds normally."
msgstr ""
"<emphasis>allow</emphasis> = Se pide el certificado del servidor. Si no se "
"suministra certificado, la sesión sigue normalmente. Si se suministra un "
"certificado malo, será ignorado y la sesión continua normalmente."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:815
msgid ""
"<emphasis>try</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
"is provided, the session is immediately terminated."
msgstr ""
"<emphasis>try</emphasis> = Se pide el certificado del servidor. Si no se "
"suministra certificado, la sesión continua normalmente. Si se suministra un "
"certificado malo, la sesión se termina inmediatamente."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:821
msgid ""
"<emphasis>demand</emphasis> = The server certificate is requested. If no "
"certificate is provided, or a bad certificate is provided, the session is "
"immediately terminated."
msgstr ""
"<emphasis>demand</emphasis> = Se pide el certificado del servidor. Si no se "
"suministra certificado, o se suministra un certificado malo, la sesión se "
"termina inmediatamente."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:827
msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>"
msgstr "<emphasis>hard</emphasis> = Igual que <quote>demand</quote>"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:831
msgid "Default: hard"
msgstr "Predeterminado: hard"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:837
msgid "ldap_tls_cacert (string)"
msgstr "ldap_tls_cacert (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:840
msgid ""
"Specifies the file that contains certificates for all of the Certificate "
"Authorities that <command>sssd</command> will recognize."
msgstr ""
"Especifica el fichero que contiene los certificados de todas las Autoridades "
"de Certificación que <command>sssd</command> reconocerá."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:845 sssd-ldap.5.xml:863 sssd-ldap.5.xml:904
msgid ""
"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap."
"conf</filename>"
msgstr ""
"Por defecto: use los valores por defecto OpenLDAP, normalmente en <filename>/"
"etc/openldap/ldap.conf</filename>"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:852
msgid "ldap_tls_cacertdir (string)"
msgstr "ldap_tls_cacertdir (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:855
msgid ""
"Specifies the path of a directory that contains Certificate Authority "
"certificates in separate individual files. Typically the file names need to "
"be the hash of the certificate followed by '.0'.  If available, "
"<command>cacertdir_rehash</command> can be used to create the correct names."
msgstr ""
"Especifica la ruta de un directorio que contiene los certificados de las "
"Autoridades de Certificación en ficheros individuales separados. Normalmente "
"los nombres de fichero necesita ser el hash del certificado seguido por "
"‘.0’. si esta disponible <command>cacertdir_rehash</command> puede ser usado "
"para crear los nombres correctos."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:870
msgid "ldap_tls_cert (string)"
msgstr "ldap_tls_cert (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:873
msgid "Specifies the file that contains the certificate for the client's key."
msgstr ""
"Especifica el fichero que contiene el certificado para la clave del cliente."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:883
msgid "ldap_tls_key (string)"
msgstr "ldap_tls_key (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:886
msgid "Specifies the file that contains the client's key."
msgstr "Especifica el archivo que contiene la clave del cliente."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:895
msgid "ldap_tls_cipher_suite (string)"
msgstr "ldap_tls_cipher_suite (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:898
msgid ""
"Specifies acceptable cipher suites.  Typically this is a colon separated "
"list.  See <citerefentry><refentrytitle>ldap.conf</refentrytitle> "
"<manvolnum>5</manvolnum></citerefentry> for format."
msgstr ""
"Especifica conjuntos de cifrado aceptable.  Por lo general, es una lista "
"searada por dos puntos.  Vea el formato en <citerefentry><refentrytitle>ldap."
"conf</refentrytitle> <manvolnum>5</manvolnum></citerefentry>."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:911
msgid "ldap_id_use_start_tls (boolean)"
msgstr "ldap_id_use_start_tls (booleano)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:914
#, fuzzy
#| msgid ""
#| "Specifies that the id_provider connection must also use <systemitem "
#| "class=\"protocol\">tls</systemitem> to protect the channel."
msgid ""
"Specifies that the id_provider connection must also use <systemitem "
"class=\"protocol\">tls</systemitem> to protect the channel.  <emphasis>true</"
"emphasis> is strongly recommended for security reasons."
msgstr ""
"Especifica que la id_de proveedor de la conexión debe también utilizar "
"<systemitem class=\"protocol\">tls</systemitem> para proteger el canal."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:925
msgid "ldap_id_mapping (boolean)"
msgstr "ldap_id_mapping (booleano)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:928
msgid ""
"Specifies that SSSD should attempt to map user and group IDs from the "
"ldap_user_objectsid and ldap_group_objectsid attributes instead of relying "
"on ldap_user_uid_number and ldap_group_gid_number."
msgstr ""
"Especifica que SSSD intentaría mapear las IDs de usuario y grupo desde los "
"atributos ldap_user_objectsid y ldap_group_objectsid en lugar de apoyarse en "
"ldap_user_uid_number y ldap_group_gid_number."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:934
msgid "Currently this feature supports only ActiveDirectory objectSID mapping."
msgstr ""
"Actualmente está función soporta sólo mapeos de objectSID de ActiveDirectory."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:944
msgid "ldap_min_id, ldap_max_id (integer)"
msgstr "ldap_min_id, ldap_max_id (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:947
msgid ""
"In contrast to the SID based ID mapping which is used if ldap_id_mapping is "
"set to true the allowed ID range for ldap_user_uid_number and "
"ldap_group_gid_number is unbound. In a setup with sub/trusted-domains this "
"might lead to ID collisions. To avoid collisions ldap_min_id and ldap_max_id "
"can be set to restrict the allowed range for the IDs which are read directly "
"from the server. Sub-domains can then pick other ranges to map IDs."
msgstr ""
"En contraste con el SID basado en mapeo de ID que se usa si ldap_id_mapping "
"está establecido a true el rango de ID permitido para ldap_user_uid_number y "
"ldap_group_gid_number está sin consolidar. En una configuración con "
"subdominios de confianza, esto podría producir colisiones de ID. Para evitar "
"las colisiones ldap_min_id y ldap_max_id pueden er establecidos para "
"restringir el rango permitido para las IDs que son leídas directamente desde "
"el servidor. Los subdominios pueden elegir otros rangos para asignar IDs."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:959
msgid "Default: not set (both options are set to 0)"
msgstr "Predeterminado: no establecido (ambas opciones se establecen a 0)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:965
msgid "ldap_sasl_mech (string)"
msgstr "ldap_sasl_mech (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:968
msgid ""
"Specify the SASL mechanism to use.  Currently only GSSAPI and GSS-SPNEGO are "
"tested and supported."
msgstr ""
"Especifica el mecanismo SASL a usar.  Actualmente solo están probados y "
"soportados GSSAPI y GSS-SPNEGO."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:972
msgid ""
"If the backend supports sub-domains the value of ldap_sasl_mech is "
"automatically inherited to the sub-domains. If a different value is needed "
"for a sub-domain it can be overwritten by setting ldap_sasl_mech for this "
"sub-domain explicitly.  Please see TRUSTED DOMAIN SECTION in "
"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
"manvolnum></citerefentry> for details."
msgstr ""
"Si el backend admite subdominios el valor de ldap_sasl_mech es heredado "
"automáticamente por los subdominios. Si se necesita un valor diferente para "
"un subdominio puede ser sobrescrito estabeciendo ldap_sasl_mech para este "
"subdominio explícitamente.  Por favor vea la SECCIÓN DOMINIO DE CONFIANZA es "
"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
"manvolnum></citerefentry> para más detalles."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:988
msgid "ldap_sasl_authid (string)"
msgstr "ldap_sasl_authid (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
#: sssd-ldap.5.xml:1000
#, no-wrap
msgid ""
"hostname@REALM\n"
"netbiosname$@REALM\n"
"host/hostname@REALM\n"
"*$@REALM\n"
"host/*@REALM\n"
"host/*\n"
"                            "
msgstr ""
"hostname@REALM\n"
"netbiosname$@REALM\n"
"host/hostname@REALM\n"
"*$@REALM\n"
"host/*@REALM\n"
"host/*\n"
"                            "

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:991
msgid ""
"Specify the SASL authorization id to use.  When GSSAPI/GSS-SPNEGO are used, "
"this represents the Kerberos principal used for authentication to the "
"directory.  This option can either contain the full principal (for example "
"host/myhost@EXAMPLE.COM) or just the principal name (for example host/"
"myhost).  By default, the value is not set and the following principals are "
"used: <placeholder type=\"programlisting\" id=\"0\"/> If none of them are "
"found, the first principal in keytab is returned."
msgstr ""
"Especifica la identificación de autorización SASL a usar.  Cuando son usados "
"GSSAPI/GSS-SPNEGO, esto representa el principal Kerberos usado para "
"autenticación al directorio.  Esta opción puede contener el principal "
"completo (por ejemplo host/myhost@EXAMPLE.COM) o solo el nombre principal "
"(por ejemplo host/myhost).  Por defecto, el valor no está establecido y se "
"usan los siguientes principales: <placeholder type=\"programlisting\" "
"id=\"0\"/> Si no se encuentra ninguno de ellos, se devuelve en primer "
"principal en la pestaña."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1011
msgid "Default: host/hostname@REALM"
msgstr "Por defecto: host/nombre_de_host@REALM"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1017
msgid "ldap_sasl_realm (string)"
msgstr "ldap_sasl_realm (string)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1020
msgid ""
"Specify the SASL realm to use. When not specified, this option defaults to "
"the value of krb5_realm.  If the ldap_sasl_authid contains the realm as "
"well, this option is ignored."
msgstr ""
"Especifica el reino SASL a usar. Cuando no se especifica, esta opción se "
"pone por defecto al valor de krb5_realm. Si ldap_sasl_authid contiene el "
"reino también, esta opción se ignora."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1026
msgid "Default: the value of krb5_realm."
msgstr "Por defecto: el valor de krb5_realm."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1032
msgid "ldap_sasl_canonicalize (boolean)"
msgstr "ldap_sasl_canonicalize (boolean)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1035
msgid ""
"If set to true, the LDAP library would perform a reverse lookup to "
"canonicalize the host name during a SASL bind."
msgstr ""
"Si se fija en true, la librería LDAP llevaría a cabo una búsqueda inversa "
"para para canocalizar el nombre de host durante una unión SASL."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1040
msgid "Default: false;"
msgstr "Predeterminado: false;"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1046
msgid "ldap_krb5_keytab (string)"
msgstr "ldap_krb5_keytab (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1049
msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO."
msgstr "Especifica la pestaña a usar cuando se utiliza SASL/GSSAPI/GSS-SPNEGO."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1058 sssd-krb5.5.xml:247
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
"Por defecto: Keytab del sistema, normalmente <filename>/etc/krb5.keytab</"
"filename>"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1064
msgid "ldap_krb5_init_creds (boolean)"
msgstr "ldap_krb5_init_creds (booleano)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1067
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT).  This "
"action is performed only if SASL is used and the mechanism selected is "
"GSSAPI or GSS-SPNEGO."
msgstr ""
"Especifica que id_provider debería iniciar las credenciales Kerberos (TGT).  "
"Esta acción solo se lleva a cabo si se usa SASL y el mecanismo seleccionado "
"es GSSAPI o GSS-SPNEGO."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1079
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr "ldap_krb5_ticket_lifetime (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1082
msgid ""
"Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used."
msgstr ""
"Especifica el tiempo de vida en segundos del TGT si se usa GSSAPI o GSS-"
"SPNEGO."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1091 sssd-ad.5.xml:1252
msgid "Default: 86400 (24 hours)"
msgstr "Predeterminado: 86400 (24 horas)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1097 sssd-krb5.5.xml:74
msgid "krb5_server, krb5_backup_server (string)"
msgstr "krb5_server, krb5_backup_server (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1100
msgid ""
"Specifies the comma-separated list of IP addresses or hostnames of the "
"Kerberos servers to which SSSD should connect in the order of preference. "
"For more information on failover and server redundancy, see the "
"<quote>FAILOVER</quote> section. An optional port number (preceded by a "
"colon) may be appended to the addresses or hostnames.  If empty, service "
"discovery is enabled - for more information, refer to the <quote>SERVICE "
"DISCOVERY</quote> section."
msgstr ""
"Especifica una lista separada por comas de direcciones IP o nombres de host "
"de los servidores Kerberos a los cuales se conectaría SSSD en orden de "
"preferencia. Para más información sobre failover y redundancia de servidor, "
"vea la sección <quote>FAILOVER</quote>. Un número de puerto opcional "
"(precedido de dos puntos) puede ser añadido a las direcciones o nombres de "
"host. Si está vacío, el servicio descubridor está habilitado – para más "
"información, vea la sección <quote>SERVICE DISCOVERY</quote>."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1112 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
"none are found."
msgstr ""
"Cuando se utiliza el servicio descubiertos para servidores KDC o kpasswd, "
"SSSD primero busca entradas DNS que especifiquen _udop como protocolo y "
"regresa a _tcp si no se encuentra nada."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1117 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
"While the legacy name is recognized for the time being, users are advised to "
"migrate their config files to use <quote>krb5_server</quote> instead."
msgstr ""
"Este opción se llamaba <quote>krb5_kdcip</quote> en las revisiones más "
"tempranas de SSSD. Mientras el legado de nombre se reconoce por el tiempo "
"que sea, los usuarios son advertidos para migrar sus ficheros de "
"configuración para usar <quote>krb5_server</quote> en su lugar."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1126 sssd-ipa.5.xml:531 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr "krb5_realm (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1129
msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)."
msgstr ""
"Especifica el REALM Kerberos (para autorización SASL/GSSAPI/GSS-SPNEGO)."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1133
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
"Predeterminado: Predeterminados del sistema, vea <filename>/etc/krb5.conf</"
"filename>"

#. type: Content of: <variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1139 include/krb5_options.xml:154
msgid "krb5_canonicalize (boolean)"
msgstr "krb5_canonicalize (boolean)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1142
msgid ""
"Specifies if the host principal should be canonicalized when connecting to "
"LDAP server. This feature is available with MIT Kerberos >= 1.7"
msgstr ""
"Especifica si el host principal sería estandarizado cuando se conecte a un "
"servidor LDAP. Esta función está disponible con MIT Kerberos >= 1.7"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1154 sssd-krb5.5.xml:336
msgid "krb5_use_kdcinfo (boolean)"
msgstr "krb5_use_kdcinfo (booleano)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1157 sssd-krb5.5.xml:339
msgid ""
"Specifies if the SSSD should instruct the Kerberos libraries what realm and "
"which KDCs to use. This option is on by default, if you disable it, you need "
"to configure the Kerberos library using the <citerefentry> "
"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> configuration file."
msgstr ""
"Especifica si el SSSD debe instruir a las librerías Kerberos que ámbito y "
"que KDCs usar. Esta opción está por defecto, si la deshabilita, necesita "
"configurar las librerías Kerberos usando el fichero de configuración "
"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry>."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1168 sssd-krb5.5.xml:350
msgid ""
"See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</"
"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more "
"information on the locator plugin."
msgstr ""
"Vea la página de manual <citerefentry> "
"<refentrytitle>sssd_krb5_locator_plugin</refentrytitle> <manvolnum>8</"
"manvolnum> </citerefentry> para más información sobre el complemento "
"localizador."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1182
msgid "ldap_pwd_policy (string)"
msgstr "ldap_pwd_policy (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1185
msgid ""
"Select the policy to evaluate the password expiration on the client side. "
"The following values are allowed:"
msgstr ""
"Seleccione la política para evaluar la caducidad de la contraseña en el lado "
"del cliente. Los siguientes valores son permitidos:"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1190
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
msgstr ""
"<emphasis>none</emphasis> - Sin evaluación en el lado cliente. Esta opción "
"no puede deshabilitar las políticas de password en el lado servidor."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1195
#, fuzzy
#| msgid ""
#| "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
#| "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes "
#| "to evaluate if the password has expired."
msgid ""
"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
"evaluate if the password has expired.  Please see option "
"\"ldap_chpass_update_last_change\" as well."
msgstr ""
"<emphasis>shadow</emphasis> - Usa los atributos de estilo  "
"<citerefentry><refentrytitle>shadow</refentrytitle> <manvolnum>5</"
"manvolnum></citerefentry> para evaluar si la contraseña ha expirado."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1203
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
"these attributes when the password is changed."
msgstr ""
"<emphasis>mit_kerberos</emphasis> - Usa los atributos utilizados por MIT "
"Kerberos para determinar si el password ha expirado. Use "
"chpass_provider=krb5 para actualizar estos atributos cuando se cambia el "
"password."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1212
msgid ""
"<emphasis>Note</emphasis>: if a password policy is configured on server "
"side, it always takes precedence over policy set with this option."
msgstr ""
"<emphasis>Aviso</emphasis>: si está configurada una política de contraseña "
"en el lado del servidor siempre tiene prioridad sobre la política "
"establecida por esta opción."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1220
msgid "ldap_referrals (boolean)"
msgstr "ldap_referrals (boolean)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1223
msgid "Specifies whether automatic referral chasing should be enabled."
msgstr ""
"Especifica si el seguimiento de referencias automático debería ser "
"habilitado."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1227
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
msgstr ""
"Por favor advierta que sssd sólo soporta seguimiento de referencias cuando "
"está compilado con OpenLDAP versión 2.4.13 o más alta."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1232
#, fuzzy
#| msgid ""
#| "Chasing referrals may incur a performance penalty in environments that "
#| "use them heavily, a notable example is Microsoft Active Directory. If "
#| "your setup does not in fact require the use of referrals, setting this "
#| "option to false might bring a noticeable performance improvement."
msgid ""
"Chasing referrals may incur a performance penalty in environments that use "
"them heavily, a notable example is Microsoft Active Directory. If your setup "
"does not in fact require the use of referrals, setting this option to false "
"might bring a noticeable performance improvement.  Setting this option to "
"false is therefore recommended in case the SSSD LDAP provider is used "
"together with Microsoft Active Directory as a backend. Even if SSSD would be "
"able to follow the referral to a different AD DC no additional data would be "
"available."
msgstr ""
"Al perseguir referencia se puede incurrir en una penalización de rendimiento "
"en entornos que lo usen pesadamente, un ejemplo notable es Microsoft Active "
"Directory. Si su ajuste no requieren de hecho el uso de referencias, fijar "
"esta opción a false le llevará a una notable mejora de rendimiento."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1251
msgid "ldap_dns_service_name (string)"
msgstr "ldap_dns_service_name (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1254
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
"Especifica el nombre del servicio para utilizar cuando está habilitado el "
"servicio de descubrimiento."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1258
msgid "Default: ldap"
msgstr "Predeterminado: ldap"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1264
msgid "ldap_chpass_dns_service_name (string)"
msgstr "ldap_chpass_dns_service_name (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1267
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
msgstr ""
"Especifica el nombre del servicio para utilizar al buscar un servidor LDAP "
"que permita cambios de contraseña cuando está habilitado el servicio de "
"descubrimiento."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1272
msgid "Default: not set, i.e. service discovery is disabled"
msgstr "Por defecto: no fijado, esto es servicio descubridor deshabilitado."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1278
msgid "ldap_chpass_update_last_change (bool)"
msgstr "ldap_chpass_update_last_change (booleano)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1281
msgid ""
"Specifies whether to update the ldap_user_shadow_last_change attribute with "
"days since the Epoch after a password change operation."
msgstr ""
"Especifica si actualizar el atributo ldap_user_shadow_last_change con días "
"desde el Epoch después de una operación de cambio de contraseña."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1287
msgid ""
"It is recommend to set this option explicitly if \"ldap_pwd_policy = "
"shadow\" is used to let SSSD know if the LDAP server will update "
"shadowLastChange LDAP attribute automatically after a password change or if "
"SSSD has to update it."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1301
msgid "ldap_access_filter (string)"
msgstr "ldap_access_filter (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1304
msgid ""
"If using access_provider = ldap and ldap_access_order = filter (default), "
"this option is mandatory. It specifies an LDAP search filter criteria that "
"must be met for the user to be granted access on this host. If "
"access_provider = ldap, ldap_access_order = filter and this option is not "
"set, it will result in all users being denied access.  Use access_provider = "
"permit to change this default behavior. Please note that this filter is "
"applied on the LDAP user entry only and thus filtering based on nested "
"groups may not work (e.g. memberOf attribute on AD entries points only to "
"direct parents). If filtering based on nested groups is required, please see "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle><manvolnum>5</"
"manvolnum> </citerefentry>."
msgstr ""
"Si está usando access_provider = ldap y ldap_access_order = filter "
"(predeterminado), esta opción es obligatoria. Especifica un criterio de "
"filtro de búsqueda LDAP que debe cumplirse para que el usuario obtenga "
"acceso a este host. Si access_provider = ldap, ldap_access_order = filter y "
"esta opción no estñan establecidos resultará que todos los usuarios tendrán "
"el acceso denegado.  Use access_provider = permit para cambiar este "
"comportamiento predeterminado. Por favor advierta que este filtro se aplica "
"sobre la entrada LDAP del usuario y, por lo tanto, el filtrado basado en "
"grupos anidados puede no funcionar (e.g. el atributo memberOf sobre entradas "
"AD apunta solo a los parientes directos). Si se requiere el filtrado basado "
"en grupos anidados, vea por favor <citerefentry> <refentrytitle>sssd-simple</"
"refentrytitle><manvolnum>5</manvolnum> </citerefentry>."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1324
msgid "Example:"
msgstr "Ejemplo:"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
#: sssd-ldap.5.xml:1327
#, no-wrap
msgid ""
"access_provider = ldap\n"
"ldap_access_filter = (employeeType=admin)\n"
"                        "
msgstr ""
"access_provider = ldap\n"
"ldap_access_filter = (employeeType=admin)\n"
"                        "

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1331
msgid ""
"This example means that access to this host is restricted to users whose "
"employeeType attribute is set to \"admin\"."
msgstr ""
"Este ejemplo significa que el acceso a este host está restringido a los "
"usuarios cuyo atributo employeeType esté establecido a \"admin\"."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1336
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
"access during their last login, they will continue to be granted access "
"while offline and vice versa."
msgstr ""
"El almacenamiento en caché sin conexión para esta función está limitado a "
"determinar si el último inicio de sesión del usuario recibió permiso de "
"acceso. Si obtuvieron permiso de acceso durante su último inicio de sesión, "
"se les seguirán otorgando acceso sin conexión y viceversa."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:1400
msgid "Default: Empty"
msgstr "Predeterminado: vacío"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1350
msgid "ldap_account_expire_policy (string)"
msgstr "ldap_account_expire_policy (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1353
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
msgstr ""
"Con esta opción pueden ser habilitados los atributos de evaluación de "
"control de acceso del lado cliente."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1357
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
"even if the password is correct."
msgstr ""
"Por favor advierta que siempre se recomienda utilizar el control de acceso "
"del lado servidor, esto es el servidor LDAP denegaría petición de enlace con "
"una código de error definible aunque el password sea correcto."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1364
msgid "The following values are allowed:"
msgstr "Los siguientes valores están permitidos:"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1367
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
msgstr ""
"<emphasis>shadow</emphasis>: usa el valor de ldap_user_shadow_expire para "
"determinar si la cuenta ha expirado."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1372
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
"set. If the attribute is missing access is granted. Also the expiration time "
"of the account is checked."
msgstr ""
"<emphasis>ad</emphasis>: usa el valor del campo de 32 bit "
"ldap_user_ad_user_account_control y permite el acceso si el segundo bit no "
"está fijado. Si el atributo está desaparecido se concede el acceso. También "
"se comprueba el tiempo de expiración de la cuenta."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1379
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
"emphasis>: use the value of ldap_ns_account_lock to check if access is "
"allowed or not."
msgstr ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
"emphasis>: usa el valor de ldap_ns_account_lock para comprobar si se permite "
"el acceso o no."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1385
msgid ""
"<emphasis>nds</emphasis>: the values of "
"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
"ldap_user_nds_login_expiration_time are used to check if access is allowed. "
"If both attributes are missing access is granted."
msgstr ""
"<emphasis>nds</emphasis>: los valores de "
"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled y "
"ldap_user_nds_login_expiration_time se usan para comprobar si el acceso está "
"permitido. Si ambos atributos están desaparecidos se concede el acceso."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1393
msgid ""
"Please note that the ldap_access_order configuration option <emphasis>must</"
"emphasis> include <quote>expire</quote> in order for the "
"ldap_account_expire_policy option to work."
msgstr ""
"Por favor advierta que la opción de configuración ldap_access_order "
"<emphasis>debe</emphasis> incluir <quote>expire</quote> con el objetivo de "
"la opción ldap_account_expire_policy funcione."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1406
msgid "ldap_access_order (string)"
msgstr "ldap_access_order (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1409 sssd-ipa.5.xml:356
msgid "Comma separated list of access control options.  Allowed values are:"
msgstr ""
"Lista separada por coma de opciones de control de acceso.  Los valores "
"permitidos son:"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1413
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
msgstr "<emphasis>filtro</emphasis>: utilizar ldap_access_filter"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1416
msgid ""
"<emphasis>lockout</emphasis>: use account locking.  If set, this option "
"denies access in case that ldap attribute 'pwdAccountLockedTime' is present "
"and has value of '000001010000Z'. Please see the option ldap_pwdlockout_dn.  "
"Please note that 'access_provider = ldap' must be set for this feature to "
"work."
msgstr ""
"<emphasis>lockout</emphasis>: usar bloqueo de cuenta.  Si se establece, esta "
"opción deniega el acceso en el caso de que el atributo ldap "
"'pwdAccountLockedTime' esté presente y tenga un valor de '000001010000Z'. "
"Por favor vea la opción ldap_pwdlockout_dn. Por favor advieta que "
"'access_provider = ldap' debe ser establecido para que está característica "
"funciones."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1426
msgid ""
"<emphasis> Please note that this option is superseded by the <quote>ppolicy</"
"quote> option and might be removed in a future release.  </emphasis>"
msgstr ""
"<emphasis> Por favor tenga en cuenta que esta opción es reemplazada por la "
"opción <quote>ppolicy</quote> y puede ser quitada en un futuro lanzamiento.  "
"</emphasis>"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1433
msgid ""
"<emphasis>ppolicy</emphasis>: use account locking.  If set, this option "
"denies access in case that ldap attribute 'pwdAccountLockedTime' is present "
"and has value of '000001010000Z' or represents any time in the past.  The "
"value of the 'pwdAccountLockedTime' attribute must end with 'Z', which "
"denotes the UTC time zone.  Other time zones are not currently supported and "
"will result in \"access-denied\" when users attempt to log in.  Please see "
"the option ldap_pwdlockout_dn.  Please note that 'access_provider = ldap' "
"must be set for this feature to work."
msgstr ""
"<emphasis>ppolicy</emphasis>: usar bloqueo de cuenta.  Si se establece, esta "
"opción deniega el acceso en el caso de que el atributo ldap "
"'pwdAccountLockedTime' esté presente y tenga un valor de '000001010000Z' o "
"represente cualquier momento en el pasado.  El valor del atributo "
"'pwdAccountLockedTime' debe terminar con 'Z', que denota la zona horaria "
"UTC. Otras zonas horarias no se soportan actualmente y llevarán a \"access-"
"denied\" cuando los usuarios intenten acceder.  Por favor vea la opción "
"ldap_pwdlockout_dn.  Por favor advierta que 'access_provider = ldap' debe "
"estar establecido para que esta característica funcione."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1450
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr "<emphasis>caducar</emphasis>: utilizar ldap_account_expire_policy"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1454 sssd-ipa.5.xml:364
msgid ""
"<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, "
"pwd_expire_policy_renew: </emphasis> These options are useful if users are "
"interested in being warned that password is about to expire and "
"authentication is based on using a different method than passwords - for "
"example SSH keys."
msgstr ""
"<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, "
"pwd_expire_policy_renew: </emphasis> Estas opciones son útiles si los "
"usuarios están interesados en que se les avise de que la contraseña está "
"próxima a expirar y la autenticación está basada en la utilización de un "
"método distinto a las contraseñas - por ejemplo claves SSH."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1464 sssd-ipa.5.xml:374
msgid ""
"The difference between these options is the action taken if user password is "
"expired:"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ldap.5.xml:1469 sssd-ipa.5.xml:379
msgid "pwd_expire_policy_reject - user is denied to log in,"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ldap.5.xml:1475 sssd-ipa.5.xml:385
msgid "pwd_expire_policy_warn - user is still able to log in,"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ldap.5.xml:1481 sssd-ipa.5.xml:391
msgid ""
"pwd_expire_policy_renew - user is prompted to change their password "
"immediately."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1489
msgid ""
"Please note that 'access_provider = ldap' must be set for this feature to "
"work. Also 'ldap_pwd_policy' must be set to an appropriate password policy."
msgstr ""
"Por favor advierta que 'access_provider = ldap' debe estar establecido para "
"que esta función trabaje. También 'ldap_pwd_policy' debe estar establecido "
"para una política de contraseña apropiada."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1494
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
msgstr ""
"<emphasis>authorized_service</emphasis>: utilizar el atributo "
"autorizedService para determinar el acceso"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1499
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
"<emphasis>host</emphasis>: usa el atributo host para determinar el acceso"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1503
msgid ""
"<emphasis>rhost</emphasis>: use the rhost attribute to determine whether "
"remote host can access"
msgstr ""
"<emphasis>rhost</emphasis>: usar el atributo rhost para determinar si el "
"host remoto puede acceder"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1507
msgid ""
"Please note, rhost field in pam is set by application, it is better to check "
"what the application sends to pam, before enabling this access control option"
msgstr ""
"Por favor advierta el campo rhost en pam es establecido por la aplicación, "
"es mejor comprobar que la aplicación lo envía a pam, antes de habilitar esta "
"opción de control de acceso"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1512
msgid "Default: filter"
msgstr "Predeterminado: filter"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1515
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr ""
"Tenga en cuenta que es un error de configuración si un valor es usado más de "
"una vez."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1522
msgid "ldap_pwdlockout_dn (string)"
msgstr "ldap_pwdlockout_dn (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1525
msgid ""
"This option specifies the DN of password policy entry on LDAP server. Please "
"note that absence of this option in sssd.conf in case of enabled account "
"lockout checking will yield access denied as ppolicy attributes on LDAP "
"server cannot be checked properly."
msgstr ""
"Esta opción especifica la DN de la contraseña de entrada a la política sobre "
"un servidor LDAP. Tenga en cuenta que la ausencia de esta opción en sssd."
"conf en caso de verificación de bloqueo de cuenta habilitada dará como "
"resultado el acceso denegado ya que los atributos ppolicy en el servidor "
"LDAP no pueden verificarse correctamente."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1533
msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com"
msgstr "Ejemplo: cn=ppolicy,ou=policies,dc=example,dc=com"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1536
msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base"
msgstr "Predeterminado: cn=ppolicy,ou=policies,$ldap_search_base"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1542
msgid "ldap_deref (string)"
msgstr "ldap_deref (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1545
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
msgstr ""
"Especifica cómo se hace la eliminación de referencias al alias cuando se "
"lleva a cabo una búsqueda. Están permitidas las siguientes opciones:"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1550
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
"<emphasis>never</emphasis>: Nunca serán eliminadas las referencias al alias."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1554
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
msgstr ""
"<emphasis>searching</emphasis>: Las referencias al alias son eliminadas en "
"subordinadas del objeto base, pero no en localización del objeto base de la "
"búsqueda."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1559
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
msgstr ""
"<emphasis>finding</emphasis>: Sólo se eliminarán las referencias a alias "
"cuando se localice el objeto base de la búsqueda."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1564
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
msgstr ""
"<emphasis>always</emphasis>: Las referencias al alias se eliminarán tanto "
"para la búsqueda como en la localización del objeto base de la búsqueda."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1569
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
msgstr ""
"Por defecto: Vacío (esto es manejado como <emphasis>nunca</emphasis> por las "
"librerías cliente LDAP)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1577
msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
msgstr "ldap_rfc2307_fallback_to_local_users (boolean)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1580
msgid ""
"Allows to retain local users as members of an LDAP group for servers that "
"use the RFC2307 schema."
msgstr ""
"Permite retener los usuarios locales como miembros de un grupo LDAP para "
"servidores que usan el esquema RFC2307."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1584
msgid ""
"In some environments where the RFC2307 schema is used, local users are made "
"members of LDAP groups by adding their names to the memberUid attribute.  "
"The self-consistency of the domain is compromised when this is done, so SSSD "
"would normally remove the \"missing\" users from the cached group "
"memberships as soon as nsswitch tries to fetch information about the user "
"via getpw*() or initgroups() calls."
msgstr ""
"En algunos entornos donde se usa el esquema RFC2307, los usuarios locales "
"son hechos miembros de los grupos LDAP añadiendo sus nombres al atributo "
"memberUid. La autoconsistencia del dominio se ve comprometida cuando se hace "
"esto, de modo que SSSD debería normalmente quitar los usuarios "
"“desparecidos” de las afiliaciones a grupos escondidas tan pronto como "
"nsswitch intenta ir a buscar información del usuario por medio de las "
"llamadas getpw*() o initgroups()."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1595
msgid ""
"This option falls back to checking if local users are referenced, and caches "
"them so that later initgroups() calls will augment the local users with the "
"additional LDAP groups."
msgstr ""
"Esta opción cae de nuevo en comprobar si los usuarios locales están "
"referenciados, y los almacena en caché de manera que más tarde las llamadas "
"initgroups() aumentará los usuarios locales con los grupos LDAP adicionales."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1607 sssd-ifp.5.xml:152
msgid "wildcard_limit (integer)"
msgstr "wildcard_limit (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1610
msgid ""
"Specifies an upper limit on the number of entries that are downloaded during "
"a wildcard lookup."
msgstr ""
"Especifica un límite superior sobre el número de entradas que son "
"descargadas durante una búsqueda de comodín."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1614
msgid "At the moment, only the InfoPipe responder supports wildcard lookups."
msgstr ""
"En este momento solo el respondedor InfoPipe soporta búsqueda de comodín"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1618
msgid "Default: 1000 (often the size of one page)"
msgstr "Predeterminado: 1000 (frecuentemente el tamaño de una página)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1624
#, fuzzy
#| msgid "debug_level (integer)"
msgid "ldap_library_debug_level (integer)"
msgstr "debug_level (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1627
msgid ""
"Switches on libldap debugging with the given level.  The libldap debug "
"messages will be written independent of the general debug_level."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1632
msgid ""
"OpenLDAP uses a bitmap to enable debugging for specific components, -1 will "
"enable full debug output."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1637
#, fuzzy
#| msgid "Default: 0 (disabled)"
msgid "Default: 0 (libldap debugging disabled)"
msgstr "Predeterminado: 0 (deshabilitado)"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ldap.5.xml:52
msgid ""
"All of the common configuration options that apply to SSSD domains also "
"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section "
"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> manual page for full details.  Note that SSSD "
"LDAP mapping attributes are described in the <citerefentry> "
"<refentrytitle>sssd-ldap-attributes</refentrytitle> <manvolnum>5</manvolnum> "
"</citerefentry> manual page.  <placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
"Todas las opciones comunes de configuración que se aplican a los dominios "
"SSSD tambien se aplican a los dominios LDAP. Vea la sección <quote>DOMAIN "
"SECTIONS</quote> de la página de manual <citerefentry> <refentrytitle>sssd."
"conf</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> para todos los "
"detalles. Advierta que los atributos de mapeo SSSD LDAP están descritos en "
"la página de manual <citerefentry> <refentrytitle>sssd-ldap-attributes</"
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>.  <placeholder "
"type=\"variablelist\" id=\"0\"/>"

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-ldap.5.xml:1647
msgid "SUDO OPTIONS"
msgstr "OPCIONES SUDO"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ldap.5.xml:1649
msgid ""
"The detailed instructions for configuration of sudo_provider are in the "
"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
"<manvolnum>5</manvolnum> </citerefentry>."
msgstr ""
"Las instrucciones detalladas para la configuración de sudo_provider están en "
"la página de manual <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
"<manvolnum>5</manvolnum> </citerefentry>."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1660
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr "ldap_sudo_full_refresh_interval (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1663
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
"Cuantos segundos esperará SSSD entre ejecutar un refresco total de las "
"reglas sudo (que descarga todas las reglas que están almacenadas en el "
"servidor)."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1668
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
msgstr ""
"El valor debe ser mayor que <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1673
msgid ""
"You can disable full refresh by setting this option to 0. However, either "
"smart or full refresh must be enabled."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1678
msgid "Default: 21600 (6 hours)"
msgstr "Por defecto: 21600 (6 horas)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1684
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr "ldap_sudo_smart_refresh_interval (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1687
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest "
"server USN value that is currently known by SSSD)."
msgstr ""
"Cuantos segundos tiene SSSD que esperar antes de ejecutar una actualización "
"inteligente de las reglas sudo (lo que descarga todas las reglas que tienen "
"un USN más alto que el valor más alto del servidor USN que conoce "
"actualmente SSSD)."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1693
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
"Si los atributos USN no se soportan por el servidor, se usa en su lugar el "
"atributo modifyTimestamp."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1697
msgid ""
"<emphasis>Note:</emphasis> the highest USN value can be updated by three "
"tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by "
"enumeration of users and groups (if enabled and updated users or groups are "
"found) and 3) by reconnecting to the server (by default every 15 minutes, "
"see <emphasis>ldap_connection_expire_timeout</emphasis>)."
msgstr ""
"<emphasis>Aviso:</emphasis> el valor más alto de USN puede ser actualizado "
"por tres tareas: 1) Por una actualización total o inteligente de sudo (si se "
"encuentran reglas actualizadas), 2) por la enumeración de usuarios y grupos "
"(si se encuentran usuarios y grupos habilitados y actualizados) y 3) "
"reconectando con el servidor (por defecto cada 15 minutos, vea "
"<emphasis>ldap_connection_expire_timeout</emphasis>)."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1708
msgid ""
"You can disable smart refresh by setting this option to 0. However, either "
"smart or full refresh must be enabled."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1719
#, fuzzy
#| msgid "ldap_idmap_range_size (integer)"
msgid "ldap_sudo_random_offset (integer)"
msgstr "ldap_idmap_range_size (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1722
msgid ""
"Random offset between 0 and configured value is added to smart and full "
"refresh periods each time the periodic task is scheduled. The value is in "
"seconds."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1728
msgid ""
"Note that this random offset is also applied on the first SSSD start which "
"delays the first sudo rules refresh. This prolongs the time when the sudo "
"rules are not available for use."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1734
msgid "You can disable this offset by setting the value to 0."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1744
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr "ldap_sudo_use_host_filter (booleano)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1747
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
"Si es true, SSSD descargará sólo las reglas que son aplicables a esta "
"máquina (usando las direcciones de host/red y nombres de host IPv4 o IPv6)."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1758
msgid "ldap_sudo_hostnames (string)"
msgstr "ldap_sudo_hostnames (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1761
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
msgstr ""
"Lista separada por espacios de nombres de host o nombres de dominio "
"totalmente cualificados que sería usada para filtrar las reglas."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1766
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
"Si esta opción está vacía, SSSD intentará descubrir el nombre de host y el "
"nombre de dominio totalmente cualificado automáticamente."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1771 sssd-ldap.5.xml:1794 sssd-ldap.5.xml:1812
#: sssd-ldap.5.xml:1830
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
msgstr ""
"Si <emphasis>ldap_sudo_use_host_filter</emphasis> es <emphasis>false</"
"emphasis> esta opción no tiene efecto."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1776 sssd-ldap.5.xml:1799
msgid "Default: not specified"
msgstr "Por defecto: no especificado"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1782
msgid "ldap_sudo_ip (string)"
msgstr "ldap_sudo_ip (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1785
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
msgstr ""
"Lista separada por espacios de direcciones de host/red IPv4 o IPv6 que sería "
"usada para filtrar las reglas."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1790
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
msgstr ""
"esta opción está vacía, SSSD intentará descrubrir las direcciones "
"automáticamente."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1805
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr "sudo_include_netgroups (booleano)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1808
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
"Si está a true SSSD descargará cada regla que contenga un grupo de red en el "
"atributo sudoHost."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1823
msgid "ldap_sudo_include_regexp (boolean)"
msgstr "ldap_sudo_include_regexp (booleano)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1826
msgid ""
"If true then SSSD will download every rule that contains a wildcard in "
"sudoHost attribute."
msgstr ""
"Si es verdad SSSD descargará cada regla que contenga un comodín en el "
"atributo sudoHost."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para>
#: sssd-ldap.5.xml:1836
msgid ""
"Using wildcard is an operation that is very costly to evaluate on the LDAP "
"server side!"
msgstr ""
"¡Usar comodines es una operación que es muy costosa de evaluar en el lado "
"del servidor LDAP!"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ldap.5.xml:1848
msgid ""
"This manual page only describes attribute name mapping.  For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </"
"citerefentry>"
msgstr ""
"Esta página de manual sólo describe el atributo de nombre mapping. Para una "
"explicación detallada de la semántica del atributo relacionada con sudo, vea "
"<citerefentry> <refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</"
"manvolnum> </citerefentry>"

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-ldap.5.xml:1858
msgid "AUTOFS OPTIONS"
msgstr "OPCIONES AUTOFS"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ldap.5.xml:1860
msgid ""
"Some of the defaults for the parameters below are dependent on the LDAP "
"schema."
msgstr ""
"Algunos de los valores por defecto para los parámetros de abajo dependen del "
"esquema LDAP."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1866
msgid "ldap_autofs_map_master_name (string)"
msgstr "ldap_autofs_map_master_name (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1869
msgid "The name of the automount master map in LDAP."
msgstr "El nombre del mapa maestro de montaje automático en LDAP."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1872
msgid "Default: auto.master"
msgstr "Pfredeterminado: auto.master"

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-ldap.5.xml:1883
msgid "ADVANCED OPTIONS"
msgstr "OPCIONES AVANZADAS"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1890
msgid "ldap_netgroup_search_base (string)"
msgstr "ldap_netgroup_search_base (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1895
msgid "ldap_user_search_base (string)"
msgstr "ldap_user_search_base (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1900
msgid "ldap_group_search_base (string)"
msgstr "ldap_group_search_base (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><note>
#: sssd-ldap.5.xml:1905
msgid "<note>"
msgstr "<note>"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para>
#: sssd-ldap.5.xml:1907
msgid ""
"If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches "
"against Active Directory will not be restricted and return all groups "
"memberships, even with no GID mapping. It is recommended to disable this "
"feature, if group names are not being displayed correctly."
msgstr ""
"Si la opción <quote>ldap_use_tokengroups</quote> está habilitada, las "
"búsquedas contra Active Directory no serán restringidas y devolverán todos "
"los grupos miembros, incluso sin mapeo GID. Se recomienda deshabilitar esta "
"función, si los nombres de grupo no están siendo visualizados correctamente."

#. type: Content of: <reference><refentry><refsect1><para><variablelist>
#: sssd-ldap.5.xml:1914
msgid "</note>"
msgstr "</note>"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1916
msgid "ldap_sudo_search_base (string)"
msgstr "ldap_sudo_search_base (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1921
msgid "ldap_autofs_search_base (string)"
msgstr "ldap_autofs_search_base (cadena)"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ldap.5.xml:1885
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
"are doing.  <placeholder type=\"variablelist\" id=\"0\"/> <placeholder "
"type=\"variablelist\" id=\"1\"/>"
msgstr ""
"Estas opciones están soportadas por dominios LDAP, pero deberían ser usadas "
"con precaución. Por favor incluyalas en su configuración si usted sabe lo "
"que está haciendo.  <placeholder type=\"variablelist\" id=\"0\"/> "
"<placeholder type=\"variablelist\" id=\"1\"/>"

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-ldap.5.xml:1936 sssd-simple.5.xml:131 sssd-ipa.5.xml:930
#: sssd-ad.5.xml:1391 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98
#: sssd-files.5.xml:155 sssd-session-recording.5.xml:176
msgid "EXAMPLE"
msgstr "EJEMPLO"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ldap.5.xml:1938
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
"section."
msgstr ""
"El siguiente ejemplo asume que SSSS está configurado correctamente y LDAP "
"está fijado a uno de los dominios de la sección <replaceable>[domains]</"
"replaceable>."

#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sssd-ldap.5.xml:1944
#, no-wrap
msgid ""
"[domain/LDAP]\n"
"id_provider = ldap\n"
"auth_provider = ldap\n"
"ldap_uri = ldap://ldap.mydomain.org\n"
"ldap_search_base = dc=mydomain,dc=org\n"
"ldap_tls_reqcert = demand\n"
"cache_credentials = true\n"
msgstr ""
"[domain/LDAP]\n"
"id_provider = ldap\n"
"auth_provider = ldap\n"
"ldap_uri = ldap://ldap.mydomain.org\n"
"ldap_search_base = dc=mydomain,dc=org\n"
"ldap_tls_reqcert = demand\n"
"cache_credentials = true\n"

#. type: Content of: <refsect1><refsect2><para>
#: sssd-ldap.5.xml:1943 sssd-ldap.5.xml:1961 sssd-simple.5.xml:139
#: sssd-ipa.5.xml:938 sssd-ad.5.xml:1399 sssd-sudo.5.xml:56 sssd-krb5.5.xml:492
#: sssd-files.5.xml:162 sssd-files.5.xml:173 sssd-session-recording.5.xml:182
#: include/ldap_id_mapping.xml:105
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "<placeholder type=\"programlisting\" id=\"0\"/>"

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-ldap.5.xml:1955
msgid "LDAP ACCESS FILTER EXAMPLE"
msgstr "EJEMPLO DE FILTRO DE ACCESO LDAP"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ldap.5.xml:1957
msgid ""
"The following example assumes that SSSD is correctly configured and to use "
"the ldap_access_order=lockout."
msgstr ""
"El siguiente ejemplo asume que SSSD está correctamente configurado y usa "
"ldap_access_order=lockout."

#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sssd-ldap.5.xml:1962
#, no-wrap
msgid ""
"[domain/LDAP]\n"
"id_provider = ldap\n"
"auth_provider = ldap\n"
"access_provider = ldap\n"
"ldap_access_order = lockout\n"
"ldap_pwdlockout_dn = cn=ppolicy,ou=policies,dc=mydomain,dc=org\n"
"ldap_uri = ldap://ldap.mydomain.org\n"
"ldap_search_base = dc=mydomain,dc=org\n"
"ldap_tls_reqcert = demand\n"
"cache_credentials = true\n"
msgstr ""
"[domain/LDAP]\n"
"id_provider = ldap\n"
"auth_provider = ldap\n"
"access_provider = ldap\n"
"ldap_access_order = lockout\n"
"ldap_pwdlockout_dn = cn=ppolicy,ou=policies,dc=mydomain,dc=org\n"
"ldap_uri = ldap://ldap.mydomain.org\n"
"ldap_search_base = dc=mydomain,dc=org\n"
"ldap_tls_reqcert = demand\n"
"cache_credentials = true\n"

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-ldap.5.xml:1977 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148
#: sssd-ad.5.xml:1414 sssd.8.xml:238 sss_seed.8.xml:163
msgid "NOTES"
msgstr "NOTAS"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ldap.5.xml:1979
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 "
"distribution."
msgstr ""
"Las descripciones de algunas de las opciones de configuración en esta página "
"de manual están basadas en la página de manual <citerefentry> "
"<refentrytitle>ldap.conf</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> de la distribución OpenLDAP 2.4."

#. type: Content of: <reference><refentry><refnamediv><refname>
#: pam_sss.8.xml:11 pam_sss.8.xml:16
msgid "pam_sss"
msgstr "pam_sss"

#. type: Content of: <reference><refentry><refmeta><manvolnum>
#: pam_sss.8.xml:12 pam_sss_gss.8.xml:12 sssd_krb5_locator_plugin.8.xml:11
#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_override.8.xml:11
#: sss_cache.8.xml:11 sss_debuglevel.8.xml:11 sss_seed.8.xml:11
#: idmap_sss.8.xml:11 sssctl.8.xml:11 sssd-kcm.8.xml:11
#: sssd_krb5_localauth_plugin.8.xml:11
msgid "8"
msgstr "8"

#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: pam_sss.8.xml:17
msgid "PAM module for SSSD"
msgstr "Módulo PAM para SSSD"

#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
#: pam_sss.8.xml:22
msgid ""
"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</"
"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</"
"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</"
"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</"
"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </"
"arg> <arg choice='opt'> <replaceable>ignore_unknown_user</replaceable> </"
"arg> <arg choice='opt'> <replaceable>ignore_authinfo_unavail</replaceable> </"
"arg> <arg choice='opt'> <replaceable>domains=X</replaceable> </arg> <arg "
"choice='opt'> <replaceable>allow_missing_name</replaceable> </arg> <arg "
"choice='opt'> <replaceable>prompt_always</replaceable> </arg> <arg "
"choice='opt'> <replaceable>try_cert_auth</replaceable> </arg> <arg "
"choice='opt'> <replaceable>require_cert_auth</replaceable> </arg>"
msgstr ""
"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</"
"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</"
"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</"
"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</"
"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </"
"arg> <arg choice='opt'> <replaceable>ignore_unknown_user</replaceable> </"
"arg> <arg choice='opt'> <replaceable>ignore_authinfo_unavail</replaceable> </"
"arg> <arg choice='opt'> <replaceable>domains=X</replaceable> </arg> <arg "
"choice='opt'> <replaceable>allow_missing_name</replaceable> </arg> <arg "
"choice='opt'> <replaceable>prompt_always</replaceable> </arg> <arg "
"choice='opt'> <replaceable>try_cert_auth</replaceable> </arg> <arg "
"choice='opt'> <replaceable>require_cert_auth</replaceable> </arg>"

#. type: Content of: <reference><refentry><refsect1><para>
#: pam_sss.8.xml:64
msgid ""
"<command>pam_sss.so</command> is the PAM interface to the System Security "
"Services daemon (SSSD). Errors and results are logged through "
"<command>syslog(3)</command> with the LOG_AUTHPRIV facility."
msgstr ""
"<command>pam_sss.so</command> es la interfaz PAM para el demonio Servicios "
"de Seguridad de Sistema (SSSD). Los errores y resultados son registrados a "
"través de <command>syslog(3)</command> con la facilidad LOG_AUTHPRIV."

#. type: Content of: <reference><refentry><refsect1><title>
#: pam_sss.8.xml:70 pam_sss_gss.8.xml:89 sssd.8.xml:42 sss_obfuscate.8.xml:58
#: sss_cache.8.xml:39 sss_seed.8.xml:42 sss_ssh_authorizedkeys.1.xml:123
#: sss_ssh_knownhostsproxy.1.xml:62
msgid "OPTIONS"
msgstr "OPCIONES"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:74
msgid "<option>quiet</option>"
msgstr "<option>quiet</option>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:77
msgid "Suppress log messages for unknown users."
msgstr "Suprime el registro de mensajes de usuarios desconocidos."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:82
msgid "<option>forward_pass</option>"
msgstr "<option>forward_pass</option>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:85
msgid ""
"If <option>forward_pass</option> is set the entered password is put on the "
"stack for other PAM modules to use."
msgstr ""
"Si <option>forward_pass</option> está fijada el password introducido se pone "
"en la pila para que lo usen otros módulos PAM."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:92
msgid "<option>use_first_pass</option>"
msgstr "<option>use_first_pass</option>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:95
msgid ""
"The argument use_first_pass forces the module to use a previous stacked "
"modules password and will never prompt the user - if no password is "
"available or the password is not appropriate, the user will be denied access."
msgstr ""
"El argumento use_first_pass fuerza al módulo a usar un módulo de password "
"apilado previamente y nunca preguntará al usuario - si no hay password "
"disponible o el password no es apropiado, se denegará el acceso al usuario."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:103
msgid "<option>use_authtok</option>"
msgstr "<option>use_authtok</option>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:106
msgid ""
"When password changing enforce the module to set the new password to the one "
"provided by a previously stacked password module."
msgstr ""
"Cuando cambia el password fuerza al módulo a fijar el nuevo password a uno "
"suministrado por un módulo de password previamente apilado."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:113
msgid "<option>retry=N</option>"
msgstr "<option>retry=N</option>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:116
msgid ""
"If specified the user is asked another N times for a password if "
"authentication fails. Default is 0."
msgstr ""
"Si el usuario especificado es preguntado N veces por un password si la "
"autenticación falla. Por defecto es 0."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:118
msgid ""
"Please note that this option might not work as expected if the application "
"calling PAM handles the user dialog on its own. A typical example is "
"<command>sshd</command> with <option>PasswordAuthentication</option>."
msgstr ""
"Por favor advierta que esta opción puede no trabajar como se espera llamando "
"PAM a manejar el diálogo de usuario por el mismo. Un ejecplo típico es "
"<command>sshd</command> con <option>PasswordAuthentication</option>."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:127
msgid "<option>ignore_unknown_user</option>"
msgstr "<option>ignore_unknown_user</option>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:130
msgid ""
"If this option is specified and the user does not exist, the PAM module will "
"return PAM_IGNORE. This causes the PAM framework to ignore this module."
msgstr ""
"Si se especifica esta opción y el usuario no existe, el módulo PAM devolverá "
"PAM_IGNORE. Esto origina que el marco de referencia PAM ignore este módulo."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:137
msgid "<option>ignore_authinfo_unavail</option>"
msgstr "<option>ignore_authinfo_unavail</option>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:141
msgid ""
"Specifies that the PAM module should return PAM_IGNORE if it cannot contact "
"the SSSD daemon. This causes the PAM framework to ignore this module."
msgstr ""
"Especifica que el módulo PAM debería devolver PAM_IGNORE si no puede "
"contactar con el demonio SSSD. Esto causa que el marco de referencia PAM "
"ignore este módulo."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:148
msgid "<option>domains</option>"
msgstr "<option>domains</option>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:152
msgid ""
"Allows the administrator to restrict the domains a particular PAM service is "
"allowed to authenticate against. The format is a comma-separated list of "
"SSSD domain names, as specified in the sssd.conf file."
msgstr ""
"Permite al administrador restringir los dominios contra los que un servicio "
"PAM particular puede autenticarse. El formato es una lista separada por "
"comas de nombres de dominio SSSD, como se especifica en el fichero sssd.conf."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:158
#, fuzzy
#| msgid ""
#| "NOTE: Must be used in conjunction with the <quote>pam_trusted_users</"
#| "quote> and <quote>pam_public_domains</quote> options.  Please see the "
#| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
#| "manvolnum> </citerefentry> manual page for more information on these two "
#| "PAM responder options."
msgid ""
"NOTE: If this is used for a service not running as root user, e.g. a web-"
"server, it must be used in conjunction with the <quote>pam_trusted_users</"
"quote> and <quote>pam_public_domains</quote> options.  Please see the "
"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> manual page for more information on these two PAM "
"responder options."
msgstr ""
"AVISO: Se debe usar junto con las opciones <quote>pam_trusted_users</quote> "
"y <quote>pam_public_domains</quote>. Por favor vea la página de manual "
"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> para mas información sobre estas dos opciones del "
"respondedor PAM."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:173
msgid "<option>allow_missing_name</option>"
msgstr "<option>allow_missing_name</option>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:177
msgid ""
"The main purpose of this option is to let SSSD determine the user name based "
"on additional information, e.g. the certificate from a Smartcard."
msgstr ""
"El propósito principal de esta opción es dejar que SSSD determine el nombre "
"de usuario en base a información adicional, e.g. el certificado de una "
"Smartcard."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting>
#: pam_sss.8.xml:187
#, no-wrap
msgid ""
"auth sufficient pam_sss.so allow_missing_name\n"
"                        "
msgstr ""
"auth sufficient pam_sss.so allow_missing_name\n"
"                        "

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:182
msgid ""
"The current use case are login managers which can monitor a Smartcard reader "
"for card events. In case a Smartcard is inserted the login manager will call "
"a PAM stack which includes a line like <placeholder type=\"programlisting\" "
"id=\"0\"/> In this case SSSD will try to determine the user name based on "
"the content of the Smartcard, returns it to pam_sss which will finally put "
"it on the PAM stack."
msgstr ""
"El caso de uso actual son los administradores de inicio de sesión que pueden "
"monitorear un lector de tarjetas inteligentes para eventos de tarjetas. En "
"el caso de que una Smartcard se inserte el administrador de inicio de sesión "
"llamara a la pila PAM que incluye una línea como <placeholder "
"type=\"programlisting\" id=\"0\"/> En este caso SSSD intentará determinar el "
"nobre de usuairo en base al contenido de la tarjeta inteligente, se lo "
"devolverá a pam_sss quien finalmente lo pondrá en la pila PAM."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:197
msgid "<option>prompt_always</option>"
msgstr "<option>prompt_always</option>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:201
msgid ""
"Always prompt the user for credentials. With this option credentials "
"requested by other PAM modules, typically a password, will be ignored and "
"pam_sss will prompt for credentials again. Based on the pre-auth reply by "
"SSSD pam_sss might prompt for a password, a Smartcard PIN or other "
"credentials."
msgstr ""
"Solicita siempre al usuario las credenciales. Con esta opción las "
"credenciales pedidas por otros módulos PAM, normalmente una contraseña, "
"serán ignoradas y pam_sss solicitará las credenciales otra vez. En base a la "
"respuesta pre autorización de SSSD pam_sss debe solicitar una contraseña, un "
"Smartcard PIN u otras credenciales."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:212
msgid "<option>try_cert_auth</option>"
msgstr "<option>try_cert_auth</option>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:216
msgid ""
"Try to use certificate based authentication, i.e.  authentication with a "
"Smartcard or similar devices. If a Smartcard is available and the service is "
"allowed for Smartcard authentication the user will be prompted for a PIN and "
"the certificate based authentication will continue"
msgstr ""
"Intenta usar autenticación basada en certificado, i.e. autenticación con una "
"tarjeta inteligente o dispositivos similares. Si hay disponible una "
"Smartcard y el servicio tiene permitido la autenticación Smartcard se le "
"pedirá al usuario un PIN y continuará la autenticación basada en certificado"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:224
msgid ""
"If no Smartcard is available or certificate based authentication is not "
"allowed for the current service PAM_AUTHINFO_UNAVAIL is returned."
msgstr ""
"Si no hay Smartcard disponible o la autenticación basada en certificado no "
"está permitida para el servicio actual se devuelve PAM_AUTHINFO_UNAVAIL."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:232
msgid "<option>require_cert_auth</option>"
msgstr "<option>require_cert_auth</option>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:236
msgid ""
"Do certificate based authentication, i.e.  authentication with a Smartcard "
"or similar devices. If a Smartcard is not available the user will be "
"prompted to insert one. SSSD will wait for a Smartcard until the timeout "
"defined by p11_wait_for_card_timeout passed, please see "
"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
"manvolnum></citerefentry> for details."
msgstr ""
"Hace la autenticación en base a certificado, i.e.  autenticación con "
"Smartcard o dispositivos similares. Si no hay una Smartcard disponible se "
"pedirá al usuario que inserte una. SSSD esperará una Smartcard hasta el "
"tiempo límite definido por p11_wait_for_card_timeout passed, más detalles en "
"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
"manvolnum></citerefentry>."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:246
msgid ""
"If no Smartcard is available after the timeout or certificate based "
"authentication is not allowed for the current service PAM_AUTHINFO_UNAVAIL "
"is returned."
msgstr ""
"Si no hay Smartcard disponible después del tiempo límite o no está pemitida "
"la autenticación basada en certificado para el servicio actual se devolverá "
"PAM_AUTHINFO_UNAVAIL."

#. type: Content of: <reference><refentry><refsect1><title>
#: pam_sss.8.xml:256 pam_sss_gss.8.xml:103
msgid "MODULE TYPES PROVIDED"
msgstr "TIPOS DE MÓDULOS SUMINISTRADOS"

#. type: Content of: <reference><refentry><refsect1><para>
#: pam_sss.8.xml:257
msgid ""
"All module types (<option>account</option>, <option>auth</option>, "
"<option>password</option> and <option>session</option>) are provided."
msgstr ""
"Todos los tipos de módulos (<option>account</option>, <option>auth</option>, "
"<option>password</option> y <option>session</option>) son suministrados."

#. type: Content of: <reference><refentry><refsect1><para>
#: pam_sss.8.xml:260
msgid ""
"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is "
"not available, pam_sss will return PAM_USER_UNKNOWN when called as "
"<option>account</option> module to avoid issues with users from other "
"sources during access control."
msgstr ""
"Si el respondedor PAM de SSSD no está corriendo, e.g. si el socket "
"respondedor PAM no esta disponible, pam_sss devolverá PAM_USER_UNKNOWN "
"cuando se llame como módulo <option>account</option> para evitar problemas "
"con usuarios de otras fuentes durante el control de acceso."

#. type: Content of: <reference><refentry><refsect1><title>
#: pam_sss.8.xml:267 pam_sss_gss.8.xml:108
msgid "RETURN VALUES"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:270 pam_sss_gss.8.xml:111
msgid "PAM_SUCCESS"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:273 pam_sss_gss.8.xml:114
msgid "The PAM operation finished successfully."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:278 pam_sss_gss.8.xml:119
msgid "PAM_USER_UNKNOWN"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:281
msgid ""
"The user is not known to the authentication service or the SSSD's PAM "
"responder is not running."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:287 pam_sss_gss.8.xml:128
msgid "PAM_AUTH_ERR"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:290
msgid ""
"Authentication failure. Also, could be returned when there is a problem with "
"getting the certificate."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:296
msgid "PAM_PERM_DENIED"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:299
msgid ""
"Permission denied. The SSSD log files may contain additional information "
"about the error."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:305
msgid "PAM_IGNORE"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:308
msgid ""
"See options <option>ignore_unknown_user</option> and "
"<option>ignore_authinfo_unavail</option>."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:314
msgid "PAM_AUTHTOK_ERR"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:317
msgid ""
"Unable to obtain the new authentication token. Also, could be returned when "
"the user authenticates with certificates and multiple certificates are "
"available, but the installed version of GDM does not support selection from "
"multiple certificates."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:325 pam_sss_gss.8.xml:136
msgid "PAM_AUTHINFO_UNAVAIL"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:328 pam_sss_gss.8.xml:139
msgid ""
"Unable to access the authentication information.  This might be due to a "
"network or hardware failure."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:334
msgid "PAM_BUF_ERR"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:337
msgid ""
"A memory error occurred. Also, could be returned when options use_first_pass "
"or use_authtok were set, but no password was found from the previously "
"stacked PAM module."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:344 pam_sss_gss.8.xml:145
msgid "PAM_SYSTEM_ERR"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:347 pam_sss_gss.8.xml:148
msgid ""
"A system error occurred. The SSSD log files may contain additional "
"information about the error."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:353
msgid "PAM_CRED_ERR"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:356
msgid "Unable to set the credentials of the user."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:361
msgid "PAM_CRED_INSUFFICIENT"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:364
msgid ""
"The application does not have sufficient credentials to authenticate the "
"user. For example, missing PIN during smartcard authentication or missing "
"factor during two-factor authentication."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:372
msgid "PAM_SERVICE_ERR"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:375
msgid "Error in service module."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:380
msgid "PAM_NEW_AUTHTOK_REQD"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:383
msgid "The user's authentication token has expired."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:388
msgid "PAM_ACCT_EXPIRED"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:391
msgid "The user account has expired."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:396
msgid "PAM_SESSION_ERR"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:399
msgid "Unable to fetch IPA Desktop Profile rules or user info."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:404
msgid "PAM_CRED_UNAVAIL"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:407
msgid "Unable to retrieve Kerberos user credentials."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:412
msgid "PAM_NO_MODULE_DATA"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:415
msgid ""
"No authentication method was found by Kerberos.  This might happen if the "
"user has a Smartcard assigned but the pkint plugin is not available on the "
"client."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:422
msgid "PAM_CONV_ERR"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:425
msgid "Conversation failure."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:430
msgid "PAM_AUTHTOK_LOCK_BUSY"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:433
msgid "No KDC suitable for password change is available."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:438
msgid "PAM_ABORT"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:441
msgid "Unknown PAM call."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:446
msgid "PAM_MODULE_UNKNOWN"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:449
msgid "Unsupported PAM task or command."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:454
msgid "PAM_BAD_ITEM"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:457
msgid "The authentication module cannot handle Smartcard credentials."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><title>
#: pam_sss.8.xml:465
msgid "FILES"
msgstr "ARCHIVOS"

#. type: Content of: <reference><refentry><refsect1><para>
#: pam_sss.8.xml:466
msgid ""
"If a password reset by root fails, because the corresponding SSSD provider "
"does not support password resets, an individual message can be displayed. "
"This message can e.g. contain instructions about how to reset a password."
msgstr ""
"Si un password se resetea por un fallo de root, como el correspondiente "
"proveedor SSSD no soporta el reseteo de password, se puede mostrar un "
"mensaje individual. Este mensaje puede, por ejemplo, contener instrucciones "
"sobre como resetear un password."

#. type: Content of: <reference><refentry><refsect1><para>
#: pam_sss.8.xml:471
msgid ""
"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</"
"filename> where LOC stands for a locale string returned by <citerefentry> "
"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </"
"citerefentry>. If there is no matching file the content of "
"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be "
"the owner of the files and only root may have read and write permissions "
"while all other users must have only read permissions."
msgstr ""
"El mensaje se lee desde el fichero <filename>pam_sss_pw_reset_message.LOC</"
"filename> donde LOC destaca una cadena de lugar devuelta por <citerefentry> "
"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </"
"citerefentry>. Si no hay fichero coincidente se muestra el contenido de "
"<filename>pam_sss_pw_reset_message.txt</filename>. Root debe ser el "
"propietario de los ficheros y sólo root puede tener permisos de lectura y "
"escritura mientras que todos los demás usuarios sólo tienen permisos de "
"lectura."

#. type: Content of: <reference><refentry><refsect1><para>
#: pam_sss.8.xml:481
msgid ""
"These files are searched in the directory <filename>/etc/sssd/customize/"
"DOMAIN_NAME/</filename>. If no matching file is present a generic message is "
"displayed."
msgstr ""
"Estos ficheros son buscados en el directorio <filename>/etc/sssd/customize/"
"DOMAIN_NAME/</filename>. Si no hay archivos coincidentes se muestra un "
"mensaje genérico."

#. type: Content of: <reference><refentry><refnamediv><refname>
#: pam_sss_gss.8.xml:11 pam_sss_gss.8.xml:16
#, fuzzy
#| msgid "pam_sss"
msgid "pam_sss_gss"
msgstr "pam_sss"

#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: pam_sss_gss.8.xml:17
#, fuzzy
#| msgid "PAM module for SSSD"
msgid "PAM module for SSSD GSSAPI authentication"
msgstr "Módulo PAM para SSSD"

#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
#: pam_sss_gss.8.xml:22
#, fuzzy
#| msgid ""
#| "<command>sssd</command> <arg choice='opt'> <replaceable>options</"
#| "replaceable> </arg>"
msgid ""
"<command>pam_sss_gss.so</command> <arg choice='opt'> <replaceable>debug</"
"replaceable> </arg>"
msgstr ""
"<command>sssd</command> <arg choice='opt'> <replaceable>options</"
"replaceable> </arg>"

#. type: Content of: <reference><refentry><refsect1><para>
#: pam_sss_gss.8.xml:32
msgid ""
"<command>pam_sss_gss.so</command> authenticates user over GSSAPI in "
"cooperation with SSSD."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: pam_sss_gss.8.xml:36
msgid ""
"This module will try to authenticate the user using the GSSAPI hostbased "
"service name host@hostname which translates to host/hostname@REALM Kerberos "
"principal. The <emphasis>REALM</emphasis> part of the Kerberos principal "
"name is derived by Kerberos internal mechanisms and it can be set explicitly "
"in configuration of [domain_realm] section in /etc/krb5.conf."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: pam_sss_gss.8.xml:44
msgid ""
"SSSD is used to provide desired service name and to validate the user's "
"credentials using GSSAPI calls. If the service ticket is already present in "
"the Kerberos credentials cache or if user's ticket granting ticket can be "
"used to get the correct service ticket then the user will be authenticated."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: pam_sss_gss.8.xml:51
msgid ""
"If <option>pam_gssapi_check_upn</option> is True (default) then SSSD "
"requires that the credentials used to obtain the service tickets can be "
"associated with the user. This means that the principal that owns the "
"Kerberos credentials must match with the user principal name as defined in "
"LDAP."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: pam_sss_gss.8.xml:58
msgid ""
"To enable GSSAPI authentication in SSSD, set <option>pam_gssapi_services</"
"option> option in [pam] or domain section of sssd.conf. The service "
"credentials need to be stored in SSSD's keytab (it is already present if you "
"use ipa or ad provider). The keytab location can be set with "
"<option>krb5_keytab</option> option. See <citerefentry> <refentrytitle>sssd."
"conf</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> and "
"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> for more details on these options."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: pam_sss_gss.8.xml:74
msgid ""
"Some Kerberos deployments allow to associate authentication indicators with "
"a particular pre-authentication method used to obtain the ticket granting "
"ticket by the user.  <command>pam_sss_gss.so</command> allows to enforce "
"presence of authentication indicators in the service tickets before a "
"particular PAM service can be accessed."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: pam_sss_gss.8.xml:82
msgid ""
"If <option>pam_gssapi_indicators_map</option> is set in the [pam] or domain "
"section of sssd.conf, then SSSD will perform a check of the presence of any "
"configured indicators in the service ticket."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss_gss.8.xml:93
#, fuzzy
#| msgid "<option>quiet</option>"
msgid "<option>debug</option>"
msgstr "<option>quiet</option>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss_gss.8.xml:96
msgid "Print debugging information."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: pam_sss_gss.8.xml:104
msgid "Only the <option>auth</option> module type is provided."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss_gss.8.xml:122
msgid ""
"The user is not known to the authentication service or the GSSAPI "
"authentication is not supported."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss_gss.8.xml:131
msgid "Authentication failure."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: pam_sss_gss.8.xml:159
msgid ""
"The main use case is to provide password-less authentication in sudo but "
"without the need to disable authentication completely.  To achieve this, "
"first enable GSSAPI authentication for sudo in sssd.conf:"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><programlisting>
#: pam_sss_gss.8.xml:165
#, no-wrap
msgid ""
"[domain/MYDOMAIN]\n"
"pam_gssapi_services = sudo, sudo-i\n"
"        "
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: pam_sss_gss.8.xml:169
msgid ""
"And then enable the module in desired PAM stack (e.g. /etc/pam.d/sudo and /"
"etc/pam.d/sudo-i)."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><programlisting>
#: pam_sss_gss.8.xml:173
#, no-wrap
msgid ""
"...\n"
"auth sufficient pam_sss_gss.so\n"
"...\n"
"        "
msgstr ""

#. type: Content of: <reference><refentry><refsect1><title>
#: pam_sss_gss.8.xml:180
msgid "TROUBLESHOOTING"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: pam_sss_gss.8.xml:182
msgid ""
"SSSD logs, pam_sss_gss debug output and syslog may contain helpful "
"information about the error. Here are some common issues:"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: pam_sss_gss.8.xml:186
msgid ""
"1. I have KRB5CCNAME environment variable set and the authentication does "
"not work: Depending on your sudo version, it is possible that sudo does not "
"pass this variable to the PAM environment. Try adding KRB5CCNAME to "
"<option>env_keep</option> in /etc/sudoers or in your LDAP sudo rules default "
"options."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: pam_sss_gss.8.xml:193
msgid ""
"2. Authentication does not work and syslog contains \"Server not found in "
"Kerberos database\": Kerberos is probably not able to resolve correct realm "
"for the service ticket based on the hostname.  Try adding the hostname "
"directly to <option>[domain_realm]</option> in /etc/krb5.conf like so:"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: pam_sss_gss.8.xml:200
msgid ""
"3. Authentication does not work and syslog contains \"No Kerberos "
"credentials available\": You don't have any credentials that can be used to "
"obtain the required service ticket. Use kinit or authenticate over SSSD to "
"acquire those credentials."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: pam_sss_gss.8.xml:206
msgid ""
"4. Authentication does not work and SSSD sssd-pam log contains \"User with "
"UPN [$UPN] was not found.\" or \"UPN [$UPN] does not match target user "
"[$username].\": You are using credentials that can not be mapped to the user "
"that is being authenticated. Try to use kswitch to select different "
"principal, make sure you authenticated with SSSD or consider disabling "
"<option>pam_gssapi_check_upn</option>."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><programlisting>
#: pam_sss_gss.8.xml:214
#, no-wrap
msgid ""
"[domain_realm]\n"
".myhostname = MYREALM\n"
"        "
msgstr ""

#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15
msgid "sssd_krb5_locator_plugin"
msgstr "sssd_krb5_locator_plugin"

#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sssd_krb5_locator_plugin.8.xml:16
msgid "Kerberos locator plugin"
msgstr "Complemento localizador Kerberos"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd_krb5_locator_plugin.8.xml:22
msgid ""
"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is "
"used by libkrb5 to find KDCs for a given Kerberos realm. SSSD provides such "
"a plugin to guide all Kerberos clients on a system to a single KDC. In "
"general it should not matter to which KDC a client process is talking to.  "
"But there are cases, e.g. after a password change, where not all KDCs are in "
"the same state because the new data has to be replicated first. To avoid "
"unexpected authentication failures and maybe even account lockings it would "
"be good to talk to a single KDC as long as possible."
msgstr ""
"El complemento localizador Kerberos <command>sssd_krb5_locator_plugin</"
"command> es usado por libkrb5 para encontrar KDCs en un reino Kerberos dado. "
"SSSD proporciona dicho complemento para guiar a todos los clientes Kerberos "
"es un sistema a un único KDC. En general, no debería importar con qué KDC "
"está hablando un proceso de cliente.  Pero hay casos, e.g. después de un "
"cambio de contraseña, donde no todos los KDCs etán en el mismo estado porque "
"los nuevos datos tienen que ser replicados primero. Para evitar fallos de "
"autenticación inesperados y quizás bloqueos de cuentas sería bueno hablar "
"con un único KDC todo lo que sea posible."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd_krb5_locator_plugin.8.xml:34
msgid ""
"libkrb5 will search the locator plugin in the libkrb5 sub-directory of the "
"Kerberos plugin directory, see plugin_base_dir in <citerefentry> "
"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> for details. The plugin can only be disabled by removing the "
"plugin file. There is no option in the Kerberos configuration to disable it. "
"But the SSSD_KRB5_LOCATOR_DISABLE environment variable can be used to "
"disable the plugin for individual commands. Alternatively the SSSD option "
"krb5_use_kdcinfo=False can be used to not generate the data needed by the "
"plugin. With this the plugin is still called but will provide no data to the "
"caller so that libkrb5 can fall back to other methods defined in krb5.conf."
msgstr ""
"libkrb5 buscará el complemento localizador en el subdirectorio libkrb5 del "
"directorio de complementos Kerberos, vea más detalles en plugin_base_dir en "
"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry>. El complemento solo se puede deshabilitar "
"borrando el fichero del complemento. No hay opción en a configuración de "
"Kerberos para deshabilitarlo. Pero la variable de entorno "
"SSSD_KRB5_LOCATOR_DISABLE puede ser usada para deshabilitar el complemento "
"en comandos individuales. Alternativamente la opción SSSD "
"krb5_use_kdcinfo=False puede ser usada para no generar los datos necesarios "
"para el complemento. Con esto, todavía se llama al complemento, pero no "
"proporcionará datos a la persona que llama para que libkrb5 pueda recurrir a "
"otros métodos definidos en krb5.conf."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd_krb5_locator_plugin.8.xml:50
msgid ""
"The plugin reads the information about the KDCs of a given realm from a file "
"called <filename>kdcinfo.REALM</filename>. The file should contain one or "
"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the "
"hexadecimal IPv6 notation.  An optional port number can be added to the end "
"separated with a colon, the IPv6 address has to be enclosed in squared "
"brackets in this case as usual. Valid entries are:"
msgstr ""
"El complemento lee la información sobre los KDCs de un reino dado desde un "
"fichero llamado <filename>kdcinfo.REALM</filename>. El fichero debería "
"contener uno o más nombres de DNS o direcciones IP ya sea en anotación "
"decimal con puntos IPv4 o en anotación hexadecimal IPv6.  Su puede añadir un "
"número de puerto adicional al final separado con dos puntos, la dirección "
"IPv6 tiene que estar encerrada entre corchetes en este caso como es usual. "
"Las entradas válidas son:"

#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
#: sssd_krb5_locator_plugin.8.xml:58
msgid "kdc.example.com"
msgstr "kdc.example.com"

#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
#: sssd_krb5_locator_plugin.8.xml:59
msgid "kdc.example.com:321"
msgstr "kdc.example.com:321"

#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
#: sssd_krb5_locator_plugin.8.xml:60
msgid "1.2.3.4"
msgstr "1.2.3.4"

#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
#: sssd_krb5_locator_plugin.8.xml:61
msgid "5.6.7.8:99"
msgstr "5.6.7.8:99"

#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
#: sssd_krb5_locator_plugin.8.xml:62
msgid "2001:db8:85a3::8a2e:370:7334"
msgstr "2001:db8:85a3::8a2e:370:7334"

#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
#: sssd_krb5_locator_plugin.8.xml:63
msgid "[2001:db8:85a3::8a2e:370:7334]:321"
msgstr "[2001:db8:85a3::8a2e:370:7334]:321"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd_krb5_locator_plugin.8.xml:65
msgid ""
"SSSD's krb5 auth-provider which is used by the IPA and AD providers as well "
"adds the address of the current KDC or domain controller SSSD is using to "
"this file."
msgstr ""
"Krb5 auth-provider de SSSD que es utilizado por IPA y los proveedores AD que "
"también agrega la dirección del actual KDC o controlador de dominio SSSD se "
"utiliza para este fichero."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd_krb5_locator_plugin.8.xml:70
msgid ""
"In environments with read-only and read-write KDCs where clients are "
"expected to use the read-only instances for the general operations and only "
"the read-write KDC for config changes like password changes a "
"<filename>kpasswdinfo.REALM</filename> is used as well to identify read-"
"write KDCs. If this file exists for the given realm the content will be used "
"by the plugin to reply to requests for a kpasswd or kadmin server or for the "
"MIT Kerberos specific master KDC. If the address contains a port number the "
"default KDC port 88 will be used for the latter."
msgstr ""
"En entornos con KDCs de solo lectura y lectura-escritura donde los clientes "
"esperan usar las instancias solo lectura para las operaciones generales y "
"solo KDC de lectura-escritura para cambio de configuración como cambios de "
"contraseña se utiliza <filename>kpasswdinfo.REALM</filename> también para "
"identificar KDCs de lectura-escritura. Si existe este fichero para el reino "
"dado el contenido será usado por el complemento para contestar las "
"peticiones de un servidor kpasswd o kadmin opara el maestro específico KDC "
"MIT Kerberos. Si la dirección contiene un número de puerto el puerto "
"predeterminado KDC 88 será usado para los posteriores."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd_krb5_locator_plugin.8.xml:85
msgid ""
"Not all Kerberos implementations support the use of plugins. If "
"<command>sssd_krb5_locator_plugin</command> is not available on your system "
"you have to edit /etc/krb5.conf to reflect your Kerberos setup."
msgstr ""
"No todas las implementaciones Kerberos soportan el uso de plugins. Si "
"<command>sssd_krb5_locator_plugin</command> no está disponible en su sistema "
"usted tiene que editar /etc/krb5.conf para reflejar sus ajustes Kerberos."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd_krb5_locator_plugin.8.xml:91
msgid ""
"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value "
"debug messages will be sent to stderr."
msgstr ""
"Si la variable de entorno SSSD_KRB5_LOCATOR_DEBUR está fijada a cualquier "
"valor los mensajes de depuración se enviarán a stderr."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd_krb5_locator_plugin.8.xml:95
msgid ""
"If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value "
"the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the "
"caller."
msgstr ""
"Si la variable de entorno SSSD_KRB5_LOCATOR_DISABLE está establecida a "
"cualquier valor el complemento es deshabilitado y y devolverá "
"KRB5_PLUGIN_NO_HANDLE al llamante."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd_krb5_locator_plugin.8.xml:100
msgid ""
"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to "
"any value plugin will try to resolve all DNS names in kdcinfo file. By "
"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on "
"first DNS resolving failure."
msgstr ""
"Si la variable de entorno SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES etá "
"establecida a cualquier valor el complemento intentará resolver todos los "
"nombres DNS en el fichero kdcinfo. Por defecto el complemento devuelve "
"KRB5_PLUGIN_NO_HANDLE al llamante inmediatamente en el primer fallo "
"resolviendo DNS."

#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd-simple.5.xml:10 sssd-simple.5.xml:16
msgid "sssd-simple"
msgstr "sssd-simple"

#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sssd-simple.5.xml:17
msgid "the configuration file for SSSD's 'simple' access-control provider"
msgstr ""
"el fichero de configuración para en proveedor de control de acceso 'simple' "
"de SSSD"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-simple.5.xml:24
msgid ""
"This manual page describes the configuration of the simple access-control "
"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry>.  For a detailed syntax reference, "
"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> "
"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> manual page."
msgstr ""
"Esta página de manual describe la configuración del proveedor de control de "
"acceso simple para <citerefentry> <refentrytitle>sssd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry>.  Para una referencia detallada de "
"sintaxis, vea la sección <quote>FILE FORMAT</quote> de la página de manual "
"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry>."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-simple.5.xml:38
msgid ""
"The simple access provider grants or denies access based on an access or "
"deny list of user or group names. The following rules apply:"
msgstr ""
"El proveedor de acceso simple otorga o deniega el acceso en base a una lista "
"de acceso o denegación de usuarios o grupo de nombres. Se aplican las "
"siguientes reglas:"

#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
#: sssd-simple.5.xml:43
msgid "If all lists are empty, access is granted"
msgstr "Si todas las listas están vacías, se concede acceso"

#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
#: sssd-simple.5.xml:47
msgid ""
"If any list is provided, the order of evaluation is allow,deny. This means "
"that any matching deny rule will supersede any matched allow rule."
msgstr ""
"Si se ha suministrado alguna lista, el orden de evaluación es permitir,"
"denegar. Esto significa que cualquier regla de denegación será saltada por "
"cualquier regla de permiso coincidente."

#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
#: sssd-simple.5.xml:54
msgid ""
"If either or both \"allow\" lists are provided, all users are denied unless "
"they appear in the list."
msgstr ""
"Si una o ambas listas de \"permiso\" se suministran, todos los usuarios "
"serán denegados a no ser que aparezcan en la lista."

#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
#: sssd-simple.5.xml:60
msgid ""
"If only \"deny\" lists are provided, all users are granted access unless "
"they appear in the list."
msgstr ""
"Si sólo se suministran listas de \"denegación\", todos los usuarios "
"obtendran acceso a no ser que aparezcan en la lista."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-simple.5.xml:78
msgid "simple_allow_users (string)"
msgstr "simple_allow_users (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-simple.5.xml:81
msgid "Comma separated list of users who are allowed to log in."
msgstr "Lista separada por comas de usuarios a los está permitido el acceso."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-simple.5.xml:88
msgid "simple_deny_users (string)"
msgstr "simple_deny_users (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-simple.5.xml:91
msgid "Comma separated list of users who are explicitly denied access."
msgstr ""
"Lista separada por comas de usuarios a los que explicítamente se les deniega "
"el acceso."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-simple.5.xml:97
msgid "simple_allow_groups (string)"
msgstr "simple_allow_groups (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-simple.5.xml:100
msgid ""
"Comma separated list of groups that are allowed to log in. This applies only "
"to groups within this SSSD domain. Local groups are not evaluated."
msgstr ""
"Lista separada por comas de grupos que tienen permitido el acceso. Esto se "
"aplica sólo a los grupos dentro del dominio SSSD. Los grupos locales no "
"serán evaluados."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-simple.5.xml:108
msgid "simple_deny_groups (string)"
msgstr "simple_deny_groups (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-simple.5.xml:111
msgid ""
"Comma separated list of groups that are explicitly denied access. This "
"applies only to groups within this SSSD domain. Local groups are not "
"evaluated."
msgstr ""
"Lista separada por comas de grupos a los que explicítamente se les deniega "
"el acceso. Esto se aplica sólo a los grupos dentro del dominio SSSD. Los "
"grupos locales no serán evaluados."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-simple.5.xml:70 sssd-ipa.5.xml:83 sssd-ad.5.xml:131
msgid ""
"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> "
"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> manual page for details on the configuration of an SSSD "
"domain.  <placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
"Vea la sección  <quote>DOMAIN SECTIONS</quote> de la página de manual "
"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> para detalles sobre la configuración de un "
"dominio SSSD. <placeholder type=\"variablelist\" id=\"0\"/>"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-simple.5.xml:120
msgid ""
"Specifying no values for any of the lists is equivalent to skipping it "
"entirely. Beware of this while generating parameters for the simple provider "
"using automated scripts."
msgstr ""
"No especificando valores para ninguna de las listas es equivalente a "
"saltarle totalmente. Tenga cuidado de esto mientras genera parámetros para "
"el simple proveedor usando secuencias de comandos automatizadas."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-simple.5.xml:125
msgid ""
"Please note that it is an configuration error if both, simple_allow_users "
"and simple_deny_users, are defined."
msgstr ""
"Por favor advierta que es un error de configuración si tanto, "
"simple_allow_users como simple_deny_user, están definidos."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-simple.5.xml:133
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
"This examples shows only the simple access provider-specific options."
msgstr ""
"El siguiente ejemplo asume que SSSD está correctamente configurado y example."
"com es uno de los dominios en la sección <replaceable>[sssd]</replaceable>. "
"Este ejemplo muestra sólo las opciones específicas del proveedor de acceso "
"simple."

#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sssd-simple.5.xml:140
#, no-wrap
msgid ""
"[domain/example.com]\n"
"access_provider = simple\n"
"simple_allow_users = user1, user2\n"
msgstr ""
"[domain/example.com]\n"
"access_provider = simple\n"
"simple_allow_users = user1, user2\n"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-simple.5.xml:150
msgid ""
"The complete group membership hierarchy is resolved before the access check, "
"thus even nested groups can be included in the access lists.  Please be "
"aware that the <quote>ldap_group_nesting_level</quote> option may impact the "
"results and should be set to a sufficient value.  (<citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</manvolnum> </"
"citerefentry>) option."
msgstr ""
"La jerarquía completa de membresía del grupo se resuelve antes de la "
"comprobación de acceso, así incluso los grupos anidados se pueden incluir en "
"las listas de acceso.  Por favor tenga cuidado en que la opción "
"<quote>ldap_group_nesting_level</quote> puede impactar en los resultados y "
"deberia ser establecidad a un valor suficiente.  Opción (<citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</manvolnum> </"
"citerefentry>)."

#. type: Content of: <reference><refentry><refnamediv><refname>
#: sss-certmap.5.xml:10 sss-certmap.5.xml:16
msgid "sss-certmap"
msgstr "sss-certmap"

#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sss-certmap.5.xml:17
msgid "SSSD Certificate Matching and Mapping Rules"
msgstr "Reglas de Correspondencia y Asignación de Certificados SSSD"

#. type: Content of: <reference><refentry><refsect1><para>
#: sss-certmap.5.xml:23
msgid ""
"The manual page describes the rules which can be used by SSSD and other "
"components to match X.509 certificates and map them to accounts."
msgstr ""
"La página de manual describe las reglas que pueden ser usadas por SSSD y "
"otros componentes para corresponder con los certificados X.509 y asignarlos "
"a cuentas."

#. type: Content of: <reference><refentry><refsect1><para>
#: sss-certmap.5.xml:28
msgid ""
"Each rule has four components, a <quote>priority</quote>, a <quote>matching "
"rule</quote>, a <quote>mapping rule</quote> and a <quote>domain list</"
"quote>. All components are optional. A missing <quote>priority</quote> will "
"add the rule with the lowest priority.  The default <quote>matching rule</"
"quote> will match certificates with the digitalSignature key usage and "
"clientAuth extended key usage. If the <quote>mapping rule</quote> is empty "
"the certificates will be searched in the userCertificate attribute as DER "
"encoded binary. If no domains are given only the local domain will be "
"searched."
msgstr ""
"Cada regla tiene cuatro componentes, una <quote>priority</quote>, una "
"<quote>matching rule</quote>, una <quote>mapping rule</quote> y una "
"<quote>domain list</quote>. Todos los componentes son opcionales. Si no hay "
"<quote>priority</quote> se añadirá la regla con el nivel de prioridad más "
"bajo. La <quote>matching rule</quote> predeterminada hará coincidir los "
"certificados con la clave de utilización digitalSignature y la clave de "
"utilización extendida clientAuth. Si <quote>mapping rule</quote> está vacía "
"los certificados serán buscados en el atributo userCertificate como DER "
"codificado en binario. Si no se dan dominios solo se buscará en el dominio "
"local."

#. type: Content of: <reference><refentry><refsect1><para>
#: sss-certmap.5.xml:39
msgid ""
"To allow extensions or completely different style of rule the "
"<quote>mapping</quote> and <quote>matching rules</quote> can contain a "
"prefix separated with a ':' from the main part of the rule. The prefix may "
"only contain upper-case ASCII letters and numbers. If the prefix is omitted "
"the default type will be used which is 'KRB5' for the matching rules and "
"'LDAP' for the mapping rules."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sss-certmap.5.xml:48
msgid ""
"The 'sssctl' utility provides the 'cert-eval-rule' command to check if a "
"given certificate matches a matching rules and how the output of a mapping "
"rule would look like."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><title>
#: sss-certmap.5.xml:55
msgid "RULE COMPONENTS"
msgstr "COMPONENTES DE LA REGLA"

#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sss-certmap.5.xml:57
msgid "PRIORITY"
msgstr "PRIORIDAD"

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sss-certmap.5.xml:59
msgid ""
"The rules are processed by priority while the number '0' (zero)  indicates "
"the highest priority. The higher the number the lower is the priority. A "
"missing value indicates the lowest priority. The rules processing is stopped "
"when a matched rule is found and no further rules are checked."
msgstr ""
"Las reglas son procesados por prioridad sabiendo que el número '0' (cero) "
"indica la prioridad más alta. Más alto en número más baja la prioridad. Un "
"valor desaparecido indica la prioridad más baja. Las reglas de procesamiento "
"se para cuando una regla coincidente y no se comprueban más reglas."

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sss-certmap.5.xml:66
msgid ""
"Internally the priority is treated as unsigned 32bit integer, using a "
"priority value larger than 4294967295 will cause an error."
msgstr ""
"Internamente la prioridad se trata como un entero no firmado de 32 bitr, la "
"utilización de in valor de prioridad superior a 4294967295 causará un error."

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sss-certmap.5.xml:70
msgid ""
"If multiple rules have the same priority and only one of the related "
"matching rules applies, this rule will be chosen. If there are multiple "
"rules with the same priority which matches, one is chosen but which one is "
"undefined. To avoid this undefined behavior either use different priorities "
"or make the matching rules more specific e.g. by using distinct &lt;"
"ISSUER&gt; patterns."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sss-certmap.5.xml:79
msgid "MATCHING RULE"
msgstr "REGLA DE COINCIDENCIA"

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sss-certmap.5.xml:81
msgid ""
"The matching rule is used to select a certificate to which the mapping rule "
"should be applied. It uses a system similar to the one used by "
"<quote>pkinit_cert_match</quote> option of MIT Kerberos. It consists of a "
"keyword enclosed by '&lt;' and '&gt;' which identified a certain part of the "
"certificate and a pattern which should be found for the rule to match. "
"Multiple keyword pattern pairs can be either joined with '&amp;&amp;' (and) "
"or '&#124;&#124;' (or)."
msgstr ""
"La regla de coincidencia se usa para seleccionar un certificado al que sería "
"aplicado la regla de asignación. Usa un sistema similar al usado por la "
"opción <quote>pkinit_cert_match</quote> de MIT Kerberos. Consiste en una "
"clave encerrada entre '&lt;' y '&gt;' ue identifica una cierta parte del "
"certificado y un patrón para que la regla coincida. Se pueden unir varios "
"pares de palabras claves con '&amp;&amp;' (y) o '&#124;&#124;' (o)."

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sss-certmap.5.xml:90
msgid ""
"Given the similarity to MIT Kerberos the type prefix for this rule is "
"'KRB5'. But 'KRB5' will also be the default for <quote>matching rules</"
"quote> so that \"&lt;SUBJECT&gt;.*,DC=MY,DC=DOMAIN\" and \"KRB5:&lt;"
"SUBJECT&gt;.*,DC=MY,DC=DOMAIN\" are equivalent."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:99
msgid "&lt;SUBJECT&gt;regular-expression"
msgstr "&lt;SUBJECT&gt;regular-expression"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:102
msgid ""
"With this a part or the whole subject name of the certificate can be "
"matched. For the matching POSIX Extended Regular Expression syntax is used, "
"see regex(7)  for details."
msgstr ""
"Con esto una parte o todo el nombre de sujeto del certificado pueden "
"coincidir. Para la coincidencia se usa la sintaxis Expresión Regular "
"Extendida POSIX, vea detalles en regex(7)."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:108
msgid ""
"For the matching the subject name stored in the certificate in DER encoded "
"ASN.1 is converted into a string according to RFC 4514. This means the most "
"specific name component comes first. Please note that not all possible "
"attribute names are covered by RFC 4514. The names included are 'CN', 'L', "
"'ST', 'O', 'OU', 'C', 'STREET', 'DC' and 'UID'. Other attribute names might "
"be shown differently on different platform and by different tools. To avoid "
"confusion those attribute names are best not used or covered by a suitable "
"regular-expression."
msgstr ""
"Para coincidir el nombre sujeto almacenado en el certificado en codificación "
"DER ASN.1 se convierte en una cadena de acuerdo a RFC 4514. Esto significa "
"que el componente de nombre más específico es el primero. Por favor advierta "
"que  no todos los posibles nombres de atributo están cubiertos por RFC 4514. "
"Los nombres incluidos son 'CN', 'L', 'ST', 'O', 'OU', 'C', 'STREET', 'DC' y "
"'UID'. Otros nombres de atributo pueden ser mostrados de forma diferente "
"sobre plataformas distintas y por herramientas diferentes. Para evitar la "
"confusión es mejor que no se usen estos nombres de atributos o se cubran por "
"una expresión regular a medida."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:121
msgid "Example: &lt;SUBJECT&gt;.*,DC=MY,DC=DOMAIN"
msgstr "Ejemplo: &lt;SUBJECT&gt;.*,DC=MY,DC=DOMAIN"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:124
msgid ""
"Please note that the characters \"^.[$()|*+?{\\\" have a special meaning in "
"regular expressions and must be escaped with the help of the '\\' character "
"so that they are matched as ordinary characters."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:130
msgid "Example: &lt;SUBJECT&gt;^CN=.* \\(Admin\\),DC=MY,DC=DOMAIN$"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:135
msgid "&lt;ISSUER&gt;regular-expression"
msgstr "&lt;ISSUER&gt;regular-expression"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:138
msgid ""
"With this a part or the whole issuer name of the certificate can be matched. "
"All comments for &lt;SUBJECT&gt; apply her as well."
msgstr ""
"Con esto, se puede hacer coincidir una parte o el nombre completo del emisor "
"del certificado. Todos los comentarios para &lt;SUBJECT&gt; se le aplican "
"también."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:143
msgid "Example: &lt;ISSUER&gt;^CN=My-CA,DC=MY,DC=DOMAIN$"
msgstr "Ejemplo: &lt;ISSUER&gt;^CN=My-CA,DC=MY,DC=DOMAIN$"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:148
msgid "&lt;KU&gt;key-usage"
msgstr "&lt;KU&gt;key-usage"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:151
msgid ""
"This option can be used to specify which key usage values the certificate "
"should have. The following values can be used in a comma separated list:"
msgstr ""
"Esta opción se puede usar para especificar que valores de uso clave debe "
"tener el certificado. Se pueden usar los siguientes valores en una lista "
"separados por comas:"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sss-certmap.5.xml:155
msgid "digitalSignature"
msgstr "digitalSignature"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sss-certmap.5.xml:156
msgid "nonRepudiation"
msgstr "nonRepudiation"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sss-certmap.5.xml:157
msgid "keyEncipherment"
msgstr "keyEncipherment"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sss-certmap.5.xml:158
msgid "dataEncipherment"
msgstr "dataEncipherment"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sss-certmap.5.xml:159
msgid "keyAgreement"
msgstr "keyAgreement"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sss-certmap.5.xml:160
msgid "keyCertSign"
msgstr "keyCertSign"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sss-certmap.5.xml:161
msgid "cRLSign"
msgstr "cRLSign"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sss-certmap.5.xml:162
msgid "encipherOnly"
msgstr "encipherOnly"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sss-certmap.5.xml:163
msgid "decipherOnly"
msgstr "decipherOnly"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:167
msgid ""
"A numerical value in the range of a 32bit unsigned integer can be used as "
"well to cover special use cases."
msgstr ""
"Un valor numérico en el rango de un entero sin signo de 32 bit se puede usar "
"también para cubrir casos de uso especiales."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:171
msgid "Example: &lt;KU&gt;digitalSignature,keyEncipherment"
msgstr "Ejemplo: &lt;KU&gt;digitalSignature,keyEncipherment"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:176
msgid "&lt;EKU&gt;extended-key-usage"
msgstr "&lt;EKU&gt;extended-key-usage"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:179
msgid ""
"This option can be used to specify which extended key usage the certificate "
"should have. The following value can be used in a comma separated list:"
msgstr ""
"Esta opción se puede usar para especificar que uso de clave extendida puede "
"tener el certificado. El siguiente valor se puede usar en una lista separada "
"por comas:"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sss-certmap.5.xml:183
msgid "serverAuth"
msgstr "serverAuth"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sss-certmap.5.xml:184
msgid "clientAuth"
msgstr "clientAuth"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sss-certmap.5.xml:185
msgid "codeSigning"
msgstr "codeSigning"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sss-certmap.5.xml:186
msgid "emailProtection"
msgstr "emailProtection"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sss-certmap.5.xml:187
msgid "timeStamping"
msgstr "timeStamping"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sss-certmap.5.xml:188
msgid "OCSPSigning"
msgstr "OCSPSigning"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sss-certmap.5.xml:189
msgid "KPClientAuth"
msgstr "KPClientAuth"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sss-certmap.5.xml:190
msgid "pkinit"
msgstr "pkinit"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sss-certmap.5.xml:191
msgid "msScLogin"
msgstr "msScLogin"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:195
msgid ""
"Extended key usages which are not listed above can be specified with their "
"OID in dotted-decimal notation."
msgstr ""
"La utilización de claves extendidas que no están listadas arriba pueden ser "
"especificadas con sus OID en anotación decimal con puntos."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:199
msgid "Example: &lt;EKU&gt;clientAuth,1.3.6.1.5.2.3.4"
msgstr "Ejemplo: &lt;EKU&gt;clientAuth,1.3.6.1.5.2.3.4"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:204
msgid "&lt;SAN&gt;regular-expression"
msgstr "&lt;SAN&gt;regular-expression"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:207
msgid ""
"To be compatible with the usage of MIT Kerberos this option will match the "
"Kerberos principals in the PKINIT or AD NT Principal SAN as &lt;SAN:"
"Principal&gt; does."
msgstr ""
"Para ser compatible con la utilización de MIT Kerberos esta opción "
"coincidirá con los principios de Kerberos en PKINIT o AD NT Principal SAN "
"como hace &lt;SAN:Principal&gt;."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:212
msgid "Example: &lt;SAN&gt;.*@MY\\.REALM"
msgstr "Ejemplo: &lt;SAN&gt;.*@MY\\.REALM"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:217
msgid "&lt;SAN:Principal&gt;regular-expression"
msgstr "&lt;SAN:Principal&gt;regular-expression"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:220
msgid "Match the Kerberos principals in the PKINIT or AD NT Principal SAN."
msgstr ""
"Haga coincidir los principios principales de Kerberos en la SAN principal de "
"PKINIT o AD NT."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:224
msgid "Example: &lt;SAN:Principal&gt;.*@MY\\.REALM"
msgstr "Example: &lt;SAN:Principal&gt;.*@MY\\.REALM"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:229
msgid "&lt;SAN:ntPrincipalName&gt;regular-expression"
msgstr "&lt;SAN:ntPrincipalName&gt;regular-expression"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:232
msgid "Match the Kerberos principals from the AD NT Principal SAN."
msgstr ""
"Haga coincidir los principales de Kerberos de la SAN principal de AD NT."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:236
msgid "Example: &lt;SAN:ntPrincipalName&gt;.*@MY.AD.REALM"
msgstr "Example: &lt;SAN:ntPrincipalName&gt;.*@MY.AD.REALM"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:241
msgid "&lt;SAN:pkinit&gt;regular-expression"
msgstr "&lt;SAN:pkinit&gt;regular-expression"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:244
msgid "Match the Kerberos principals from the PKINIT SAN."
msgstr "Haga coincidir los principales de Kerberos con los PKINIT SAN."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:247
msgid "Example: &lt;SAN:ntPrincipalName&gt;.*@MY\\.PKINIT\\.REALM"
msgstr "Example: &lt;SAN:ntPrincipalName&gt;.*@MY\\.PKINIT\\.REALM"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:252
msgid "&lt;SAN:dotted-decimal-oid&gt;regular-expression"
msgstr "&lt;SAN:dotted-decimal-oid&gt;regular-expression"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:255
msgid ""
"Take the value of the otherName SAN component given by the OID in dotted-"
"decimal notation, interpret it as string and try to match it against the "
"regular expression."
msgstr ""
"Toma el valor del componente SAN otherName dado por el de OID en anotación "
"decimal con puntos, lo interpreta como una cadena e intenta hacerlo "
"coincidir con la expresión regular."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:261
msgid "Example: &lt;SAN:1.2.3.4&gt;test"
msgstr "Example: &lt;SAN:1.2.3.4&gt;test"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:266
msgid "&lt;SAN:otherName&gt;base64-string"
msgstr "&lt;SAN:otherName&gt;base64-string"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:269
msgid ""
"Do a binary match with the base64 encoded blob against all otherName SAN "
"components. With this option it is possible to match against custom "
"otherName components with special encodings which could not be treated as "
"strings."
msgstr ""
"Haga una coincidencia binaria con el blob codificado en base64 con todos los "
"demás componentes SAN otheName. Con esta opción es posible la coincidencia "
"con los componentes otherName personales con codificación especial que "
"podrían no ser tratados como cadenas."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:276
msgid "Example: &lt;SAN:otherName&gt;MTIz"
msgstr "Example: &lt;SAN:otherName&gt;MTIz"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:281
msgid "&lt;SAN:rfc822Name&gt;regular-expression"
msgstr "&lt;SAN:rfc822Name&gt;regular-expression"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:284
msgid "Match the value of the rfc822Name SAN."
msgstr "Haga coincidir el valor del rfc822Name SAN."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:287
msgid "Example: &lt;SAN:rfc822Name&gt;.*@email\\.domain"
msgstr "Example: &lt;SAN:rfc822Name&gt;.*@email\\.domain"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:292
msgid "&lt;SAN:dNSName&gt;regular-expression"
msgstr "&lt;SAN:dNSName&gt;regular-expression"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:295
msgid "Match the value of the dNSName SAN."
msgstr "Haga coincidir el valor del dNSName SAN."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:298
msgid "Example: &lt;SAN:dNSName&gt;.*\\.my\\.dns\\.domain"
msgstr "Example: &lt;SAN:dNSName&gt;.*\\.my\\.dns\\.domain"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:303
msgid "&lt;SAN:x400Address&gt;base64-string"
msgstr "&lt;SAN:x400Address&gt;base64-string"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:306
msgid "Binary match the value of the x400Address SAN."
msgstr "Binario coincide con el valor del x400Address SAN."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:309
msgid "Example: &lt;SAN:x400Address&gt;MTIz"
msgstr "Example: &lt;SAN:x400Address&gt;MTIz"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:314
msgid "&lt;SAN:directoryName&gt;regular-expression"
msgstr "&lt;SAN:directoryName&gt;regular-expression"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:317
msgid ""
"Match the value of the directoryName SAN. The same comments as given for &lt;"
"ISSUER&gt; and &lt;SUBJECT&gt; apply here as well."
msgstr ""
"Haga coincidir el valor del directoryName SAN. Los mismos comentarios dados "
"para &lt;ISSUER&gt; and &lt;SUBJECT&gt; se aplican aquí también."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:322
msgid "Example: &lt;SAN:directoryName&gt;.*,DC=com"
msgstr "Example: &lt;SAN:directoryName&gt;.*,DC=com"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:327
msgid "&lt;SAN:ediPartyName&gt;base64-string"
msgstr "&lt;SAN:ediPartyName&gt;base64-string"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:330
msgid "Binary match the value of the ediPartyName SAN."
msgstr "Hacer coincidir binario el valor del ediPartyName SAN."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:333
msgid "Example: &lt;SAN:ediPartyName&gt;MTIz"
msgstr "Ejemplo: &lt;SAN:ediPartyName&gt;MTIz"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:338
msgid "&lt;SAN:uniformResourceIdentifier&gt;regular-expression"
msgstr "&lt;SAN:uniformResourceIdentifier&gt;regular-expression"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:341
msgid "Match the value of the uniformResourceIdentifier SAN."
msgstr "Hacer coincidir el valor del uniformResourceIdentifier SAN."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:344
msgid "Example: &lt;SAN:uniformResourceIdentifier&gt;URN:.*"
msgstr "Ejemplo: &lt;SAN:uniformResourceIdentifier&gt;URN:.*"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:349
msgid "&lt;SAN:iPAddress&gt;regular-expression"
msgstr "&lt;SAN:iPAddress&gt;regular-expression"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:352
msgid "Match the value of the iPAddress SAN."
msgstr "Haga coincidir el valor del iPAddress SAN."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:355
msgid "Example: &lt;SAN:iPAddress&gt;192\\.168\\..*"
msgstr "Ejemplo: &lt;SAN:iPAddress&gt;192\\.168\\..*"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:360
msgid "&lt;SAN:registeredID&gt;regular-expression"
msgstr "&lt;SAN:registeredID&gt;regular-expression"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:363
msgid "Match the value of the registeredID SAN as dotted-decimal string."
msgstr ""
"Haga coincidir el valor de registeredID SAN como cadena decimal con puntos."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:367
msgid "Example: &lt;SAN:registeredID&gt;1\\.2\\.3\\..*"
msgstr "Ejemplo: &lt;SAN:registeredID&gt;1\\.2\\.3\\..*"

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sss-certmap.5.xml:96
msgid ""
"The available options are: <placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
"Las opciones disponibles son: <placeholder type=\"variablelist\" id=\"0\"/>"

#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sss-certmap.5.xml:375
msgid "MAPPING RULE"
msgstr "REGLA DE MAPEO"

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sss-certmap.5.xml:377
msgid ""
"The mapping rule is used to associate a certificate with one or more "
"accounts. A Smartcard with the certificate and the matching private key can "
"then be used to authenticate as one of those accounts."
msgstr ""
"La regla de mapeo se usa para asociar un certificado con una o mas cuentas. "
"Una Smartcard con el certificado y la clave privada correspondiente puede "
"ser usada entonces para autenticar una de estas cuentas."

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sss-certmap.5.xml:382
msgid ""
"Currently SSSD basically only supports LDAP to lookup user information (the "
"exception is the proxy provider which is not of relevance here). Because of "
"this the mapping rule is based on LDAP search filter syntax with templates "
"to add certificate content to the filter. It is expected that the filter "
"will only contain the specific data needed for the mapping and that the "
"caller will embed it in another filter to do the actual search. Because of "
"this the filter string should start and stop with '(' and ')' respectively."
msgstr ""
"Actualmente SSSD básicamente solo soporta LDAP para buscar información de "
"usuario (la excepción es el proveedor proxy que no tiene relevancia aqui). "
"Por esto la regla de mapeo se basa en una búsqueda por filtro de sintaxis "
"LDAP con plantillas para añadir el contenido del certificado al filtro. Se "
"espra que ese filtro solo contendrá los datos específicos para el mapeo y "
"que la persona que llama lo incrustará en otro filtro para hacer la búsqueda "
"real. Debido a esto la cadena de filtro de empezar y terminar con '('and')' "
"respectivamente. "

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sss-certmap.5.xml:392
msgid ""
"In general it is recommended to use attributes from the certificate and add "
"them to special attributes to the LDAP user object. E.g. the "
"'altSecurityIdentities' attribute in AD or the 'ipaCertMapData' attribute "
"for IPA can be used."
msgstr ""
"En general se recomienda usar atributos del certificado y añadirlos a "
"atributos especiales al objeto usuario LDAP. E.g. el atributo "
"'altSecurityIdentities' en AD o el atributo 'ipaCertMapData' para IPA se "
"pueden usar."

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sss-certmap.5.xml:398
msgid ""
"This should be preferred to read user specific data from the certificate "
"like e.g. an email address and search for it in the LDAP server. The reason "
"is that the user specific data in LDAP might change for various reasons "
"would break the mapping. On the other hand it would be hard to break the "
"mapping on purpose for a specific user."
msgstr ""
"Debería preferible leer datos específicos del usuario del certificado, e.g. "
"una dirección de correo electrónico y buscarla en el servidor LDAP. La razón "
"es que los datos específicos del usuario en el LDAP podrían cambiar por "
"diversas razones y romper el mapeo. Por otro lado, sería difícil romper el "
"mapeo a propósito para un usuario específico."

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sss-certmap.5.xml:406
msgid ""
"The default <quote>mapping rule</quote> type is 'LDAP' which can be added as "
"a prefix to a rule like e.g.  'LDAP:(userCertificate;binary={cert!bin})'. "
"There is an extension called 'LDAPU1' which offer more templates for more "
"flexibility. To allow older versions of this library to ignore the extension "
"the prefix 'LDAPU1' must be used when using the new templates in a "
"<quote>mapping rule</quote> otherwise the old version of this library will "
"fail with a parsing error. The new templates are described in section <xref "
"linkend=\"map_ldapu1\"/>."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:424
msgid "{issuer_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}"
msgstr "{issuer_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:427
msgid ""
"This template will add the full issuer DN converted to a string according to "
"RFC 4514. If X.500 ordering (most specific RDN comes last) an option with "
"the '_x500' prefix should be used."
msgstr ""
"Esta plantilla agregará el DN del emisor completo convertido en una "
"plantilla de acuerdo con el RFC 4514. Si se ordena X.500 (más especifico RDN "
"viene el último) se debería usar un opción con el prefijo '_x500'."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:433 sss-certmap.5.xml:459
msgid ""
"The conversion options starting with 'ad_' will use attribute names as used "
"by AD, e.g. 'S' instead of 'ST'."
msgstr ""
"Las opciones de conversión que empiezan con 'ad_' usarán nombres de "
"atributos como los usados por AD, p. ej. 'S' en lugar de 'ST'."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:437 sss-certmap.5.xml:463
msgid ""
"The conversion options starting with 'nss_' will use attribute names as used "
"by NSS."
msgstr ""
"Las opciones de conversión que empiezan por 'nss_' usarán nombres de "
"atributos como los usados por NSS."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:441 sss-certmap.5.xml:467
msgid ""
"The default conversion option is 'nss', i.e. attribute names according to "
"NSS and LDAP/RFC 4514 ordering."
msgstr ""
"La opción de conversión predeterminada es 'nss', i.e. los nombres de "
"atributo de acuerdo con la ordenación NSS y LDAP/RFC 4514."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:445
msgid ""
"Example: (ipacertmapdata=X509:&lt;I&gt;{issuer_dn!ad}&lt;S&gt;{subject_dn!"
"ad})"
msgstr ""
"Ejemplo: (ipacertmapdata=X509:&lt;I&gt;{issuer_dn!ad}&lt;S&gt;{subject_dn!"
"ad})"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:450
msgid "{subject_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}"
msgstr "{subject_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:453
msgid ""
"This template will add the full subject DN converted to string according to "
"RFC 4514. If X.500 ordering (most specific RDN comes last) an option with "
"the '_x500' prefix should be used."
msgstr ""
"Esta plantilla añadirá el sujeto completo DN convertido en una cadena de "
"acuerdo a RFC 4514. Si la ordenación X.500 (más específico RDN viene el "
"último) se usaría una opción con el prefijo '_x500'."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:471
msgid ""
"Example: (ipacertmapdata=X509:&lt;I&gt;{issuer_dn!nss_x500}&lt;S&gt;"
"{subject_dn!nss_x500})"
msgstr ""
"Ejemplo: (ipacertmapdata=X509:&lt;I&gt;{issuer_dn!nss_x500}&lt;S&gt;"
"{subject_dn!nss_x500})"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:476
msgid "{cert[!(bin|base64)]}"
msgstr "{cert[!(bin|base64)]}"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:479
msgid ""
"This template will add the whole DER encoded certificate as a string to the "
"search filter. Depending on the conversion option the binary certificate is "
"either converted to an escaped hex sequence '\\xx' or base64.  The escaped "
"hex sequence is the default and can e.g. be used with the LDAP attribute "
"'userCertificate;binary'."
msgstr ""
"Esta plantilla añadirá el certificado completo codificado DER como una "
"cadena al filtro de búsqueda. Dependiendo de la opción de conversión el "
"certificado binario se convierte en una secuencia hexadecimal escapada "
"'\\xx' o base64.  La secuencia hexadecimal escapada es la predeterminada y "
"puede, por ejemplo, ser usada con el atributo LDAP 'userCertificate;binary'."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:487
msgid "Example: (userCertificate;binary={cert!bin})"
msgstr "Ejemplo: (userCertificate;binary={cert!bin})"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:492
msgid "{subject_principal[.short_name]}"
msgstr "{subject_principal[.short_name]}"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:495
msgid ""
"This template will add the Kerberos principal which is taken either from the "
"SAN used by pkinit or the one used by AD. The 'short_name' component "
"represents the first part of the principal before the '@' sign."
msgstr ""
"Esta plantilla añadirá el principal Kerberos bien desde el SAN usado por "
"pkinit o del usado por AD. El componente 'short_name' representa la primera "
"parte del principal antes del signo '@'."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:501
msgid ""
"Example: (|(userPrincipal={subject_principal})"
"(samAccountName={subject_principal.short_name}))"
msgstr ""
"Ejemplo: (|(userPrincipal={subject_principal})"
"(samAccountName={subject_principal.short_name}))"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:506
msgid "{subject_pkinit_principal[.short_name]}"
msgstr "{subject_pkinit_principal[.short_name]}"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:509
msgid ""
"This template will add the Kerberos principal which is given by the SAN used "
"by pkinit. The 'short_name' component represents the first part of the "
"principal before the '@' sign."
msgstr ""
"Esta plantilla añadirá el principal Kerberos que es dado por el SAN usado "
"por pkinit. El componente 'short_name' representa la primera parte del "
"principal antes del signo '@'."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:515
msgid ""
"Example: (|(userPrincipal={subject_pkinit_principal})"
"(uid={subject_pkinit_principal.short_name}))"
msgstr ""
"Ejemplo: (|(userPrincipal={subject_pkinit_principal})"
"(uid={subject_pkinit_principal.short_name}))"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:520
msgid "{subject_nt_principal[.short_name]}"
msgstr "{subject_nt_principal[.short_name]}"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:523
msgid ""
"This template will add the Kerberos principal which is given by the SAN used "
"by AD. The 'short_name' component represent the first part of the principal "
"before the '@' sign."
msgstr ""
"Esta plantilla añadirá el principal Kerberos que es dado por el SAN usado "
"por AD. El componente 'short_name' represebta la primera parte del principal "
"antes del signo '@'."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:529
#, fuzzy
#| msgid ""
#| "Example: (|(userPrincipal={subject_principal})"
#| "(samAccountName={subject_principal.short_name}))"
msgid ""
"Example: (|(userPrincipalName={subject_nt_principal})"
"(samAccountName={subject_nt_principal.short_name}))"
msgstr ""
"Ejemplo: (|(userPrincipal={subject_principal})"
"(samAccountName={subject_principal.short_name}))"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:534
msgid "{subject_rfc822_name[.short_name]}"
msgstr "{subject_rfc822_name[.short_name]}"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:537
msgid ""
"This template will add the string which is stored in the rfc822Name "
"component of the SAN, typically an email address. The 'short_name' component "
"represents the first part of the address before the '@' sign."
msgstr ""
"Esta plantilla añadirá la cadena que está almacenada en el componente "
"rfc822Name del SAN, normalmente una dirección de correo electrónico. El "
"componente 'short_name' representa la primera parte de la dirección antes "
"del signo '@'."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:543
msgid ""
"Example: (|(mail={subject_rfc822_name})(uid={subject_rfc822_name."
"short_name}))"
msgstr ""
"Ejemplo: (|(mail={subject_rfc822_name})(uid={subject_rfc822_name."
"short_name}))"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:548
msgid "{subject_dns_name[.short_name]}"
msgstr "{subject_dns_name[.short_name]}"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:551
msgid ""
"This template will add the string which is stored in the dNSName component "
"of the SAN, typically a fully-qualified host name.  The 'short_name' "
"component represents the first part of the name before the first '.' sign."
msgstr ""
"Esta plantilla añadirá la cadena que está almacenada en el componente "
"dNSName del SAN, normalmente un nombre de host totalmente cualificado. El "
"componente 'short_name' representa la primera parte del nombre antes del "
"primer signo '.'."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:557
msgid ""
"Example: (|(fqdn={subject_dns_name})(host={subject_dns_name.short_name}))"
msgstr ""
"Ejemplo: (|(fqdn={subject_dns_name})(host={subject_dns_name.short_name}))"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:562
msgid "{subject_uri}"
msgstr "{subject_uri}"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:565
msgid ""
"This template will add the string which is stored in the "
"uniformResourceIdentifier component of the SAN."
msgstr ""
"Esta plantilla añadirá la cadena que está almacenada en el componente "
"uniformResourceIdentifier del SAN."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:569
msgid "Example: (uri={subject_uri})"
msgstr "Ejemplo: (uri={subject_uri})"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:574
msgid "{subject_ip_address}"
msgstr "{subject_ip_address}"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:577
msgid ""
"This template will add the string which is stored in the iPAddress component "
"of the SAN."
msgstr ""
"Esta plantilla añadirá la cadena que está almacenada en el componente "
"iPAddress del SAN."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:581
msgid "Example: (ip={subject_ip_address})"
msgstr "Ejemplo: (ip={subject_ip_address})"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:586
msgid "{subject_x400_address}"
msgstr "{subject_x400_address}"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:589
msgid ""
"This template will add the value which is stored in the x400Address "
"component of the SAN as escaped hex sequence."
msgstr ""
"Esta plantilla añadirá el valor que está almacenado en el componente "
"x400Address del SAN como secuencia hexadecimal escapada."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:594
msgid "Example: (attr:binary={subject_x400_address})"
msgstr "Ejemplo: (attr:binary={subject_x400_address})"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:599
msgid ""
"{subject_directory_name[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}"
msgstr ""
"{subject_directory_name[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:602
msgid ""
"This template will add the DN string of the value which is stored in the "
"directoryName component of the SAN."
msgstr ""
"Esta plantilla añadirá la cadena DN del valor que está almacenado en el "
"componente directoryName del SAN."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:606
msgid "Example: (orig_dn={subject_directory_name})"
msgstr "Ejemplo: (orig_dn={subject_directory_name})"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:611
msgid "{subject_ediparty_name}"
msgstr "{subject_ediparty_name}"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:614
msgid ""
"This template will add the value which is stored in the ediPartyName "
"component of the SAN as escaped hex sequence."
msgstr ""
"Esta plantilla añadirá el valor que está almacenado en el componente "
"ediPartyName del SAN como secuencia hexadecimal escapada."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:619
msgid "Example: (attr:binary={subject_ediparty_name})"
msgstr "Ejemplo: (attr:binary={subject_ediparty_name})"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:624
msgid "{subject_registered_id}"
msgstr "{subject_registered_id}"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:627
msgid ""
"This template will add the OID which is stored in the registeredID component "
"of the SAN as a dotted-decimal string."
msgstr ""
"Esta plantilla añadirá la OID que está almacenada en el componente "
"registeredID del SAN como una cadena decimal con puntos.."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:632
msgid "Example: (oid={subject_registered_id})"
msgstr "Ejemplo: (oid={subject_registered_id})"

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sss-certmap.5.xml:417
msgid ""
"The templates to add certificate data to the search filter are based on "
"Python-style formatting strings. They consist of a keyword in curly braces "
"with an optional sub-component specifier separated by a '.' or an optional "
"conversion/formatting option separated by a '!'.  Allowed values are: "
"<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
"La plantilla para añadir datos de certificado al filtro de búsqueda están "
"basados sobre cadenas formateadas en estilo Python. Consiste en una palabra "
"clave entre llaves con un subcomponente especificador opcional separado por "
"un '.' o una opción opcional de conversión/formateo separada por un '!'. Los "
"valores permitidos son: <placeholder type=\"variablelist\" id=\"0\"/>"

#. type: Content of: <reference><refentry><refsect1><refsect2><refsect3><title>
#: sss-certmap.5.xml:639
msgid "LDAPU1 extension"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><refsect3><para>
#: sss-certmap.5.xml:641
msgid "The following template are available when using the 'LDAPU1' extension:"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><refsect3><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:647
msgid "{serial_number[!(dec|hex[_ucr])]}"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><refsect3><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:650
msgid ""
"This template will add the serial number of the certificate. By default it "
"will be printed as a hexadecimal number with lower-case letters."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><refsect3><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:655
msgid ""
"With the formatting option '!dec' the number will be printed as decimal "
"string. The hexadecimal output can be printed with upper-case letters ('!"
"hex_u'), with a colon separating the hexadecimal bytes ('!hex_c') or with "
"the hexadecimal bytes in reverse order ('!hex_r').  The postfix letters can "
"be combined so that e.g.  '!hex_uc' will produce a colon-separated "
"hexadecimal string with upper-case letters."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><refsect3><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:665
#, fuzzy
#| msgid "Example: (uri={subject_uri})"
msgid "Example: LDAPU1:(serial={serial_number})"
msgstr "Ejemplo: (uri={subject_uri})"

#. type: Content of: <reference><refentry><refsect1><refsect2><refsect3><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:671
msgid "{subject_key_id[!hex[_ucr]]}"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><refsect3><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:674
msgid ""
"This template will add the subject key id of the certificate. By default it "
"will be printed as a hexadecimal number with lower-case letters."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><refsect3><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:679
msgid ""
"The hexadecimal output can be printed with upper-case letters ('!hex_u'), "
"with a colon separating the hexadecimal bytes ('!hex_c') or with the "
"hexadecimal bytes in reverse order ('!hex_r').  The postfix letters can be "
"combined so that e.g.  '!hex_uc' will produce a colon-separated hexadecimal "
"string with upper-case letters."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><refsect3><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:688
#, fuzzy
#| msgid "Example: (uri={subject_uri})"
msgid "Example: LDAPU1:(ski={subject_key_id})"
msgstr "Ejemplo: (uri={subject_uri})"

#. type: Content of: <reference><refentry><refsect1><refsect2><refsect3><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:694
msgid "{cert[!DIGEST[_ucr]]}"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><refsect3><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:697
msgid ""
"This template will add the hexadecimal digest/hash of the certificate where "
"DIGEST must be replaced with the name of a digest/hash function supported by "
"OpenSSL, e.g. 'sha512'."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><refsect3><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:703
msgid ""
"The hexadecimal output can be printed with upper-case letters ('!sha512_u'), "
"with a colon separating the hexadecimal bytes ('!sha512_c') or with the "
"hexadecimal bytes in reverse order ('!sha512_r'). The postfix letters can be "
"combined so that e.g. '!sha512_uc' will produce a colon-separated "
"hexadecimal string with upper-case letters."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><refsect3><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:712
msgid "Example: LDAPU1:(dgst={cert!sha256})"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><refsect3><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:718
#, fuzzy
#| msgid "{subject_dns_name[.short_name]}"
msgid "{subject_dn_component[(.attr_name|[number]]}"
msgstr "{subject_dns_name[.short_name]}"

#. type: Content of: <reference><refentry><refsect1><refsect2><refsect3><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:721
msgid ""
"This template will add an attribute value of a component of the subject DN, "
"by default the value of the most specific component."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><refsect3><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:726
msgid ""
"A different component can it either selected by attribute name, e.g. "
"{subject_dn_component.uid} or by position, e.g. {subject_dn_component.[2]} "
"where positive numbers start counting from the most specific component and "
"negative numbers start counting from the least specific component. Attribute "
"name and the position can be combined as e.g.  {subject_dn_component.uid[2]} "
"which means that the name of the second component must be 'uid'."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><refsect3><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:737
#, fuzzy
#| msgid "Example: (uri={subject_uri})"
msgid "Example: LDAPU1:(uid={subject_dn_component.uid})"
msgstr "Ejemplo: (uri={subject_uri})"

#. type: Content of: <reference><refentry><refsect1><refsect2><refsect3><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:743
msgid "{issuer_dn_component[(.attr_name|[number]]}"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><refsect3><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:746
msgid ""
"This template will add an attribute value of a component of the issuer DN, "
"by default the value of the most specific component."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><refsect3><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:751
msgid ""
"See 'subject_dn_component' for details about the attribute name and position "
"specifiers."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><refsect3><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:755
msgid ""
"Example: LDAPU1:(domain={issuer_dn_component.[-2]}.{issuer_dn_component."
"dc[-1]})"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><refsect3><para><variablelist><varlistentry><term>
#: sss-certmap.5.xml:760
msgid "{sid[.rid]}"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><refsect3><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:763
msgid ""
"This template will add the SID if the corresponding extension introduced by "
"Microsoft with the OID 1.3.6.1.4.1.311.25.2 is available. With the '.rid' "
"selector only the last component, i.e. the RID, will be added."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><refsect3><para><variablelist><varlistentry><listitem><para>
#: sss-certmap.5.xml:770
#, fuzzy
#| msgid "Example: (oid={subject_registered_id})"
msgid "Example: LDAPU1:(objectsid={sid})"
msgstr "Ejemplo: (oid={subject_registered_id})"

#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sss-certmap.5.xml:779
msgid "DOMAIN LIST"
msgstr "LISTA DE DOMINIO"

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sss-certmap.5.xml:781
msgid ""
"If the domain list is not empty users mapped to a given certificate are not "
"only searched in the local domain but in the listed domains as well as long "
"as they are know by SSSD. Domains not know to SSSD will be ignored."
msgstr ""
"Si la lista de dominio no está vacía los usuarios mapeados a un certificado "
"dado no serán buscados solo en el dominio local sino también en los dominios "
"listados siempre que sean conocidos por SSSD. Los dominios no conocidos por "
"SSSD serán ignorados."

#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16
msgid "sssd-ipa"
msgstr "sssd-ipa"

#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sssd-ipa.5.xml:17
msgid "SSSD IPA provider"
msgstr "Proveedor SSSD IPA"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ipa.5.xml:23
msgid ""
"This manual page describes the configuration of the IPA provider for "
"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
"</citerefentry>.  For a detailed syntax reference, refer to the <quote>FILE "
"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</"
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page."
msgstr ""
"Este página de manual describe la configuración del proveedor IPA para "
"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
"</citerefentry>. Para una referencia de sintaxis detalladas, vea la sección "
"<quote>FILE FORMAT</quote> de la página de manual <citerefentry> "
"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry>."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ipa.5.xml:36
msgid ""
"The IPA provider is a back end used to connect to an IPA server.  (Refer to "
"the freeipa.org web site for information about IPA servers.)  This provider "
"requires that the machine be joined to the IPA domain; configuration is "
"almost entirely self-discovered and obtained directly from the server."
msgstr ""
"El proveedor IPA es un back end usado para conectar a un servidor IPA. (Vea "
"el sitio web freeipa.org para información sobre los servidores IPA). Este "
"proveedor requiere que la máquina este unido al dominio IPA; la "
"configuración es casi enteramente auto descubierta y obtenida directamente "
"del servidor."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ipa.5.xml:43
msgid ""
"The IPA provider enables SSSD to use the <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> identity "
"provider and the <citerefentry> <refentrytitle>sssd-krb5</refentrytitle> "
"<manvolnum>5</manvolnum> </citerefentry> authentication provider with "
"optimizations for IPA environments. The IPA provider accepts the same "
"options used by the sssd-ldap and sssd-krb5 providers with some exceptions. "
"However, it is neither necessary nor recommended to set these options."
msgstr ""
"El proveedor IPA habilita a SSSD para usar el proveedor de identidad "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> y el proveedor de autenticación <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> con optimizaciones para entornos IPA. El proveedor IPA acepta "
"las mismas opciones que las usadas por los proveedores sssd-ldap y sssd-krb5 "
"con algunas excepciones. Sin embargo, no es necesario ni recomendable "
"establecer estas opciones."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ipa.5.xml:57
msgid ""
"The IPA provider primarily copies the traditional ldap and krb5 provider "
"default options with some exceptions, the differences are listed in the "
"<quote>MODIFIED DEFAULT OPTIONS</quote> section."
msgstr ""
"El proveedor IPA copia primariamente las opciones por defecto tradicionales "
"de los proveedores ldap y krb5 con algunas excepciones, las diferencias "
"están listadas en la sección <quote>OPCIONES PREDETERMINADAS MODIFICADAS</"
"quote>."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ipa.5.xml:62
#, fuzzy
#| msgid ""
#| "As an access provider, the IPA provider uses HBAC (host-based access "
#| "control)  rules. Please refer to freeipa.org for more information about "
#| "HBAC. No configuration of access provider is required on the client side."
msgid ""
"As an access provider, the IPA provider has a minimal configuration (see "
"<quote>ipa_access_order</quote>) as it mainly uses HBAC (host-based access "
"control) rules. Please refer to freeipa.org for more information about HBAC."
msgstr ""
"Como proveedor de acceso, el proveedor IPA usa reglas HBAC (control de "
"acceso basado en el host). Por favor vaya a freeipa.org para mas información "
"sobre HBAC. No se requiere configuración del proveedor de acceso en el lado "
"cliente."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ipa.5.xml:68
msgid ""
"If <quote>auth_provider=ipa</quote> or <quote>access_provider=ipa</quote> is "
"configured in sssd.conf then the id_provider must also be set to <quote>ipa</"
"quote>."
msgstr ""
"Si <quote>auth_provider=ipa</quote> o <quote>access_provider=ipa</quote> "
"está configurado en sssd.conf id_provider se debe establecer también a "
"<quote>ipa</quote>."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ipa.5.xml:74
msgid ""
"The IPA provider will use the PAC responder if the Kerberos tickets of users "
"from trusted realms contain a PAC. To make configuration easier the PAC "
"responder is started automatically if the IPA ID provider is configured."
msgstr ""
"El porveedor IPA usara el respondedor PAC si las entradas Kerberos de los "
"usuario de reinos confiables contienen un PAC. Para hacer la configuración "
"más fácil el respondedor PAC es iniciado automáticamente si la ID del "
"proveedor IPA está configurada."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:90
msgid "ipa_domain (string)"
msgstr "ipa_domain (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:93
msgid ""
"Specifies the name of the IPA domain.  This is optional. If not provided, "
"the configuration domain name is used."
msgstr ""
"Especifica el nombre del dominio IPA. Esto es opcional. Si no se suministra, "
"se usa el nombre de configuración del dominio."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:101
msgid "ipa_server, ipa_backup_server (string)"
msgstr "ipa_server, ipa_backup_server (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:104
msgid ""
"The comma-separated list of IP addresses or hostnames of the IPA servers to "
"which SSSD should connect in the order of preference. For more information "
"on failover and server redundancy, see the <quote>FAILOVER</quote> section.  "
"This is optional if autodiscovery is enabled.  For more information on "
"service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section."
msgstr ""
"La lista separada por comas de direcciones IP o nombres de host de los "
"servidores IPA a los que SSSD se conectaría en orden de preferencia. Para "
"más información sobre conmutación en error y redundancia de servidores, vea "
"la sección <quote>FAILOVER</quote>. Esto es opcional si autodiscovery está "
"habilitado. Para más información sobre el servicio descubridor, vea la "
"sección <quote>SERVICE DISCOVERY</quote>."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:117
msgid "ipa_hostname (string)"
msgstr "ipa_hostname (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:120
msgid ""
"Optional. May be set on machines where the hostname(5) does not reflect the "
"fully qualified name used in the IPA domain to identify this host.  The "
"hostname must be fully qualified."
msgstr ""
"Opcional. Se puede establecer sobre máquinas donde el hostname(5) no refleje "
"el nombre totalmente cualificado usado en el dominio IPA para identificar "
"este host. El nombre de host debe ser totalmente cualificado."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1181
msgid "dyndns_update (boolean)"
msgstr "dyndns_update (booleano)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:132
msgid ""
"Optional. This option tells SSSD to automatically update the DNS server "
"built into FreeIPA with the IP address of this client. The update is secured "
"using GSS-TSIG. The IP address of the IPA LDAP connection is used for the "
"updates, if it is not otherwise specified by using the <quote>dyndns_iface</"
"quote> option."
msgstr ""
"Opcional. Esta opción le dice a SSSD que actualice automáticamente el "
"servidor DNS incorporado a FreeIPA con la dirección IP de este cliente. La "
"actualización está asegurada utilizando GSS-TSIG. La dirección IP de la "
"conexión IPA LDAP se usa para las actualizaciones, si no se especifica de "
"otra manera utilizando la opción <quote>dyndns_iface</quote>."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1195
msgid ""
"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, "
"the default Kerberos realm must be set properly in /etc/krb5.conf"
msgstr ""
"NOTA: Sobre sistemas más antiguos (como RHEL 5), para que este "
"comportamiento trabaje fiablemente, el reino por defecto Kerberos debe ser "
"fijado apropiadamente en /etc/krb5.conf"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:146
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</"
"emphasis> option, users should migrate to using <emphasis>dyndns_update</"
"emphasis> in their config file."
msgstr ""
"AVISO: Aunque todas es posible usar la vieja opción "
"<emphasis>ipa_dyndns_update</emphasis>, los usuarios deberían migrar para "
"usar <emphasis>dyndns_update</emphasis> en su fichero de configuración."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1206
msgid "dyndns_ttl (integer)"
msgstr "dyndns_ttl (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1209
msgid ""
"The TTL to apply to the client DNS record when updating it.  If "
"dyndns_update is false this has no effect. This will override the TTL "
"serverside if set by an administrator."
msgstr ""
"El TTL a aplicar al registro del cliente DNS cuando lo actualiza.  Si "
"dyndns_update está a false esto no tiene efecto. Esto anula el TTL del lado "
"servidor si se establece por un administrador."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:166
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</"
"emphasis> option, users should migrate to using <emphasis>dyndns_ttl</"
"emphasis> in their config file."
msgstr ""
"AVISO: Aunque todavía es posible usar la antigua opción "
"<emphasis>ipa_dyndns_ttl</emphasis>, los usuarios deberían migrar usando "
"<emphasis>dyndns_ttl</emphasis> en su fichero de configuración."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:172
msgid "Default: 1200 (seconds)"
msgstr "Por defecto: 1200 (segundos)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1220
msgid "dyndns_iface (string)"
msgstr "dyndns_iface (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1223
msgid ""
"Optional. Applicable only when dyndns_update is true. Choose the interface "
"or a list of interfaces whose IP addresses should be used for dynamic DNS "
"updates. Special value <quote>*</quote> implies that IPs from all interfaces "
"should be used."
msgstr ""
"Opcional. Aplicable solo cuando dyndns_update está a true. Elija la interfaz "
"o la lista de interfaces cuyas direcciones IP serían usadas para las "
"actualizaciones DNS dinámicas. El valor especial <quote>*</quote> implica "
"que las IPs de todas las interfaces serían las usadas."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:188
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</"
"emphasis> option, users should migrate to using <emphasis>dyndns_iface</"
"emphasis> in their config file."
msgstr ""
"AVISO: Aunque todavía es posible usar la vieja opción "
"<emphasis>ipa_dyndns_iface</emphasis>, los usuarios deberían migrar usando "
"<emphasis>dyndns_iface</emphasis> en su fichero de configuración."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:194
msgid ""
"Default: Use the IP addresses of the interface which is used for IPA LDAP "
"connection"
msgstr ""
"Predeterminado: Usa las direcciones IP de la interfaz que es usada para la "
"conexión IPA LDAP"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1234
msgid "Example: dyndns_iface = em1, vnet1, vnet2"
msgstr "Ejemplo: dyndns_iface = em1, vnet1, vnet2"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1290
msgid "dyndns_auth (string)"
msgstr "dyndns_auth (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1293
msgid ""
"Whether the nsupdate utility should use GSS-TSIG authentication for secure "
"updates with the DNS server, insecure updates can be sent by setting this "
"option to 'none'."
msgstr ""
"Si la utilidad nsupdate debe usar la autenticación GSS-TSIG para "
"actualizaciones seguras con el servidor DNS, las actualizaciones inseguras "
"se pueden enviar fijando esta opción a 'none'."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1299
msgid "Default: GSS-TSIG"
msgstr "Predeterminado: GSS-TSIG"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1305
#, fuzzy
#| msgid "dyndns_auth (string)"
msgid "dyndns_auth_ptr (string)"
msgstr "dyndns_auth (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1308
#, fuzzy
#| msgid ""
#| "Whether the nsupdate utility should use GSS-TSIG authentication for "
#| "secure updates with the DNS server, insecure updates can be sent by "
#| "setting this option to 'none'."
msgid ""
"Whether the nsupdate utility should use GSS-TSIG authentication for secure "
"PTR updates with the DNS server, insecure updates can be sent by setting "
"this option to 'none'."
msgstr ""
"Si la utilidad nsupdate debe usar la autenticación GSS-TSIG para "
"actualizaciones seguras con el servidor DNS, las actualizaciones inseguras "
"se pueden enviar fijando esta opción a 'none'."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1314
msgid "Default: Same as dyndns_auth"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:234
msgid "ipa_enable_dns_sites (boolean)"
msgstr "ipa_enable_dns_sites (booleano)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:237 sssd-ad.5.xml:238
msgid "Enables DNS sites - location based service discovery."
msgstr ""
"Habilita sitios DNS - descubrimiento de servicio basado en la ubicación."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:241
msgid ""
"If true and service discovery (see Service Discovery paragraph at the bottom "
"of the man page)  is enabled, then the SSSD will first attempt location "
"based discovery using a query that contains \"_location.hostname.example."
"com\" and then fall back to traditional SRV discovery. If the location based "
"discovery succeeds, the IPA servers located with the location based "
"discovery are treated as primary servers and the IPA servers located using "
"the traditional SRV discovery are used as back up servers"
msgstr ""
"Si es ciertp y descubrimiento de servicio (vea el párrafo Descubrimiento del "
"Servicio en la parte inferior de la página de manual) está habilitado, SSSD "
"primero intentará la localización basada en el descubrimiento usando una "
"consulta que contenga \"_location.hostname.example.com\" y después irá al "
"descubrimiento tradicional SRV. Si la localización basada en el "
"descubrimiento tiene éxito, los servidores IPA localizados con la "
"localización basada en el descubrimiento son tratados como servidores "
"primarios y los servidores IPA localizados usando el descubrimiento "
"tradicional SRV son usados como servidores de respaldo"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1240
msgid "dyndns_refresh_interval (integer)"
msgstr "dyndns_refresh_interval (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:263
msgid ""
"How often should the back end perform periodic DNS update in addition to the "
"automatic update performed when the back end goes online.  This option is "
"optional and applicable only when dyndns_update is true."
msgstr ""
"Con qué frecuencia el back-end debe realizar una actualización periódica de "
"DNS además de la actualización automática que se realiza cuando el back-end "
"se conecta. Esto es una posibilidad opcional y aplicable solo cuando "
"dyndns_update está a true."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1258
msgid "dyndns_update_ptr (bool)"
msgstr "dyndns_update_ptr (booleano)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1261
msgid ""
"Whether the PTR record should also be explicitly updated when updating the "
"client's DNS records.  Applicable only when dyndns_update is true."
msgstr ""
"Si el registro PTR debería ser explícitamente actualizado cuando se "
"actualizan los registros DNS del cliente. Aplicable solo cuando "
"dyndns_update está a true."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:284
msgid ""
"This option should be False in most IPA deployments as the IPA server "
"generates the PTR records automatically when forward records are changed."
msgstr ""
"Esta opción debería estar a False en la mayoría de los despliegues IPA "
"puesto que el servidor IPA genera los registros PTR automáticamente cuando "
"se cambian los registros que envía."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1266
msgid ""
"Note that <emphasis>dyndns_update_per_family</emphasis> parameter does not "
"apply for PTR record updates.  Those updates are always sent separately."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:295
msgid "Default: False (disabled)"
msgstr "Predeterminado: False (deshabilitado)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1277
msgid "dyndns_force_tcp (bool)"
msgstr "dyndns_force_tcp (booleano)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1280
msgid ""
"Whether the nsupdate utility should default to using TCP for communicating "
"with the DNS server."
msgstr ""
"Si la utilidad nsupdate debería usar de manera predeterminada TCP cuando se "
"comunica con el servidor DNS."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1284
msgid "Default: False (let nsupdate choose the protocol)"
msgstr "Predeterminado: False (permitir a nsupdate elegir el protocolol)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1320
msgid "dyndns_server (string)"
msgstr "dyndns_server (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1323
msgid ""
"The DNS server to use when performing a DNS update. In most setups, it's "
"recommended to leave this option unset."
msgstr ""
"El servidor DNA a usar cuando se lleva a cabo una actualización DNS update. "
"En la mayoría de las configuraciones se recomienda dejar esta opción sin "
"establecer."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1328
msgid ""
"Setting this option makes sense for environments where the DNS server is "
"different from the identity server."
msgstr ""
"El establecimiento de esta opción tiene sentido en entornos donde el "
"servidor DNS es distinto del servidor de identidad."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1333
msgid ""
"Please note that this option will be only used in fallback attempt when "
"previous attempt using autodetected settings failed."
msgstr ""
"Tenga en cuenta que esta opción solo se usará en un intento de recuperación "
"cuando el intento anterior de usar la configuración autodetectada falló."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:332 sssd-ad.5.xml:1338
msgid "Default: None (let nsupdate choose the server)"
msgstr "Predeterminado: None (permitir a nsupdate elegir el servidor)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:338 sssd-ad.5.xml:1344
msgid "dyndns_update_per_family (boolean)"
msgstr "dyndns_update_per_family (booleano)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:341 sssd-ad.5.xml:1347
msgid ""
"DNS update is by default performed in two steps - IPv4 update and then IPv6 "
"update. In some cases it might be desirable to perform IPv4 and IPv6 update "
"in single step."
msgstr ""
"La actualización DNS es llevada a cabo de manera predeterminada en dos pasos "
"- actualización IPv4 y después actualización IPv6. En algunos casos puede "
"ser deseable llevar a cabo la actualización IPv4 e IPv6 en un único paso."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:353
#, fuzzy
#| msgid "ldap_access_order (string)"
msgid "ipa_access_order (string)"
msgstr "ldap_access_order (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:360
#, fuzzy
#| msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgid "<emphasis>expire</emphasis>: use IPA's account expiration policy."
msgstr "<emphasis>caducar</emphasis>: utilizar ldap_account_expire_policy"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:399
#, fuzzy
#| msgid ""
#| "Please note that 'access_provider = ldap' must be set for this feature to "
#| "work. Also 'ldap_pwd_policy' must be set to an appropriate password "
#| "policy."
msgid ""
"Please note that 'access_provider = ipa' must be set for this feature to "
"work."
msgstr ""
"Por favor advierta que 'access_provider = ldap' debe estar establecido para "
"que esta función trabaje. También 'ldap_pwd_policy' debe estar establecido "
"para una política de contraseña apropiada."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:406
msgid "ipa_deskprofile_search_base (string)"
msgstr "ipa_deskprofile_search_base (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:409
msgid ""
"Optional. Use the given string as search base for Desktop Profile related "
"objects."
msgstr ""
"Opcional. Usa la cadena dada como base de búsqueda de los objetos "
"relacionados con Desktop Profile."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:413 sssd-ipa.5.xml:440
msgid "Default: Use base DN"
msgstr "Predeterminado: Utilizar DN base"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:419
#, fuzzy
#| msgid "ipa_subdomains_search_base (string)"
msgid "ipa_subid_ranges_search_base (string)"
msgstr "ipa_subdomains_search_base (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:422
#, fuzzy
#| msgid ""
#| "Optional. Use the given string as search base for Desktop Profile related "
#| "objects."
msgid ""
"Optional. Use the given string as search base for subordinate ranges related "
"objects."
msgstr ""
"Opcional. Usa la cadena dada como base de búsqueda de los objetos "
"relacionados con Desktop Profile."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:426
#, fuzzy
#| msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>"
msgid "Default: the value of <emphasis>cn=subids,%basedn</emphasis>"
msgstr "Por defecto: el valor de <emphasis>cn=trusts,%basedn</emphasis>"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:433
msgid "ipa_hbac_search_base (string)"
msgstr "ipa_hbac_search_base (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:436
msgid "Optional. Use the given string as search base for HBAC related objects."
msgstr ""
"Opcional. Usa la cadena dada como base de búsqueda para los objetos HBAC "
"relacionados."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:446
msgid "ipa_host_search_base (string)"
msgstr "ipa_host_search_base (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:449
msgid "Deprecated. Use ldap_host_search_base instead."
msgstr "Obsoleto. Usa en su lugar ldap_host_search_base."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:455
msgid "ipa_selinux_search_base (string)"
msgstr "ipa_selinux_search_base (cadena)Opcional. "

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:458
msgid "Optional. Use the given string as search base for SELinux user maps."
msgstr ""
"Opcional. Usa la cadena dada como base de búsqueda para los mapas de usuario "
"SELinux."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:474
msgid "ipa_subdomains_search_base (string)"
msgstr "ipa_subdomains_search_base (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:477
msgid "Optional. Use the given string as search base for trusted domains."
msgstr ""
"Opcional: Usa la cadena dada como base de búsqueda de dominios de confianza."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:486
msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>"
msgstr "Por defecto: el valor de <emphasis>cn=trusts,%basedn</emphasis>"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:493
msgid "ipa_master_domain_search_base (string)"
msgstr "ipa_master_domain_search_base (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:496
msgid "Optional. Use the given string as search base for master domain object."
msgstr ""
"Opcional: Usa la cadena dada como base de búsqueda para el objeto maestro de "
"dominio."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:505
msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
msgstr "Por defecto: el valor de <emphasis>cn=ad,cn=etc,%basedn</emphasis>"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:512
msgid "ipa_views_search_base (string)"
msgstr "ipa_views_search_base (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:515
msgid "Optional. Use the given string as search base for views containers."
msgstr ""
"Opcional. Usa la cadena dada como base de búsqueda de contenedores de vista."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:524
msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>"
msgstr ""
"Predeterminado: el valor de <emphasis>cn=views,cn=accounts,%basedn</emphasis>"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:534
msgid ""
"The name of the Kerberos realm. This is optional and defaults to the value "
"of <quote>ipa_domain</quote>."
msgstr ""
"El nombre del reino Kerberos. Esto es opcional y por defecto está al valor "
"de <quote>ipa_domain</quote>."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:538
msgid ""
"The name of the Kerberos realm has a special meaning in IPA - it is "
"converted into the base DN to use for performing LDAP operations."
msgstr ""
"El nombre del reino Kerberos tiene un significado especial en IPA – es "
"convertido hacia la base DN para usarlo para llevar a cabo operaciones LDAP."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:546 sssd-ad.5.xml:1362
msgid "krb5_confd_path (string)"
msgstr "krb5_confd_path (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:549 sssd-ad.5.xml:1365
msgid ""
"Absolute path of a directory where SSSD should place Kerberos configuration "
"snippets."
msgstr ""
"Ruta absoluta de un directorio donde SSSD debe colocar fragmentos de "
"configuración de Kerberos."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:553 sssd-ad.5.xml:1369
msgid ""
"To disable the creation of the configuration snippets set the parameter to "
"'none'."
msgstr ""
"Para deshabilitar la creación de fragmentos de configuración establezca el "
"parámetro a 'none'."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:557 sssd-ad.5.xml:1373
msgid ""
"Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)"
msgstr ""
"Predeterminado: no establecido (krb5.include.d subdirectorio del directorio "
"pubconf de SSSD)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:564
msgid "ipa_deskprofile_refresh (integer)"
msgstr "ipa_deskprofile_refresh (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:567
msgid ""
"The amount of time between lookups of the Desktop Profile rules against the "
"IPA server. This will reduce the latency and load on the IPA server if there "
"are many desktop profiles requests made in a short period."
msgstr ""
"La cantidad de tiempo entre búsquedas de reglas Desktop Profile contra el "
"servidor IPA. Esto reducirá la latencia y la carga sobre el servidor IPA si "
"hay muchas solicitudes de perfiles de escritorio en un período corto."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:574 sssd-ipa.5.xml:604 sssd-ipa.5.xml:620 sssd-ad.5.xml:599
msgid "Default: 5 (seconds)"
msgstr "Predeterminado: 5 (segundos)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:580
msgid "ipa_deskprofile_request_interval (integer)"
msgstr "ipa_deskprofile_request_interval (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:583
msgid ""
"The amount of time between lookups of the Desktop Profile rules against the "
"IPA server in case the last request did not return any rule."
msgstr ""
"La cantidad de tiempo entre búsquedas de las reglas Desktop Profile contra "
"el servidor IPA en el caso de que la última petición no devolvió ninguna "
"regla."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:588
msgid "Default: 60 (minutes)"
msgstr "Predeterminado: 60 (minutos)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:594
msgid "ipa_hbac_refresh (integer)"
msgstr "ipa_hbac_refresh (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:597
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server. "
"This will reduce the latency and load on the IPA server if there are many "
"access-control requests made in a short period."
msgstr ""
"La cantidad de tiempo entre vbúsquedas de las reglas HBAC contra el servidor "
"IPA. Esto reducirá la latencia y la carga sobre el servidor IPA si hay "
"muchas peticiones de control de acceso hechas en un corto período."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:610
msgid "ipa_hbac_selinux (integer)"
msgstr "ipa_hbac_selinux (entero)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:613
msgid ""
"The amount of time between lookups of the SELinux maps against the IPA "
"server. This will reduce the latency and load on the IPA server if there are "
"many user login requests made in a short period."
msgstr ""
"La cantidad de tiempo entre búsquedas de los mapas SELinux contra el "
"servidor IPA. Esto reducirá la latencia y la carga sobre el servidor IPA si "
"hay muchas peticiones de acceso de usuario hechas en un corto período."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:626
msgid "ipa_server_mode (boolean)"
msgstr "ipa_server_mode (booleano)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:629
msgid ""
"This option will be set by the IPA installer (ipa-server-install) "
"automatically and denotes if SSSD is running on an IPA server or not."
msgstr ""
"Esta opción será establecida por el instalador IPA (ipa-server-install) "
"automáticamente y denota si SSSD está corriendo sobre un servidor IPA o no."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:634
msgid ""
"On an IPA server SSSD will lookup users and groups from trusted domains "
"directly while on a client it will ask an IPA server."
msgstr ""
"Sobre un servidor IPA SSSD buscara usuarios y grupos de los dominios de "
"confianza directamente mientras que sobre un cliente preguntará a un "
"servidor IPA."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:639
msgid ""
"NOTE: There are currently some assumptions that must be met when SSSD is "
"running on an IPA server."
msgstr ""
"NOTA: Actualmente hay algunas suposiciones que deben cumplirse cuando SSSD "
"se ejecuta en un servidor IPA."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ipa.5.xml:644
msgid ""
"The <quote>ipa_server</quote> option must be configured to point to the IPA "
"server itself. This is already the default set by the IPA installer, so no "
"manual change is required."
msgstr ""
"La opcion <quote>ipa_server</quote> debe configurarse para que apunte al "
"servidor IPA mismo. Esto está establecido de manera predeterminada por el "
"instalador IPA de modo que no se necesitan cambios manuales."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ipa.5.xml:653
msgid ""
"The <quote>full_name_format</quote> option must not be tweaked to only print "
"short names for users from trusted domains."
msgstr ""
"La opción <quote>full_name_format</quote> no debe modificarse para imprimir "
"solo nombres cortos de los usuarios de los dominios de confianza."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:668
msgid "ipa_automount_location (string)"
msgstr "ipa_automount_location (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:671
msgid "The automounter location this IPA client will be using"
msgstr "La localización del automontador de este cliente IPA que será usada"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:674
msgid "Default: The location named \"default\""
msgstr "Por defecto: La localización llamada “default”"

#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd-ipa.5.xml:682
msgid "VIEWS AND OVERRIDES"
msgstr "VISTAS Y ANULACIONES"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:691
msgid "ipa_view_class (string)"
msgstr "ipa_view_class (cadena)"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:694
msgid "Objectclass of the view container."
msgstr "Objectclass del contenedorde vistas."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:697
msgid "Default: nsContainer"
msgstr "Predeterminado: nsContainer"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:703
msgid "ipa_view_name (string)"
msgstr "ipa_view_name (cadena)"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:706
msgid "Name of the attribute holding the name of the view."
msgstr "Nombre del atributo que contiene el nombre de la vista."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:710 sssd-ldap-attributes.5.xml:496
#: sssd-ldap-attributes.5.xml:832 sssd-ldap-attributes.5.xml:913
#: sssd-ldap-attributes.5.xml:1010 sssd-ldap-attributes.5.xml:1068
#: sssd-ldap-attributes.5.xml:1226 sssd-ldap-attributes.5.xml:1271
msgid "Default: cn"
msgstr "Predeterminado: cn"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:716
msgid "ipa_override_object_class (string)"
msgstr "ipa_override_object_class (cadena)"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:719
msgid "Objectclass of the override objects."
msgstr "Objectclass de los objetos anulados."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:722
msgid "Default: ipaOverrideAnchor"
msgstr "Predeterminado: ipaOverrideAnchor"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:728
msgid "ipa_anchor_uuid (string)"
msgstr "ipa_anchor_uuid (cadena)"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:731
msgid ""
"Name of the attribute containing the reference to the original object in a "
"remote domain."
msgstr ""
"Nombre del atributo que contiene la referencia al objeto original en un "
"dominio remoto."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:735
msgid "Default: ipaAnchorUUID"
msgstr "Predeterminado: ipaAnchorUUID"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:741
msgid "ipa_user_override_object_class (string)"
msgstr "ipa_user_override_object_class (cadena)"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:744
msgid ""
"Name of the objectclass for user overrides. It is used to determine if the "
"found override object is related to a user or a group."
msgstr ""
"Nombre de los objectclass para los usuarios anulados. Se usa para determinar "
"si el objeto anulado encontrado está relacionado con un usuario o un grupo."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:749
msgid "User overrides can contain attributes given by"
msgstr "Las anulaciones de usuario pueden contener atributos dados por"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ipa.5.xml:752
msgid "ldap_user_name"
msgstr "ldap_user_name"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ipa.5.xml:755
msgid "ldap_user_uid_number"
msgstr "ldap_user_uid_number"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ipa.5.xml:758
msgid "ldap_user_gid_number"
msgstr "ldap_user_gid_number"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ipa.5.xml:761
msgid "ldap_user_gecos"
msgstr "ldap_user_gecos"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ipa.5.xml:764
msgid "ldap_user_home_directory"
msgstr "ldap_user_home_directory"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ipa.5.xml:767
msgid "ldap_user_shell"
msgstr "ldap_user_shell"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ipa.5.xml:770
msgid "ldap_user_ssh_public_key"
msgstr "ldap_user_ssh_public_key"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:775
msgid "Default: ipaUserOverride"
msgstr "Predeterminado: ipaUserOverride"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:781
msgid "ipa_group_override_object_class (string)"
msgstr "ipa_group_override_object_class (cadena)"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:784
msgid ""
"Name of the objectclass for group overrides. It is used to determine if the "
"found override object is related to a user or a group."
msgstr ""
"Nombre del objectclass para grupos anulados. Se usa para determinar si el "
"objeto anulado encontrado está relacionado con un usuario o un grupo."

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:789
msgid "Group overrides can contain attributes given by"
msgstr "Las anulaciones de grupo pueden contener atributos dados por"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ipa.5.xml:792
msgid "ldap_group_name"
msgstr "ldap_group_name"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ipa.5.xml:795
msgid "ldap_group_gid_number"
msgstr "ldap_group_gid_number"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:800
msgid "Default: ipaGroupOverride"
msgstr "Predeterminado: ipaGroupOverride"

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sssd-ipa.5.xml:684
msgid ""
"SSSD can handle views and overrides which are offered by FreeIPA 4.1 and "
"later version. Since all paths and objectclasses are fixed on the server "
"side there is basically no need to configure anything. For completeness the "
"related options are listed here with their default values.  <placeholder "
"type=\"variablelist\" id=\"0\"/>"
msgstr ""
"SSSD puede manejar vistas y anulaciones que son ofrecidas por FreeIPA 4.1 y "
"versiones posteriores. Como todas las rutas y objectclasses son fijadas en "
"el lado servidor no se necesita configurar nada. Para completar, las "
"opciones relacionadas son listadas aquí con sus valores predeterminados. "
"<placeholder type=\"variablelist\" id=\"0\"/>"

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-ipa.5.xml:812
msgid "SUBDOMAINS PROVIDER"
msgstr "PROVEEDOR DE SUBDOMINIOS"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ipa.5.xml:814
msgid ""
"The IPA subdomains provider behaves slightly differently if it is configured "
"explicitly or implicitly."
msgstr ""
"El proveedor de subdominios IPA se comporta de forma ligeramente diferente "
"si está configurado explícitamente o implícitamente."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ipa.5.xml:818
msgid ""
"If the option 'subdomains_provider = ipa' is found in the domain section of "
"sssd.conf, the IPA subdomains provider is configured explicitly, and all "
"subdomain requests are sent to the IPA server if necessary."
msgstr ""
"Si la opción ' subdomains_provider = ipa' se encuentra en la sección de "
"dominio de sssd.conf, el proveedor de subdominios de IPA se configura "
"explícitamente, y todas las peticiones de subdominio se envían al servidor "
"de IPA si es necesario."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ipa.5.xml:824
msgid ""
"If the option 'subdomains_provider' is not set in the domain section of sssd."
"conf but there is the option 'id_provider = ipa', the IPA subdomains "
"provider is configured implicitly. In this case, if a subdomain request "
"fails and indicates that the server does not support subdomains, i.e. is not "
"configured for trusts, the IPA subdomains provider is disabled. After an "
"hour or after the IPA provider goes online, the subdomains provider is "
"enabled again."
msgstr ""
"Si la opción 'subdomains_provider' no está establecida en la sección dominio "
"de sssd.conf pero hay la opción 'id_provider = ipa', el proveedor de "
"subdominios IPA está configurado implícitamente. En este caso, si una "
"petición de subdominio falla e indica que el servidor no soporta "
"subdominios, i.e. no está configurado para confianza, el proveedor de "
"subdominios IPA está deshabilitado. Después de una hora o después de que el "
"proveedor IPA esté en línea, el proveedor de subdominios está habilitado "
"otra vez."

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-ipa.5.xml:835
msgid "TRUSTED DOMAINS CONFIGURATION"
msgstr "CONFIGURACIÓN DE DOMINIOS DE CONFIANZA"

#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sssd-ipa.5.xml:843
#, no-wrap
msgid ""
"[domain/ipa.domain.com/ad.domain.com]\n"
"ad_server = dc.ad.domain.com\n"
msgstr ""
"[domain/ipa.domain.com/ad.domain.com]\n"
"ad_server = dc.ad.domain.com\n"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ipa.5.xml:837
msgid ""
"Some configuration options can also be set for a trusted domain.  A trusted "
"domain configuration can be set using the trusted domain subsection as shown "
"in the example below. Alternatively, the <quote>subdomain_inherit</quote> "
"option can be used in the parent domain.  <placeholder "
"type=\"programlisting\" id=\"0\"/>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ipa.5.xml:848
msgid ""
"For more details, see the <citerefentry> <refentrytitle>sssd.conf</"
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ipa.5.xml:855
msgid ""
"Different configuration options are tunable for a trusted domain depending "
"on whether you are configuring SSSD on an IPA server or an IPA client."
msgstr ""
"Se pueden ajustar diferentes opciones de configuración para un dominio de "
"confianza dependiendo de si usted está configurando SSSD sobre un servidor "
"IPA o un cliente IPA."

#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd-ipa.5.xml:860
msgid "OPTIONS TUNABLE ON IPA MASTERS"
msgstr "OPCIONES AJUSTABLES EN IPA MAESTROS"

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sssd-ipa.5.xml:862
msgid ""
"The following options can be set in a subdomain section on an IPA master:"
msgstr ""
"Se pueden establecer las siguientes opciones en una sección subdominio sobre "
"un IPA maestro:"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
#: sssd-ipa.5.xml:866 sssd-ipa.5.xml:896
msgid "ad_server"
msgstr "ad_server"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
#: sssd-ipa.5.xml:869
msgid "ad_backup_server"
msgstr "ad_backup_server"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
#: sssd-ipa.5.xml:872 sssd-ipa.5.xml:899
msgid "ad_site"
msgstr "ad_site"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
#: sssd-ipa.5.xml:875
msgid "ldap_search_base"
msgstr "ldap_search_base"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
#: sssd-ipa.5.xml:878
msgid "ldap_user_search_base"
msgstr "ldap_user_search_base"

#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
#: sssd-ipa.5.xml:881
msgid "ldap_group_search_base"
msgstr "ldap_group_search_base"

#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd-ipa.5.xml:890
msgid "OPTIONS TUNABLE ON IPA CLIENTS"
msgstr "OPCIONES AJUSTABLES SOBRE CLIENTES IPA"

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sssd-ipa.5.xml:892
msgid ""
"The following options can be set in a subdomain section on an IPA client:"
msgstr ""
"Las siguientes opciones pueden ser establecidas en una sección subdominio "
"sobre un cliente IPA:"

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sssd-ipa.5.xml:904
msgid ""
"Note that if both options are set, only <quote>ad_server</quote> is "
"evaluated."
msgstr ""
"Advierta que si ambas opciones están establecidas solo se evalúa "
"<quote>ad_server</quote>."

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sssd-ipa.5.xml:908
msgid ""
"Since any request for a user or a group identity from a trusted domain "
"triggered from an IPA client is resolved by the IPA server, the "
"<quote>ad_server</quote> and <quote>ad_site</quote> options only affect "
"which AD DC will the authentication be performed against. In particular, the "
"addresses resolved from these lists will be written to <quote>kdcinfo</"
"quote> files read by the Kerberos locator plugin. Please refer to the "
"<citerefentry> <refentrytitle>sssd_krb5_locator_plugin</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> manual page for more details on the "
"Kerberos locator plugin."
msgstr ""
"Puesto que cualquier petición para una identidad de usuario o de grupo de un "
"dominio de confianza disparada desde un cliente IPA se resuelve por el "
"servidor IPA, las opciones <quote>ad_server</quote> y <quote>ad_site</quote> "
"solo afectan a que AD DC llevará a cabo la autenticación. En concreto, las "
"direcciones resueltas desde estas listas serán escritas a ficheros "
"<quote>kdcinfo</quote> leídos por el complemento localizador Kerberos. Por "
"favor vea la página de manual <citerefentry> "
"<refentrytitle>sssd_krb5_locator_plugin</refentrytitle> <manvolnum>8</"
"manvolnum> </citerefentry> para mas detalles sobre el complemento "
"localizador Kerberos."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ipa.5.xml:932
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
"This examples shows only the ipa provider-specific options."
msgstr ""
"El siguiente ejemplo asume que SSSD está correctamente configurado y example."
"com es uno de los dominios en la sección <replaceable>[sssd]</replaceable>. "
"Este ejemplo muestra sólo las opciones específicas del proveedor ipa."

#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sssd-ipa.5.xml:939
#, no-wrap
msgid ""
"[domain/example.com]\n"
"id_provider = ipa\n"
"ipa_server = ipaserver.example.com\n"
"ipa_hostname = myhost.example.com\n"
msgstr ""
"[domain/example.com]\n"
"id_provider = ipa\n"
"ipa_server = ipaserver.example.com\n"
"ipa_hostname = myhost.example.com\n"

#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd-ad.5.xml:10 sssd-ad.5.xml:16
msgid "sssd-ad"
msgstr "sssd-ad"

#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sssd-ad.5.xml:17
msgid "SSSD Active Directory provider"
msgstr "Proveedor SSSD Active Directory"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ad.5.xml:23
msgid ""
"This manual page describes the configuration of the AD provider for "
"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
"</citerefentry>.  For a detailed syntax reference, refer to the <quote>FILE "
"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</"
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page."
msgstr ""
"Esta página de manual describe la configuración del proveedor AD para "
"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
"</citerefentry>. Para una referencia detallada de sintaxis, vea la sección "
"<quote>FILE FORMAT</quote> de la página de manual <citerefentry> "
"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry>."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ad.5.xml:36
msgid ""
"The AD provider is a back end used to connect to an Active Directory server. "
"This provider requires that the machine be joined to the AD domain and a "
"keytab is available. Back end communication occurs over a GSSAPI-encrypted "
"channel, SSL/TLS options should not be used with the AD provider and will be "
"superseded by Kerberos usage."
msgstr ""
"El proveedor AD es el punto final usado para conectar a un servidor Active "
"Directory. Este proveedor requiere que la máquina esté unida al dominio AD y "
"que una tabla de claves esté disponible. La comunicación con el punto final "
"se efectúa sobre un canal encriptado GSSAPI, las opciones SSL/TLS no "
"deberían ser usadas con el proveedor y serán reemplazadas por la utilización "
"Kerberos."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ad.5.xml:44
msgid ""
"The AD provider supports connecting to Active Directory 2008 R2 or later. "
"Earlier versions may work, but are unsupported."
msgstr ""
"El proveedor AD soporta la conexión a Active Directory 2008 R2 o "
"posteriores. Las versiones anteriores pueden trabajar, pero no está "
"soportadas."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ad.5.xml:48
msgid ""
"The AD provider can be used to get user information and authenticate users "
"from trusted domains. Currently only trusted domains in the same forest are "
"recognized. In addition servers from trusted domains are always auto-"
"discovered."
msgstr ""
"El proveedor AD puede ser usado para obtener información de usuario y "
"autenticar usuarios desde dominios de confianza. Actualmente solo se "
"reconocen los dominios de confianza del mismo bosque. Además, los servidores "
"de dominios de confianza siempre se descubren automáticamente."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ad.5.xml:54
msgid ""
"The AD provider enables SSSD to use the <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> identity "
"provider and the <citerefentry> <refentrytitle>sssd-krb5</refentrytitle> "
"<manvolnum>5</manvolnum> </citerefentry> authentication provider with "
"optimizations for Active Directory environments. The AD provider accepts the "
"same options used by the sssd-ldap and sssd-krb5 providers with some "
"exceptions. However, it is neither necessary nor recommended to set these "
"options."
msgstr ""
"El proveedor AD habilita a SSSD para usar el proveedor de identidad "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> y el proveedor de autenticación <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> con optimizaciones para entornos Active Directory. El "
"proveedor AD provider aceptas las mismas opciones usadas por los proveedores "
"sssd-ldap y sssd-krb5 cn algunas excepciones. Sin embargo, no es necesario "
"ni recomendable establecer estas opciones."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ad.5.xml:69
msgid ""
"The AD provider primarily copies the traditional ldap and krb5 provider "
"default options with some exceptions, the differences are listed in the "
"<quote>MODIFIED DEFAULT OPTIONS</quote> section."
msgstr ""
"El proveedor AD copia principalmente las opciones predeterminadas "
"tradicionales de los proveedores ldap y krb5 con algunas excepciones, las "
"diferencias están listadas en la sección <quote>OPCIONES PREDETERMINADAS "
"MODIFICADAS</quote>."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ad.5.xml:74
msgid ""
"The AD provider can also be used as an access, chpass, sudo and autofs "
"provider. No configuration of the access provider is required on the client "
"side."
msgstr ""
"El proveedor AD puede ser también usado como un proveedor de acceso chpass, "
"sudo y autofs. No se requiere configuración del proveedor de acceso en el "
"lado cliente."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ad.5.xml:79
msgid ""
"If <quote>auth_provider=ad</quote> or <quote>access_provider=ad</quote> is "
"configured in sssd.conf then the id_provider must also be set to <quote>ad</"
"quote>."
msgstr ""
"Si está configurado <quote>auth_provider=ad</quote> o "
"<quote>access_provider=ad</quote> en sssd.conf id_provider debe ser también "
"establecido a <quote>ad</quote>."

#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sssd-ad.5.xml:91
#, no-wrap
msgid ""
"ldap_id_mapping = False\n"
"            "
msgstr ""
"ldap_id_mapping = False\n"
"            "

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ad.5.xml:85
msgid ""
"By default, the AD provider will map UID and GID values from the objectSID "
"parameter in Active Directory. For details on this, see the <quote>ID "
"MAPPING</quote> section below. If you want to disable ID mapping and instead "
"rely on POSIX attributes defined in Active Directory, you should set "
"<placeholder type=\"programlisting\" id=\"0\"/> If POSIX attributes should "
"be used, it is recommended for performance reasons that the attributes are "
"also replicated to the Global Catalog. If POSIX attributes are replicated, "
"SSSD will attempt to locate the domain of a requested numerical ID with the "
"help of the Global Catalog and only search that domain. In contrast, if "
"POSIX attributes are not replicated to the Global Catalog, SSSD must search "
"all the domains in the forest sequentially. Please note that the "
"<quote>cache_first</quote> option might be also helpful in speeding up "
"domainless searches.  Note that if only a subset of POSIX attributes is "
"present in the Global Catalog, the non-replicated attributes are currently "
"not read from the LDAP port."
msgstr ""
"De manera predeterminada, el proveedor AD mapeará los valores UID y GID "
"desde el parámetro objectSID en Active Directory. Para detalles sobre esto, "
"vea la sección <quote>MAPEO DE ID</quote> abajo. Si usted desea deshabilitar "
"el mapeo de ID y en su lugar confiar en los atributos POSIX definidos en "
"Active Directory, usted debería establecer <placeholder "
"type=\"programlisting\" id=\"0\"/> Si se usarán los atributos POSIX, se "
"recomienda que por razones de rendimientos estos atributos sean también "
"replicados en el Catálogo Global. Si los atributos POSIX están replicados, "
"SSSD intentará localizar el dominio de una ID numérica pedida con la ayuda "
"del Catálogo Global y solo busca en ese dominio. Por el contrario, si los "
"atributos POSIX no están replicados en el Catálogo Global, SSSD debe buscar "
"en todos los dominios del bosque secuencialmente. Por favor advierta que la "
"opción <quote>cache_first</quote> option también podría ser útil para "
"acelerar las búsquedas sin dominio. Advierta que si en el Catálogo Global "
"solo esta presente un subconjunto de atributos POSIX, los atributos no "
"replicados no se leen actualmente desde el puerto LDAP."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ad.5.xml:108
msgid ""
"Users, groups and other entities served by SSSD are always treated as case-"
"insensitive in the AD provider for compatibility with Active Directory's "
"LDAP implementation."
msgstr ""
"Los usuarios, grupos y otras entidades servidas por SSSD son tratadas "
"siempre como sensibles a mayúsculas y minúsculas en el proveedor AD por "
"compatibilidad con la implementación LDAP de Active Directory."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ad.5.xml:113
msgid ""
"SSSD only resolves Active Directory Security Groups. For more information "
"about AD group types see: <ulink url=\"https://docs.microsoft.com/en-us/"
"windows-server/identity/ad-ds/manage/understand-security-groups\"> Active "
"Directory security groups</ulink>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ad.5.xml:120
msgid ""
"SSSD filters out Domain Local groups from remote domains in the AD forest. "
"By default they are filtered out e.g. when following a nested group "
"hierarchy in remote domains because they are not valid in the local domain. "
"This is done to be in agreement with Active Directory's group-membership "
"assignment which can be seen in the PAC of the Kerberos ticket of a user "
"issued by Active Directory."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:138
msgid "ad_domain (string)"
msgstr "ad_domain (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:141
msgid ""
"Specifies the name of the Active Directory domain.  This is optional. If not "
"provided, the configuration domain name is used."
msgstr ""
"Especifica el nombre del dominio Active Directory. Esto es opcional. Si no "
"se suministra, se usa la configuración del nombre de dominio."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:146
msgid ""
"For proper operation, this option should be specified as the lower-case "
"version of the long version of the Active Directory domain."
msgstr ""
"Para una operativa apropiada, esta opción sería especificada en la versión "
"minúscula de la versión larga del dominio Active Directory."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:151
msgid ""
"The short domain name (also known as the NetBIOS or the flat name) is "
"autodetected by the SSSD."
msgstr ""
"El nombre corto de dominio (también conocido como el NetBIOS o el nombre "
"pano) es autodetectado por SSSD."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:158
msgid "ad_enabled_domains (string)"
msgstr "ad_enabled_domains (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:161
#, fuzzy
#| msgid ""
#| "A comma-separated list of enabled Active Directory domains.  If provided, "
#| "SSSD will ignore any domains not listed in this option. If left unset, "
#| "all domains from the AD forest will be available."
msgid ""
"A comma-separated list of enabled Active Directory domains. If provided, "
"SSSD will ignore any domains not listed in this option. If left unset, all "
"discovered domains from the AD forest will be available."
msgstr ""
"Una lista separada por comas de dominios Active Directory habilitados. Si se "
"suministra, SSSD ignorará cualquier dominio no listado en esta opción. Si se "
"deja sin establecer, estarán disponibles todos los dominios del bosque AD."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:168
msgid ""
"During the discovery of the domains SSSD will filter out some domains where "
"flags or attributes indicate that they do not belong to the local forest or "
"are not trusted. If ad_enabled_domains is set, SSSD will try to enable all "
"listed domains."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
#: sssd-ad.5.xml:179
#, no-wrap
msgid ""
"ad_enabled_domains = sales.example.com, eng.example.com\n"
"                            "
msgstr ""
"ad_enabled_domains = sales.example.com, eng.example.com\n"
"                            "

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:175
msgid ""
"For proper operation, this option must be specified in all lower-case and as "
"the fully qualified domain name of the Active Directory domain. For example: "
"<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
"Para una operativa apropiada, esta opción debe ser especificada en "
"minúsculas y con el nombre totalmente cualificado del dominio Active "
"Directory. Por ejemplo: <placeholder type=\"programlisting\" id=\"0\"/>"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:183
msgid ""
"The short domain name (also known as the NetBIOS or the flat name) will be "
"autodetected by SSSD."
msgstr ""
"El nombre corto de dominio (también conocido como NetBIOS o el nombre plano) "
"será autodetectado por SSSD."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:193
msgid "ad_server, ad_backup_server (string)"
msgstr "ad_server, ad_backup_server (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:196
msgid ""
"The comma-separated list of hostnames of the AD servers to which SSSD should "
"connect in order of preference. For more information on failover and server "
"redundancy, see the <quote>FAILOVER</quote> section."
msgstr ""
"La lista separada por comas de nombres de host de los servidores AD a los "
"que SSSD debería conectarse en orden de preferencia. Para mas información "
"sobre conmutación por error y redundancia del servidor, vea la sección "
"<quote>CONMUTACIÓN POR ERROR</quote>."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:203
msgid ""
"This is optional if autodiscovery is enabled.  For more information on "
"service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section."
msgstr ""
"Esto es opcional si el autodescubrimiento está habilitado. Para mas "
"información sobre el servicio de descubrimiento, vea la sección "
"<quote>SERVICIO DE DESCUBRIMIENTO</quote>."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:208
msgid ""
"Note: Trusted domains will always auto-discover servers even if the primary "
"server is explicitly defined in the ad_server option."
msgstr ""
"Nota: Los dominios de confianza siempre detectarán automáticamente los "
"servidores aunque el servidor primario esté definido explícitamente en la "
"opción ad_server."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:216
msgid "ad_hostname (string)"
msgstr "ad_hostname (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:219
msgid ""
"Optional. On machines where the hostname(5) does not reflect the fully "
"qualified name, sssd will try to expand the short name. If it is not "
"possible or the short name should be really used instead, set this parameter "
"explicitly."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:226
msgid ""
"This field is used to determine the host principal in use in the keytab and "
"to perform dynamic DNS updates. It must match the hostname for which the "
"keytab was issued."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:235
msgid "ad_enable_dns_sites (boolean)"
msgstr "ad_enable_dns_sites (booleano)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:242
msgid ""
"If true and service discovery (see Service Discovery paragraph at the bottom "
"of the man page)  is enabled, the SSSD will first attempt to discover the "
"Active Directory server to connect to using the Active Directory Site "
"Discovery and fall back to the DNS SRV records if no AD site is found. The "
"DNS SRV configuration, including the discovery domain, is used during site "
"discovery as well."
msgstr ""
"Si esta a true y el servicio de descubrimiento (vea el párrafo Servicio de "
"Descubrimiento al final de la página de manual) está habiitado, SSSD "
"intentará primero descubrir el servidor Active Directory usando Active "
"Directory Site Discovery y recurre a loas registros DNS SRV si no encuentra "
"sitio AD. La configuración DNS SRV, incluyendo el descubrimiento de dominio, "
"se usa durante el descubrimiento de sitio también."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:258
msgid "ad_access_filter (string)"
msgstr "ad_access_filter (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:261
msgid ""
"This option specifies LDAP access control filter that the user must match in "
"order to be allowed access. Please note that the <quote>access_provider</"
"quote> option must be explicitly set to <quote>ad</quote> in order for this "
"option to have an effect."
msgstr ""
"Esta opción especifica el filtro de control de acceso LDAP con el que el "
"usuario debe coincidir con el objetivo de tener permitido el acceso. Por "
"favor advierta que la opción <quote>access_provider</quote> debe estar "
"establecida explícitamente a <quote>ad</quote> con el objetivo de que esta "
"opción tenga efecto."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:269
msgid ""
"The option also supports specifying different filters per domain or forest. "
"This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>.  "
"The keyword can be either <quote>DOM</quote>, <quote>FOREST</quote> or "
"missing."
msgstr ""
"Esta opción también soporta que se especifiquen diferentes filtros por "
"dominio o bosque. Este filtro extendido consiste en: <quote>KEYWORD:NAME:"
"FILTER</quote>. La palabra clave puede ser <quote>DOM</quote>, "
"<quote>FOREST</quote> o ninguna."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:277
msgid ""
"If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</"
"quote> specifies the domain or subdomain the filter applies to.  If the "
"keyword equals to <quote>FOREST</quote>, then the filter equals to all "
"domains from the forest specified by <quote>NAME</quote>."
msgstr ""
"Si la palabra clave es igual a <quote>DOM</quote> o es ninguna, <quote>NAME</"
"quote> especifica el dominio o subdominio al que se aplica el filtro. Si la "
"palabra clave es igual a <quote>FOREST</quote>, el filtro iguala a todos los "
"dominios del bosque especificado por <quote>NAME</quote>."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:285
msgid ""
"Multiple filters can be separated with the <quote>?</quote> character, "
"similarly to how search bases work."
msgstr ""
"Se pueden separar múltiples filtros con el carácter <quote>?</quote>, de "
"modo similar a como funcionan las bases de búsqueda."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:290
msgid ""
"Nested group membership must be searched for using a special OID "
"<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain."
"example.org: syntax to ensure the parser does not attempt to interpret the "
"colon characters associated with the OID. If you do not use this OID then "
"nested group membership will not be resolved. See usage example below and "
"refer here for further information about the OID: <ulink url=\"https://msdn."
"microsoft.com/en-us/library/cc223367.aspx\"> [MS-ADTS] section LDAP "
"extensions</ulink>"
msgstr ""
"La membresía de grupo anidada debe ser buscada usando una OID especial "
"<quote>:1.2.840.113556.1.4.1941:</quote> además de la sintaxis completa DOM:"
"domain.example.org: para asegurar que el analizador no intente interpretar "
"el carácter dos puntos asociado con el OID. Si usted no usa este OID la "
"membresía de grupo anidada no será resuelta. Vea el ejemplo de utlización "
"abajo y vaya aquí para ampliar información sobre OID: <ulink url=\"https://"
"msdn.microsoft.com/en-us/library/cc223367.aspx\"> [MS-ADTS] sección "
"extensiones LDAP</ulink>"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:303
msgid ""
"The most specific match is always used. For example, if the option specified "
"filter for a domain the user is a member of and a global filter, the per-"
"domain filter would be applied.  If there are more matches with the same "
"specification, the first one is used."
msgstr ""
"Siempre se usa la coincidencia mas especifica. Por ejemplo, si la opción "
"especifica un filtro pra un dominio del que el usuario es miembro y un "
"filtro global, se aplicará el filtro por dominio. Si hay mas coincidencias "
"con la misma especificación se usa la primera."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
#: sssd-ad.5.xml:314
#, no-wrap
msgid ""
"# apply filter on domain called dom1 only:\n"
"dom1:(memberOf=cn=admins,ou=groups,dc=dom1,dc=com)\n"
"\n"
"# apply filter on domain called dom2 only:\n"
"DOM:dom2:(memberOf=cn=admins,ou=groups,dc=dom2,dc=com)\n"
"\n"
"# apply filter on forest called EXAMPLE.COM only:\n"
"FOREST:EXAMPLE.COM:(memberOf=cn=admins,ou=groups,dc=example,dc=com)\n"
"\n"
"# apply filter for a member of a nested group in dom1:\n"
"DOM:dom1:(memberOf:1.2.840.113556.1.4.1941:=cn=nestedgroup,ou=groups,dc=example,dc=com)\n"
"                        "
msgstr ""
"# aplicar filtro sobre el dominio llamado dom1 solo:\n"
"dom1:(memberOf=cn=admins,ou=groups,dc=dom1,dc=com)\n"
"\n"
"# aplicar filtro sobre el dominio llamado dom2 solo:\n"
"DOM:dom2:(memberOf=cn=admins,ou=groups,dc=dom2,dc=com)\n"
"\n"
"# aplicar filtro sobre un bosque llamado EXAMPLE.COM solo:\n"
"FOREST:EXAMPLE.COM:(memberOf=cn=admins,ou=groups,dc=example,dc=com)\n"
"\n"
"# aplicar filtro para un miembro de un grupo anidado en dom1:\n"
"DOM:dom1:(memberOf:1.2.840.113556.1.4.1941:=cn=nestedgroup,ou=groups,dc=example,dc=com)\n"
"                        "

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:333
msgid "ad_site (string)"
msgstr "ad_site (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:336
msgid ""
"Specify AD site to which client should try to connect.  If this option is "
"not provided, the AD site will be auto-discovered."
msgstr ""
"Especifica el sitio AD al que el cliente intentará cnectar. Si no se "
"suministra esta opción se autodescubrirá el sitio AD."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:347
msgid "ad_enable_gc (boolean)"
msgstr "ad_enable_gc (booleano)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:350
msgid ""
"By default, the SSSD connects to the Global Catalog first to retrieve users "
"from trusted domains and uses the LDAP port to retrieve group memberships or "
"as a fallback. Disabling this option makes the SSSD only connect to the LDAP "
"port of the current AD server."
msgstr ""
"De modo predeterminado, SSSD conecta primero al Catálogo Global para "
"recuperar usuarios de los dominios de confianza y usa el ouerto LDAP para "
"recuperar membresías de grupo o plan de reserva. Deshabilitando esta opción "
"hace que SSSD solo conecte al puerto LDAP del servidor AD actual."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:358
msgid ""
"Please note that disabling Global Catalog support does not disable "
"retrieving users from trusted domains. The SSSD would connect to the LDAP "
"port of trusted domains instead. However, Global Catalog must be used in "
"order to resolve cross-domain group memberships."
msgstr ""
"Por favor advierta que deshabilitando el soporte de Catálogo Global no "
"deshabilita la recogida de usuarios de los dominios de confianza. SSSD "
"conectaría al puerto LDAP de los dominios de confianza en su lugar. Sin "
"embargo, Catálogo Global debe ser usado con el objetivo de resolver las "
"membresías de grupo de dominio cruzado."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:372
msgid "ad_gpo_access_control (string)"
msgstr "ad_gpo_access_control (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:375
msgid ""
"This option specifies the operation mode for GPO-based access control "
"functionality: whether it operates in disabled mode, enforcing mode, or "
"permissive mode. Please note that the <quote>access_provider</quote> option "
"must be explicitly set to <quote>ad</quote> in order for this option to have "
"an effect."
msgstr ""
"Esta opción especifica el modo de operación para la funcionalidad de control "
"de acceso basado en GPO: si opera en modo deshabilitado, modo reforzado o "
"modo permisivo. Por favor advierta que la opción <quote>access_provider</"
"quote> debe ser explícitamente establecida a <quote>ad</quote> con el "
"objetivo de que esta opción tenga efecto."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:384
msgid ""
"GPO-based access control functionality uses GPO policy settings to determine "
"whether or not a particular user is allowed to logon to the host.  For more "
"information on the supported policy settings please refer to the "
"<quote>ad_gpo_map</quote> options."
msgstr ""
"La funcionalidad de control de acceso basado en GPO usa ajustes de política "
"GPO para determinar si un usuario concreto tiene autorizado acceder al host. "
"Para mas información sobre los ajustes de política soportados vea las "
"opciones <quote>ad_gpo_map</quote>."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:392
msgid ""
"Please note that current version of SSSD does not support Active Directory's "
"built-in groups.  Built-in groups (such as Administrators with SID "
"S-1-5-32-544) in GPO access control rules will be ignored by SSSD.  See "
"upstream issue tracker https://github.com/SSSD/sssd/issues/5063 ."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:401
msgid ""
"Before performing access control SSSD applies group policy security "
"filtering on the GPOs. For every single user login, the applicability of the "
"GPOs that are linked to the host is checked. In order for a GPO to apply to "
"a user, the user or at least one of the groups to which it belongs must have "
"following permissions on the GPO:"
msgstr ""
"Antes de realizar el control de acceso, SSSD aplica el filtrado de seguridad "
"de la política de grupo en los GPO. Por cada inicio de sesión de usuario, la "
"aplicabilidad de los GPOs que están enlazados al host es chequeado. Para que "
"un GPO se aplique a un usuario, el usuario o al menos uno de los grupos a "
"los que pertenece debe tener los siguientes permisos en el GPO:"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:411
msgid ""
"Read: The user or one of its groups must have read access to the properties "
"of the GPO (RIGHT_DS_READ_PROPERTY)"
msgstr ""
"Lectura: El usuario o uno de sus grupos debe tener acceso de lectura a las "
"propiedad de la GPO (RIGHT_DS_READ_PROPERTY)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:418
msgid ""
"Apply Group Policy: The user or at least one of its groups must be allowed "
"to apply the GPO (RIGHT_DS_CONTROL_ACCESS)."
msgstr ""
"Aplicar Política de Grupo: El usuario o al menos uno de sus grupos debe "
"tener permiso para aplicar la GPO (RIGHT_DS_CONTROL_ACCESS)."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:426
msgid ""
"By default, the Authenticated Users group is present on a GPO and this group "
"has both Read and Apply Group Policy access rights. Since authentication of "
"a user must have been completed successfully before GPO security filtering "
"and access control are started, the Authenticated Users group permissions on "
"the GPO always apply also to the user."
msgstr ""
"Por defecto, el grupo Usuarios Autenticados está presente sobre un GPO y "
"este grupo tiene derechos de acceso tanto de Lectura como de Aplicar "
"Política de Grupo. Puesto que la autenticación de un usuario debe haberse "
"completado con éxito antes del filtrado de seguridad GPO y el control de "
"acceso está arrancado, los permisos del grupo Usuarios Autenticados sobre el "
"GPO se aplicarán siempre también al usuario."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:435
msgid ""
"NOTE: If the operation mode is set to enforcing, it is possible that users "
"that were previously allowed logon access will now be denied logon access "
"(as dictated by the GPO policy settings). In order to facilitate a smooth "
"transition for administrators, a permissive mode is available that will not "
"enforce the access control rules, but will evaluate them and will output a "
"syslog message if access would have been denied. By examining the logs, "
"administrators can then make the necessary changes before setting the mode "
"to enforcing. For logging GPO-based access control debug level 'trace "
"functions' is required (see <citerefentry> <refentrytitle>sssctl</"
"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page)."
msgstr ""
"AVISO: Si el modo operativo está establecido en enforcing (hacer cumplir), "
"es posible que a usuarios que antes se les permitía el acceso se les "
"deniegue ahora (como dictan los ajustes de política GPO). Con el objetivo de "
"facilitar una transición suave a los administradores, hay un modo permisivo "
"disponible que no aplicará las reglas de control de acceso, pero as evaluará "
"y sacará un mensaje de registro de sistema si el acceso debería haber sido "
"denegado. Examinando los registros los administradores pueden hacer los "
"cambios necesario antes de establecer el modo enforcing. Para registrar el "
"control de acceso basado en GPO, se requiere un nivel de depuración "
"'funciones de rastreo' (vea las páginas de manual <citerefentry> "
"<refentrytitle>sssctl</refentrytitle> <manvolnum>8</manvolnum> </"
"citerefentry>)."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:454
msgid "There are three supported values for this option:"
msgstr "Hay tres valores soportados para esta opción:"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:458
msgid ""
"disabled: GPO-based access control rules are neither evaluated nor enforced."
msgstr ""
"disabled (deshabilitado): Las reglas de control de acceso basadas en GPO no "
"son evaluadas ni aplicadas."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:464
msgid "enforcing: GPO-based access control rules are evaluated and enforced."
msgstr ""
"enforcing (hacer cumplir): Las reglas de control de acceso basadas en GPO "
"son evaluadas y aplicadas."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:470
msgid ""
"permissive: GPO-based access control rules are evaluated, but not enforced.  "
"Instead, a syslog message will be emitted indicating that the user would "
"have been denied access if this option's value were set to enforcing."
msgstr ""
"permissive (permisivo): Las reglas de control de acceso GPO son evaluadas "
"pero no se hacen cumplir.  En su lugar, se emitirá un mensaje de registro de "
"sistema indicando que se hubiera denegado el acceso al sistema del usuario "
"si el valor de la opción estuviera establecido en enforcing."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:481
msgid "Default: permissive"
msgstr "Predeterminado: permissive"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:484
msgid "Default: enforcing"
msgstr "Predeterminado: enforcing"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:490
msgid "ad_gpo_implicit_deny (boolean)"
msgstr "ad_gpo_implicit_deny (booleano)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:493
msgid ""
"Normally when no applicable GPOs are found the users are allowed access. "
"When this option is set to True users will be allowed access only when "
"explicitly allowed by a GPO rule. Otherwise users will be denied access. "
"This can be used to harden security but be careful when using this option "
"because it can deny access even to users in the built-in Administrators "
"group if no GPO rules apply to them."
msgstr ""
"Normalmente cuando no se encuentras GPOs aplicables los usuarios tienen "
"permitido el acceso. Cuando se establece esta opción a True los usuarios "
"tendrán permitido el acceso solo cuando este explícitamente permitido por "
"una regla GPO. En otro caso el acceso de usuarios será denegado. Esto se "
"puede usar para fortalecer la seguridad, pero tenga cuidado al usar esta "
"opción, ya que puede denegar el acceso incluso a los usuarios en el grupo de "
"administradores integrados si no se aplican reglas de GPO."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:509
msgid ""
"The following 2 tables should illustrate when a user is allowed or rejected "
"based on the allow and deny login rights defined on the server-side and the "
"setting of ad_gpo_implicit_deny."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry>
#: sssd-ad.5.xml:521
#, fuzzy
#| msgid "ad_gpo_implicit_deny (boolean)"
msgid "ad_gpo_implicit_deny = False (default)"
msgstr "ad_gpo_implicit_deny (booleano)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry>
#: sssd-ad.5.xml:522 sssd-ad.5.xml:548
msgid "allow-rules"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry>
#: sssd-ad.5.xml:522 sssd-ad.5.xml:548
msgid "deny-rules"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry>
#: sssd-ad.5.xml:523 sssd-ad.5.xml:549
msgid "results"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry>
#: sssd-ad.5.xml:526 sssd-ad.5.xml:529 sssd-ad.5.xml:532 sssd-ad.5.xml:552
#: sssd-ad.5.xml:555 sssd-ad.5.xml:558
msgid "missing"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para>
#: sssd-ad.5.xml:527
#, fuzzy
#| msgid "All users are recorded."
msgid "all users are allowed"
msgstr "Se graban todos los usuarios."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry>
#: sssd-ad.5.xml:529 sssd-ad.5.xml:532 sssd-ad.5.xml:535 sssd-ad.5.xml:555
#: sssd-ad.5.xml:558 sssd-ad.5.xml:561
msgid "present"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para>
#: sssd-ad.5.xml:530
msgid "only users not in deny-rules are allowed"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para>
#: sssd-ad.5.xml:533 sssd-ad.5.xml:559
#, fuzzy
#| msgid "The following values are allowed:"
msgid "only users in allow-rules are allowed"
msgstr "Los siguientes valores están permitidos:"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para>
#: sssd-ad.5.xml:536 sssd-ad.5.xml:562
msgid "only users in allow-rules and not in deny-rules are allowed"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry>
#: sssd-ad.5.xml:547
#, fuzzy
#| msgid "ad_gpo_implicit_deny (boolean)"
msgid "ad_gpo_implicit_deny = True"
msgstr "ad_gpo_implicit_deny (booleano)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para>
#: sssd-ad.5.xml:553 sssd-ad.5.xml:556
#, fuzzy
#| msgid "No users are recorded."
msgid "no users are allowed"
msgstr "NO se grabaron usuarios."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:569
msgid "ad_gpo_ignore_unreadable (boolean)"
msgstr "ad_gpo_ignore_unreadable (booleano)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:572
msgid ""
"Normally when some group policy containers (AD object) of applicable group "
"policy objects are not readable by SSSD then users are denied access.  This "
"option allows to ignore group policy containers and with them associated "
"policies if their attributes in group policy containers are not readable for "
"SSSD."
msgstr ""
"Normalmente cuando algunos contenedores de políticas de grupo (objeto AD) de "
"pbjetos aplicables de políticas de grupo no son legibles por SSSD se les "
"niega el acceso a los usuarios. Esta opción permite ignorar los contenedores "
"de política de grupo y con ello las políticas asociadas si sus atributos en "
"los contenedores de política de grupo no son legibles por SSSD."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:589
msgid "ad_gpo_cache_timeout (integer)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:592
msgid ""
"The amount of time between lookups of GPO policy files against the AD "
"server. This will reduce the latency and load on the AD server if there are "
"many access-control requests made in a short period."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:605
msgid "ad_gpo_map_interactive (string)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:608
msgid ""
"A comma-separated list of PAM service names for which GPO-based access "
"control is evaluated based on the InteractiveLogonRight and "
"DenyInteractiveLogonRight policy settings.  Only those GPOs are evaluated "
"for which the user has Read and Apply Group Policy permission (see option "
"<quote>ad_gpo_access_control</quote>).  If an evaluated GPO contains the "
"deny interactive logon setting for the user or one of its groups, the user "
"is denied local access.  If none of the evaluated GPOs has an interactive "
"logon right defined, the user is granted local access. If at least one "
"evaluated GPO contains interactive logon right settings, the user is granted "
"local access only, if it or at least one of its groups is part of the policy "
"settings."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:626
msgid ""
"Note: Using the Group Policy Management Editor this value is called \"Allow "
"log on locally\" and \"Deny log on locally\"."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
#: sssd-ad.5.xml:640
#, no-wrap
msgid ""
"ad_gpo_map_interactive = +my_pam_service, -login\n"
"                            "
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:631
msgid ""
"It is possible to add another PAM service name to the default set by using "
"<quote>+service_name</quote> or to explicitly remove a PAM service name from "
"the default set by using <quote>-service_name</quote>.  For example, in "
"order to replace a default PAM service name for this logon right (e.g. "
"<quote>login</quote>)  with a custom pam service name (e.g. "
"<quote>my_pam_service</quote>), you would use the following configuration: "
"<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:663
msgid "gdm-fingerprint"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:683
msgid "lightdm"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:688
msgid "lxdm"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:693
msgid "sddm"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:698
msgid "unity"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:703
msgid "xdm"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:712
msgid "ad_gpo_map_remote_interactive (string)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:715
msgid ""
"A comma-separated list of PAM service names for which GPO-based access "
"control is evaluated based on the RemoteInteractiveLogonRight and "
"DenyRemoteInteractiveLogonRight policy settings.  Only those GPOs are "
"evaluated for which the user has Read and Apply Group Policy permission (see "
"option <quote>ad_gpo_access_control</quote>).  If an evaluated GPO contains "
"the deny remote logon setting for the user or one of its groups, the user is "
"denied remote interactive access.  If none of the evaluated GPOs has a "
"remote interactive logon right defined, the user is granted remote access. "
"If at least one evaluated GPO contains remote interactive logon right "
"settings, the user is granted remote access only, if it or at least one of "
"its groups is part of the policy settings."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:734
msgid ""
"Note: Using the Group Policy Management Editor this value is called \"Allow "
"log on through Remote Desktop Services\" and \"Deny log on through Remote "
"Desktop Services\"."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
#: sssd-ad.5.xml:749
#, no-wrap
msgid ""
"ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n"
"                            "
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:740
msgid ""
"It is possible to add another PAM service name to the default set by using "
"<quote>+service_name</quote> or to explicitly remove a PAM service name from "
"the default set by using <quote>-service_name</quote>.  For example, in "
"order to replace a default PAM service name for this logon right (e.g. "
"<quote>sshd</quote>)  with a custom pam service name (e.g. "
"<quote>my_pam_service</quote>), you would use the following configuration: "
"<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:757
msgid "sshd"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:762
msgid "cockpit"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:771
msgid "ad_gpo_map_network (string)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:774
msgid ""
"A comma-separated list of PAM service names for which GPO-based access "
"control is evaluated based on the NetworkLogonRight and "
"DenyNetworkLogonRight policy settings.  Only those GPOs are evaluated for "
"which the user has Read and Apply Group Policy permission (see option "
"<quote>ad_gpo_access_control</quote>).  If an evaluated GPO contains the "
"deny network logon setting for the user or one of its groups, the user is "
"denied network logon access.  If none of the evaluated GPOs has a network "
"logon right defined, the user is granted logon access. If at least one "
"evaluated GPO contains network logon right settings, the user is granted "
"logon access only, if it or at least one of its groups is part of the policy "
"settings."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:792
msgid ""
"Note: Using the Group Policy Management Editor this value is called \"Access "
"this computer from the network\" and \"Deny access to this computer from the "
"network\"."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
#: sssd-ad.5.xml:807
#, no-wrap
msgid ""
"ad_gpo_map_network = +my_pam_service, -ftp\n"
"                            "
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:798
msgid ""
"It is possible to add another PAM service name to the default set by using "
"<quote>+service_name</quote> or to explicitly remove a PAM service name from "
"the default set by using <quote>-service_name</quote>.  For example, in "
"order to replace a default PAM service name for this logon right (e.g. "
"<quote>ftp</quote>)  with a custom pam service name (e.g. "
"<quote>my_pam_service</quote>), you would use the following configuration: "
"<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:815
msgid "ftp"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:820
msgid "samba"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:829
msgid "ad_gpo_map_batch (string)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:832
msgid ""
"A comma-separated list of PAM service names for which GPO-based access "
"control is evaluated based on the BatchLogonRight and DenyBatchLogonRight "
"policy settings.  Only those GPOs are evaluated for which the user has Read "
"and Apply Group Policy permission (see option <quote>ad_gpo_access_control</"
"quote>).  If an evaluated GPO contains the deny batch logon setting for the "
"user or one of its groups, the user is denied batch logon access.  If none "
"of the evaluated GPOs has a batch logon right defined, the user is granted "
"logon access. If at least one evaluated GPO contains batch logon right "
"settings, the user is granted logon access only, if it or at least one of "
"its groups is part of the policy settings."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:850
msgid ""
"Note: Using the Group Policy Management Editor this value is called \"Allow "
"log on as a batch job\" and \"Deny log on as a batch job\"."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
#: sssd-ad.5.xml:864
#, no-wrap
msgid ""
"ad_gpo_map_batch = +my_pam_service, -crond\n"
"                            "
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:855
msgid ""
"It is possible to add another PAM service name to the default set by using "
"<quote>+service_name</quote> or to explicitly remove a PAM service name from "
"the default set by using <quote>-service_name</quote>.  For example, in "
"order to replace a default PAM service name for this logon right (e.g. "
"<quote>crond</quote>)  with a custom pam service name (e.g. "
"<quote>my_pam_service</quote>), you would use the following configuration: "
"<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:867
msgid ""
"Note: Cron service name may differ depending on Linux distribution used."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:873
msgid "crond"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:882
msgid "ad_gpo_map_service (string)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:885
msgid ""
"A comma-separated list of PAM service names for which GPO-based access "
"control is evaluated based on the ServiceLogonRight and "
"DenyServiceLogonRight policy settings.  Only those GPOs are evaluated for "
"which the user has Read and Apply Group Policy permission (see option "
"<quote>ad_gpo_access_control</quote>).  If an evaluated GPO contains the "
"deny service logon setting for the user or one of its groups, the user is "
"denied service logon access.  If none of the evaluated GPOs has a service "
"logon right defined, the user is granted logon access. If at least one "
"evaluated GPO contains service logon right settings, the user is granted "
"logon access only, if it or at least one of its groups is part of the policy "
"settings."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:903
msgid ""
"Note: Using the Group Policy Management Editor this value is called \"Allow "
"log on as a service\" and \"Deny log on as a service\"."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
#: sssd-ad.5.xml:916
#, no-wrap
msgid ""
"ad_gpo_map_service = +my_pam_service\n"
"                            "
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:908 sssd-ad.5.xml:983
msgid ""
"It is possible to add a PAM service name to the default set by using "
"<quote>+service_name</quote>.  Since the default set is empty, it is not "
"possible to remove a PAM service name from the default set.  For example, in "
"order to add a custom pam service name (e.g. <quote>my_pam_service</quote>), "
"you would use the following configuration: <placeholder "
"type=\"programlisting\" id=\"0\"/>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:926
msgid "ad_gpo_map_permit (string)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:929
msgid ""
"A comma-separated list of PAM service names for which GPO-based access is "
"always granted, regardless of any GPO Logon Rights."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
#: sssd-ad.5.xml:943
#, no-wrap
msgid ""
"ad_gpo_map_permit = +my_pam_service, -sudo\n"
"                            "
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:934
msgid ""
"It is possible to add another PAM service name to the default set by using "
"<quote>+service_name</quote> or to explicitly remove a PAM service name from "
"the default set by using <quote>-service_name</quote>.  For example, in "
"order to replace a default PAM service name for unconditionally permitted "
"access (e.g. <quote>sudo</quote>)  with a custom pam service name (e.g. "
"<quote>my_pam_service</quote>), you would use the following configuration: "
"<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:951
msgid "polkit-1"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:966
msgid "systemd-user"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:975
msgid "ad_gpo_map_deny (string)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:978
msgid ""
"A comma-separated list of PAM service names for which GPO-based access is "
"always denied, regardless of any GPO Logon Rights."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
#: sssd-ad.5.xml:991
#, no-wrap
msgid ""
"ad_gpo_map_deny = +my_pam_service\n"
"                            "
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:1001
msgid "ad_gpo_default_right (string)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:1004
msgid ""
"This option defines how access control is evaluated for PAM service names "
"that are not explicitly listed in one of the ad_gpo_map_* options. This "
"option can be set in two different manners. First, this option can be set to "
"use a default logon right. For example, if this option is set to "
"'interactive', it means that unmapped PAM service names will be processed "
"based on the InteractiveLogonRight and DenyInteractiveLogonRight policy "
"settings. Alternatively, this option can be set to either always permit or "
"always deny access for unmapped PAM service names."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:1017
msgid "Supported values for this option include:"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:1026
msgid "remote_interactive"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:1031
msgid "network"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:1036
msgid "batch"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:1041
msgid "service"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:1046
msgid "permit"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:1051
msgid "deny"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:1057
msgid "Default: deny"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:1063
msgid "ad_maximum_machine_account_password_age (integer)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:1066
msgid ""
"SSSD will check once a day if the machine account password is older than the "
"given age in days and try to renew it. A value of 0 will disable the renewal "
"attempt."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:1072
msgid "Default: 30 days"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:1078
msgid "ad_machine_account_password_renewal_opts (string)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:1081
msgid ""
"This option should only be used to test the machine account renewal task. "
"The option expects 2 integers separated by a colon (':'). The first integer "
"defines the interval in seconds how often the task is run. The second "
"specifies the initial timeout in seconds before the task is run for the "
"first time after startup."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:1090
msgid "Default: 86400:750 (24h and 15m)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:1096
msgid "ad_update_samba_machine_account_password (boolean)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:1099
msgid ""
"If enabled, when SSSD renews the machine account password, it will also be "
"updated in Samba's database. This prevents Samba's copy of the machine "
"account password from getting out of date when it is set up to use AD for "
"authentication."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:1112
msgid "ad_use_ldaps (bool)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:1115
msgid ""
"By default SSSD uses the plain LDAP port 389 and the Global Catalog port "
"3628. If this option is set to True SSSD will use the LDAPS port 636 and "
"Global Catalog port 3629 with LDAPS protection. Since AD does not allow to "
"have multiple encryption layers on a single connection and we still want to "
"use SASL/GSSAPI or SASL/GSS-SPNEGO for authentication the SASL security "
"property maxssf is set to 0 (zero)  for those connections."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:1132
#, fuzzy
#| msgid "ldap_sudo_include_netgroups (boolean)"
msgid "ad_allow_remote_domain_local_groups (boolean)"
msgstr "sudo_include_netgroups (booleano)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:1135
msgid ""
"If this option is set to <quote>true</quote> SSSD will not filter out Domain "
"Local groups from remote domains in the AD forest. By default they are "
"filtered out e.g. when following a nested group hierarchy in remote domains "
"because they are not valid in the local domain. To be compatible with other "
"solutions which make AD users and groups available on Linux client this "
"option was added."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:1145
msgid ""
"Please note that setting this option to <quote>true</quote> will be against "
"the intention of Domain Local group in Active Directory and <emphasis>SHOULD "
"ONLY BE USED TO FACILITATE MIGRATION FROM OTHER SOLUTIONS</emphasis>. "
"Although the group exists and user can be member of the group the intention "
"is that the group should be only used in the domain it is defined and in no "
"others. Since there is only one type of POSIX groups the only way to achieve "
"this on the Linux side is to ignore those groups. This is also done by "
"Active Directory as can be seen in the PAC of the Kerberos ticket for a "
"local service or in tokenGroups requests where remote Domain Local groups "
"are missing as well."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:1161
msgid ""
"Given the comments above, if this option is set to <quote>true</quote> the "
"tokenGroups request must be disabled by setting <quote>ldap_use_tokengroups</"
"quote> to <quote>false</quote> to get consistent group-memberships of a "
"users. Additionally the Global Catalog lookup should be skipped as well by "
"setting <quote>ad_enable_gc</quote> to <quote>false</quote>. Finally it "
"might be necessary to modify <quote>ldap_group_nesting_level</quote> if the "
"remote Domain Local groups can only be found with a deeper nesting level."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:1184
msgid ""
"Optional. This option tells SSSD to automatically update the Active "
"Directory DNS server with the IP address of this client. The update is "
"secured using GSS-TSIG. As a consequence, the Active Directory administrator "
"only needs to allow secure updates for the DNS zone. The IP address of the "
"AD LDAP connection is used for the updates, if it is not otherwise specified "
"by using the <quote>dyndns_iface</quote> option."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:1214
msgid "Default: 3600 (seconds)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:1230
msgid ""
"Default: Use the IP addresses of the interface which is used for AD LDAP "
"connection"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:1243
msgid ""
"How often should the back end perform periodic DNS update in addition to the "
"automatic update performed when the back end goes online.  This option is "
"optional and applicable only when dyndns_update is true. Note that the "
"lowest possible value is 60 seconds in-case if value is provided less than "
"60, parameter will assume lowest value only."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ad.5.xml:1393
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
"This example shows only the AD provider-specific options."
msgstr ""
"El siguiente ejemplo asume que SSSD está correctamente configurado y example."
"com es uno de los dominios en la sección <replaceable>[sssd]</replaceable>. "
"Este ejemplo muestra sólo las opciones específicas del proveedor AD."

#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sssd-ad.5.xml:1400
#, no-wrap
msgid ""
"[domain/EXAMPLE]\n"
"id_provider = ad\n"
"auth_provider = ad\n"
"access_provider = ad\n"
"chpass_provider = ad\n"
"\n"
"ad_server = dc1.example.com\n"
"ad_hostname = client.example.com\n"
"ad_domain = example.com\n"
msgstr ""
"[domain/EXAMPLE]\n"
"id_provider = ad\n"
"auth_provider = ad\n"
"access_provider = ad\n"
"chpass_provider = ad\n"
"\n"
"ad_server = dc1.example.com\n"
"ad_hostname = client.example.com\n"
"ad_domain = example.com\n"

#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sssd-ad.5.xml:1420
#, no-wrap
msgid ""
"access_provider = ldap\n"
"ldap_access_order = expire\n"
"ldap_account_expire_policy = ad\n"
msgstr ""
"access_provider = ldap\n"
"ldap_access_order = expire\n"
"ldap_account_expire_policy = ad\n"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ad.5.xml:1416
msgid ""
"The AD access control provider checks if the account is expired.  It has the "
"same effect as the following configuration of the LDAP provider: "
"<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
"El proveedor de control de acceso AD comprueba si la cuenta está expirada. "
"Tiene el mismo efecto que la siguiente configuración del proveedor LDAP: "
"<placeholder type=\"programlisting\" id=\"0\"/>"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ad.5.xml:1426
msgid ""
"However, unless the <quote>ad</quote> access control provider is explicitly "
"configured, the default access provider is <quote>permit</quote>. Please "
"note that if you configure an access provider other than <quote>ad</quote>, "
"you need to set all the connection parameters (such as LDAP URIs and "
"encryption details) manually."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ad.5.xml:1434
msgid ""
"When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema "
"attribute mapping (nisMap, nisObject, ...) is used, because these attributes "
"are included in the default Active Directory schema."
msgstr ""

#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd-sudo.5.xml:10 sssd-sudo.5.xml:16
msgid "sssd-sudo"
msgstr "sssd-sudo"

#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sssd-sudo.5.xml:17
msgid "Configuring sudo with the SSSD back end"
msgstr "Configuración de sudo con el motor de SSSD"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:23
msgid ""
"This manual page describes how to configure <citerefentry> "
"<refentrytitle>sudo</refentrytitle> <manvolnum>8</manvolnum> </citerefentry> "
"to work with <citerefentry> <refentrytitle>sssd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> and how SSSD caches sudo rules."
msgstr ""
"Esta página de manual describe como configurar <citerefentry> "
"<refentrytitle>sudo</refentrytitle> <manvolnum>8</manvolnum> </citerefentry> "
"para trabajar con <citerefentry> <refentrytitle>sssd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> y como SSSD esconde reglas sudo."

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-sudo.5.xml:36
msgid "Configuring sudo to cooperate with SSSD"
msgstr "Configurando sudo para cooperar con SSSD"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:38
msgid ""
"To enable SSSD as a source for sudo rules, add <emphasis>sss</emphasis> to "
"the <emphasis>sudoers</emphasis> entry in <citerefentry> "
"<refentrytitle>nsswitch.conf</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry>."
msgstr ""
"Para habilitar SSSD como una fuente de reglas sudo, añada <emphasis>sss</"
"emphasis> a la entrada <emphasis>sudoers</emphasis> en <citerefentry> "
"<refentrytitle>nsswitch.conf</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry>."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:47
msgid ""
"For example, to configure sudo to first lookup rules in the standard "
"<citerefentry> <refentrytitle>sudoers</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> file (which should contain rules that apply to "
"local users) and then in SSSD, the nsswitch.conf file should contain the "
"following line:"
msgstr ""
"Por ejemplo, para configurar sudo para primero buscar reglas en el fichero "
"<citerefentry> <refentrytitle>sudoers</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> estándar (que contendría reglas para aplicar al "
"usuario local) y después en SSSD, el fichero nsswitch.conf contiene la "
"siguiente línea:"

#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sssd-sudo.5.xml:57
#, no-wrap
msgid "sudoers: files sss\n"
msgstr "sudoers: files sss\n"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:61
msgid ""
"More information about configuring the sudoers search order from the "
"nsswitch.conf file as well as information about the LDAP schema that is used "
"to store sudo rules in the directory can be found in <citerefentry> "
"<refentrytitle>sudoers.ldap</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry>."
msgstr ""
"Más información sobre la configuración del orden de búsqueda de sudoers "
"desde el fichero nsswuitch.conf así información sobre el esquema LDAP que se "
"usa para almacenar reglas sudo en el directorio se puede encontrar en  "
"<citerefentry> <refentrytitle>sudoers.ldap</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry>."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:70
msgid ""
"<emphasis>Note</emphasis>: in order to use netgroups or IPA hostgroups in "
"sudo rules, you also need to correctly set <citerefentry> "
"<refentrytitle>nisdomainname</refentrytitle> <manvolnum>1</manvolnum> </"
"citerefentry> to your NIS domain name (which equals to IPA domain name when "
"using hostgroups)."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-sudo.5.xml:82
msgid "Configuring SSSD to fetch sudo rules"
msgstr "Configurando SSSD para ir a buscar reglas sudo"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:84
msgid ""
"All configuration that is needed on SSSD side is to extend the list of "
"<emphasis>services</emphasis> with \"sudo\" in [sssd] section of "
"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry>. To speed up the LDAP lookups, you can also set "
"search base for sudo rules using <emphasis>ldap_sudo_search_base</emphasis> "
"option."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:94
msgid ""
"The following example shows how to configure SSSD to download sudo rules "
"from an LDAP server."
msgstr ""
"El siguiente ejemplo muestra como configurar SSSD para descargar reglas sudo "
"desde un servidor LDAP."

#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sssd-sudo.5.xml:99
#, no-wrap
msgid ""
"[sssd]\n"
"config_file_version = 2\n"
"services = nss, pam, sudo\n"
"domains = EXAMPLE\n"
"\n"
"[domain/EXAMPLE]\n"
"id_provider = ldap\n"
"sudo_provider = ldap\n"
"ldap_uri = ldap://example.com\n"
"ldap_sudo_search_base = ou=sudoers,dc=example,dc=com\n"
msgstr ""
"[sssd]\n"
"config_file_version = 2\n"
"services = nss, pam, sudo\n"
"domains = EXAMPLE\n"
"\n"
"[domain/EXAMPLE]\n"
"id_provider = ldap\n"
"sudo_provider = ldap\n"
"ldap_uri = ldap://example.com\n"
"ldap_sudo_search_base = ou=sudoers,dc=example,dc=com\n"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:98
msgid ""
"<placeholder type=\"programlisting\" id=\"0\"/> <phrase "
"condition=\"have_systemd\"> It's important to note that on platforms where "
"systemd is supported there's no need to add the \"sudo\" provider to the "
"list of services, as it became optional. However, sssd-sudo.socket must be "
"enabled instead.  </phrase>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:118
msgid ""
"When SSSD is configured to use IPA as the ID provider, the sudo provider is "
"automatically enabled. The sudo search base is configured to use the IPA "
"native LDAP tree (cn=sudo,$SUFFIX).  If any other search base is defined in "
"sssd.conf, this value will be used instead. The compat tree (ou=sudoers,"
"$SUFFIX) is no longer required for IPA sudo functionality."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-sudo.5.xml:128
msgid "The SUDO rule caching mechanism"
msgstr "El mecanismo de almacenamiento en cache de regla SUDO"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:130
msgid ""
"The biggest challenge, when developing sudo support in SSSD, was to ensure "
"that running sudo with SSSD as the data source provides the same user "
"experience and is as fast as sudo but keeps providing the most current set "
"of rules as possible. To satisfy these requirements, SSSD uses three kinds "
"of updates. They are referred to as full refresh, smart refresh and rules "
"refresh."
msgstr ""
"El mayor desafío, cuando se desarrolla soporte sudo en SSSD, fue asegurar "
"que ejecutando sudo con SSSD como la fuente de datos suministre la misma "
"experiencia de usuario y sea tan rápido como sudo pero se mantenga "
"proporcionando el conjunto más actual de reglas como sea posible. Para "
"satisfacer estos requisitos, SSSD usa tres clases de actualizaciones. A "
"ellas nos referimos como refresco total, refresco inteligente y refresco de "
"reglas."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:138
msgid ""
"The <emphasis>smart refresh</emphasis> periodically downloads rules that are "
"new or were modified after the last update. Its primary goal is to keep the "
"database growing by fetching only small increments that do not generate "
"large amounts of network traffic."
msgstr ""
"El <emphasis>refresco inteligente</emphasis> periódicamente descarga reglas "
"que son nuevas o fueron modificadas desde la última actualización. Su "
"objetivo principal es mantener la base de datos creciendo mediante la "
"atracción de pequeños incrementos que no generen grandes cantidades de "
"tráfico de red."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:144
msgid ""
"The <emphasis>full refresh</emphasis> simply deletes all sudo rules stored "
"in the cache and replaces them with all rules that are stored on the server. "
"This is used to keep the cache consistent by removing every rule which was "
"deleted from the server. However, full refresh may produce a lot of traffic "
"and thus it should be run only occasionally depending on the size and "
"stability of the sudo rules."
msgstr ""
"<emphasis>full refresh</emphasis> simplemente refresca todas las reglas sudo "
"almacenadas en el cache y las reemplaza con las reglas que están almacenadas "
"en el servidor. Esto se usa para mantener el cache consistente borrando cada "
"regla que fue borrada del servidor. Sin embargo, un refresco total puede "
"producir gran cantidad de tráfico y por lo tanto debería ser ejecutado sólo "
"ocasionalmente dependiendo del tamaño y de la estabilidad de las reglas sudo."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:152
msgid ""
"The <emphasis>rules refresh</emphasis> ensures that we do not grant the user "
"more permission than defined. It is triggered each time the user runs sudo. "
"Rules refresh will find all rules that apply to this user, check their "
"expiration time and redownload them if expired.  In the case that any of "
"these rules are missing on the server, the SSSD will do an out of band full "
"refresh because more rules (that apply to other users) may have been deleted."
msgstr ""
"El <emphasis>refresco de reglas</emphasis> asegura que no concedamos más "
"permisos al usuario que los definidos. Se dispara cada vez que el usuario "
"ejecuta sudo. El refresco de reglas encontrará todas las reglas que se "
"apliquen a ese usuario, comprobará su tiempo de expiración y las recargará "
"si han expirado. En el caso de que alguna de esas reglas estén desaparecidas "
"del servidor, SSSD hará un refresco total fuera de banda puesto que más "
"reglas (que apliquen a otros usuarios) pueden haber sido borradas."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:161
msgid ""
"If enabled, SSSD will store only rules that can be applied to this machine. "
"This means rules that contain one of the following values in "
"<emphasis>sudoHost</emphasis> attribute:"
msgstr ""
"Si está habilitado, SSSD almacenará sólo las reglas que pueden ser aplicadas "
"a esa máquina. Esto indica reglas que contienen uno de los siguientes "
"valores en el atributo <emphasis>sudoHost</emphasis>:"

#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
#: sssd-sudo.5.xml:168
msgid "keyword ALL"
msgstr "keyword ALL"

#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
#: sssd-sudo.5.xml:173
msgid "wildcard"
msgstr "comodines"

#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
#: sssd-sudo.5.xml:178
msgid "netgroup (in the form \"+netgroup\")"
msgstr "netgroup (en la forma \"+netgroup\")"

#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
#: sssd-sudo.5.xml:183
msgid "hostname or fully qualified domain name of this machine"
msgstr ""
"nombre de host o nombre de dominio totalmente cualificado de esta máquina"

#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
#: sssd-sudo.5.xml:188
msgid "one of the IP addresses of this machine"
msgstr "una de las direcciones IP de esta máquina"

#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
#: sssd-sudo.5.xml:193
msgid "one of the IP addresses of the network (in the form \"address/mask\")"
msgstr ""
"una de las direcciones IP de la red (en la forma \"dirección/máscara\")"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:199
msgid ""
"There are many configuration options that can be used to adjust the "
"behavior. Please refer to \"ldap_sudo_*\" in <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> and \"sudo_*\" in <citerefentry> <refentrytitle>sssd.conf</"
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>."
msgstr ""
"Hay muchas opciones de configuración que pueden ser usadas para ajustar el "
"comportamiento. Por favor vea \"ldap_sudo_*\" en <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> y \"sudo_*\" en <citerefentry> <refentrytitle>sssd.conf</"
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>."

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-sudo.5.xml:213
msgid "Tuning the performance"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:215
msgid ""
"SSSD uses different kinds of mechanisms with more or less complex LDAP "
"filters to keep the cached sudo rules up to date. The default configuration "
"is set to values that should satisfy most of our users, but the following "
"paragraphs contain few tips on how to fine- tune the configuration to your "
"requirements."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:222
msgid ""
"1. <emphasis>Index LDAP attributes</emphasis>. Make sure that following LDAP "
"attributes are indexed: objectClass, cn, entryUSN or modifyTimestamp."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:227
msgid ""
"2. <emphasis>Set ldap_sudo_search_base</emphasis>. Set the search base to "
"the container that holds the sudo rules to limit the scope of the lookup."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:232
msgid ""
"3. <emphasis>Set full and smart refresh interval</emphasis>. If your sudo "
"rules do not change often and you do not require quick update of cached "
"rules on your clients, you may consider increasing the "
"<emphasis>ldap_sudo_full_refresh_interval</emphasis> and "
"<emphasis>ldap_sudo_smart_refresh_interval</emphasis>. You may also consider "
"disabling the smart refresh by setting "
"<emphasis>ldap_sudo_smart_refresh_interval = 0</emphasis>."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:241
msgid ""
"4. If you have large number of clients, you may consider increasing the "
"value of <emphasis>ldap_sudo_random_offset</emphasis> to distribute the load "
"on the server better."
msgstr ""

#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd.8.xml:10 sssd.8.xml:15
msgid "sssd"
msgstr "sssd"

#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sssd.8.xml:16
msgid "System Security Services Daemon"
msgstr "System Security Services Daemon"

#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
#: sssd.8.xml:21
msgid ""
"<command>sssd</command> <arg choice='opt'> <replaceable>options</"
"replaceable> </arg>"
msgstr ""
"<command>sssd</command> <arg choice='opt'> <replaceable>options</"
"replaceable> </arg>"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.8.xml:31
msgid ""
"<command>SSSD</command> provides a set of daemons to manage access to remote "
"directories and authentication mechanisms. It provides an NSS and PAM "
"interface toward the system and a pluggable backend system to connect to "
"multiple different account sources as well as D-Bus interface. It is also "
"the basis to provide client auditing and policy services for projects like "
"FreeIPA. It provides a more robust database to store local users as well as "
"extended user data."
msgstr ""
"<command>SSSD</command> suministra un conjunto de demonios para gestionar el "
"acceso a directorios remotos y mecanismos de autenticación. Suministra una "
"interfaz NSS y PAM hacia el sistema y un sistema de parte trasera conectable "
"para conectar múltiples fuentes de cuentas diferentes así como interfaz D-"
"Bus. Es también la base para suministrar servicios de auditoría y política a "
"los clientes para proyectos como FreeIPA. Suministra una base de datos más "
"robusta para almacenar los usuarios locales así como datos de usuario "
"extendidos."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.8.xml:46
msgid ""
"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</"
"replaceable>"
msgstr ""
"<option>-d</option>,<option>--debug-level</option> <replaceable>NIVEL</"
"replaceable>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.8.xml:53
msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>"
msgstr "<option>--debug-timestamps=</option><replaceable>mode</replaceable>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.8.xml:57
msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages"
msgstr ""
"<emphasis>1</emphasis>: Agregar marca de tiempo a mensajes de depuración "

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.8.xml:60
msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages"
msgstr ""
"<emphasis>0</emphasis>: Desactiva marca de tiempo en mensajes de depuración"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.8.xml:69
msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>"
msgstr "<option>--debug-microseconds=</option><replaceable>mode</replaceable>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.8.xml:73
msgid ""
"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages"
msgstr ""
"<emphasis>1</emphasis>: Agregar microsegundos a la marca de tiempo en "
"mensajes de depuración"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.8.xml:76
msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp"
msgstr "<emphasis>0</emphasis>: Desactiva microsegundos en marcas de tiempo"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.8.xml:85
msgid "<option>--logger=</option><replaceable>value</replaceable>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.8.xml:89
msgid "Location where SSSD will send log messages."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.8.xml:92
msgid ""
"<emphasis>stderr</emphasis>: Redirect debug messages to standard error "
"output."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.8.xml:96
msgid ""
"<emphasis>files</emphasis>: Redirect debug messages to the log files. By "
"default, the log files are stored in <filename>/var/log/sssd</filename> and "
"there are separate log files for every SSSD service and domain."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.8.xml:102
msgid ""
"<emphasis>journald</emphasis>: Redirect debug messages to systemd-journald"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.8.xml:106
#, fuzzy
#| msgid "Default: not set, fallback to InfoPipe option"
msgid ""
"Default: not set (fall back to journald if available, otherwise to stderr)"
msgstr "Por defecto: no ajustada, retroceder a opción InfoPipe"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.8.xml:113
msgid "<option>-D</option>,<option>--daemon</option>"
msgstr "<option>-D</option>,<option>--daemon</option>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.8.xml:117
msgid "Become a daemon after starting up."
msgstr "Convertido en un demonio después de la puesta en marcha."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.8.xml:123 sss_seed.8.xml:136
msgid "<option>-i</option>,<option>--interactive</option>"
msgstr "<option>-i</option>,<option>--interactive</option>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.8.xml:127
msgid "Run in the foreground, don't become a daemon."
msgstr "Ejecutar en primer plano, no convertirse en un demonio."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.8.xml:133
msgid "<option>-c</option>,<option>--config</option>"
msgstr "<option>-c</option>,<option>--config</option>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.8.xml:137
msgid ""
"Specify a non-default config file. The default is <filename>/etc/sssd/sssd."
"conf</filename>. For reference on the config file syntax and options, "
"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
"<manvolnum>5</manvolnum> </citerefentry> manual page."
msgstr ""
"Especifica un fichero de configuración distinto al de por defecto. El por "
"defecto es <filename>/etc/sssd/sssd.conf</filename>. Para referencia sobre "
"las opciones y sintaxis del fichero de configuración, consulta la página de "
"manual <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry>."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.8.xml:150
msgid "<option>-g</option>,<option>--genconf</option>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.8.xml:154
msgid ""
"Do not start the SSSD, but refresh the configuration database from the "
"contents of <filename>/etc/sssd/sssd.conf</filename> and exit."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.8.xml:162
msgid "<option>-s</option>,<option>--genconf-section</option>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.8.xml:166
msgid ""
"Similar to <quote>--genconf</quote>, but only refresh a single section from "
"the configuration file.  This option is useful mainly to be called from "
"systemd unit files to allow socket-activated responders to refresh their "
"configuration without requiring the administrator to restart the whole SSSD."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.8.xml:178
msgid "<option>--version</option>"
msgstr "<option>--version</option>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.8.xml:182
msgid "Print version number and exit."
msgstr "Imprimir número de versión y salir."

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd.8.xml:190
msgid "Signals"
msgstr "Señales"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.8.xml:193
msgid "SIGTERM/SIGINT"
msgstr "SIGTERM/SIGINT"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.8.xml:196
msgid ""
"Informs the SSSD to gracefully terminate all of its child processes and then "
"shut down the monitor."
msgstr ""
"Informa a SSSD para terminar graciosamente todos sus procesos hijos y "
"después para el monitor."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.8.xml:202
msgid "SIGHUP"
msgstr "SIGHUP"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.8.xml:205
msgid ""
"Tells the SSSD to stop writing to its current debug file descriptors and to "
"close and reopen them. This is meant to facilitate log rolling with programs "
"like logrotate."
msgstr ""
"Le dice a SSSD que pare de escribir en su fichero descriptor de depuración "
"actual y cerrar y reabrirlo. Esto significa facilitar la circulación de "
"registro con programas como logrotate."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.8.xml:213
msgid "SIGUSR1"
msgstr "SIGUSR1"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.8.xml:216
msgid ""
"Tells the SSSD to simulate offline operation for the duration of the "
"<quote>offline_timeout</quote> parameter. This is useful for testing. The "
"signal can be sent to either the sssd process or any sssd_be process "
"directly."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.8.xml:225
msgid "SIGUSR2"
msgstr "SIGUSR2"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.8.xml:228
msgid ""
"Tells the SSSD to go online immediately. This is useful for testing. The "
"signal can be sent to either the sssd process or any sssd_be process "
"directly."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.8.xml:240
msgid ""
"If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client "
"applications will not use the fast in-memory cache."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.8.xml:244
#, fuzzy
#| msgid ""
#| "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", "
#| "client applications will not use the fast in-memory cache."
msgid ""
"If the environment variable SSS_LOCKFREE is set to \"NO\", requests from "
"multiple threads of a single application will be serialized."
msgstr ""
"AVISO: Si la variable de entorno SSS_NSS_USE_MEMCACHE estça fijada a \"NO\", "
"las aplicaciones clientes no usaran la memoria cache rápida."

#. type: Content of: <reference><refentry><refnamediv><refname>
#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15
msgid "sss_obfuscate"
msgstr "sss_obfuscate"

#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sss_obfuscate.8.xml:16
msgid "obfuscate a clear text password"
msgstr "oscurecer un password en texto claro"

#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
#: sss_obfuscate.8.xml:21
msgid ""
"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</"
"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</"
"replaceable></arg>"
msgstr ""
"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</"
"replaceable> </arg> <arg choice='plain'><replaceable>[CONTRASEÑA]</"
"replaceable></arg>"

#. type: Content of: <reference><refentry><refsect1><para>
#: sss_obfuscate.8.xml:32
msgid ""
"<command>sss_obfuscate</command> converts a given password into human-"
"unreadable format and places it into appropriate domain section of the SSSD "
"config file."
msgstr ""
"<command>sss_obfuscate</command> convierte una contraseña dada en un formato "
"no legible y la sitúa en la sección apropiada del dominio del fichero de "
"configuración SSSD."

#. type: Content of: <reference><refentry><refsect1><para>
#: sss_obfuscate.8.xml:37
msgid ""
"The cleartext password is read from standard input or entered "
"interactively.  The obfuscated password is put into "
"<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the "
"<quote>ldap_default_authtok_type</quote> parameter is set to "
"<quote>obfuscated_password</quote>. Refer to <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> for more details on these parameters."
msgstr ""
"La contraseña en texto claro es leída desde la entrada estándar e "
"introducida interactivamente. La contraseña ofuscada se pone en el parámetro "
"<quote>ldap_default_authtok</quote> de un dominio SSSD dado y el parámetro "
"<quote>ldap_default_authtok_type</quote> se fija a "
"<quote>obfuscated_password</quote>. Vea <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> para más "
"detalles sobre estos parámetros."

#. type: Content of: <reference><refentry><refsect1><para>
#: sss_obfuscate.8.xml:49
msgid ""
"Please note that obfuscating the password provides <emphasis>no real "
"security benefit</emphasis> as it is still possible for an attacker to "
"reverse-engineer the password back. Using better authentication mechanisms "
"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> "
"advised."
msgstr ""
"Por favor advierta que oscurecer la contraseña <emphasis>no suministra un "
"beneficio real de seguridad</emphasis> y es posible para un atacante "
"mediante ingeniería inversa volver atrás la contraseña. Se recomienda "
"<emphasis>firmemente</emphasis> el uso de mejores mecanismos de "
"autenticación como certificados en el lado cliente o GSSAPI."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_obfuscate.8.xml:63
msgid "<option>-s</option>,<option>--stdin</option>"
msgstr "<option>-s</option>,<option>--stdin</option>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_obfuscate.8.xml:67
msgid "The password to obfuscate will be read from standard input."
msgstr "La contraseña a oscurecer será leída desde la entrada estándar."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_obfuscate.8.xml:74 sss_ssh_authorizedkeys.1.xml:127
#: sss_ssh_knownhostsproxy.1.xml:78
msgid ""
"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</"
"replaceable>"
msgstr ""
"<option>-d</option>,<option>--domain</option> <replaceable>DOMINIO</"
"replaceable>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_obfuscate.8.xml:79
msgid ""
"The SSSD domain to use the password in. The default name is <quote>default</"
"quote>."
msgstr ""
"El dominio SSSD en el que usar la contraseña. El nombre por defecto es "
"<quote>default</quote>."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_obfuscate.8.xml:86
msgid ""
"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>"
msgstr ""
"<option>-f</option>,<option>--file</option> <replaceable>ARCHIVO</"
"replaceable>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_obfuscate.8.xml:91
msgid "Read the config file specified by the positional parameter."
msgstr ""
"Lee el fichero de configuración especificado por el parámetro posicional."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_obfuscate.8.xml:95
msgid "Default: <filename>/etc/sssd/sssd.conf</filename>"
msgstr "Predeterminado: <filename>/etc/sssd/sssd.conf</filename>"

#. type: Content of: <reference><refentry><refnamediv><refname>
#: sss_override.8.xml:10 sss_override.8.xml:15
msgid "sss_override"
msgstr ""

#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sss_override.8.xml:16
msgid "create local overrides of user and group attributes"
msgstr ""

#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
#: sss_override.8.xml:21
msgid ""
"<command>sss_override</command> <arg choice='plain'><replaceable>COMMAND</"
"replaceable></arg> <arg choice='opt'> <replaceable>options</replaceable> </"
"arg>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sss_override.8.xml:32
msgid ""
"<command>sss_override</command> enables to create a client-side view and "
"allows to change selected values of specific user and groups. This change "
"takes effect only on local machine."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sss_override.8.xml:37
msgid ""
"Overrides data are stored in the SSSD cache. If the cache is deleted, all "
"local overrides are lost. Please note that after the first override is "
"created using any of the following <emphasis>user-add</emphasis>, "
"<emphasis>group-add</emphasis>, <emphasis>user-import</emphasis> or "
"<emphasis>group-import</emphasis> command. SSSD needs to be restarted to "
"take effect.  <emphasis>sss_override</emphasis> prints message when a "
"restart is required."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sss_override.8.xml:48
msgid ""
"<emphasis>NOTE:</emphasis> The options provided in this man page only work "
"with <quote>ldap</quote> and <quote>AD</quote> <quote> id_provider</quote>. "
"IPA overrides can be managed centrally on the IPA server."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><title>
#: sss_override.8.xml:56 sssctl.8.xml:41
msgid "AVAILABLE COMMANDS"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sss_override.8.xml:58
msgid ""
"Argument <emphasis>NAME</emphasis> is the name of original object in all "
"commands. It is not possible to override <emphasis>uid</emphasis> or "
"<emphasis>gid</emphasis> to 0."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_override.8.xml:65
msgid ""
"<option>user-add</option> <emphasis>NAME</emphasis> <optional><option>-n,--"
"name</option> NAME</optional> <optional><option>-u,--uid</option> UID</"
"optional> <optional><option>-g,--gid</option> GID</optional> "
"<optional><option>-h,--home</option> HOME</optional> <optional><option>-s,--"
"shell</option> SHELL</optional> <optional><option>-c,--gecos</option> GECOS</"
"optional> <optional><option>-x,--certificate</option> BASE64 ENCODED "
"CERTIFICATE</optional>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_override.8.xml:78
msgid ""
"Override attributes of an user. Please be aware that calling this command "
"will replace any previous override for the (NAMEd) user."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_override.8.xml:86
msgid "<option>user-del</option> <emphasis>NAME</emphasis>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_override.8.xml:91
msgid ""
"Remove user overrides. However be aware that overridden attributes might be "
"returned from memory cache. Please see SSSD option "
"<emphasis>memcache_timeout</emphasis> for more details."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_override.8.xml:100
msgid ""
"<option>user-find</option> <optional><option>-d,--domain</option> DOMAIN</"
"optional>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_override.8.xml:105
msgid ""
"List all users with set overrides.  If <emphasis>DOMAIN</emphasis> parameter "
"is set, only users from the domain are listed."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_override.8.xml:113
msgid "<option>user-show</option> <emphasis>NAME</emphasis>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_override.8.xml:118
msgid "Show user overrides."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_override.8.xml:124
msgid "<option>user-import</option> <emphasis>FILE</emphasis>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_override.8.xml:129
msgid ""
"Import user overrides from <emphasis>FILE</emphasis>.  Data format is "
"similar to standard passwd file.  The format is:"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_override.8.xml:134
msgid "original_name:name:uid:gid:gecos:home:shell:base64_encoded_certificate"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_override.8.xml:137
msgid ""
"where original_name is original name of the user whose attributes should be "
"overridden. The rest of fields correspond to new values. You can omit a "
"value simply by leaving corresponding field empty."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_override.8.xml:146
msgid "ckent:superman::::::"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_override.8.xml:149
msgid "ckent@krypton.com::501:501:Superman:/home/earth:/bin/bash:"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_override.8.xml:155
msgid "<option>user-export</option> <emphasis>FILE</emphasis>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_override.8.xml:160
msgid ""
"Export all overridden attributes and store them in <emphasis>FILE</"
"emphasis>. See <emphasis>user-import</emphasis> for data format."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_override.8.xml:168
msgid ""
"<option>group-add</option> <emphasis>NAME</emphasis> <optional><option>-n,--"
"name</option> NAME</optional> <optional><option>-g,--gid</option> GID</"
"optional>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_override.8.xml:175
msgid ""
"Override attributes of a group. Please be aware that calling this command "
"will replace any previous override for the (NAMEd) group."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_override.8.xml:183
msgid "<option>group-del</option> <emphasis>NAME</emphasis>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_override.8.xml:188
msgid ""
"Remove group overrides. However be aware that overridden attributes might be "
"returned from memory cache. Please see SSSD option "
"<emphasis>memcache_timeout</emphasis> for more details."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_override.8.xml:197
msgid ""
"<option>group-find</option> <optional><option>-d,--domain</option> DOMAIN</"
"optional>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_override.8.xml:202
msgid ""
"List all groups with set overrides.  If <emphasis>DOMAIN</emphasis> "
"parameter is set, only groups from the domain are listed."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_override.8.xml:210
msgid "<option>group-show</option> <emphasis>NAME</emphasis>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_override.8.xml:215
msgid "Show group overrides."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_override.8.xml:221
msgid "<option>group-import</option> <emphasis>FILE</emphasis>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_override.8.xml:226
msgid ""
"Import group overrides from <emphasis>FILE</emphasis>.  Data format is "
"similar to standard group file.  The format is:"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_override.8.xml:231
msgid "original_name:name:gid"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_override.8.xml:234
msgid ""
"where original_name is original name of the group whose attributes should be "
"overridden. The rest of fields correspond to new values. You can omit a "
"value simply by leaving corresponding field empty."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_override.8.xml:243
msgid "admins:administrators:"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_override.8.xml:246
msgid "Domain Users:Users:501"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_override.8.xml:252
msgid "<option>group-export</option> <emphasis>FILE</emphasis>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_override.8.xml:257
msgid ""
"Export all overridden attributes and store them in <emphasis>FILE</"
"emphasis>. See <emphasis>group-import</emphasis> for data format."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><title>
#: sss_override.8.xml:267 sssctl.8.xml:50
msgid "COMMON OPTIONS"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sss_override.8.xml:269 sssctl.8.xml:52
msgid "Those options are available with all commands."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_override.8.xml:274 sssctl.8.xml:57
msgid "<option>--debug</option> <replaceable>LEVEL</replaceable>"
msgstr ""

#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16
msgid "sssd-krb5"
msgstr "sssd-krb5"

#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sssd-krb5.5.xml:17
msgid "SSSD Kerberos provider"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-krb5.5.xml:23
msgid ""
"This manual page describes the configuration of the Kerberos 5 "
"authentication backend for <citerefentry> <refentrytitle>sssd</"
"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>.  For a detailed "
"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of "
"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> manual page."
msgstr ""
"Esta página de manual describe la configuración del motor de autenticación "
"de Kerberos 5 para  <citerefentry> <refentrytitle>sssd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry>. Para una referencia detallada de "
"la sintaxis, por favor vea la sección <quote>FORMATO DE ARCHIVO</quote> de "
"la página de manual de <citerefentry> <refentrytitle>sssd.conf</"
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-krb5.5.xml:36
msgid ""
"The Kerberos 5 authentication backend contains auth and chpass providers. It "
"must be paired with an identity provider in order to function properly (for "
"example, id_provider = ldap). Some information required by the Kerberos 5 "
"authentication backend must be provided by the identity provider, such as "
"the user's Kerberos Principal Name (UPN). The configuration of the identity "
"provider should have an entry to specify the UPN. Please refer to the man "
"page for the applicable identity provider for details on how to configure "
"this."
msgstr ""
"El motor de autenticaciónd e Kerberos 5 contiene proveedores auth y chpass. "
"Debe ir junto con un proveedor de identidad para que funcione adecuadamente "
"(por ejemplo, id_provider = ldap). Algo de información requerida por el "
"motor de autenticación de Kerberos 5 debe ser provista por el proveedor de "
"identidad, tal como el Nombre Principal del usuario de Kerberos (NPU). La "
"configuración del proveedor de identidad debe tener una entrada específica "
"para el NPU. Por favor, vea la página del manual para el proveedor de "
"identidad aplicable, para más detalles sobre cómo configurar esto."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-krb5.5.xml:47
msgid ""
"This backend also provides access control based on the .k5login file in the "
"home directory of the user. See <citerefentry> <refentrytitle>k5login</"
"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. "
"Please note that an empty .k5login file will deny all access to this user. "
"To activate this feature, use 'access_provider = krb5' in your SSSD "
"configuration."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-krb5.5.xml:55
msgid ""
"In the case where the UPN is not available in the identity backend, "
"<command>sssd</command> will construct a UPN using the format "
"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>."
msgstr ""
"En el caso de que el NPU no esté disponible en el motor de identidad, "
"<command>sssd</command> construirá un NPU usando el formato "
"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:77
msgid ""
"Specifies the comma-separated list of IP addresses or hostnames of the "
"Kerberos servers to which SSSD should connect, in the order of preference. "
"For more information on failover and server redundancy, see the "
"<quote>FAILOVER</quote> section. An optional port number (preceded by a "
"colon) may be appended to the addresses or hostnames.  If empty, service "
"discovery is enabled; for more information, refer to the <quote>SERVICE "
"DISCOVERY</quote> section."
msgstr ""
"Especifica una lista separada por comas de direcciones IP o nombres de host "
"de los servidores Kerberos a los cuales se conectaría SSSD en orden de "
"preferencia. Para más información sobre failover y redundancia de servidor, "
"vea la sección <quote>FAILOVER</quote>. Un número de puerto opcional "
"(precedido de dos puntos) puede ser añadido a las direcciones o nombres de "
"host. Si está vacío, el servicio descubridor está habilitado; para más "
"información, vea la sección <quote>SERVICE DISCOVERY</quote>."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:106
msgid ""
"The name of the Kerberos realm. This option is required and must be "
"specified."
msgstr ""
"El nombre del reino Kerberos. Esta opción se requiere y debe ser "
"especificada."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:113
msgid "krb5_kpasswd, krb5_backup_kpasswd (string)"
msgstr "krb5_kpasswd, krb5_backup_kpasswd (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:116
msgid ""
"If the change password service is not running on the KDC, alternative "
"servers can be defined here. An optional port number (preceded by a colon) "
"may be appended to the addresses or hostnames."
msgstr ""
"Si el servicio de cambio de contraseña no está corriendo en el KDC, se "
"pueden definir aquí servidores alternativos. Un número de puerto opcional "
"(precedido de dos puntos) debe ser añadido a las direcciones o nombres de "
"host."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:122
msgid ""
"For more information on failover and server redundancy, see the "
"<quote>FAILOVER</quote> section.  NOTE: Even if there are no more kpasswd "
"servers to try, the backend is not switched to operate offline if "
"authentication against the KDC is still possible."
msgstr ""
"Para más información sobre recuperación de fallos y redundancia de servidor, "
"consulte la sección de <quote>conmutación por error</quote>.  Nota: incluso "
"si no hay más servidores kpasswd para  intentar, y el punto final no está "
"conmutado para trabajar fuera de línea la autenticación contra el KDC es "
"todavía posible."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:129
msgid "Default: Use the KDC"
msgstr "Predeterminado: Use the KDC"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:135
msgid "krb5_ccachedir (string)"
msgstr "krb5_ccachedir (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:138
msgid ""
"Directory to store credential caches. All the substitution sequences of "
"krb5_ccname_template can be used here, too, except %d and %P.  The directory "
"is created as private and owned by the user, with permissions set to 0700."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:145
msgid "Default: /tmp"
msgstr "Predeterminado: /tmp"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:151
msgid "krb5_ccname_template (string)"
msgstr "krb5_ccname_template (string)"

#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:165 include/override_homedir.xml:11
msgid "%u"
msgstr "%u"

#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:166 include/override_homedir.xml:12
msgid "login name"
msgstr "nombre de acceso"

#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:169 include/override_homedir.xml:15
msgid "%U"
msgstr "%U"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:170
msgid "login UID"
msgstr "UID de acceso"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:173
msgid "%p"
msgstr "%p"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:174
msgid "principal name"
msgstr "nombre principal"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:178
msgid "%r"
msgstr "%r"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:179
msgid "realm name"
msgstr "nombre de reino"

#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:182 include/override_homedir.xml:42
msgid "%h"
msgstr "%h"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:183 sssd-ifp.5.xml:124
msgid "home directory"
msgstr "directorio home"

#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:187 include/override_homedir.xml:19
msgid "%d"
msgstr "%d"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:188
msgid "value of krb5_ccachedir"
msgstr ""

#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:193 include/override_homedir.xml:31
msgid "%P"
msgstr "%P"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:194
msgid "the process ID of the SSSD client"
msgstr ""

#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:199 include/override_homedir.xml:56
msgid "%%"
msgstr "%%"

#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:200 include/override_homedir.xml:57
msgid "a literal '%'"
msgstr "un literal ‘%’"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:154
msgid ""
"Location of the user's credential cache. Three credential cache types are "
"currently supported: <quote>FILE</quote>, <quote>DIR</quote> and "
"<quote>KEYRING:persistent</quote>. The cache can be specified either as "
"<replaceable>TYPE:RESIDUAL</replaceable>, or as an absolute path, which "
"implies the <quote>FILE</quote> type. In the template, the following "
"sequences are substituted: <placeholder type=\"variablelist\" id=\"0\"/> If "
"the template ends with 'XXXXXX' mkstemp(3) is used to create a unique "
"filename in a safe way."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:208
msgid ""
"When using KEYRING types, the only supported mechanism is <quote>KEYRING:"
"persistent:%U</quote>, which uses the Linux kernel keyring to store "
"credentials on a per-UID basis. This is also the recommended choice, as it "
"is the most secure and predictable method."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:216
msgid ""
"The default value for the credential cache name is sourced from the profile "
"stored in the system wide krb5.conf configuration file in the [libdefaults] "
"section. The option name is default_ccache_name.  See krb5.conf(5)'s "
"PARAMETER EXPANSION paragraph for additional information on the expansion "
"format defined by krb5.conf."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:225
msgid ""
"NOTE: Please be aware that libkrb5 ccache expansion template from "
"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> uses different expansion sequences than SSSD."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:234
msgid "Default: (from libkrb5)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:240
msgid "krb5_keytab (string)"
msgstr "krb5_keytab (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:243
msgid ""
"The location of the keytab to use when validating credentials obtained from "
"KDCs."
msgstr ""
"La localización de la keytab a usar cuando son obtenidas credenciales "
"validadas desde KDCs."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:253
msgid "krb5_store_password_if_offline (boolean)"
msgstr "krb5_store_password_if_offline (boolean)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:256
msgid ""
"Store the password of the user if the provider is offline and use it to "
"request a TGT when the provider comes online again."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:261
msgid ""
"NOTE: this feature is only available on Linux.  Passwords stored in this way "
"are kept in plaintext in the kernel keyring and are potentially accessible "
"by the root user (with difficulty)."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:274
msgid "krb5_use_fast (string)"
msgstr "krb5_use_fast (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:277
msgid ""
"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-"
"authentication. The following options are supported:"
msgstr ""
"Habilita la autenticación segura flexible de los túneles (FSAT) para la pre-"
"autenticación Kerberos. Se soportan las siguientes opciones:"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:282
msgid ""
"<emphasis>never</emphasis> use FAST. This is equivalent to not setting this "
"option at all."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:286
msgid ""
"<emphasis>try</emphasis> to use FAST. If the server does not support FAST, "
"continue the authentication without it."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:291
msgid ""
"<emphasis>demand</emphasis> to use FAST. The authentication fails if the "
"server does not require fast."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:296
msgid "Default: not set, i.e. FAST is not used."
msgstr "Por defecto: no fijado, esto es no se usa FAST."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:299
msgid "NOTE: a keytab or support for anonymous PKINIT is required to use FAST."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:303
msgid ""
"NOTE: SSSD supports FAST only with MIT Kerberos version 1.8 and later. If "
"SSSD is used with an older version of MIT Kerberos, using this option is a "
"configuration error."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:312
msgid "krb5_fast_principal (string)"
msgstr "krb5_fast_principal (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:315
msgid "Specifies the server principal to use for FAST."
msgstr "Especifica el servidor principal para usar por FAST."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:321
#, fuzzy
#| msgid "krb5_use_kdcinfo (boolean)"
msgid "krb5_fast_use_anonymous_pkinit (boolean)"
msgstr "krb5_use_kdcinfo (booleano)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:324
msgid ""
"If set to true try to use anonymous PKINIT instead of a keytab to get the "
"required credential for FAST. The krb5_fast_principal options is ignored in "
"this case."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:364
msgid "krb5_kdcinfo_lookahead (string)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:367
msgid ""
"When krb5_use_kdcinfo is set to true, you can limit the amount of servers "
"handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</"
"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>.  This might be "
"helpful when there are too many servers discovered using SRV record."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:377
msgid ""
"The krb5_kdcinfo_lookahead option contains two numbers separated by a colon. "
"The first number represents number of primary servers used and the second "
"number specifies the number of backup servers."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:383
msgid ""
"For example <emphasis>10:0</emphasis> means that up to 10 primary servers "
"will be handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</"
"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> but no backup "
"servers."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:392
msgid "Default: 3:1"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:398
msgid "krb5_use_enterprise_principal (boolean)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:401
msgid ""
"Specifies if the user principal should be treated as enterprise principal. "
"See section 5 of RFC 6806 for more details about enterprise principals."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:407
msgid "Default: false (AD provider: true)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:410
msgid ""
"The IPA provider will set to option to 'true' if it detects that the server "
"is capable of handling enterprise principals and the option is not set "
"explicitly in the config file."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:419
#, fuzzy
#| msgid "krb5_use_kdcinfo (boolean)"
msgid "krb5_use_subdomain_realm (boolean)"
msgstr "krb5_use_kdcinfo (booleano)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:422
msgid ""
"Specifies to use subdomains realms for the authentication of users from "
"trusted domains. This option can be set to 'true' if enterprise principals "
"are used with upnSuffixes which are not known on the parent domain KDCs. If "
"the option is set to 'true' SSSD will try to send the request directly to a "
"KDC of the trusted domain the user is coming from."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:438
msgid "krb5_map_user (string)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:441
msgid ""
"The list of mappings is given as a comma-separated list of pairs "
"<quote>username:primary</quote> where <quote>username</quote> is a UNIX user "
"name and <quote>primary</quote> is a user part of a kerberos principal. This "
"mapping is used when user is authenticating using <quote>auth_provider = "
"krb5</quote>."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
#: sssd-krb5.5.xml:453
#, no-wrap
msgid ""
"krb5_realm = REALM\n"
"krb5_map_user = joe:juser,dick:richard\n"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:458
msgid ""
"<quote>joe</quote> and <quote>dick</quote> are UNIX user names and "
"<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos "
"principals. For user <quote>joe</quote> resp.  <quote>dick</quote> SSSD will "
"try to kinit as <quote>juser@REALM</quote> resp.  <quote>richard@REALM</"
"quote>."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-krb5.5.xml:65
msgid ""
"If the auth-module krb5 is used in an SSSD domain, the following options "
"must be used. See the <citerefentry> <refentrytitle>sssd.conf</"
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page, section "
"<quote>DOMAIN SECTIONS</quote>, for details on the configuration of an SSSD "
"domain.  <placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-krb5.5.xml:485
msgid ""
"The following example assumes that SSSD is correctly configured and FOO is "
"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
"example shows only configuration of Kerberos authentication; it does not "
"include any identity provider."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sssd-krb5.5.xml:493
#, no-wrap
msgid ""
"[domain/FOO]\n"
"auth_provider = krb5\n"
"krb5_server = 192.168.1.1\n"
"krb5_realm = EXAMPLE.COM\n"
msgstr ""

#. type: Content of: <reference><refentry><refnamediv><refname>
#: sss_cache.8.xml:10 sss_cache.8.xml:15
msgid "sss_cache"
msgstr "sss_cache"

#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sss_cache.8.xml:16
msgid "perform cache cleanup"
msgstr "lleva a cabo la limpieza del escondrijo"

#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
#: sss_cache.8.xml:21
msgid ""
"<command>sss_cache</command> <arg choice='opt'> <replaceable>options</"
"replaceable> </arg>"
msgstr ""
"<command>sss_cache</command> <arg choice='opt'> <replaceable>options</"
"replaceable> </arg>"

#. type: Content of: <reference><refentry><refsect1><para>
#: sss_cache.8.xml:31
msgid ""
"<command>sss_cache</command> invalidates records in SSSD cache.  Invalidated "
"records are forced to be reloaded from server as soon as related SSSD "
"backend is online. Options that invalidate a single object only accept a "
"single provided argument."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:43
msgid "<option>-E</option>,<option>--everything</option>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:47
msgid "Invalidate all cached entries."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:53
msgid ""
"<option>-u</option>,<option>--user</option> <replaceable>login</replaceable>"
msgstr ""
"<option>-u</option>,<option>--user</option> <replaceable>login</replaceable>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:58
msgid "Invalidate specific user."
msgstr "Invalida el usuario específico."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:64
msgid "<option>-U</option>,<option>--users</option>"
msgstr "<option>-U</option>,<option>--users</option>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:68
msgid ""
"Invalidate all user records. This option overrides invalidation of specific "
"user if it was also set."
msgstr ""
"Invalida todos los registros de usuario. Esta opción anula la invalidación "
"de usuario específico si también está fijada."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:75
msgid ""
"<option>-g</option>,<option>--group</option> <replaceable>group</replaceable>"
msgstr ""
"<option>-g</option>,<option>--group</option> <replaceable>group</replaceable>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:80
msgid "Invalidate specific group."
msgstr "Invalida grupo específico."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:86
msgid "<option>-G</option>,<option>--groups</option>"
msgstr "<option>-G</option>,<option>--groups</option>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:90
msgid ""
"Invalidate all group records. This option overrides invalidation of specific "
"group if it was also set."
msgstr ""
"Invalida todos los registros de grupo. Esta opción anula la invalidación de "
"grupo específico si también está fijada."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:97
msgid ""
"<option>-n</option>,<option>--netgroup</option> <replaceable>netgroup</"
"replaceable>"
msgstr ""
"<option>-n</option>,<option>--netgroup</option> <replaceable>netgroup</"
"replaceable>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:102
msgid "Invalidate specific netgroup."
msgstr "Invalida grupo de red específico."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:108
msgid "<option>-N</option>,<option>--netgroups</option>"
msgstr "<option>-N</option>,<option>--netgroups</option>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:112
msgid ""
"Invalidate all netgroup records. This option overrides invalidation of "
"specific netgroup if it was also set."
msgstr ""
"Invalida todos los registros de grupo de red. Esta opción anula la "
"invalidación de grupo de red específico si también está fijada."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:119
msgid ""
"<option>-s</option>,<option>--service</option> <replaceable>service</"
"replaceable>"
msgstr ""
"<option>-s</option>,<option>--service</option> <replaceable>service</"
"replaceable>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:124
msgid "Invalidate specific service."
msgstr "Invalida servicio específico"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:130
msgid "<option>-S</option>,<option>--services</option>"
msgstr "<option>-S</option>,<option>--services</option>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:134
msgid ""
"Invalidate all service records. This option overrides invalidation of "
"specific service if it was also set."
msgstr ""
"Invalida todos los archivos de servicio. Esta opción anula la invalidación "
"de servicio específico si también fue fijada."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:141
msgid ""
"<option>-a</option>,<option>--autofs-map</option> <replaceable>autofs-map</"
"replaceable>"
msgstr ""
"<option>-a</option>,<option>--autofs-map</option> <replaceable>autofs-map</"
"replaceable>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:146
msgid "Invalidate specific autofs maps."
msgstr "Invalida mapas específicos autofs."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:152
msgid "<option>-A</option>,<option>--autofs-maps</option>"
msgstr "<option>-A</option>,<option>--autofs-maps</option>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:156
msgid ""
"Invalidate all autofs maps. This option overrides invalidation of specific "
"map if it was also set."
msgstr ""
"Invalida todos los mapas autofs. Esta opción anula la invalidación de mapa "
"específico si fue fijada."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:163
msgid ""
"<option>-h</option>,<option>--ssh-host</option> <replaceable>hostname</"
"replaceable>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:168
msgid "Invalidate SSH public keys of a specific host."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:174
msgid "<option>-H</option>,<option>--ssh-hosts</option>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:178
msgid ""
"Invalidate SSH public keys of all hosts. This option overrides invalidation "
"of SSH public keys of specific host if it was also set."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:186
msgid ""
"<option>-r</option>,<option>--sudo-rule</option> <replaceable>rule</"
"replaceable>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:191
msgid "Invalidate particular sudo rule."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:197
msgid "<option>-R</option>,<option>--sudo-rules</option>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:201
msgid ""
"Invalidate all cached sudo rules. This option overrides invalidation of "
"specific sudo rule if it was also set."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:209
msgid ""
"<option>-d</option>,<option>--domain</option> <replaceable>domain</"
"replaceable>"
msgstr ""
"<option>-d</option>,<option>--domain</option> <replaceable>domain</"
"replaceable>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:214
msgid "Restrict invalidation process only to a particular domain."
msgstr "Restringe el proceso de invalidación sólo a un dominio concreto."

#. type: Content of: <reference><refentry><refsect1><title>
#: sss_cache.8.xml:224
msgid "EFFECTS ON THE FAST MEMORY CACHE"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sss_cache.8.xml:226
msgid ""
"<command>sss_cache</command> also invalidates the memory cache.  Since the "
"memory cache is a file which is mapped into the memory of each process which "
"called SSSD to resolve users or groups the file cannot be truncated. A "
"special flag is set in the header of the file to indicate that the content "
"is invalid and then the file is unlinked by SSSD's NSS responder and a new "
"cache file is created.  Whenever a process is now doing a new lookup for a "
"user or a group it will see the flag, close the old memory cache file and "
"map the new one into its memory. When all processes which had opened the old "
"memory cache file have closed it while looking up a user or a group the "
"kernel can release the occupied disk space and the old memory cache file is "
"finally removed completely."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sss_cache.8.xml:240
msgid ""
"A special case is long running processes which are doing user or group "
"lookups only at startup, e.g. to determine the name of the user the process "
"is running as. For those lookups the memory cache file is mapped into the "
"memory of the process. But since there will be no further lookups this "
"process would never detect if the memory cache file was invalidated and "
"hence it will be kept in memory and will occupy disk space until the process "
"stops. As a result calling <command>sss_cache</command> might increase the "
"disk usage because old memory cache files cannot be removed from the disk "
"because they are still mapped by long running processes."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sss_cache.8.xml:252
msgid ""
"A possible work-around for long running processes which are looking up users "
"and groups only at startup or very rarely is to run them with the "
"environment variable SSS_NSS_USE_MEMCACHE set to \"NO\" so that they won't "
"use the memory cache at all and not map the memory cache file into the "
"memory. In general a better solution is to tune the cache timeout parameters "
"so that they meet the local expectations and calling <command>sss_cache</"
"command> is not needed."
msgstr ""

#. type: Content of: <reference><refentry><refnamediv><refname>
#: sss_debuglevel.8.xml:10 sss_debuglevel.8.xml:15
msgid "sss_debuglevel"
msgstr "sss_debuglevel"

#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sss_debuglevel.8.xml:16
msgid "[DEPRECATED] change debug level while SSSD is running"
msgstr ""

#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
#: sss_debuglevel.8.xml:21
msgid ""
"<command>sss_debuglevel</command> <arg choice='opt'> <replaceable>options</"
"replaceable> </arg> <arg choice='plain'><replaceable>NEW_DEBUG_LEVEL</"
"replaceable></arg>"
msgstr ""
"<command>sss_debuglevel</command> <arg choice='opt'> <replaceable>options</"
"replaceable> </arg> <arg choice='plain'><replaceable>NEW_DEBUG_LEVEL</"
"replaceable></arg>"

#. type: Content of: <reference><refentry><refsect1><para>
#: sss_debuglevel.8.xml:32
msgid ""
"<command>sss_debuglevel</command> is deprecated and replaced by the sssctl "
"debug-level command. Please refer to the <command>sssctl</command> man page "
"for more information on sssctl usage."
msgstr ""

#. type: Content of: <reference><refentry><refnamediv><refname>
#: sss_seed.8.xml:10 sss_seed.8.xml:15
msgid "sss_seed"
msgstr "sss_seed"

#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sss_seed.8.xml:16
msgid "seed the SSSD cache with a user"
msgstr "alimenta el cache SSSD con un usuario"

#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
#: sss_seed.8.xml:21
msgid ""
"<command>sss_seed</command> <arg choice='opt'> <replaceable>options</"
"replaceable> </arg> <arg choice='plain'>-D <replaceable>DOMAIN</"
"replaceable></arg> <arg choice='plain'>-n <replaceable>USER</replaceable></"
"arg>"
msgstr ""
"<command>sss_seed</command> <arg choice='opt'> <replaceable>options</"
"replaceable> </arg> <arg choice='plain'>-D <replaceable>DOMAIN</"
"replaceable></arg> <arg choice='plain'>-n <replaceable>USER</replaceable></"
"arg>"

#. type: Content of: <reference><refentry><refsect1><para>
#: sss_seed.8.xml:33
msgid ""
"<command>sss_seed</command> seeds the SSSD cache with a user entry and "
"temporary password. If a user entry is already present in the SSSD cache "
"then the entry is updated with the temporary password."
msgstr ""
"<command>sss_seed</command> alimenta el cache SSSD con una entrada de "
"usuario y una contresañe temporal. Si una entrada de usuario está ya "
"presente en el cache SSSD la entrada se actualiza con la contraseña temporal"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_seed.8.xml:46
msgid ""
"<option>-D</option>,<option>--domain</option> <replaceable>DOMAIN</"
"replaceable>"
msgstr ""
"<option>-D</option>,<option>--domain</option> <replaceable>DOMAIN</"
"replaceable>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_seed.8.xml:51
msgid ""
"Provide the name of the domain in which the user is a member of. The domain "
"is also used to retrieve user information. The domain must be configured in "
"sssd.conf. The <replaceable>DOMAIN</replaceable> option must be provided.  "
"Information retrieved from the domain overrides what is provided in the "
"options."
msgstr ""
"Suministra el nombre del dominio del que el usuario es miembro. El dominio "
"también se usa para recuperar información del usuario. El dominio debe estar "
"configurado en sssd.conf. La opción  <replaceable>DOMAIN</replaceable> debe "
"ser suministrada. La información recuperada del dominio anula la que se ha "
"suministrado en las opciones."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_seed.8.xml:63
msgid ""
"<option>-n</option>,<option>--username</option> <replaceable>USER</"
"replaceable>"
msgstr ""
"<option>-n</option>,<option>--username</option> <replaceable>USER</"
"replaceable>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_seed.8.xml:68
msgid ""
"The username of the entry to be created or modified in the cache. The "
"<replaceable>USER</replaceable> option must be provided."
msgstr ""
"El nombre de usuario de la entrada a ser creado o modificado en el cache. Se "
"debe suministrar la opción <replaceable>USER</replaceable>."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_seed.8.xml:76
msgid ""
"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>"
msgstr ""
"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_seed.8.xml:81
msgid "Set the UID of the user to <replaceable>UID</replaceable>."
msgstr "Fija la UID del usuario a <replaceable>UID</replaceable>."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_seed.8.xml:88
msgid ""
"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>"
msgstr ""
"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_seed.8.xml:93
msgid "Set the GID of the user to <replaceable>GID</replaceable>."
msgstr "Fija la GID del usuario a <replaceable>GID</replaceable>."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_seed.8.xml:100
msgid ""
"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</"
"replaceable>"
msgstr ""
"<option>-c</option>,<option>--gecos</option> <replaceable>COMENTARIO</"
"replaceable>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_seed.8.xml:105
msgid ""
"Any text string describing the user. Often used as the field for the user's "
"full name."
msgstr ""
"Cualquier cadena de texto describiendo al usuario. Frecuentemente se usa "
"como el campo para el nombre completo del usuario."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_seed.8.xml:112
msgid ""
"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</"
"replaceable>"
msgstr ""
"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</"
"replaceable>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_seed.8.xml:117
msgid ""
"Set the home directory of the user to <replaceable>HOME_DIR</replaceable>."
msgstr ""
"Fija el directorio home del usuario a <replaceable>HOME_DIR</replaceable>."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_seed.8.xml:124
msgid ""
"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>"
msgstr ""
"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_seed.8.xml:129
msgid "Set the login shell of the user to <replaceable>SHELL</replaceable>."
msgstr ""
"Fija la shell de acceso del usuario a <replaceable>SHELL</replaceable>."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_seed.8.xml:140
msgid ""
"Interactive mode for entering user information. This option will only prompt "
"for information not provided in the options or retrieved from the domain."
msgstr ""
"Modo interactivo de introducir información del usuario. Esta opción sólo "
"preguntará por la información no suministrada en las opciones o recuperada "
"del dominio."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_seed.8.xml:148
msgid ""
"<option>-p</option>,<option>--password-file</option> <replaceable>PASS_FILE</"
"replaceable>"
msgstr ""
"<option>-p</option>,<option>--password-file</option> <replaceable>PASS_FILE</"
"replaceable>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_seed.8.xml:153
msgid ""
"Specify file to read user's password from. (if not specified password is "
"prompted for)"
msgstr ""
"Especifica el fichero desde donde leer la contraseña del usuario (si no se "
"especifica se pregunta por la contraseña)"

#. type: Content of: <reference><refentry><refsect1><para>
#: sss_seed.8.xml:165
msgid ""
"The length of the password (or the size of file specified with -p or --"
"password-file option) must be less than or equal to PASS_MAX bytes (64 bytes "
"on systems with no globally-defined PASS_MAX value)."
msgstr ""
"La longitud de la contraseña (o el tamaño especificado con la opción -p or --"
"password-file) debe ser menos o igual a PASS_MAX bytes ( 64 bytes en "
"sistemas sin valor  PASS_MAX globalmente definido)."

#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd-ifp.5.xml:10 sssd-ifp.5.xml:16
msgid "sssd-ifp"
msgstr ""

#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sssd-ifp.5.xml:17
msgid "SSSD InfoPipe responder"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ifp.5.xml:23
msgid ""
"This manual page describes the configuration of the InfoPipe responder for "
"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
"</citerefentry>.  For a detailed syntax reference, refer to the <quote>FILE "
"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</"
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ifp.5.xml:36
msgid ""
"The InfoPipe responder provides a public D-Bus interface accessible over the "
"system bus. The interface allows the user to query information about remote "
"users and groups over the system bus."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd-ifp.5.xml:43
msgid "FIND BY VALID CERTIFICATE"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sssd-ifp.5.xml:45
msgid ""
"The following options can be used to control how the certificates are "
"validated when using the FindByValidCertificate() API:"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
#: sssd-ifp.5.xml:48 sss_ssh_authorizedkeys.1.xml:92
msgid "ca_db"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
#: sssd-ifp.5.xml:49 sss_ssh_authorizedkeys.1.xml:93
msgid "p11_child_timeout"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
#: sssd-ifp.5.xml:50 sss_ssh_authorizedkeys.1.xml:94
msgid "certificate_verification"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sssd-ifp.5.xml:52
#, fuzzy
#| msgid ""
#| "The detailed instructions for configuration of sudo_provider are in the "
#| "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
#| "<manvolnum>5</manvolnum> </citerefentry>."
msgid ""
"For more details about the options see <citerefentry><refentrytitle>sssd."
"conf</refentrytitle> <manvolnum>5</manvolnum></citerefentry>."
msgstr ""
"Las instrucciones detalladas para la configuración de sudo_provider están en "
"la página de manual <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
"<manvolnum>5</manvolnum> </citerefentry>."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ifp.5.xml:62
msgid "These options can be used to configure the InfoPipe responder."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd-ifp.5.xml:69
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the InfoPipe responder. User names are resolved to UIDs at "
"startup."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd-ifp.5.xml:75
msgid ""
"Default: 0 (only the root user is allowed to access the InfoPipe responder)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd-ifp.5.xml:79
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
"access the InfoPipe responder, which would be the typical case, you have to "
"add 0 to the list of allowed UIDs as well."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd-ifp.5.xml:93
msgid "Specifies the comma-separated list of white or blacklisted attributes."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd-ifp.5.xml:107
msgid "name"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-ifp.5.xml:108
msgid "user's login name"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd-ifp.5.xml:111
msgid "uidNumber"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-ifp.5.xml:112
msgid "user ID"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd-ifp.5.xml:115
msgid "gidNumber"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-ifp.5.xml:116
msgid "primary group ID"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd-ifp.5.xml:119
msgid "gecos"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-ifp.5.xml:120
msgid "user information, typically full name"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd-ifp.5.xml:123
msgid "homeDirectory"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd-ifp.5.xml:127
msgid "loginShell"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-ifp.5.xml:128
msgid "user shell"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd-ifp.5.xml:97
msgid ""
"By default, the InfoPipe responder only allows the default set of POSIX "
"attributes to be requested. This set is the same as returned by "
"<citerefentry> <refentrytitle>getpwnam</refentrytitle> <manvolnum>3</"
"manvolnum> </citerefentry> and includes: <placeholder type=\"variablelist\" "
"id=\"0\"/>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting>
#: sssd-ifp.5.xml:141
#, no-wrap
msgid ""
"user_attributes = +telephoneNumber, -loginShell\n"
"                        "
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd-ifp.5.xml:133
msgid ""
"It is possible to add another attribute to this set by using "
"<quote>+attr_name</quote> or explicitly remove an attribute using <quote>-"
"attr_name</quote>. For example, to allow <quote>telephoneNumber</quote> but "
"deny <quote>loginShell</quote>, you would use the following configuration: "
"<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd-ifp.5.xml:145
msgid "Default: not set. Only the default set of POSIX attributes is allowed."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd-ifp.5.xml:155
msgid ""
"Specifies an upper limit on the number of entries that are downloaded during "
"a wildcard lookup that overrides caller-supplied limit."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd-ifp.5.xml:160
msgid "Default: 0 (let the caller set an upper limit)"
msgstr ""

#. type: Content of: <reference><refentry><refentryinfo>
#: sss_rpcidmapd.5.xml:8
msgid ""
"<productname>sss rpc.idmapd plugin</productname> <author> <firstname>Noam</"
"firstname> <surname>Meltzer</surname> <affiliation> <orgname>Primary Data "
"Inc.</orgname> </affiliation> <contrib>Developer (2013-2014)</contrib> </"
"author> <author> <firstname>Noam</firstname> <surname>Meltzer</surname> "
"<contrib>Developer (2014-)</contrib> <email>tsnoam@gmail.com</email> </"
"author>"
msgstr ""

#. type: Content of: <reference><refentry><refnamediv><refname>
#: sss_rpcidmapd.5.xml:26 sss_rpcidmapd.5.xml:32
msgid "sss_rpcidmapd"
msgstr ""

#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sss_rpcidmapd.5.xml:33
msgid "sss plugin configuration directives for rpc.idmapd"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><title>
#: sss_rpcidmapd.5.xml:37
msgid "CONFIGURATION FILE"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sss_rpcidmapd.5.xml:39
msgid ""
"rpc.idmapd configuration file is usually found at <emphasis>/etc/idmapd."
"conf</emphasis>. See <citerefentry> <refentrytitle>idmapd.conf</"
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more information."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><title>
#: sss_rpcidmapd.5.xml:49
msgid "SSS CONFIGURATION EXTENSION"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sss_rpcidmapd.5.xml:51
msgid "Enable SSS plugin"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sss_rpcidmapd.5.xml:53
msgid ""
"In section <quote>[Translation]</quote>, modify/set <quote>Method</quote> "
"attribute to contain <emphasis>sss</emphasis>."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sss_rpcidmapd.5.xml:59
msgid "[sss] config section"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sss_rpcidmapd.5.xml:61
msgid ""
"In order to change the default of one of the configuration attributes of the "
"<emphasis>sss</emphasis> plugin listed below you will need to create a "
"config section for it, named <quote>[sss]</quote>."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
#: sss_rpcidmapd.5.xml:67
msgid "Configuration attributes"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sss_rpcidmapd.5.xml:69
msgid "memcache (bool)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sss_rpcidmapd.5.xml:72
msgid "Indicates whether or not to use memcache optimisation technique."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><title>
#: sss_rpcidmapd.5.xml:85
msgid "SSSD INTEGRATION"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sss_rpcidmapd.5.xml:87
msgid ""
"The sss plugin requires the <emphasis>NSS Responder</emphasis> to be enabled "
"in sssd."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sss_rpcidmapd.5.xml:91
msgid ""
"The attribute <quote>use_fully_qualified_names</quote> must be enabled on "
"all domains (NFSv4 clients expect a fully qualified name to be sent on the "
"wire)."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sss_rpcidmapd.5.xml:103
#, no-wrap
msgid ""
"[General]\n"
"Verbosity = 2\n"
"# domain must be synced between NFSv4 server and clients\n"
"# Solaris/Illumos/AIX use \"localdomain\" as default!\n"
"Domain = default\n"
"\n"
"[Mapping]\n"
"Nobody-User = nfsnobody\n"
"Nobody-Group = nfsnobody\n"
"\n"
"[Translation]\n"
"Method = sss\n"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sss_rpcidmapd.5.xml:100
msgid ""
"The following example shows a minimal idmapd.conf which makes use of the sss "
"plugin.  <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""

#. type: Content of: <refsect1><title>
#: sss_rpcidmapd.5.xml:120 sssd-kcm.8.xml:316 include/seealso.xml:2
msgid "SEE ALSO"
msgstr "VEA TAMBIEN"

#. type: Content of: <reference><refentry><refsect1><para>
#: sss_rpcidmapd.5.xml:122
msgid ""
"<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </"
"citerefentry>, <citerefentry> <refentrytitle>idmapd.conf</refentrytitle> "
"<manvolnum>5</manvolnum> </citerefentry>"
msgstr ""

#. type: Content of: <reference><refentry><refnamediv><refname>
#: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15
msgid "sss_ssh_authorizedkeys"
msgstr "sss_ssh_authorizedkeys"

#. type: Content of: <reference><refentry><refmeta><manvolnum>
#: sss_ssh_authorizedkeys.1.xml:11 sss_ssh_knownhostsproxy.1.xml:11
msgid "1"
msgstr "1"

#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sss_ssh_authorizedkeys.1.xml:16
msgid "get OpenSSH authorized keys"
msgstr "obtiene las claves OpenSSH autorizadas"

#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
#: sss_ssh_authorizedkeys.1.xml:21
msgid ""
"<command>sss_ssh_authorizedkeys</command> <arg choice='opt'> "
"<replaceable>options</replaceable> </arg> <arg "
"choice='plain'><replaceable>USER</replaceable></arg>"
msgstr ""
"<command>sss_ssh_authorizedkeys</command> <arg choice='opt'> "
"<replaceable>options</replaceable> </arg> <arg "
"choice='plain'><replaceable>USER</replaceable></arg>"

#. type: Content of: <reference><refentry><refsect1><para>
#: sss_ssh_authorizedkeys.1.xml:32
msgid ""
"<command>sss_ssh_authorizedkeys</command> acquires SSH public keys for user "
"<replaceable>USER</replaceable> and outputs them in OpenSSH authorized_keys "
"format (see the <quote>AUTHORIZED_KEYS FILE FORMAT</quote> section of "
"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></"
"citerefentry> for more information)."
msgstr ""
"<command>sss_ssh_authorizedkeys</command> adquiere la clave pública SSH para "
"el usuario <replaceable>USER</replaceable> y las saca en formato de claves "
"autorizadas OpenSSH (vea la sección <quote>AUTHORIZED_KEYS FILE FORMAT</"
"quote> de <citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</"
"manvolnum></citerefentry> para más información)."

#. type: Content of: <reference><refentry><refsect1><para>
#: sss_ssh_authorizedkeys.1.xml:41
msgid ""
"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></"
"citerefentry> can be configured to use <command>sss_ssh_authorizedkeys</"
"command> for public key user authentication if it is compiled with support "
"for <quote>AuthorizedKeysCommand</quote> option. Please refer to the "
"<citerefentry> <refentrytitle>sshd_config</refentrytitle> <manvolnum>5</"
"manvolnum></citerefentry> man page for more details about this option."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sss_ssh_authorizedkeys.1.xml:59
#, no-wrap
msgid ""
"  AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys\n"
"  AuthorizedKeysCommandUser nobody\n"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sss_ssh_authorizedkeys.1.xml:52
msgid ""
"If <quote>AuthorizedKeysCommand</quote> is supported, "
"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></"
"citerefentry> can be configured to use it by putting the following "
"directives in <citerefentry> <refentrytitle>sshd_config</refentrytitle> "
"<manvolnum>5</manvolnum></citerefentry>: <placeholder "
"type=\"programlisting\" id=\"0\"/>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sss_ssh_authorizedkeys.1.xml:65
msgid "KEYS FROM CERTIFICATES"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sss_ssh_authorizedkeys.1.xml:67
msgid ""
"In addition to the public SSH keys for user <replaceable>USER</replaceable> "
"<command>sss_ssh_authorizedkeys</command> can return public SSH keys derived "
"from the public key of a X.509 certificate as well."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sss_ssh_authorizedkeys.1.xml:73
msgid ""
"To enable this the <quote>ssh_use_certificate_keys</quote> option must be "
"set to true (default) in the [ssh] section of <filename>sssd.conf</"
"filename>. If the user entry contains certificates (see "
"<quote>ldap_user_certificate</quote> in <citerefentry><refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum></citerefentry> for details) or "
"there is a certificate in an override entry for the user (see "
"<citerefentry><refentrytitle>sss_override</refentrytitle> <manvolnum>8</"
"manvolnum></citerefentry> or <citerefentry><refentrytitle>sssd-ipa</"
"refentrytitle> <manvolnum>5</manvolnum></citerefentry> for details) and the "
"certificate is valid SSSD will extract the public key from the certificate "
"and convert it into the format expected by sshd."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sss_ssh_authorizedkeys.1.xml:90
msgid "Besides <quote>ssh_use_certificate_keys</quote> the options"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sss_ssh_authorizedkeys.1.xml:96
msgid ""
"can be used to control how the certificates are validated (see "
"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
"manvolnum></citerefentry> for details)."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sss_ssh_authorizedkeys.1.xml:101
msgid ""
"The validation is the benefit of using X.509 certificates instead of SSH "
"keys directly because e.g. it gives a better control of the lifetime of the "
"keys. When the ssh client is configured to use the private keys from a "
"Smartcard with the help of a PKCS#11 shared library (see "
"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></"
"citerefentry> for details) it might be irritating that authentication is "
"still working even if the related X.509 certificate on the Smartcard is "
"already expired because neither <command>ssh</command> nor <command>sshd</"
"command> will look at the certificate at all."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sss_ssh_authorizedkeys.1.xml:114
msgid ""
"It has to be noted that the derived public SSH key can still be added to the "
"<filename>authorized_keys</filename> file of the user to bypass the "
"certificate validation if the <command>sshd</command> configuration permits "
"this."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_ssh_authorizedkeys.1.xml:132
msgid ""
"Search for user public keys in SSSD domain <replaceable>DOMAIN</replaceable>."
msgstr ""
"Busca las claves públicas del usuario en el dominio SSSD "
"<replaceable>DOMAIN</replaceable>."

#. type: Content of: <reference><refentry><refsect1><title>
#: sss_ssh_authorizedkeys.1.xml:141 sss_ssh_knownhostsproxy.1.xml:102
msgid "EXIT STATUS"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sss_ssh_authorizedkeys.1.xml:143 sss_ssh_knownhostsproxy.1.xml:104
msgid ""
"In case of success, an exit value of 0 is returned. Otherwise, 1 is returned."
msgstr ""

#. type: Content of: <reference><refentry><refnamediv><refname>
#: sss_ssh_knownhostsproxy.1.xml:10 sss_ssh_knownhostsproxy.1.xml:15
msgid "sss_ssh_knownhostsproxy"
msgstr "sss_ssh_knownhostsproxy"

#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sss_ssh_knownhostsproxy.1.xml:16
msgid "get OpenSSH host keys"
msgstr "obtiene las claves OpenSSH del host"

#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
#: sss_ssh_knownhostsproxy.1.xml:21
msgid ""
"<command>sss_ssh_knownhostsproxy</command> <arg choice='opt'> "
"<replaceable>options</replaceable> </arg> <arg "
"choice='plain'><replaceable>HOST</replaceable></arg> <arg "
"choice='opt'><replaceable>PROXY_COMMAND</replaceable></arg>"
msgstr ""
"<command>sss_ssh_knownhostsproxy</command> <arg choice='opt'> "
"<replaceable>options</replaceable> </arg> <arg "
"choice='plain'><replaceable>HOST</replaceable></arg> <arg "
"choice='opt'><replaceable>PROXY_COMMAND</replaceable></arg>"

#. type: Content of: <reference><refentry><refsect1><para>
#: sss_ssh_knownhostsproxy.1.xml:33
msgid ""
"<command>sss_ssh_knownhostsproxy</command> acquires SSH host public keys for "
"host <replaceable>HOST</replaceable>, stores them in a custom OpenSSH "
"known_hosts file (see the <quote>SSH_KNOWN_HOSTS FILE FORMAT</quote> section "
"of <citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</"
"manvolnum></citerefentry> for more information)  <filename>/var/lib/sss/"
"pubconf/known_hosts</filename> and establishes the connection to the host."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sss_ssh_knownhostsproxy.1.xml:43
msgid ""
"If <replaceable>PROXY_COMMAND</replaceable> is specified, it is used to "
"create the connection to the host instead of opening a socket."
msgstr ""
"Si se especifica <replaceable>PROXY_COMMAND</replaceable>, se usa para crear "
"la conexión al host en lugar de abrir un socket."

#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sss_ssh_knownhostsproxy.1.xml:55
#, no-wrap
msgid ""
"ProxyCommand /usr/bin/sss_ssh_knownhostsproxy -p %p %h\n"
"GlobalKnownHostsFile /var/lib/sss/pubconf/known_hosts\n"
msgstr ""
"ProxyCommand /usr/bin/sss_ssh_knownhostsproxy -p %p %h\n"
"GlobalKnownHostsFile /var/lib/sss/pubconf/known_hosts\n"

#. type: Content of: <reference><refentry><refsect1><para>
#: sss_ssh_knownhostsproxy.1.xml:48
msgid ""
"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></"
"citerefentry> can be configured to use <command>sss_ssh_knownhostsproxy</"
"command> for host key authentication by using the following directives for "
"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></"
"citerefentry> configuration: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></"
"citerefentry> puede ser configurado para usar "
"<command>sss_ssh_knownhostsproxy</command> para autenticación de la clave "
"del host usando las siguientes directivas <citerefentry><refentrytitle>ssh</"
"refentrytitle> <manvolnum>1</manvolnum></citerefentry> configuration: "
"<placeholder type=\"programlisting\" id=\"0\"/> "

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_ssh_knownhostsproxy.1.xml:66
msgid ""
"<option>-p</option>,<option>--port</option> <replaceable>PORT</replaceable>"
msgstr ""
"<option>-p</option>,<option>--port</option> <replaceable>PORT</replaceable>"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_ssh_knownhostsproxy.1.xml:71
msgid ""
"Use port <replaceable>PORT</replaceable> to connect to the host.  By "
"default, port 22 is used."
msgstr ""
"Usa el puerto <replaceable>PORT</replaceable> para conectar al host. Por "
"defecto, el puerto usado es el 22."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_ssh_knownhostsproxy.1.xml:83
msgid ""
"Search for host public keys in SSSD domain <replaceable>DOMAIN</replaceable>."
msgstr ""
"Busca las claves públicas del host en el dominio SSSD <replaceable>DOMAIN</"
"replaceable>."

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_ssh_knownhostsproxy.1.xml:89
msgid "<option>-k</option>,<option>--pubkey</option>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_ssh_knownhostsproxy.1.xml:93
msgid ""
"Print the host ssh public keys for host <replaceable>HOST</replaceable>."
msgstr ""

#. type: Content of: <reference><refentry><refnamediv><refname>
#: idmap_sss.8.xml:10 idmap_sss.8.xml:15
msgid "idmap_sss"
msgstr ""

#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: idmap_sss.8.xml:16
msgid "SSSD's idmap_sss Backend for Winbind"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: idmap_sss.8.xml:22
msgid ""
"The idmap_sss module provides a way to call SSSD to map UIDs/GIDs and SIDs. "
"No database is required in this case as the mapping is done by SSSD."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><title>
#: idmap_sss.8.xml:29
msgid "IDMAP OPTIONS"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: idmap_sss.8.xml:33
msgid "range = low - high"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: idmap_sss.8.xml:35
msgid ""
"Defines the available matching UID and GID range for which the backend is "
"authoritative."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: idmap_sss.8.xml:45
msgid ""
"This example shows how to configure idmap_sss as the default mapping module."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><programlisting>
#: idmap_sss.8.xml:50
#, no-wrap
msgid ""
"[global]\n"
"security = ads\n"
"workgroup = &lt;AD-DOMAIN-SHORTNAME&gt;\n"
"\n"
"idmap config &lt;AD-DOMAIN-SHORTNAME&gt; : backend        = sss\n"
"idmap config &lt;AD-DOMAIN-SHORTNAME&gt; : range          = 200000-2147483647\n"
"\n"
"idmap config * : backend        = tdb\n"
"idmap config * : range          = 100000-199999\n"
"        "
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: idmap_sss.8.xml:62
msgid ""
"Please replace &lt;AD-DOMAIN-SHORTNAME&gt; with the NetBIOS domain name of "
"the AD domain. If multiple AD domains should be used each domain needs an "
"<literal>idmap config</literal> line with <literal>backend = sss</literal> "
"and a line with a suitable <literal>range</literal>."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: idmap_sss.8.xml:69
msgid ""
"Since Winbind requires a writeable default backend and idmap_sss is read-"
"only the example includes <literal>backend = tdb</literal> as default."
msgstr ""

#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssctl.8.xml:10 sssctl.8.xml:15
msgid "sssctl"
msgstr ""

#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sssctl.8.xml:16
msgid "SSSD control and status utility"
msgstr ""

#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
#: sssctl.8.xml:21
msgid ""
"<command>sssctl</command> <arg choice='plain'><replaceable>COMMAND</"
"replaceable></arg> <arg choice='opt'> <replaceable>options</replaceable> </"
"arg>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssctl.8.xml:32
msgid ""
"<command>sssctl</command> provides a simple and unified way to obtain "
"information about SSSD status, such as active server, auto-discovered "
"servers, domains and cached objects. In addition, it can manage SSSD data "
"files for troubleshooting in such a way that is safe to manipulate while "
"SSSD is running."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssctl.8.xml:43
msgid ""
"To list all available commands run <command>sssctl</command> without any "
"parameters. To print help for selected command run <command>sssctl COMMAND --"
"help</command>."
msgstr ""

#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd-files.5.xml:10 sssd-files.5.xml:16
msgid "sssd-files"
msgstr ""

#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sssd-files.5.xml:17
msgid "SSSD files provider"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-files.5.xml:23
msgid ""
"This manual page describes the files provider for <citerefentry> "
"<refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> </"
"citerefentry>.  For a detailed syntax reference, refer to the <quote>FILE "
"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</"
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-files.5.xml:36
msgid ""
"The files provider mirrors the content of the <citerefentry> "
"<refentrytitle>passwd</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> and <citerefentry> <refentrytitle>group</refentrytitle> "
"<manvolnum>5</manvolnum> </citerefentry> files. The purpose of the files "
"provider is to make the users and groups traditionally only accessible with "
"NSS interfaces also available through the SSSD interfaces such as "
"<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry>."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-files.5.xml:55
msgid ""
"Another reason is to provide efficient caching of local users and groups."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-files.5.xml:58
#, fuzzy
#| msgid ""
#| "To make the mapping more flexible mapping and matching rules were added "
#| "to SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> "
#| "<manvolnum>5</manvolnum> </citerefentry> for details)."
msgid ""
"Please note that besides explicit domain definition the files provider can "
"be configured also implicitly using 'enable_files_domain' option. See "
"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> for details."
msgstr ""
"Para hacer que la asignación sea más flexible, se agregaron reglas de "
"asignación y coincidencia a SSSD (ver más detalles en <citerefentry> "
"<refentrytitle>sss-certmap</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry>)."

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-files.5.xml:66
msgid ""
"SSSD never handles resolution of user/group \"root\". Also resolution of UID/"
"GID 0 is not handled by SSSD. Such requests are passed to next NSS module "
"(usually files)."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-files.5.xml:71
msgid ""
"When SSSD is not running or responding, nss_sss returns the UNAVAIL code "
"which causes the request to be passed to the next module."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-files.5.xml:95
msgid "passwd_files (string)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-files.5.xml:98
msgid ""
"Comma-separated list of one or multiple password filenames to be read and "
"enumerated by the files provider, inotify monitor watches will be set on "
"each file to detect changes dynamically."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-files.5.xml:104
msgid "Default: /etc/passwd"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-files.5.xml:110
msgid "group_files (string)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-files.5.xml:113
msgid ""
"Comma-separated list of one or multiple group filenames to be read and "
"enumerated by the files provider, inotify monitor watches will be set on "
"each file to detect changes dynamically."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-files.5.xml:119
msgid "Default: /etc/group"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-files.5.xml:125
#, fuzzy
#| msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
msgid "fallback_to_nss (boolean)"
msgstr "ldap_rfc2307_fallback_to_local_users (boolean)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-files.5.xml:128
msgid ""
"While updating the internal data SSSD will return an error and let the "
"client continue with the next NSS module. This helps to avoid delays when "
"using the default system files <filename>/etc/passwd</filename> and "
"<filename>/etc/group</filename> and the NSS configuration has 'sss' before "
"'files' for the 'passwd' and 'group' maps."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-files.5.xml:138
msgid ""
"If the files provider is configured to monitor other files it makes sense to "
"set this option to 'False' to avoid inconsistent behavior because in general "
"there would be no other NSS module which can be used as a fallback."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-files.5.xml:79
msgid ""
"In addition to the options listed below, generic SSSD domain options can be "
"set where applicable.  Refer to the section <quote>DOMAIN SECTIONS</quote> "
"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> manual page for details on the configuration of "
"an SSSD domain. But the purpose of the files provider is to expose the same "
"data as the UNIX files, just through the SSSD interfaces. Therefore not all "
"generic domain options are supported. Likewise, some global options, such as "
"overriding the shell in the <quote>nss</quote> section for all domains has "
"no effect on the files domain unless explicitly specified per-domain.  "
"<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-files.5.xml:157
msgid ""
"The following example assumes that SSSD is correctly configured and files is "
"one of the domains in the <replaceable>[sssd]</replaceable> section."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sssd-files.5.xml:163
#, no-wrap
msgid ""
"[domain/files]\n"
"id_provider = files\n"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-files.5.xml:168
msgid ""
"To leverage caching of local users and groups by SSSD nss_sss module must be "
"listed before nss_files module in /etc/nsswitch.conf."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sssd-files.5.xml:174
#, no-wrap
msgid ""
"passwd:     sss files\n"
"group:      sss files\n"
msgstr ""

#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd-session-recording.5.xml:10 sssd-session-recording.5.xml:16
msgid "sssd-session-recording"
msgstr ""

#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sssd-session-recording.5.xml:17
msgid "Configuring session recording with SSSD"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-session-recording.5.xml:23
msgid ""
"This manual page describes how to configure <citerefentry> "
"<refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> </citerefentry> "
"to work with <citerefentry> <refentrytitle>tlog-rec-session</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry>, a part of tlog package, to "
"implement user session recording on text terminals.  For a detailed "
"configuration syntax reference, refer to the <quote>FILE FORMAT</quote> "
"section of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
"<manvolnum>5</manvolnum> </citerefentry> manual page."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-session-recording.5.xml:41
msgid ""
"SSSD can be set up to enable recording of everything specific users see or "
"type during their sessions on text terminals. E.g.  when users log in on the "
"console, or via SSH. SSSD itself doesn't record anything, but makes sure "
"tlog-rec-session is started upon user login, so it can record according to "
"its configuration."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-session-recording.5.xml:48
msgid ""
"For users with session recording enabled, SSSD replaces the user shell with "
"tlog-rec-session in NSS responses, and adds a variable specifying the "
"original shell to the user environment, upon PAM session setup. This way "
"tlog-rec-session can be started in place of the user shell, and know which "
"actual shell to start, once it set up the recording."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-session-recording.5.xml:60
msgid "These options can be used to configure the session recording."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-session-recording.5.xml:178
msgid ""
"The following snippet of sssd.conf enables session recording for users "
"\"contractor1\" and \"contractor2\", and group \"students\"."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sssd-session-recording.5.xml:183
#, no-wrap
msgid ""
"[session_recording]\n"
"scope = some\n"
"users = contractor1, contractor2\n"
"groups = students\n"
msgstr ""

#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd-kcm.8.xml:10 sssd-kcm.8.xml:16
msgid "sssd-kcm"
msgstr ""

#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sssd-kcm.8.xml:17
msgid "SSSD Kerberos Cache Manager"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-kcm.8.xml:23
msgid ""
"This manual page describes the configuration of the SSSD Kerberos Cache "
"Manager (KCM). KCM is a process that stores, tracks and manages Kerberos "
"credential caches. It originates in the Heimdal Kerberos project, although "
"the MIT Kerberos library also provides client side (more details on that "
"below) support for the KCM credential cache."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-kcm.8.xml:31
msgid ""
"In a setup where Kerberos caches are managed by KCM, the Kerberos library "
"(typically used through an application, like e.g., <citerefentry> "
"<refentrytitle>kinit</refentrytitle><manvolnum>1</manvolnum> </"
"citerefentry>, is a <quote>\"KCM client\"</quote> and the KCM daemon is "
"being referred to as a <quote>\"KCM server\"</quote>. The client and server "
"communicate over a UNIX socket."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-kcm.8.xml:42
msgid ""
"The KCM server keeps track of each credential caches's owner and performs "
"access check control based on the UID and GID of the KCM client. The root "
"user has access to all credential caches."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-kcm.8.xml:47
msgid "The KCM credential cache has several interesting properties:"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
#: sssd-kcm.8.xml:51
msgid ""
"since the process runs in userspace, it is subject to UID namespacing, "
"unlike the kernel keyring"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
#: sssd-kcm.8.xml:56
msgid ""
"unlike the kernel keyring-based cache, which is shared between all "
"containers, the KCM server is a separate process whose entry point is a UNIX "
"socket"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
#: sssd-kcm.8.xml:61
msgid ""
"the SSSD implementation stores the ccaches in a database, typically located "
"at <replaceable>/var/lib/sss/secrets</replaceable> allowing the ccaches to "
"survive KCM server restarts or machine reboots."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-kcm.8.xml:67
msgid ""
"This allows the system to use a collection-aware credential cache, yet share "
"the credential cache between some or no containers by bind-mounting the "
"socket."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-kcm.8.xml:72
msgid ""
"The KCM default client idle timeout is 5 minutes, this allows more time for "
"user interaction with command line tools such as kinit."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-kcm.8.xml:78
msgid "USING THE KCM CREDENTIAL CACHE"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sssd-kcm.8.xml:88
#, no-wrap
msgid ""
"[libdefaults]\n"
"    default_ccache_name = KCM:\n"
"            "
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-kcm.8.xml:80
msgid ""
"In order to use KCM credential cache, it must be selected as the default "
"credential type in <citerefentry> <refentrytitle>krb5.conf</"
"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, The credentials "
"cache name must be only <quote>KCM:</quote> without any template "
"expansions.  For example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-kcm.8.xml:93
msgid ""
"Next, make sure the Kerberos client libraries and the KCM server must agree "
"on the UNIX socket path. By default, both use the same path <replaceable>/"
"var/run/.heim_org.h5l.kcm-socket</replaceable>. To configure the Kerberos "
"library, change its <quote>kcm_socket</quote> option which is described in "
"the <citerefentry> <refentrytitle>krb5.conf</refentrytitle><manvolnum>5</"
"manvolnum> </citerefentry> manual page."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sssd-kcm.8.xml:115
#, no-wrap
msgid ""
"systemctl start sssd-kcm.socket\n"
"systemctl enable sssd-kcm.socket\n"
"            "
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-kcm.8.xml:104
msgid ""
"Finally, make sure the SSSD KCM server can be contacted.  The KCM service is "
"typically socket-activated by <citerefentry> <refentrytitle>systemd</"
"refentrytitle> <manvolnum>1</manvolnum> </citerefentry>.  Unlike other SSSD "
"services, it cannot be started by adding the <quote>kcm</quote> string to "
"the <quote>service</quote> directive.  <placeholder type=\"programlisting\" "
"id=\"0\"/> Please note your distribution may already configure the units for "
"you."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-kcm.8.xml:124
msgid "THE CREDENTIAL CACHE STORAGE"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-kcm.8.xml:126
msgid ""
"The credential caches are stored in a database, much like SSSD caches user "
"or group entries. The database is typically located at <quote>/var/lib/sss/"
"secrets</quote>."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-kcm.8.xml:133
msgid "OBTAINING DEBUG LOGS"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sssd-kcm.8.xml:144
#, no-wrap
msgid ""
"[kcm]\n"
"debug_level = 10\n"
"            "
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sssd-kcm.8.xml:149 sssd-kcm.8.xml:211
#, no-wrap
msgid ""
"systemctl restart sssd-kcm.service\n"
"            "
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-kcm.8.xml:135
msgid ""
"The sssd-kcm service is typically socket-activated <citerefentry> "
"<refentrytitle>systemd</refentrytitle> <manvolnum>1</manvolnum> </"
"citerefentry>. To generate debug logs, add the following either to the "
"<filename>/etc/sssd/sssd.conf</filename> file directly or as a configuration "
"snippet to <filename>/etc/sssd/conf.d/</filename> directory: <placeholder "
"type=\"programlisting\" id=\"0\"/> Then, restart the sssd-kcm service: "
"<placeholder type=\"programlisting\" id=\"1\"/> Finally, run whatever use-"
"case doesn't work for you. The KCM logs will be generated at <filename>/var/"
"log/sssd/sssd_kcm.log</filename>. It is recommended to disable the debug "
"logs when you no longer need the debugging to be enabled as the sssd-kcm "
"service can generate quite a large amount of debugging information."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-kcm.8.xml:159
msgid ""
"Please note that configuration snippets are, at the moment, only processed "
"if the main configuration file at <filename>/etc/sssd/sssd.conf</filename> "
"exists at all."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-kcm.8.xml:166
msgid "RENEWALS"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sssd-kcm.8.xml:174
#, no-wrap
msgid ""
"tgt_renewal = true\n"
"krb5_renew_interval = 60m\n"
"            "
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-kcm.8.xml:168
msgid ""
"The sssd-kcm service can be configured to attempt TGT renewal for renewable "
"TGTs stored in the KCM ccache.  Renewals are only attempted when half of the "
"ticket lifetime has been reached. KCM Renewals are configured when the "
"following options are set in the [kcm] section: <placeholder "
"type=\"programlisting\" id=\"0\"/>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-kcm.8.xml:179
msgid ""
"SSSD can also inherit krb5 options for renewals from an existing domain."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><programlisting>
#: sssd-kcm.8.xml:183
#, no-wrap
msgid ""
"tgt_renewal = true\n"
"tgt_renewal_inherit = domain-name\n"
"            "
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sssd-kcm.8.xml:191
#, no-wrap
msgid ""
"krb5_renew_interval\n"
"krb5_renewable_lifetime\n"
"krb5_lifetime\n"
"krb5_validate\n"
"krb5_canonicalize\n"
"krb5_auth_timeout\n"
"            "
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-kcm.8.xml:187
msgid ""
"The following krb5 options can be configured in the [kcm] section to control "
"renewal behavior, these options are described in detail below <placeholder "
"type=\"programlisting\" id=\"0\"/>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-kcm.8.xml:204
msgid ""
"The KCM service is configured in the <quote>kcm</quote> section of the sssd."
"conf file. Please note that because the KCM service is typically socket-"
"activated, it is enough to just restart the <quote>sssd-kcm</quote> service "
"after changing options in the <quote>kcm</quote> section of sssd.conf: "
"<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-kcm.8.xml:215
msgid ""
"The KCM service is configured in the <quote>kcm</quote> For a detailed "
"syntax reference, refer to the <quote>FILE FORMAT</quote> section of the "
"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> manual page."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-kcm.8.xml:223
msgid ""
"The generic SSSD service options such as <quote>debug_level</quote> or "
"<quote>fd_limit</quote> are accepted by the kcm service.  Please refer to "
"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> manual page for a complete list. In addition, "
"there are some KCM-specific options as well."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd-kcm.8.xml:234
msgid "socket_path (string)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd-kcm.8.xml:237
msgid "The socket the KCM service will listen on."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd-kcm.8.xml:240
msgid "Default: <replaceable>/var/run/.heim_org.h5l.kcm-socket</replaceable>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd-kcm.8.xml:243
msgid ""
"<phrase condition=\"have_systemd\"> Note: on platforms where systemd is "
"supported, the socket path is overwritten by the one defined in the sssd-kcm."
"socket unit file.  </phrase>"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd-kcm.8.xml:252
msgid "max_ccaches (integer)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd-kcm.8.xml:255
msgid "How many credential caches does the KCM database allow for all users."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd-kcm.8.xml:259
msgid "Default: 0 (unlimited, only the per-UID quota is enforced)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd-kcm.8.xml:264
msgid "max_uid_ccaches (integer)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd-kcm.8.xml:267
msgid ""
"How many credential caches does the KCM database allow per UID. This is "
"equivalent to <quote>with how many principals you can kinit</quote>."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd-kcm.8.xml:272
msgid "Default: 64"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd-kcm.8.xml:277
msgid "max_ccache_size (integer)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd-kcm.8.xml:280
msgid ""
"How big can a credential cache be per ccache. Each service ticket accounts "
"into this quota."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd-kcm.8.xml:284
msgid "Default: 65536"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd-kcm.8.xml:289
#, fuzzy
#| msgid "enumerate (bool)"
msgid "tgt_renewal (bool)"
msgstr "enumerar (bool)"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd-kcm.8.xml:292
msgid "Enables TGT renewals functionality."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd-kcm.8.xml:295
#, fuzzy
#| msgid "Default: False (disabled)"
msgid "Default: False (Automatic renewals disabled)"
msgstr "Predeterminado: False (deshabilitado)"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd-kcm.8.xml:300
#, fuzzy
#| msgid "krb5_renewable_lifetime (string)"
msgid "tgt_renewal_inherit (string)"
msgstr "krb5_renewable_lifetime (cadena)"

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd-kcm.8.xml:303
msgid "Domain to inherit krb5_* options from, for use with TGT renewals."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd-kcm.8.xml:307
#, fuzzy
#| msgid "Default: 3"
msgid "Default: NULL"
msgstr "Predeterminado: 3"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-kcm.8.xml:318
msgid ""
"<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </"
"citerefentry>, <citerefentry> <refentrytitle>sssd.conf</"
"refentrytitle><manvolnum>5</manvolnum> </citerefentry>,"
msgstr ""

#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd-systemtap.5.xml:10 sssd-systemtap.5.xml:16
msgid "sssd-systemtap"
msgstr ""

#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sssd-systemtap.5.xml:17
msgid "SSSD systemtap information"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-systemtap.5.xml:23
msgid ""
"This manual page provides information about the systemtap functionality in "
"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
"</citerefentry>."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-systemtap.5.xml:32
msgid ""
"SystemTap Probe points have been added into various locations in SSSD code "
"to assist in troubleshooting and analyzing performance related issues."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
#: sssd-systemtap.5.xml:40
msgid "Sample SystemTap scripts are provided in /usr/share/sssd/systemtap/"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
#: sssd-systemtap.5.xml:46
msgid ""
"Probes and miscellaneous functions are defined in /usr/share/systemtap/"
"tapset/sssd.stp and /usr/share/systemtap/tapset/sssd_functions.stp "
"respectively."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-systemtap.5.xml:57
msgid "PROBE POINTS"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sssd-systemtap.5.xml:59 sssd-systemtap.5.xml:367
msgid ""
"The information below lists the probe points and arguments available in the "
"following format:"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd-systemtap.5.xml:64
msgid "probe $name"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd-systemtap.5.xml:67
msgid "Description of probe point"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><programlisting>
#: sssd-systemtap.5.xml:70
#, no-wrap
msgid ""
"variable1:datatype\n"
"variable2:datatype\n"
"variable3:datatype\n"
"...\n"
"                        "
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd-systemtap.5.xml:80
msgid "Database Transaction Probes"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd-systemtap.5.xml:84
msgid "probe sssd_transaction_start"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-systemtap.5.xml:87
msgid ""
"Start of a sysdb transaction, probes the sysdb_transaction_start() function."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><programlisting>
#: sssd-systemtap.5.xml:91 sssd-systemtap.5.xml:105 sssd-systemtap.5.xml:118
#: sssd-systemtap.5.xml:131
#, no-wrap
msgid ""
"nesting:integer\n"
"probestr:string\n"
"                        "
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd-systemtap.5.xml:97
msgid "probe sssd_transaction_cancel"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-systemtap.5.xml:100
msgid ""
"Cancellation of a sysdb transaction, probes the sysdb_transaction_cancel()  "
"function."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd-systemtap.5.xml:111
msgid "probe sssd_transaction_commit_before"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-systemtap.5.xml:114
msgid "Probes the sysdb_transaction_commit_before()  function."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd-systemtap.5.xml:124
msgid "probe sssd_transaction_commit_after"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-systemtap.5.xml:127
msgid "Probes the sysdb_transaction_commit_after()  function."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd-systemtap.5.xml:141
msgid "LDAP Search Probes"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd-systemtap.5.xml:145
msgid "probe sdap_search_send"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-systemtap.5.xml:148
msgid "Probes the sdap_get_generic_ext_send()  function."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><programlisting>
#: sssd-systemtap.5.xml:152
#, no-wrap
msgid ""
"base:string\n"
"scope:integer\n"
"filter:string\n"
"attrs:string\n"
"probestr:string\n"
"                        "
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd-systemtap.5.xml:161
msgid "probe sdap_search_recv"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-systemtap.5.xml:164
msgid "Probes the sdap_get_generic_ext_recv()  function."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><programlisting>
#: sssd-systemtap.5.xml:168 sssd-systemtap.5.xml:222
#, no-wrap
msgid ""
"base:string\n"
"scope:integer\n"
"filter:string\n"
"probestr:string\n"
"                        "
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd-systemtap.5.xml:176
msgid "probe sdap_parse_entry"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-systemtap.5.xml:179
msgid ""
"Probes the sdap_parse_entry()  function. It is called repeatedly with every "
"received attribute."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><programlisting>
#: sssd-systemtap.5.xml:184
#, no-wrap
msgid ""
"attr:string\n"
"value:string\n"
"                        "
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd-systemtap.5.xml:190
msgid "probe sdap_parse_entry_done"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-systemtap.5.xml:193
msgid ""
"Probes the sdap_parse_entry()  function. It is called when parsing of "
"received object is finished."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd-systemtap.5.xml:201
msgid "probe sdap_deref_send"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-systemtap.5.xml:204
msgid "Probes the sdap_deref_search_send()  function."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><programlisting>
#: sssd-systemtap.5.xml:208
#, no-wrap
msgid ""
"base_dn:string\n"
"deref_attr:string\n"
"probestr:string\n"
"                        "
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd-systemtap.5.xml:215
msgid "probe sdap_deref_recv"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-systemtap.5.xml:218
msgid "Probes the sdap_deref_search_recv()  function."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd-systemtap.5.xml:234
msgid "LDAP Account Request Probes"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd-systemtap.5.xml:238
msgid "probe sdap_acct_req_send"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-systemtap.5.xml:241
msgid "Probes the sdap_acct_req_send()  function."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><programlisting>
#: sssd-systemtap.5.xml:245 sssd-systemtap.5.xml:260
#, no-wrap
msgid ""
"entry_type:int\n"
"filter_type:int\n"
"filter_value:string\n"
"extra_value:string\n"
"                       "
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd-systemtap.5.xml:253
msgid "probe sdap_acct_req_recv"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-systemtap.5.xml:256
msgid "Probes the sdap_acct_req_recv()  function."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd-systemtap.5.xml:272
msgid "LDAP User Search Probes"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd-systemtap.5.xml:276
msgid "probe sdap_search_user_send"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-systemtap.5.xml:279
msgid "Probes the sdap_search_user_send()  function."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><programlisting>
#: sssd-systemtap.5.xml:283 sssd-systemtap.5.xml:295 sssd-systemtap.5.xml:307
#: sssd-systemtap.5.xml:319
#, no-wrap
msgid ""
"filter:string\n"
"                       "
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd-systemtap.5.xml:288
msgid "probe sdap_search_user_recv"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-systemtap.5.xml:291
msgid "Probes the sdap_search_user_recv()  function."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd-systemtap.5.xml:300
msgid "probe sdap_search_user_save_begin"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-systemtap.5.xml:303
msgid "Probes the sdap_search_user_save_begin()  function."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd-systemtap.5.xml:312
msgid "probe sdap_search_user_save_end"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-systemtap.5.xml:315
msgid "Probes the sdap_search_user_save_end()  function."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd-systemtap.5.xml:328
msgid "Data Provider Request Probes"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd-systemtap.5.xml:332
msgid "probe dp_req_send"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-systemtap.5.xml:335
msgid "A Data Provider request is submitted."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><programlisting>
#: sssd-systemtap.5.xml:338
#, no-wrap
msgid ""
"dp_req_domain:string\n"
"dp_req_name:string\n"
"dp_req_target:int\n"
"dp_req_method:int\n"
"                       "
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd-systemtap.5.xml:346
msgid "probe dp_req_done"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-systemtap.5.xml:349
msgid "A Data Provider request is completed."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><programlisting>
#: sssd-systemtap.5.xml:352
#, no-wrap
msgid ""
"dp_req_name:string\n"
"dp_req_target:int\n"
"dp_req_method:int\n"
"dp_ret:int\n"
"dp_errorstr:string\n"
"                       "
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd-systemtap.5.xml:365
msgid "MISCELLANEOUS FUNCTIONS"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd-systemtap.5.xml:372
msgid "function acct_req_desc(entry_type)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd-systemtap.5.xml:375
msgid "Convert entry_type to string and return string"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd-systemtap.5.xml:380
msgid ""
"function sssd_acct_req_probestr(fc_name, entry_type, filter_type, "
"filter_value, extra_value)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd-systemtap.5.xml:384
msgid "Create probe string based on filter type"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd-systemtap.5.xml:389
msgid "function dp_target_str(target)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd-systemtap.5.xml:392
msgid "Convert target to string and return string"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sssd-systemtap.5.xml:397
msgid "function dp_method_str(target)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd-systemtap.5.xml:400
msgid "Convert method to string and return string"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-systemtap.5.xml:410
msgid "SAMPLE SYSTEMTAP SCRIPTS"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-systemtap.5.xml:412
msgid ""
"Start the SystemTap script (<command>stap /usr/share/sssd/systemtap/&lt;"
"script_name&gt;.stp</command>), then perform an identity operation and the "
"script will collect information from probes."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-systemtap.5.xml:418
msgid "Provided SystemTap scripts are:"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd-systemtap.5.xml:422
msgid "dp_request.stp"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd-systemtap.5.xml:425
msgid "Monitoring of data provider request performance."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd-systemtap.5.xml:430
msgid "id_perf.stp"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd-systemtap.5.xml:433
msgid "Monitoring of <command>id</command> command performance."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd-systemtap.5.xml:439
msgid "ldap_perf.stp"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd-systemtap.5.xml:442
msgid "Monitoring of LDAP queries."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd-systemtap.5.xml:447
msgid "nested_group_perf.stp"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd-systemtap.5.xml:450
msgid "Performance of nested groups resolving."
msgstr ""

#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd-ldap-attributes.5.xml:10 sssd-ldap-attributes.5.xml:16
msgid "sssd-ldap-attributes"
msgstr ""

#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sssd-ldap-attributes.5.xml:17
msgid "SSSD LDAP Provider: Mapping Attributes"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ldap-attributes.5.xml:23
msgid ""
"This manual page describes the mapping attributes of SSSD LDAP provider "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry>. Refer to the <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page "
"for full details about SSSD LDAP provider configuration options."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-ldap-attributes.5.xml:38
msgid "USER ATTRIBUTES"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:42
msgid "ldap_user_object_class (string)"
msgstr "ldap_user_object_class (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:45
msgid "The object class of a user entry in LDAP."
msgstr "La clase de objeto de una entrada de usuario en LDAP."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:48
msgid "Default: posixAccount"
msgstr "Predeterminado: posixAccount"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:54
msgid "ldap_user_name (string)"
msgstr "ldap_user_name (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:57
msgid "The LDAP attribute that corresponds to the user's login name."
msgstr ""
"El atributo LDAP que corresponde al nombre de inicio de sesión del usuario."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:61
msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)"
msgstr "Predeterminado: uid (rfc2307, rfc2307bis e IPA), sAMAccountName (AD)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:68
msgid "ldap_user_uid_number (string)"
msgstr "ldap_user_uid_number (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:71
msgid "The LDAP attribute that corresponds to the user's id."
msgstr "El atributo LDAP que corresponde al id de usuario."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:75
msgid "Default: uidNumber"
msgstr "Predeterminado: uidNumber"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:81
msgid "ldap_user_gid_number (string)"
msgstr "ldap_user_gid_number (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:84
msgid "The LDAP attribute that corresponds to the user's primary group id."
msgstr "El atributo LDAP que corresponde al id del grupo primario del usuario."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:88 sssd-ldap-attributes.5.xml:700
msgid "Default: gidNumber"
msgstr "Predeterminado: gidNumber"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:94
msgid "ldap_user_primary_group (string)"
msgstr "ldap_user_primary_group (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:97
msgid ""
"Active Directory primary group attribute for ID-mapping. Note that this "
"attribute should only be set manually if you are running the <quote>ldap</"
"quote> provider with ID mapping."
msgstr ""
"Atributo de grupo primario Active Directory para el mapeo de ID. Advierta "
"que este atributo debería solo ser establecido manualmente si usted está "
"ejecutando el proveedor <quote>ldap</quote> con mapeo ID."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:103
msgid "Default: unset (LDAP), primaryGroupID (AD)"
msgstr "Predeterminado: no establecido (LDAP), primaryGroupID (AD)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:109
msgid "ldap_user_gecos (string)"
msgstr "ldap_user_gecos (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:112
msgid "The LDAP attribute that corresponds to the user's gecos field."
msgstr "El atributo LDAP que corresponde al campo de gecos del usuario."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:116
msgid "Default: gecos"
msgstr "Predeterminado: gecos"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:122
msgid "ldap_user_home_directory (string)"
msgstr "ldap_user_home_directory (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:125
msgid "The LDAP attribute that contains the name of the user's home directory."
msgstr ""
"El atributo LDAP que contiene el nombre del directorio principal del usuario."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:129
msgid "Default: homeDirectory (LDAP and IPA), unixHomeDirectory (AD)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:135
msgid "ldap_user_shell (string)"
msgstr "ldap_user_shell (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:138
msgid "The LDAP attribute that contains the path to the user's default shell."
msgstr ""
"El atributo LDAP que contiene la ruta de acceso a la shell predeterminada "
"del usuario."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:142
msgid "Default: loginShell"
msgstr "Predeterminado: loginShell"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:148
msgid "ldap_user_uuid (string)"
msgstr "ldap_user_uuid (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:151
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object."
msgstr ""
"El atributo LDAP que contiene el UUID/GUID de un objeto de usuario LDAP."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:155 sssd-ldap-attributes.5.xml:726
msgid ""
"Default: not set in the general case, objectGUID for AD and ipaUniqueID for "
"IPA"
msgstr ""
"Predeterminado: no establecido en caso general, objectGUID para AD e "
"ipaUniqueID para IPA"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:162
msgid "ldap_user_objectsid (string)"
msgstr "ldap_user_objectsid (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:165
msgid ""
"The LDAP attribute that contains the objectSID of an LDAP user object. This "
"is usually only necessary for ActiveDirectory servers."
msgstr ""
"El atributo LDAP que contiene el objectSID de un objeto usuario LDAP. Esto "
"es normalmente sólo necesario para servidores ActiveDirectory."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:170 sssd-ldap-attributes.5.xml:741
msgid "Default: objectSid for ActiveDirectory, not set for other servers."
msgstr ""
"Predeterminado: objectSid para ActiveDirectory, no establecido para otros "
"servidores."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:177
msgid "ldap_user_modify_timestamp (string)"
msgstr "ldap_user_modify_timestamp (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:180 sssd-ldap-attributes.5.xml:751
#: sssd-ldap-attributes.5.xml:874
msgid ""
"The LDAP attribute that contains timestamp of the last modification of the "
"parent object."
msgstr ""
"El atributo LDAP que contiene la fecha y hora de la última modificación del "
"objeto primario."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:184 sssd-ldap-attributes.5.xml:755
#: sssd-ldap-attributes.5.xml:881
msgid "Default: modifyTimestamp"
msgstr "Predeterminado: modifyTimestamp"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:190
msgid "ldap_user_shadow_last_change (string)"
msgstr "ldap_user_shadow_last_change (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:193
msgid ""
"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of "
"the last password change)."
msgstr ""
"Cuando se utiliza ldap_pwd_policy=shadow, este parámetro contiene el nombre "
"de un atributo LDAP correspondiente a su <citerefentry> "
"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> homologo (fecha del último cambio de password)."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:203
msgid "Default: shadowLastChange"
msgstr "Predeterminado: shadowLastChange"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:209
msgid "ldap_user_shadow_min (string)"
msgstr "ldap_user_shadow_min (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:212
msgid ""
"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum "
"password age)."
msgstr ""
"Cuando se utiliza ldap_pwd_policy=shadow, este parámetro contiene el nombre "
"de un atributo LDAP correspondiente a su <citerefentry> "
"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> homologo (edad mínima del password)."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:221
msgid "Default: shadowMin"
msgstr "Predeterminado: shadowMin"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:227
msgid "ldap_user_shadow_max (string)"
msgstr "ldap_user_shadow_max (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:230
msgid ""
"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum "
"password age)."
msgstr ""
"Cuando se utiliza ldap_pwd_policy=shadow, este parámetro contiene el nombre "
"de un atributo LDAP correspondiente a su <citerefentry> "
"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> homologo (edad máxima del password)."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:239
msgid "Default: shadowMax"
msgstr "Predeterminado: shadowMax"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:245
msgid "ldap_user_shadow_warning (string)"
msgstr "ldap_user_shadow_warning (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:248
msgid ""
"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart "
"(password warning period)."
msgstr ""
"Cuando se utiliza ldap_pwd_policy=shadow, este parámetro contiene el nombre "
"de un atributo LDAP correspondiente a su <citerefentry> "
"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> homologo (período de aviso de password)."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:258
msgid "Default: shadowWarning"
msgstr "Predeterminado: shadowWarning"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:264
msgid "ldap_user_shadow_inactive (string)"
msgstr "ldap_user_shadow_inactive (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:267
msgid ""
"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart "
"(password inactivity period)."
msgstr ""
"Cuando se utiliza ldap_pwd_policy=shadow, este parámetro contiene el nombre "
"de un atributo LDAP correspondiente a su <citerefentry> "
"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> homologo (período de inactividad de password)."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:277
msgid "Default: shadowInactive"
msgstr "Predeterminado: shadowInactive"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:283
msgid "ldap_user_shadow_expire (string)"
msgstr "ldap_user_shadow_expire (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:286
msgid ""
"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this "
"parameter contains the name of an LDAP attribute corresponding to its "
"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> counterpart (account expiration date)."
msgstr ""
"Cuando se utiliza ldap_pwd_policy=shadow o "
"ldap_account_expire_policy=shadow, este parámetro contiene el nombre de un "
"atributo correspondiente con su <citerefentry> <refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> homólogo (fecha de "
"expiración de la cuenta)."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:296
msgid "Default: shadowExpire"
msgstr "Predeterminado: shadowExpire"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:302
msgid "ldap_user_krb_last_pwd_change (string)"
msgstr "ldap_user_krb_last_pwd_change (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:305
msgid ""
"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of "
"an LDAP attribute storing the date and time of last password change in "
"kerberos."
msgstr ""
"Cuando se utiliza ldap_pwd_policy=mit_kerberos, este parámetro contiene el "
"nombre de un atributo LDAP que almacena la fecha y la hora del último cambio "
"de password en kerberos."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:311
msgid "Default: krbLastPwdChange"
msgstr "Predeterminado: krbLastPwdChange"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:317
msgid "ldap_user_krb_password_expiration (string)"
msgstr "ldap_user_krb_password_expiration (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:320
msgid ""
"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of "
"an LDAP attribute storing the date and time when current password expires."
msgstr ""
"Cuando se utiliza ldap_pwd_policy=mit_kerberos, este parámetro contiene el "
"nombre de un atributo LDAP que almacena la fecha y la hora en la que expira "
"el password actual."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:326
msgid "Default: krbPasswordExpiration"
msgstr "Predeterminado: krbPasswordExpiration"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:332
msgid "ldap_user_ad_account_expires (string)"
msgstr "ldap_user_ad_account_expires (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:335
msgid ""
"When using ldap_account_expire_policy=ad, this parameter contains the name "
"of an LDAP attribute storing the expiration time of the account."
msgstr ""
"Cuando se utiliza ldap_account_expire_policy=ad, este parámetro contiene el "
"nombre de un atributo LDAP que almacena el tiempo de expiración de la cuenta."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:340
msgid "Default: accountExpires"
msgstr "Predeterminado: accountExpires"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:346
msgid "ldap_user_ad_user_account_control (string)"
msgstr "ldap_user_ad_user_account_control (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:349
msgid ""
"When using ldap_account_expire_policy=ad, this parameter contains the name "
"of an LDAP attribute storing the user account control bit field."
msgstr ""
"Cuando se usa ldap_account_expire_policy=ad, este parámetro contiene el "
"nombre de un atributo LDAP que almacena el campo bit de control de la cuenta "
"de usuario."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:354
msgid "Default: userAccountControl"
msgstr "Predeterminado: userAccountControl"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:360
msgid "ldap_ns_account_lock (string)"
msgstr "ldap_ns_account_lock (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:363
msgid ""
"When using ldap_account_expire_policy=rhds or equivalent, this parameter "
"determines if access is allowed or not."
msgstr ""
"Cuando se usa ldap_account_expire_policy=rhds o esquivalente, este parámetro "
"determina si el acceso está permitido o no."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:368
msgid "Default: nsAccountLock"
msgstr "Predeterminado: nsAccountLock"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:374
msgid "ldap_user_nds_login_disabled (string)"
msgstr "ldap_user_nds_login_disabled (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:377
msgid ""
"When using ldap_account_expire_policy=nds, this attribute determines if "
"access is allowed or not."
msgstr ""
"Cuando se usa ldap_account_expire_policy=nds, este atributo determina si el "
"acceso está permitido o no."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:381 sssd-ldap-attributes.5.xml:395
msgid "Default: loginDisabled"
msgstr "Predeterminado: loginDisabled"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:387
msgid "ldap_user_nds_login_expiration_time (string)"
msgstr "ldap_user_nds_login_expiration_time (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:390
msgid ""
"When using ldap_account_expire_policy=nds, this attribute determines until "
"which date access is granted."
msgstr ""
"Cuando se usa ldap_account_expire_policy=nds, este atributo determina hasta "
"que fecha se concede el acceso."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:401
msgid "ldap_user_nds_login_allowed_time_map (string)"
msgstr "ldap_user_nds_login_allowed_time_map (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:404
msgid ""
"When using ldap_account_expire_policy=nds, this attribute determines the "
"hours of a day in a week when access is granted."
msgstr ""
"Cuando se utiliza ldap_account_expire_policy=nds, este atributo determina la "
"hora de un día en la semana cuando se concede el acceso."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:409
msgid "Default: loginAllowedTimeMap"
msgstr "Predeterminado: loginAllowedTimeMap"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:415
msgid "ldap_user_principal (string)"
msgstr "ldap_user_principal (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:418
msgid ""
"The LDAP attribute that contains the user's Kerberos User Principal Name "
"(UPN)."
msgstr ""
"El atributo LDAP que contiene le Nombre Principal de Usuario Kerberos (UPN) "
"del usuario."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:422
msgid "Default: krbPrincipalName"
msgstr "Predeterminado: krbPrincipalName"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:428
msgid "ldap_user_extra_attrs (string)"
msgstr "ldap_user_extra_attrs (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:431
msgid ""
"Comma-separated list of LDAP attributes that SSSD would fetch along with the "
"usual set of user attributes."
msgstr ""
"Lista separada por comas de atributos LDAP que SSSD debería ir a buscar con "
"el conjunto usual de atributos de usuario."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:436
msgid ""
"The list can either contain LDAP attribute names only, or colon-separated "
"tuples of SSSD cache attribute name and LDAP attribute name. In case only "
"LDAP attribute name is specified, the attribute is saved to the cache "
"verbatim.  Using a custom SSSD attribute name might be required by "
"environments that configure several SSSD domains with different LDAP schemas."
msgstr ""
"La lista puede contener bien nombres de atributo LDAP solamente o tuplas "
"separadas por comas de de nombre de atributo SSSD en caché y nombre de "
"atributo LDAP. En el caso de que solo sed especifique el nombre de atributo "
"LDAP, el atributo se salva al caché literal.  El uso de un nombre de "
"atributo SSSD personal puede ser requerido por entornos que configuran "
"varios dominios SSSD con diferentes esquemas LDAP."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:446
msgid ""
"Please note that several attribute names are reserved by SSSD, notably the "
"<quote>name</quote> attribute. SSSD would report an error if any of the "
"reserved attribute names is used as an extra attribute name."
msgstr ""
"Por favor advierta que varios nombres de atributos están reservados por "
"SSSD, notablemente el atributo <quote>name</quote>. SSSD informaría de un "
"error si cualquiera de los nombres de atributo reservados es usado como un "
"nombre de atributo extra."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:456
msgid "ldap_user_extra_attrs = telephoneNumber"
msgstr "ldap_user_extra_attrs = telephoneNumber"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:459
msgid ""
"Save the <quote>telephoneNumber</quote> attribute from LDAP as "
"<quote>telephoneNumber</quote> to the cache."
msgstr ""
"Guarda el atributo <quote>telephoneNumber</quote> desde LDAP como "
"<quote>telephoneNumber</quote> al caché."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:463
msgid "ldap_user_extra_attrs = phone:telephoneNumber"
msgstr "ldap_user_extra_attrs = phone:telephoneNumber"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:466
msgid ""
"Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</"
"quote> to the cache."
msgstr ""
"Guarda el atributo <quote>telephoneNumber</quote> desde LDAP como "
"<quote>phone</quote> al caché."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:476
msgid "ldap_user_ssh_public_key (string)"
msgstr "ldap_user_ssh_public_key (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:479
msgid "The LDAP attribute that contains the user's SSH public keys."
msgstr "El atributo LDAP que contiene las claves públicas SSH del usuario."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:483 sssd-ldap-attributes.5.xml:965
msgid "Default: sshPublicKey"
msgstr "Predeterminado: sshPublicKey"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:489
msgid "ldap_user_fullname (string)"
msgstr "ldap_user_fullname (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:492
msgid "The LDAP attribute that corresponds to the user's full name."
msgstr "El atributo LDAP que corresponde al nombre completo del usuario."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:502
msgid "ldap_user_member_of (string)"
msgstr "ldap_user_member_of (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:505
msgid "The LDAP attribute that lists the user's group memberships."
msgstr "El atributo LDAP que lista los afiliación a grupo de usario."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:509 sssd-ldap-attributes.5.xml:952
msgid "Default: memberOf"
msgstr "Predeterminado: memberOf"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:515
msgid "ldap_user_authorized_service (string)"
msgstr "ldap_user_authorized_service (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:518
msgid ""
"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will "
"use the presence of the authorizedService attribute in the user's LDAP entry "
"to determine access privilege."
msgstr ""
"Si access_provider=ldap y ldap_access_order=authorized_service, SSSD "
"utilizará la presencia del atributo authorizedService en la entrada LDAP del "
"usuario para determinar el privilegio de acceso."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:525
msgid ""
"An explicit deny (!svc) is resolved first. Second, SSSD searches for "
"explicit allow (svc) and finally for allow_all (*)."
msgstr ""
"Una denegación explícita (¡svc) se resuelve primero. Segundo, SSSD busca "
"permiso explícito (svc) y finalmente permitir todo (*)."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:530
msgid ""
"Please note that the ldap_access_order configuration option <emphasis>must</"
"emphasis> include <quote>authorized_service</quote> in order for the "
"ldap_user_authorized_service option to work."
msgstr ""
"Por favor advierta que la opcion de configuración ldap_access_order "
"<emphasis>debe</emphasis> incluir <quote>authorized_service</quote> con el "
"objetivo de que la opción ldap_user_authorized_service trabaje."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:537
msgid ""
"Some distributions (such as Fedora-29+ or RHEL-8)  always include the "
"<quote>systemd-user</quote> PAM service as part of the login process. "
"Therefore when using service-based access control, the <quote>systemd-user</"
"quote> service might need to be added to the list of allowed services."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:545
msgid "Default: authorizedService"
msgstr "Predeterminado: iluminada"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:551
msgid "ldap_user_authorized_host (string)"
msgstr "ldap_user_authorized_host (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:554
msgid ""
"If access_provider=ldap and ldap_access_order=host, SSSD will use the "
"presence of the host attribute in the user's LDAP entry to determine access "
"privilege."
msgstr ""
"Si access_provider=ldap y ldap_access_order=host, SSSD utilizará la "
"presencia del atributo host en la entrada LDAP del usuario para determinar "
"el privilegio de acceso."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:560
msgid ""
"An explicit deny (!host) is resolved first. Second, SSSD searches for "
"explicit allow (host) and finally for allow_all (*)."
msgstr ""
"Una denegación explícita (¡host) se resuelve primero. Segundo, la búsqueda "
"SSSD para permiso explícito (host) y finalmente permitir todo (*)."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:565
msgid ""
"Please note that the ldap_access_order configuration option <emphasis>must</"
"emphasis> include <quote>host</quote> in order for the "
"ldap_user_authorized_host option to work."
msgstr ""
"Por favor advierta que la opción de configuración ldap_access_order "
"<emphasis>debe</emphasis> incluir <quote>host</quote> con el objetivo de que "
"la opción ldap_user_authorized_host."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:572
msgid "Default: host"
msgstr "Default: host"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:578
msgid "ldap_user_authorized_rhost (string)"
msgstr "ldap_user_authorized_rhost (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:581
msgid ""
"If access_provider=ldap and ldap_access_order=rhost, SSSD will use the "
"presence of the rhost attribute in the user's LDAP entry to determine access "
"privilege. Similarly to host verification process."
msgstr ""
"Si access_provider=ldap y ldap_access_order=rhost, SSSD usará la presencia "
"del atributo rhost en la entrada LDAP de usuario para determinar el "
"privilegio de acceso. Similarmente al proceso de verificación de host."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:588
msgid ""
"An explicit deny (!rhost) is resolved first. Second, SSSD searches for "
"explicit allow (rhost) and finally for allow_all (*)."
msgstr ""
"Una denegación explícita (!rhost) se resuelve primero. Segundo, SSSD busca "
"permisos explícitos (rhost) y finalmente allow_all (*)."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:593
msgid ""
"Please note that the ldap_access_order configuration option <emphasis>must</"
"emphasis> include <quote>rhost</quote> in order for the "
"ldap_user_authorized_rhost option to work."
msgstr ""
"Por favor advierta que la opción de configuración ldap_access_order "
"<emphasis>debe</emphasis> incluir <quote>rhost</quote> con el objetivo de "
"que la opción ldap_user_authorized_rhost trabaje."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:600
msgid "Default: rhost"
msgstr "Predeterminado: rhost"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:606
msgid "ldap_user_certificate (string)"
msgstr "ldap_user_certificate (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:609
msgid "Name of the LDAP attribute containing the X509 certificate of the user."
msgstr "Nombre del atributo LDAP que contiene el certificado X509 del usuario."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:613
msgid "Default: userCertificate;binary"
msgstr "Predeterminado: userCertificate;binary"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:619
msgid "ldap_user_email (string)"
msgstr "ldap_user_email (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:622
msgid "Name of the LDAP attribute containing the email address of the user."
msgstr ""
"Nombre del atributo LDAP que contiene el correo electrónico del usuario."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:626
#, fuzzy
#| msgid ""
#| "Note: If an email address of a user conflicts with an email address or "
#| "fully qualified name of another user, then SSSD will not be able to serve "
#| "those users properly. If for some reason several users need to share the "
#| "same email address then set this option to a nonexistent attribute name "
#| "in order to disable user lookup/login by email."
msgid ""
"Note: If an email address of a user conflicts with an email address or fully "
"qualified name of another user, then SSSD will not be able to serve those "
"users properly. This option allows users to login by (1) username, and (2) e-"
"mail address.  If for some reason several users need to share the same email "
"address then set this option to a nonexistent attribute name in order to "
"disable user lookup/login by email."
msgstr ""
"Aviso: Si una dirección de correo electrónico de un usuario entra en "
"conflicto con una dirección de correo electrónico o el nombre totalmente "
"cualificado de otro usuario, SSSD no será capaz de servir adecuadamente a "
"esos usuarios. Si por alguna de varias razones los usuarios necesitan "
"compartir la misma dirección de correo electrónico establezca esta opción a "
"un nombre de atributo no existente con elobjetivo de deshabilitar la "
"búsqueda/acceso por correo electrónico."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:637
msgid "Default: mail"
msgstr "Predeterminado: mail"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:642
#, fuzzy
#| msgid "ldap_user_name (string)"
msgid "ldap_user_passkey (string)"
msgstr "ldap_user_name (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:645
#, fuzzy
#| msgid "Name of the LDAP attribute containing the email address of the user."
msgid ""
"Name of the LDAP attribute containing the passkey mapping data of the user."
msgstr ""
"Nombre del atributo LDAP que contiene el correo electrónico del usuario."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:649
msgid "Default: passkey (LDAP), ipaPassKey (IPA), altSecurityIdentities (AD)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-ldap-attributes.5.xml:659
msgid "GROUP ATTRIBUTES"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:663
msgid "ldap_group_object_class (string)"
msgstr "ldap_group_object_class (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:666
msgid "The object class of a group entry in LDAP."
msgstr "La clase de objeto de una entrada de grupo LDAP."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:669
msgid "Default: posixGroup"
msgstr "Por defecto: posixGroup"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:675
msgid "ldap_group_name (string)"
msgstr "ldap_group_name (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:678
msgid ""
"The LDAP attribute that corresponds to the group name. In an environment "
"with nested groups, this value must be an LDAP attribute which has a unique "
"name for every group. This requirement includes non-POSIX groups in the tree "
"of nested groups."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:686
msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)"
msgstr "Predeterminado: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:693
msgid "ldap_group_gid_number (string)"
msgstr "ldap_group_gid_number (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:696
msgid "The LDAP attribute that corresponds to the group's id."
msgstr "El atributo LDAP que corresponde al id del grupo."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:706
msgid "ldap_group_member (string)"
msgstr "ldap_group_member (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:709
msgid "The LDAP attribute that contains the names of the group's members."
msgstr "El atributo LDAP que contiene los nombres de los miembros del grupo."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:713
msgid "Default: memberuid (rfc2307) / member (rfc2307bis)"
msgstr "Valor predeterminado: memberuid (rfc2307) / member (rfc2307bis)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:719
msgid "ldap_group_uuid (string)"
msgstr "ldap_group_uuid (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:722
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object."
msgstr "El atributo LDAP que contiene el UUID/GUID de un objeto grupo LDAP."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:733
msgid "ldap_group_objectsid (string)"
msgstr "ldap_group_objectsid (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:736
msgid ""
"The LDAP attribute that contains the objectSID of an LDAP group object. This "
"is usually only necessary for ActiveDirectory servers."
msgstr ""
"El atributo LDAP que contiene el objectSID de un objeto grupo LDAP. Esto es "
"normalmente sólo necesario para servidores ActiveDirectory."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:748
msgid "ldap_group_modify_timestamp (string)"
msgstr "ldap_group_modify_timestamp (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:761
msgid "ldap_group_type (string)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:764
msgid ""
"The LDAP attribute that contains an integer value indicating the type of the "
"group and maybe other flags."
msgstr ""
"El atributo LDAP que contiene un valor entero indicando el tipo del grupo y "
"puede ser otras banderas."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:769
msgid ""
"This attribute is currently only used by the AD provider to determine if a "
"group is a domain local groups and has to be filtered out for trusted "
"domains."
msgstr ""
"Este atributo es actualmente usado por el proveedor AD para determinar si un "
"grupo está en grupos de dominio local y ha de ser sacado de los dominios de "
"confianza."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:775
msgid "Default: groupType in the AD provider, otherwise not set"
msgstr ""
"Predeterminado: groupType en el proveedor AD, de otro modo no establecido"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:782
msgid "ldap_group_external_member (string)"
msgstr "ldap_group_external_member (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:785
msgid ""
"The LDAP attribute that references group members that are defined in an "
"external domain. At the moment, only IPA's external members are supported."
msgstr ""
"El atributo LDAP que referencia a los miembros de grupo que están definidos "
"en un dominio externo. En este momento, solo se soportan los miembros "
"externos de IPA."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:791
msgid "Default: ipaExternalMember in the IPA provider, otherwise unset."
msgstr ""
"Predeterminado: ipaExternalMember en el proveedor IPA, de otro modo no "
"estabecido."

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-ldap-attributes.5.xml:801
msgid "NETGROUP ATTRIBUTES"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:805
msgid "ldap_netgroup_object_class (string)"
msgstr "ldap_netgroup_object_class (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:808
msgid "The object class of a netgroup entry in LDAP."
msgstr "La clase objeto de una entrada de grupo de red en LDAP."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:811
msgid "In IPA provider, ipa_netgroup_object_class should be used instead."
msgstr "En proveedor IPA, ipa_netgroup_object_class, se usaría en su lugar."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:815
msgid "Default: nisNetgroup"
msgstr "Predeterminado: nisNetgroup"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:821
msgid "ldap_netgroup_name (string)"
msgstr "ldap_netgroup_name (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:824
msgid "The LDAP attribute that corresponds to the netgroup name."
msgstr "El atributo LDAP que corresponde al nombre de grupo de red."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:828
msgid "In IPA provider, ipa_netgroup_name should be used instead."
msgstr "Un proveedor IPA, ipa_netgroup_name sería usado en su lugar."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:838
msgid "ldap_netgroup_member (string)"
msgstr "ldap_netgroup_member (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:841
msgid "The LDAP attribute that contains the names of the netgroup's members."
msgstr ""
"El atributo LDAP que contiene los nombres de los miembros de grupo de red."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:845
msgid "In IPA provider, ipa_netgroup_member should be used instead."
msgstr "Un proveedor IPA, ipa_netgroup_member sería usado en su lugar."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:849
msgid "Default: memberNisNetgroup"
msgstr "Predeterminado: memberNisNetgroup"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:855
msgid "ldap_netgroup_triple (string)"
msgstr "ldap_netgroup_triple (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:858
msgid ""
"The LDAP attribute that contains the (host, user, domain) netgroup triples."
msgstr ""
"El atributo LDAP que contiene los (host, usuario, dominio) triples de grupo "
"de red."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:862 sssd-ldap-attributes.5.xml:878
msgid "This option is not available in IPA provider."
msgstr "Esta opción no está disponible en el proveedor IPA."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:865
msgid "Default: nisNetgroupTriple"
msgstr "Predeterminado: nisNetgroupTriple"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:871
msgid "ldap_netgroup_modify_timestamp (string)"
msgstr "ldap_netgroup_modify_timestamp (cadena)"

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-ldap-attributes.5.xml:890
msgid "HOST ATTRIBUTES"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:894
msgid "ldap_host_object_class (string)"
msgstr "ldap_host_object_class (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:897
msgid "The object class of a host entry in LDAP."
msgstr "La clase de objeto de una entrada de host en LDAP."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:900 sssd-ldap-attributes.5.xml:997
msgid "Default: ipService"
msgstr "Por defecto: ipService"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:906
msgid "ldap_host_name (string)"
msgstr "ldap_host_name (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:909 sssd-ldap-attributes.5.xml:935
msgid "The LDAP attribute that corresponds to the host's name."
msgstr "El atributo LDAP que corresponde al nombre de host."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:919
msgid "ldap_host_fqdn (string)"
msgstr "ldap_host_fqdn (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:922
msgid ""
"The LDAP attribute that corresponds to the host's fully-qualified domain "
"name."
msgstr ""
"El atributo LDAP que corresponde al nombre de dominio totalmente cualificado "
"del host."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:926
msgid "Default: fqdn"
msgstr "Predeterminado: fqdn"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:932
msgid "ldap_host_serverhostname (string)"
msgstr "ldap_host_serverhostname (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:939
msgid "Default: serverHostname"
msgstr "Predeterminado: serverHostname"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:945
msgid "ldap_host_member_of (string)"
msgstr "ldap_host_member_of (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:948
msgid "The LDAP attribute that lists the host's group memberships."
msgstr "Atributo LDAP que lista los miembros del grupo del host."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:958
msgid "ldap_host_ssh_public_key (string)"
msgstr "ldap_host_ssh_public_key (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:961
msgid "The LDAP attribute that contains the host's SSH public keys."
msgstr "El atributo LDAP que contiene las claves públicas SSH del host."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:971
msgid "ldap_host_uuid (string)"
msgstr "ldap_host_uuid (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:974
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object."
msgstr "Atributo LDAP que contiene las UUID/GUID de un objeto host LDAP."

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-ldap-attributes.5.xml:987
msgid "SERVICE ATTRIBUTES"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:991
msgid "ldap_service_object_class (string)"
msgstr "ldap_service_object_class (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:994
msgid "The object class of a service entry in LDAP."
msgstr "La clase objeto de una entrada de servicio en LDAP."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:1003
msgid "ldap_service_name (string)"
msgstr "ldap_service_name (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1006
msgid ""
"The LDAP attribute that contains the name of service attributes and their "
"aliases."
msgstr ""
"El atributo LDAP que contiene el nombre de servicio de atributos y sus alias."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:1016
msgid "ldap_service_port (string)"
msgstr "ldap_service_port (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1019
msgid "The LDAP attribute that contains the port managed by this service."
msgstr "El atributo LDAP que contiene el puerto manejado por este servicio."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1023
msgid "Default: ipServicePort"
msgstr "Por defecto: ipServicePort"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:1029
msgid "ldap_service_proto (string)"
msgstr "ldap_service_proto (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1032
msgid ""
"The LDAP attribute that contains the protocols understood by this service."
msgstr ""
"El atributo LDAP que contiene los protocolos entendidos por este servicio."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1036
msgid "Default: ipServiceProtocol"
msgstr "Por defecto: ipServiceProtocol"

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-ldap-attributes.5.xml:1045
msgid "SUDO ATTRIBUTES"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:1049
msgid "ldap_sudorule_object_class (string)"
msgstr "ldap_sudorule_object_class (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1052
msgid "The object class of a sudo rule entry in LDAP."
msgstr "El objeto clase de una regla de entrada sudo en LDAP."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1055
msgid "Default: sudoRole"
msgstr "Por defecto: sudoRole"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:1061
msgid "ldap_sudorule_name (string)"
msgstr "ldap_sudorule_name (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1064
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr "El atributo LDAP que corresponde a la regla nombre de sudo."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:1074
msgid "ldap_sudorule_command (string)"
msgstr "ldap_sudorule_command (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1077
msgid "The LDAP attribute that corresponds to the command name."
msgstr "El atributo LDAP que corresponde al nombre de comando."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1081
msgid "Default: sudoCommand"
msgstr "Por defecto: sudoCommand"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:1087
msgid "ldap_sudorule_host (string)"
msgstr "ldap_sudorule_host (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1090
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
msgstr ""
"El atributo LDAP que corresponde al nombre de host (o dirección IP del host, "
"red IP del host o grupo de red del host)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1095
msgid "Default: sudoHost"
msgstr "Por defecto: sudoHost"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:1101
msgid "ldap_sudorule_user (string)"
msgstr "ldap_sudorule_user (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1104
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
msgstr ""
"El atributo LDAP que corresponde al nombre de usuario (o UID. nombre de "
"grupo o grupo de red del usuario)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1108
msgid "Default: sudoUser"
msgstr "Por defecto: sudoUser"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:1114
msgid "ldap_sudorule_option (string)"
msgstr "ldap_sudorule_option (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1117
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr "El atributo LDAP que corresponde a las opciones sudo."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1121
msgid "Default: sudoOption"
msgstr "Por defecto: sudoOption"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:1127
msgid "ldap_sudorule_runasuser (string)"
msgstr "ldap_sudorule_runasuser (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1130
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr ""
"El atributo LDAP que corresponde al nombre de usuario que los comandos "
"pueden ejecutar como."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1134
msgid "Default: sudoRunAsUser"
msgstr "Por defectot: sudoRunAsUser"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:1140
msgid "ldap_sudorule_runasgroup (string)"
msgstr "ldap_sudorule_runasgroup (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1143
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
msgstr ""
"El atributo LDAP que corresponde al nombre de grupo o GID de grupo que puede "
"ejecutar comandos como."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1147
msgid "Default: sudoRunAsGroup"
msgstr "Por defecto: sudoRunAsGroup"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:1153
msgid "ldap_sudorule_notbefore (string)"
msgstr "ldap_sudorule_notbefore (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1156
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr ""
"El atributo LDAP que corresponde al inicio de fecha/hora para cuando la "
"regla sudo es válida."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1160
msgid "Default: sudoNotBefore"
msgstr "Por defecto: sudoNotBefore"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:1166
msgid "ldap_sudorule_notafter (string)"
msgstr "ldap_sudorule_notafter (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1169
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr ""
"El atributo LDAP que corresponde a la fecha/hora final, después de la cual "
"la regla sudo dejará de ser válida."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1174
msgid "Default: sudoNotAfter"
msgstr "Por defecto: sudoNotAfter"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:1180
msgid "ldap_sudorule_order (string)"
msgstr "ldap_sudorule_order (cadena)"

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1183
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr "El atributo LDAP que corresponde al índice de ordenación de la regla."

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1187
msgid "Default: sudoOrder"
msgstr "Por defecto: sudoOrder"

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-ldap-attributes.5.xml:1196
msgid "AUTOFS ATTRIBUTES"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-ldap-attributes.5.xml:1203
msgid "IP HOST ATTRIBUTES"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:1207
msgid "ldap_iphost_object_class (string)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1210
msgid "The object class of an iphost entry in LDAP."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1213
msgid "Default: ipHost"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:1219
msgid "ldap_iphost_name (string)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1222
msgid ""
"The LDAP attribute that contains the name of the IP host attributes and "
"their aliases."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:1232
msgid "ldap_iphost_number (string)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1235
msgid "The LDAP attribute that contains the IP host address."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1239
msgid "Default: ipHostNumber"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-ldap-attributes.5.xml:1248
msgid "IP NETWORK ATTRIBUTES"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:1252
msgid "ldap_ipnetwork_object_class (string)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1255
msgid "The object class of an ipnetwork entry in LDAP."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1258
msgid "Default: ipNetwork"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:1264
msgid "ldap_ipnetwork_name (string)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1267
msgid ""
"The LDAP attribute that contains the name of the IP network attributes and "
"their aliases."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap-attributes.5.xml:1277
msgid "ldap_ipnetwork_number (string)"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1280
msgid "The LDAP attribute that contains the IP network address."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap-attributes.5.xml:1284
msgid "Default: ipNetworkNumber"
msgstr ""

#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd_krb5_localauth_plugin.8.xml:10 sssd_krb5_localauth_plugin.8.xml:15
#, fuzzy
#| msgid "sssd_krb5_locator_plugin"
msgid "sssd_krb5_localauth_plugin"
msgstr "sssd_krb5_locator_plugin"

#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sssd_krb5_localauth_plugin.8.xml:16
#, fuzzy
#| msgid "Kerberos locator plugin"
msgid "Kerberos local authorization plugin"
msgstr "Complemento localizador Kerberos"

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd_krb5_localauth_plugin.8.xml:22
msgid ""
"The Kerberos local authorization plugin <command>sssd_krb5_localauth_plugin</"
"command> is used by libkrb5 to either find the local name for a given "
"Kerberos principal or to check if a given local name and a given Kerberos "
"principal relate to each other."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd_krb5_localauth_plugin.8.xml:29
msgid ""
"SSSD handles the local names for users from a remote source and can read the "
"Kerberos user principal name from the remote source as well. With this "
"information SSSD can easily handle the mappings mentioned above even if the "
"local name and the Kerberos principal differ considerably."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd_krb5_localauth_plugin.8.xml:36
msgid ""
"Additionally with the information read from the remote source SSSD can help "
"to prevent unexpected or unwanted mappings in case the user part of the "
"Kerberos principal accidentally corresponds to a local name of a different "
"user. By default libkrb5 might just strip the realm part of the Kerberos "
"principal to get the local name which would lead to wrong mappings in this "
"case."
msgstr ""

#. type: Content of: <reference><refentry><refsect1><title>
#: sssd_krb5_localauth_plugin.8.xml:46
#, fuzzy
#| msgid "CONFIGURATION OPTIONS"
msgid "CONFIGURATION"
msgstr "OPCIONES DE CONFIGURACIÓN"

#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sssd_krb5_localauth_plugin.8.xml:56
#, no-wrap
msgid ""
"[plugins]\n"
" localauth = {\n"
"  module = sssd:/usr/lib64/sssd/modules/sssd_krb5_localauth_plugin.so\n"
" }\n"
msgstr ""

#. type: Content of: <reference><refentry><refsect1><para>
#: sssd_krb5_localauth_plugin.8.xml:48
msgid ""
"The Kerberos local authorization plugin must be enabled explicitly in the "
"Kerberos configuration, see <citerefentry> <refentrytitle>krb5.conf</"
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>.  SSSD will create a "
"config snippet with the content like e.g.  <placeholder "
"type=\"programlisting\" id=\"0\"/> automatically in the SSSD's public "
"Kerberos configuration snippet directory. If this directory is included in "
"the local Kerberos configuration the plugin will be enabled automatically."
msgstr ""

#. type: Content of: <variablelist><varlistentry><term>
#: include/autofs_attributes.xml:3
msgid "ldap_autofs_map_object_class (string)"
msgstr "ldap_autofs_map_object_class (cadena)"

#. type: Content of: <variablelist><varlistentry><listitem><para>
#: include/autofs_attributes.xml:6
msgid "The object class of an automount map entry in LDAP."
msgstr "El objeto clase de una entrada de mapa de automontaje en LDAP."

#. type: Content of: <variablelist><varlistentry><listitem><para>
#: include/autofs_attributes.xml:9
msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap"
msgstr ""
"Predeterminado: nisMap (rfc2307, autofs_provider=ad), de otra manera "
"automountMap"

#. type: Content of: <variablelist><varlistentry><term>
#: include/autofs_attributes.xml:16
msgid "ldap_autofs_map_name (string)"
msgstr "ldap_autofs_map_name (cadena)"

#. type: Content of: <variablelist><varlistentry><listitem><para>
#: include/autofs_attributes.xml:19
msgid "The name of an automount map entry in LDAP."
msgstr "El nombre de una entrada de mapa de automontaje en LDAP."

#. type: Content of: <variablelist><varlistentry><listitem><para>
#: include/autofs_attributes.xml:22
msgid ""
"Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName"
msgstr ""
"Predeterminado: nisMapName (rfc2307, autofs_provider=ad), de otra manera "
"automountMapName"

#. type: Content of: <variablelist><varlistentry><term>
#: include/autofs_attributes.xml:29
msgid "ldap_autofs_entry_object_class (string)"
msgstr "ldap_autofs_entry_object_class (cadena)"

#. type: Content of: <variablelist><varlistentry><listitem><para>
#: include/autofs_attributes.xml:32
msgid ""
"The object class of an automount entry in LDAP. The entry usually "
"corresponds to a mount point."
msgstr ""
"El objeto clase de una entrada de montaje automático en LDAP. La entrada "
"normalmente corresponde a un punto de montaje."

#. type: Content of: <variablelist><varlistentry><listitem><para>
#: include/autofs_attributes.xml:37
msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount"
msgstr ""
"Predeterminado: nisObject (rfc2307, autofs_provider=ad), de otra manera "
"automount"

#. type: Content of: <variablelist><varlistentry><term>
#: include/autofs_attributes.xml:44
msgid "ldap_autofs_entry_key (string)"
msgstr "ldap_autofs_entry_key (cadena)"

#. type: Content of: <variablelist><varlistentry><listitem><para>
#: include/autofs_attributes.xml:47 include/autofs_attributes.xml:61
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
msgstr ""
"La clave de una entrada de automontaje en LDAP. La entrada corresponde "
"normalmente a un punto de montaje."

#. type: Content of: <variablelist><varlistentry><listitem><para>
#: include/autofs_attributes.xml:51
msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey"
msgstr ""
"Predeterminado: cn (rfc2307, autofs_provider=ad), de otra manera automountKey"

#. type: Content of: <variablelist><varlistentry><term>
#: include/autofs_attributes.xml:58
msgid "ldap_autofs_entry_value (string)"
msgstr "ldap_autofs_entry_value (cadena)"

#. type: Content of: <variablelist><varlistentry><listitem><para>
#: include/autofs_attributes.xml:65
msgid ""
"Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise "
"automountInformation"
msgstr ""
"Predeterminado: nisMapEntry (rfc2307, autofs_provider=ad), de otra manera "
"automountInformation"

#. type: Content of: <refsect1><title>
#: include/service_discovery.xml:2
msgid "SERVICE DISCOVERY"
msgstr "SERVICIO DE DESCUBRIMIENTO"

#. type: Content of: <refsect1><para>
#: include/service_discovery.xml:4
msgid ""
"The service discovery feature allows back ends to automatically find the "
"appropriate servers to connect to using a special DNS query. This feature is "
"not supported for backup servers."
msgstr ""
"La función servicio descubridor permite a los puntos finales encontrar "
"automáticamente los servidores apropiados a conectar para usar una pregunta "
"especial al DNS. Esta función no está soportada por los servidores de "
"respaldo."

#. type: Content of: <refsect1><refsect2><title>
#: include/service_discovery.xml:9 include/ldap_id_mapping.xml:99
msgid "Configuration"
msgstr "Configuración"

#. type: Content of: <refsect1><refsect2><para>
#: include/service_discovery.xml:11
msgid ""
"If no servers are specified, the back end automatically uses service "
"discovery to try to find a server. Optionally, the user may choose to use "
"both fixed server addresses and service discovery by inserting a special "
"keyword, <quote>_srv_</quote>, in the list of servers. The order of "
"preference is maintained. This feature is useful if, for example, the user "
"prefers to use service discovery whenever possible, and fall back to a "
"specific server when no servers can be discovered using DNS."
msgstr ""
"Si no se especifican servidores, el punto final usar automáticamente el "
"servicio descubridor para intentar encontrar un servidor. Opcionalmente, el "
"usuario puede elegir utilizar tanto las direcciones de servidor fijadas como "
"el servicio descubridor para insertar una palabra clave especial, "
"<quote>_srv_</quote>, en la lista de servidores. El orden de preferencia se "
"mantiene. Esta función es útil sí, por ejemplo, el usuario prefiere usar el "
"servicio descubridor siempre que sea posible, el volver a un servidor "
"específico cuando no se pueden descubrir servidores usando DNS."

#. type: Content of: <refsect1><refsect2><title>
#: include/service_discovery.xml:23
msgid "The domain name"
msgstr "El nombre de dominio"

#. type: Content of: <refsect1><refsect2><para>
#: include/service_discovery.xml:25
msgid ""
"Please refer to the <quote>dns_discovery_domain</quote> parameter in the "
"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> manual page for more details."
msgstr ""
"Por favor vea el parámetro <quote>dns_discovery_domain</quote> en la página "
"de manual <citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
"<manvolnum>5</manvolnum> </citerefentry> para más detalles."

#. type: Content of: <refsect1><refsect2><title>
#: include/service_discovery.xml:35
msgid "The protocol"
msgstr "El protocolo"

#. type: Content of: <refsect1><refsect2><para>
#: include/service_discovery.xml:37
msgid ""
"The queries usually specify _tcp as the protocol. Exceptions are documented "
"in respective option description."
msgstr ""
"Las consultas normalmente especifican _tcp como protocolo. Las excepciones "
"se documentan en la descripción de la opción respectiva."

#. type: Content of: <refsect1><refsect2><title>
#: include/service_discovery.xml:42
msgid "See Also"
msgstr "Vea también"

#. type: Content of: <refsect1><refsect2><para>
#: include/service_discovery.xml:44
msgid ""
"For more information on the service discovery mechanism, refer to RFC 2782."
msgstr ""
"Para más información sobre el mecanismo del servicio descubridor, vea el RFC "
"2782."

#. type: Content of: <refentryinfo>
#: include/upstream.xml:2
msgid ""
"<productname>SSSD</productname> <orgname>The SSSD upstream - https://github."
"com/SSSD/sssd/</orgname>"
msgstr ""

#. type: Content of: outside any tag (error?)
#: include/upstream.xml:1
msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>"
msgstr "<placeholder type=\"refentryinfo\" id=\"0\"/>"

#. type: Content of: <refsect1><title>
#: include/failover.xml:2
msgid "FAILOVER"
msgstr "CONMUTACIÓN POR ERROR"

#. type: Content of: <refsect1><para>
#: include/failover.xml:4
msgid ""
"The failover feature allows back ends to automatically switch to a different "
"server if the current server fails."
msgstr ""
"La función conmutación en error permite a los finales conmutar "
"automáticamente a un servidor diferente si el servidor actual falla."

#. type: Content of: <refsect1><refsect2><title>
#: include/failover.xml:8
msgid "Failover Syntax"
msgstr "Sintaxis de conmutación por error"

#. type: Content of: <refsect1><refsect2><para>
#: include/failover.xml:10
msgid ""
"The list of servers is given as a comma-separated list; any number of spaces "
"is allowed around the comma. The servers are listed in order of preference. "
"The list can contain any number of servers."
msgstr ""
"La lista de servidores se da como una lista separada por comas; se permite "
"cualquier número de espacios a los lados de la coma. Los servidores son "
"listados en orden de preferencia. La lista puede contener cualquier número "
"de servidores."

#. type: Content of: <refsect1><refsect2><para>
#: include/failover.xml:16
msgid ""
"For each failover-enabled config option, two variants exist: "
"<emphasis>primary</emphasis> and <emphasis>backup</emphasis>.  The idea is "
"that servers in the primary list are preferred and backup servers are only "
"searched if no primary servers can be reached. If a backup server is "
"selected, a timeout of 31 seconds is set. After this timeout SSSD will "
"periodically try to reconnect to one of the primary servers. If it succeeds, "
"it will replace the current active (backup) server."
msgstr ""

#. type: Content of: <refsect1><refsect2><title>
#: include/failover.xml:27
msgid "The Failover Mechanism"
msgstr ""
"El mecanismo de conmutación por errorEl mecanismo de failover distingue "
"entre una máquina y un servicio. El punto final intenta primero resolver el "
"nombre de host de una máquina dada; si el intento de resolución falla, la "
"máquina es considerada fuera de línea. No se harán más intentos de conexión "
"con esta máquina para ningún otro servicio. Si el intento de resolución "
"tiene éxito, el punto final intenta conectar a un servicio en esa máquina. "
"Si el intento de conexión al servicio falla, entonces sólo se considera "
"fuera de línea este servicio concreto y el punto final conmutará "
"automáticamente sobre el siguientes servicio. La máquina se considera que "
"sigue en línea y se puede intentar el acceso a otros servicios."

#. type: Content of: <refsect1><refsect2><para>
#: include/failover.xml:29
msgid ""
"The failover mechanism distinguishes between a machine and a service. The "
"back end first tries to resolve the hostname of a given machine; if this "
"resolution attempt fails, the machine is considered offline. No further "
"attempts are made to connect to this machine for any other service. If the "
"resolution attempt succeeds, the back end tries to connect to a service on "
"this machine. If the service connection attempt fails, then only this "
"particular service is considered offline and the back end automatically "
"switches over to the next service.  The machine is still considered online "
"and might still be tried for another service."
msgstr ""
"El mecanismo de conmutación por error distingue entre una máquina y un "
"servicio. El punto final intenta primero resolver el nombre de host de una "
"máquina dada; si el intento de resolución falla, la máquina es considerada "
"fuera de línea. No se harán más intentos de conexión con esta máquina para "
"ningún otro servicio. Si el intento de resolución tiene éxito, el punto "
"final intenta conectar a un servicio en esa máquina. Si el intento de "
"conexión al servicio falla, entonces sólo se considera fuera de línea este "
"servicio concreto y el punto final conmutará automáticamente sobre el "
"siguientes servicio. La máquina se considera que sigue en línea y se puede "
"intentar el acceso a otros servicios."

#. type: Content of: <refsect1><refsect2><para>
#: include/failover.xml:42
msgid ""
"Further connection attempts are made to machines or services marked as "
"offline after a specified period of time; this is currently hard coded to 30 "
"seconds."
msgstr ""
"Los intentos de conexión adicionales son hechos a máquinas o servicios "
"marcaros como fuera de línea después de un período de tiempo especificado; "
"esto está codificado a fuego actualmente en 30 segundos."

#. type: Content of: <refsect1><refsect2><para>
#: include/failover.xml:47
msgid ""
"If there are no more machines to try, the back end as a whole switches to "
"offline mode, and then attempts to reconnect every 30 seconds."
msgstr ""
"Si no hay más máquinas para intentarlo, el punto final al completo conmutará "
"al modo fuera de línea y después intentará reconectar cada 30 segundo."

#. type: Content of: <refsect1><refsect2><title>
#: include/failover.xml:53
msgid "Failover time outs and tuning"
msgstr ""

#. type: Content of: <refsect1><refsect2><para>
#: include/failover.xml:55
msgid ""
"Resolving a server to connect to can be as simple as running a single DNS "
"query or can involve several steps, such as finding the correct site or "
"trying out multiple host names in case some of the configured servers are "
"not reachable. The more complex scenarios can take some time and SSSD needs "
"to balance between providing enough time to finish the resolution process "
"but on the other hand, not trying for too long before falling back to "
"offline mode. If the SSSD debug logs show that the server resolution is "
"timing out before a live server is contacted, you can consider changing the "
"time outs."
msgstr ""

#. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><term>
#: include/failover.xml:76
msgid "dns_resolver_server_timeout"
msgstr ""

#. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: include/failover.xml:80
msgid ""
"Time in milliseconds that sets how long would SSSD talk to a single DNS "
"server before trying next one."
msgstr ""

#. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><term>
#: include/failover.xml:90
msgid "dns_resolver_op_timeout"
msgstr ""

#. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: include/failover.xml:94
msgid ""
"Time in seconds to tell how long would SSSD try to resolve single DNS query "
"(e.g. resolution of a hostname or an SRV record) before trying the next "
"hostname or discovery domain."
msgstr ""

#. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><term>
#: include/failover.xml:106
msgid "dns_resolver_timeout"
msgstr ""

#. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: include/failover.xml:110
msgid ""
"How long would SSSD try to resolve a failover service. This service "
"resolution internally might include several steps, such as resolving DNS SRV "
"queries or locating the site."
msgstr ""

#. type: Content of: <refsect1><refsect2><para>
#: include/failover.xml:67
msgid ""
"This section lists the available tunables. Please refer to their description "
"in the <citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</"
"manvolnum> </citerefentry>, manual page.  <placeholder type=\"variablelist\" "
"id=\"0\"/>"
msgstr ""

#. type: Content of: <refsect1><refsect2><para>
#: include/failover.xml:123
msgid ""
"For LDAP-based providers, the resolve operation is performed as part of an "
"LDAP connection operation. Therefore, also the <quote>ldap_opt_timeout</"
"quote> timeout should be set to a larger value than "
"<quote>dns_resolver_timeout</quote> which in turn should be set to a larger "
"value than <quote>dns_resolver_op_timeout</quote> which should be larger "
"than <quote>dns_resolver_server_timeout</quote>."
msgstr ""

#. type: Content of: <refsect1><title>
#: include/ldap_id_mapping.xml:2
msgid "ID MAPPING"
msgstr "ASIGNACIÓN DE ID"

#. type: Content of: <refsect1><para>
#: include/ldap_id_mapping.xml:4
msgid ""
"The ID-mapping feature allows SSSD to act as a client of Active Directory "
"without requiring administrators to extend user attributes to support POSIX "
"attributes for user and group identifiers."
msgstr ""
"La función asignación de ID permite a SSSD actuar como un cliente de Active "
"Directory sin requerir de administradores para extender los atributos de "
"usuario para soportar atributos POSIX para los identificadores de usuario y "
"grupo."

#. type: Content of: <refsect1><para>
#: include/ldap_id_mapping.xml:9
msgid ""
"NOTE: When ID-mapping is enabled, the uidNumber and gidNumber attributes are "
"ignored. This is to avoid the possibility of conflicts between automatically-"
"assigned and manually-assigned values. If you need to use manually-assigned "
"values, ALL values must be manually-assigned."
msgstr ""
"NOTA: Cuando asignación de ID está habilitado, los atributos uidNumber y "
"gidNumber son ignorados. Esto es para evitar la posibilidad de conflictos "
"entre los valores automáticamente asignados y los asignados manualmente. Si "
"usted necesita usar los valore asignados manualmente, TODOS los valores "
"deben ser asignados manualmente."

#. type: Content of: <refsect1><para>
#: include/ldap_id_mapping.xml:16
msgid ""
"Please note that changing the ID mapping related configuration options will "
"cause user and group IDs to change. At the moment, SSSD does not support "
"changing IDs, so the SSSD database must be removed. Because cached passwords "
"are also stored in the database, removing the database should only be "
"performed while the authentication servers are reachable, otherwise users "
"might get locked out. In order to cache the password, an authentication must "
"be performed. It is not sufficient to use <citerefentry> "
"<refentrytitle>sss_cache</refentrytitle> <manvolnum>8</manvolnum> </"
"citerefentry> to remove the database, rather the process consists of:"
msgstr ""

#. type: Content of: <refsect1><para><itemizedlist><listitem><para>
#: include/ldap_id_mapping.xml:33
msgid "Making sure the remote servers are reachable"
msgstr ""

#. type: Content of: <refsect1><para><itemizedlist><listitem><para>
#: include/ldap_id_mapping.xml:38
msgid "Stopping the SSSD service"
msgstr ""

#. type: Content of: <refsect1><para><itemizedlist><listitem><para>
#: include/ldap_id_mapping.xml:43
msgid "Removing the database"
msgstr ""

#. type: Content of: <refsect1><para><itemizedlist><listitem><para>
#: include/ldap_id_mapping.xml:48
msgid "Starting the SSSD service"
msgstr ""

#. type: Content of: <refsect1><para>
#: include/ldap_id_mapping.xml:52
msgid ""
"Moreover, as the change of IDs might necessitate the adjustment of other "
"system properties such as file and directory ownership, it's advisable to "
"plan ahead and test the ID mapping configuration thoroughly."
msgstr ""

#. type: Content of: <refsect1><refsect2><title>
#: include/ldap_id_mapping.xml:59
msgid "Mapping Algorithm"
msgstr "Algoritmo de asignación"

#. type: Content of: <refsect1><refsect2><para>
#: include/ldap_id_mapping.xml:61
msgid ""
"Active Directory provides an objectSID for every user and group object in "
"the directory. This objectSID can be broken up into components that "
"represent the Active Directory domain identity and the relative identifier "
"(RID) of the user or group object."
msgstr ""
"Active Directory suministra un objectSID para cada objeto usuario y grupo en "
"el directorio. El objectSID puede ser dividido en componente que representan "
"la identidad del dominio Active Directory y le identificador relativo (RID) "
"del objeto usuario y grupo."

#. type: Content of: <refsect1><refsect2><para>
#: include/ldap_id_mapping.xml:67
msgid ""
"The SSSD ID-mapping algorithm takes a range of available UIDs and divides it "
"into equally-sized component sections - called \"slices\"-. Each slice "
"represents the space available to an Active Directory domain."
msgstr ""
"El algoritmo de asignación de ID de SSSD tiene un rango de UIDs disponibles "
"y lo divide en secciones componente de igual tamaño – llamadas “rebanadas” "
"-. Cada rebanada representa el espacio disponible para un dominio Active "
"Directory."

#. type: Content of: <refsect1><refsect2><para>
#: include/ldap_id_mapping.xml:73
msgid ""
"When a user or group entry for a particular domain is encountered for the "
"first time, the SSSD allocates one of the available slices for that domain. "
"In order to make this slice-assignment repeatable on different client "
"machines, we select the slice based on the following algorithm:"
msgstr ""
"Cuando se encuentra por primera vez una entrada de usuario o grupo para un "
"dominio concreto, SSSD asigna una de las rebanadas disponibles para ese "
"dominio. Con el objetivo de hacer esta asignación de rebanadas repetible "
"sobre diferentes máquinas clientes, seleccionamos la rebanada en base al "
"siguiente algoritmo:"

#. type: Content of: <refsect1><refsect2><para>
#: include/ldap_id_mapping.xml:80
msgid ""
"The SID string is passed through the murmurhash3 algorithm to convert it to "
"a 32-bit hashed value. We then take the modulus of this value with the total "
"number of available slices to pick the slice."
msgstr ""
"La cadena SID pasada a través del algoritmo murmurhash3 para convertirlo en "
"un valor picado de 32 bit. Después tomamos los módulos de este valor con el "
"número total de rebanadas disponibles para recoger la rebanada."

#. type: Content of: <refsect1><refsect2><para>
#: include/ldap_id_mapping.xml:86
msgid ""
"NOTE: It is possible to encounter collisions in the hash and subsequent "
"modulus. In these situations, we will select the next available slice, but "
"it may not be possible to reproduce the same exact set of slices on other "
"machines (since the order that they are encountered will determine their "
"slice). In this situation, it is recommended to either switch to using "
"explicit POSIX attributes in Active Directory (disabling ID-mapping) or "
"configure a default domain to guarantee that at least one is always "
"consistent. See <quote>Configuration</quote> for details."
msgstr ""
"NOTA: Es posible encontrar colisiones en el picadillo y los módulos "
"subsiguientes. En estas situaciones, seleccionaremos la siguiente rebanada "
"disponible, pero puede no ser posible reproducir los mismos conjuntos "
"exactos de rebanadas sobre otras máquinas (puesto que el orden en que se "
"encuentren desterminará sus rebanadas). En esta situación, se recomienda o "
"bien conmutar para usar los atributos explícitos POSIX en Active Directory "
"(deshabilitando la asignación de ID) o configurar un dominio por defecto "
"para garantizar que al menos uno sea siempre consistente. Vea "
"<quote>Configuración</quote> para detalles."

#. type: Content of: <refsect1><refsect2><para>
#: include/ldap_id_mapping.xml:101
msgid ""
"Minimum configuration (in the <quote>[domain/DOMAINNAME]</quote> section):"
msgstr ""
"Configuración mínima (en la sección <quote>[domain/DOMAINNAME]</quote>):"

#. type: Content of: <refsect1><refsect2><para><programlisting>
#: include/ldap_id_mapping.xml:106
#, no-wrap
msgid ""
"ldap_id_mapping = True\n"
"ldap_schema = ad\n"
msgstr "ldap_id_mapping = True ldap_schema = ad \n"

#. type: Content of: <refsect1><refsect2><para>
#: include/ldap_id_mapping.xml:111
msgid ""
"The default configuration results in configuring 10,000 slices, each capable "
"of holding up to 200,000 IDs, starting from 200,000 and going up to "
"2,000,200,000. This should be sufficient for most deployments."
msgstr ""

#. type: Content of: <refsect1><refsect2><refsect3><title>
#: include/ldap_id_mapping.xml:117
msgid "Advanced Configuration"
msgstr "Configuración Avanzada"

#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
#: include/ldap_id_mapping.xml:120
msgid "ldap_idmap_range_min (integer)"
msgstr "ldap_idmap_range_min (entero)"

#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:123
#, fuzzy
#| msgid ""
#| "Specifies the lower bound of the range of POSIX IDs to use for mapping "
#| "Active Directory user and group SIDs."
msgid ""
"Specifies the lower (inclusive) bound of the range of POSIX IDs to use for "
"mapping Active Directory user and group SIDs. It is the first POSIX ID which "
"can be used for the mapping."
msgstr ""
"Especifica el límite inferior del rango de IDs POXIS a usar para la "
"asignación de SIDs de usuario y grupo de Active Directory."

#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:129
msgid ""
"NOTE: This option is different from <quote>min_id</quote> in that "
"<quote>min_id</quote> acts to filter the output of requests to this domain, "
"whereas this option controls the range of ID assignment. This is a subtle "
"distinction, but the good general advice would be to have <quote>min_id</"
"quote> be less-than or equal to <quote>ldap_idmap_range_min</quote>"
msgstr ""
"NOTA: Esta opción es diferente de <quote>min_id</quote> en esta "
"<quote>min_id</quote> actúa para filtrar la salida de las peticiones a este "
"dominio, mientras esta opción controla el rango de la asignación de ID. Esto "
"es una sutil diferencia, pero el buen consejo general sería que "
"<quote>min_id</quote> fuera menor o igual que <quote>ldap_idmap_range_min</"
"quote>"

#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:139 include/ldap_id_mapping.xml:197
msgid "Default: 200000"
msgstr "Por defecto: 200000"

#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
#: include/ldap_id_mapping.xml:144
msgid "ldap_idmap_range_max (integer)"
msgstr "ldap_idmap_range_max (entero)"

#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:147
msgid ""
"Specifies the upper (exclusive) bound of the range of POSIX IDs to use for "
"mapping Active Directory user and group SIDs. It is the first POSIX ID which "
"cannot be used for the mapping anymore, i.e. one larger than the last one "
"which can be used for the mapping."
msgstr ""

#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:155
msgid ""
"NOTE: This option is different from <quote>max_id</quote> in that "
"<quote>max_id</quote> acts to filter the output of requests to this domain, "
"whereas this option controls the range of ID assignment. This is a subtle "
"distinction, but the good general advice would be to have <quote>max_id</"
"quote> be greater-than or equal to <quote>ldap_idmap_range_max</quote>"
msgstr ""
"NOTA: Esta opción es diferente de <quote>max_id</quote> en esta "
"<quote>max_id</quote> actúa para filtrar la salida de las peticiones a este "
"dominio, mientras esta opción controla el rango de la asignación de ID. Esto "
"es una sutil diferencia, pero el buen consejo general sería que "
"<quote>max_id</quote> fuera menor o igual que <quote>ldap_idmap_range_max</"
"quote>"

#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:165
msgid "Default: 2000200000"
msgstr "Por defecto: 2000200000"

#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
#: include/ldap_id_mapping.xml:170
msgid "ldap_idmap_range_size (integer)"
msgstr "ldap_idmap_range_size (entero)"

#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:173
msgid ""
"Specifies the number of IDs available for each slice.  If the range size "
"does not divide evenly into the min and max values, it will create as many "
"complete slices as it can."
msgstr ""
"Especifica el número de IDs disponibles para cada rebanada. Si el rango no "
"se divide de forma igual entre los valores mínimo y máximo, creará tantas "
"rebanadas completas como sea posible."

#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:179
msgid ""
"NOTE: The value of this option must be at least as large as the highest user "
"RID planned for use on the Active Directory server. User lookups and login "
"will fail for any user whose RID is greater than this value."
msgstr ""

#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:185
msgid ""
"For example, if your most recently-added Active Directory user has "
"objectSid=S-1-5-21-2153326666-2176343378-3404031434-1107, "
"<quote>ldap_idmap_range_size</quote> must be at least 1108 as range size is "
"equal to maximal SID minus minimal SID plus one (e.g. 1108 = 1107 - 0 + 1)."
msgstr ""

#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:192
msgid ""
"It is important to plan ahead for future expansion, as changing this value "
"will result in changing all of the ID mappings on the system, leading to "
"users with different local IDs than they previously had."
msgstr ""

#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
#: include/ldap_id_mapping.xml:202
msgid "ldap_idmap_default_domain_sid (string)"
msgstr "ldap_idmap_default_domain_sid (cadena)"

#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:205
msgid ""
"Specify the domain SID of the default domain. This will guarantee that this "
"domain will always be assigned to slice zero in the ID map, bypassing the "
"murmurhash algorithm described above."
msgstr ""
"Especifica el SID de dominio del dominio por defecto. Esto garantizará que "
"este dominio será asignado siempre a la rebanada cero en el mapa de ID, "
"sobrepasando el algoritmo murmurhash descrito arriba."

#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
#: include/ldap_id_mapping.xml:216
msgid "ldap_idmap_default_domain (string)"
msgstr "ldap_idmap_default_domain (cadena)"

#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:219
msgid "Specify the name of the default domain."
msgstr "Especifica el nombre del dominio por defecto."

#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
#: include/ldap_id_mapping.xml:227
msgid "ldap_idmap_autorid_compat (boolean)"
msgstr "ldap_idmap_autorid_compat (booleano)"

#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:230
msgid ""
"Changes the behavior of the ID-mapping algorithm to behave more similarly to "
"winbind's <quote>idmap_autorid</quote> algorithm."
msgstr ""
"Cambia el comportamiento del algoritmo de asignación de id para que se "
"comporte de un modo más similar al algoritmo <quote>idmap_autorid</quote> de "
"winbind."

#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:235
#, fuzzy
#| msgid ""
#| "When this option is configured, domains will be allocated starting with "
#| "slice zero and increasing monatomically with each additional domain."
msgid ""
"When this option is configured, domains will be allocated starting with "
"slice zero and increasing monotonically with each additional domain."
msgstr ""
"Cuando esta opción está configurada, los dominios serán asignados empezando "
"con la rebanada cero e incrementándose de uno en uno con cada dominio "
"adicional."

#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:240
msgid ""
"NOTE: This algorithm is non-deterministic (it depends on the order that "
"users and groups are requested). If this mode is required for compatibility "
"with machines running winbind, it is recommended to also use the "
"<quote>ldap_idmap_default_domain_sid</quote> option to guarantee that at "
"least one domain is consistently allocated to slice zero."
msgstr ""
"NOTA: Este algoritmo no es determinista (depende del orden en que usuario y "
"grupos son pedidos). Si se requiere este modo para compatibilidad con "
"máquinas que ejecutan winbind, se recomienda que también use la opción "
"<quote>ldap_idmap_default_domain_sid</quote> para garantizar que al menos un "
"dominio está asignado consistentemente a la rebanada cero."

#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
#: include/ldap_id_mapping.xml:255
msgid "ldap_idmap_helper_table_size (integer)"
msgstr ""

#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:258
msgid ""
"Maximal number of secondary slices that is tried when performing mapping "
"from UNIX id to SID."
msgstr ""

#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:262
msgid ""
"Note: Additional secondary slices might be generated when SID is being "
"mapped to UNIX id and RID part of SID is out of range for secondary slices "
"generated so far. If value of ldap_idmap_helper_table_size is equal to 0 "
"then no additional secondary slices are generated."
msgstr ""

#. type: Content of: <refsect1><refsect2><title>
#: include/ldap_id_mapping.xml:279
msgid "Well-Known SIDs"
msgstr ""

#. type: Content of: <refsect1><refsect2><para>
#: include/ldap_id_mapping.xml:281
msgid ""
"SSSD supports to look up the names of Well-Known SIDs, i.e. SIDs with a "
"special hardcoded meaning. Since the generic users and groups related to "
"those Well-Known SIDs have no equivalent in a Linux/UNIX environment no "
"POSIX IDs are available for those objects."
msgstr ""

#. type: Content of: <refsect1><refsect2><para>
#: include/ldap_id_mapping.xml:287
msgid ""
"The SID name space is organized in authorities which can be seen as "
"different domains. The authorities for the Well-Known SIDs are"
msgstr ""

#. type: Content of: <refsect1><refsect2><para><itemizedlist><listitem><para>
#: include/ldap_id_mapping.xml:290
msgid "Null Authority"
msgstr ""

#. type: Content of: <refsect1><refsect2><para><itemizedlist><listitem><para>
#: include/ldap_id_mapping.xml:291
msgid "World Authority"
msgstr ""

#. type: Content of: <refsect1><refsect2><para><itemizedlist><listitem><para>
#: include/ldap_id_mapping.xml:292
msgid "Local Authority"
msgstr ""

#. type: Content of: <refsect1><refsect2><para><itemizedlist><listitem><para>
#: include/ldap_id_mapping.xml:293
msgid "Creator Authority"
msgstr ""

#. type: Content of: <refsect1><refsect2><para><itemizedlist><listitem><para>
#: include/ldap_id_mapping.xml:294
msgid "Mandatory Label Authority"
msgstr ""

#. type: Content of: <refsect1><refsect2><para><itemizedlist><listitem><para>
#: include/ldap_id_mapping.xml:295
msgid "Authentication Authority"
msgstr ""

#. type: Content of: <refsect1><refsect2><para><itemizedlist><listitem><para>
#: include/ldap_id_mapping.xml:296
msgid "NT Authority"
msgstr ""

#. type: Content of: <refsect1><refsect2><para><itemizedlist><listitem><para>
#: include/ldap_id_mapping.xml:297
msgid "Built-in"
msgstr ""

#. type: Content of: <refsect1><refsect2><para>
#: include/ldap_id_mapping.xml:299
msgid ""
"The capitalized version of these names are used as domain names when "
"returning the fully qualified name of a Well-Known SID."
msgstr ""

#. type: Content of: <refsect1><refsect2><para>
#: include/ldap_id_mapping.xml:303
msgid ""
"Since some utilities allow to modify SID based access control information "
"with the help of a name instead of using the SID directly SSSD supports to "
"look up the SID by the name as well. To avoid collisions only the fully "
"qualified names can be used to look up Well-Known SIDs. As a result the "
"domain names <quote>NULL AUTHORITY</quote>, <quote>WORLD AUTHORITY</quote>, "
"<quote>LOCAL AUTHORITY</quote>, <quote>CREATOR AUTHORITY</quote>, "
"<quote>MANDATORY LABEL AUTHORITY</quote>, <quote>AUTHENTICATION AUTHORITY</"
"quote>, <quote>NT AUTHORITY</quote> and <quote>BUILTIN</quote> should not be "
"used as domain names in <filename>sssd.conf</filename>."
msgstr ""

#. type: Content of: <varlistentry><term>
#: include/param_help.xml:3
msgid "<option>-?</option>,<option>--help</option>"
msgstr "<option>-?</option>,<option>--help</option>"

#. type: Content of: <varlistentry><listitem><para>
#: include/param_help.xml:7 include/param_help_py.xml:7
msgid "Display help message and exit."
msgstr "Muestra mensaje de ayuda y sale."

#. type: Content of: <varlistentry><term>
#: include/param_help_py.xml:3
msgid "<option>-h</option>,<option>--help</option>"
msgstr "<option>-h</option>,<option>--help</option>"

#. type: Content of: <listitem><para>
#: include/debug_levels.xml:3 include/debug_levels_tools.xml:3
msgid ""
"SSSD supports two representations for specifying the debug level. The "
"simplest is to specify a decimal value from 0-9, which represents enabling "
"that level and all lower-level debug messages. The more comprehensive option "
"is to specify a hexadecimal bitmask to enable or disable specific levels "
"(such as if you wish to suppress a level)."
msgstr ""

#. type: Content of: <listitem><para>
#: include/debug_levels.xml:10
msgid ""
"Please note that each SSSD service logs into its own log file. Also please "
"note that enabling <quote>debug_level</quote> in the <quote>[sssd]</quote> "
"section only enables debugging just for the sssd process itself, not for the "
"responder or provider processes. The <quote>debug_level</quote> parameter "
"should be added to all sections that you wish to produce debug logs from."
msgstr ""

#. type: Content of: <listitem><para>
#: include/debug_levels.xml:18
msgid ""
"In addition to changing the log level in the config file using the "
"<quote>debug_level</quote> parameter, which is persistent, but requires SSSD "
"restart, it is also possible to change the debug level on the fly using the "
"<citerefentry> <refentrytitle>sss_debuglevel</refentrytitle> <manvolnum>8</"
"manvolnum> </citerefentry> tool."
msgstr ""

#. type: Content of: <listitem><para>
#: include/debug_levels.xml:29 include/debug_levels_tools.xml:10
msgid "Currently supported debug levels:"
msgstr "Niveles de depuración actualmente soportados:"

#. type: Content of: <listitem><para>
#: include/debug_levels.xml:32 include/debug_levels_tools.xml:13
msgid ""
"<emphasis>0</emphasis>, <emphasis>0x0010</emphasis>: Fatal failures. "
"Anything that would prevent SSSD from starting up or causes it to cease "
"running."
msgstr ""

#. type: Content of: <listitem><para>
#: include/debug_levels.xml:38 include/debug_levels_tools.xml:19
msgid ""
"<emphasis>1</emphasis>, <emphasis>0x0020</emphasis>: Critical failures. An "
"error that doesn't kill SSSD, but one that indicates that at least one major "
"feature is not going to work properly."
msgstr ""

#. type: Content of: <listitem><para>
#: include/debug_levels.xml:45 include/debug_levels_tools.xml:26
msgid ""
"<emphasis>2</emphasis>, <emphasis>0x0040</emphasis>: Serious failures. An "
"error announcing that a particular request or operation has failed."
msgstr ""

#. type: Content of: <listitem><para>
#: include/debug_levels.xml:50 include/debug_levels_tools.xml:31
msgid ""
"<emphasis>3</emphasis>, <emphasis>0x0080</emphasis>: Minor failures. These "
"are the errors that would percolate down to cause the operation failure of 2."
msgstr ""

#. type: Content of: <listitem><para>
#: include/debug_levels.xml:55 include/debug_levels_tools.xml:36
msgid ""
"<emphasis>4</emphasis>, <emphasis>0x0100</emphasis>: Configuration settings."
msgstr ""

#. type: Content of: <listitem><para>
#: include/debug_levels.xml:59 include/debug_levels_tools.xml:40
msgid "<emphasis>5</emphasis>, <emphasis>0x0200</emphasis>: Function data."
msgstr ""

#. type: Content of: <listitem><para>
#: include/debug_levels.xml:63 include/debug_levels_tools.xml:44
msgid ""
"<emphasis>6</emphasis>, <emphasis>0x0400</emphasis>: Trace messages for "
"operation functions."
msgstr ""

#. type: Content of: <listitem><para>
#: include/debug_levels.xml:67 include/debug_levels_tools.xml:48
msgid ""
"<emphasis>7</emphasis>, <emphasis>0x1000</emphasis>: Trace messages for "
"internal control functions."
msgstr ""

#. type: Content of: <listitem><para>
#: include/debug_levels.xml:72 include/debug_levels_tools.xml:53
msgid ""
"<emphasis>8</emphasis>, <emphasis>0x2000</emphasis>: Contents of function-"
"internal variables that may be interesting."
msgstr ""

#. type: Content of: <listitem><para>
#: include/debug_levels.xml:77 include/debug_levels_tools.xml:58
msgid ""
"<emphasis>9</emphasis>, <emphasis>0x4000</emphasis>: Extremely low-level "
"tracing information."
msgstr ""

#. type: Content of: <listitem><para>
#: include/debug_levels.xml:81
msgid ""
"<emphasis>9</emphasis>, <emphasis>0x20000</emphasis>: Performance and "
"statistical data, please note that due to the way requests are processed "
"internally the logged execution time of a request might be longer than it "
"actually was."
msgstr ""

#. type: Content of: <listitem><para>
#: include/debug_levels.xml:88 include/debug_levels_tools.xml:62
msgid ""
"<emphasis>10</emphasis>, <emphasis>0x10000</emphasis>: Even more low-level "
"libldb tracing information. Almost never really required."
msgstr ""

#. type: Content of: <listitem><para>
#: include/debug_levels.xml:93 include/debug_levels_tools.xml:67
msgid ""
"To log required bitmask debug levels, simply add their numbers together as "
"shown in following examples:"
msgstr ""

#. type: Content of: <listitem><para>
#: include/debug_levels.xml:97 include/debug_levels_tools.xml:71
msgid ""
"<emphasis>Example</emphasis>: To log fatal failures, critical failures, "
"serious failures and function data use 0x0270."
msgstr ""
"<emphasis>Ejemplo</emphasis>: Para registrar fallos fatales, críticos y "
"serios y datos de función use 0x0270."

#. type: Content of: <listitem><para>
#: include/debug_levels.xml:101 include/debug_levels_tools.xml:75
msgid ""
"<emphasis>Example</emphasis>: To log fatal failures, configuration settings, "
"function data, trace messages for internal control functions use 0x1310."
msgstr ""
"<emphasis>Example</emphasis>: Para registrar fallos fatales, ajustes de "
"configuración, datos de función, mensajes de traza para funciones de control "
"interno use 0x1310."

#. type: Content of: <listitem><para>
#: include/debug_levels.xml:106 include/debug_levels_tools.xml:80
msgid ""
"<emphasis>Note</emphasis>: The bitmask format of debug levels was introduced "
"in 1.7.0."
msgstr ""

#. type: Content of: <listitem><para>
#: include/debug_levels.xml:110 include/debug_levels_tools.xml:84
msgid ""
"<emphasis>Default</emphasis>: 0x0070 (i.e. fatal, critical and serious "
"failures; corresponds to setting 2 in decimal notation)"
msgstr ""

#. type: Content of: <refsect1><title>
#: include/local.xml:2
msgid "THE LOCAL DOMAIN"
msgstr "EL DOMINIO LOCAL"

#. type: Content of: <refsect1><para>
#: include/local.xml:4
msgid ""
"In order to function correctly, a domain with <quote>id_provider=local</"
"quote> must be created and the SSSD must be running."
msgstr ""
"Con el objetivo de que funcione correctamente, se debe crear un dominio con "
"<quote>id_provider=local</quote> y el SSSD debe estar corriendo."

#. type: Content of: <refsect1><para>
#: include/local.xml:9
msgid ""
"The administrator might want to use the SSSD local users instead of "
"traditional UNIX users in cases where the group nesting (see <citerefentry> "
"<refentrytitle>sss_groupadd</refentrytitle> <manvolnum>8</manvolnum> </"
"citerefentry>) is needed. The local users are also useful for testing and "
"development of the SSSD without having to deploy a full remote server. The "
"<command>sss_user*</command> and <command>sss_group*</command> tools use a "
"local LDB storage to store users and groups."
msgstr ""
"El administrador puede desear usar los usuarios locales SSSD en lugar de los "
"usuarios tradicionales UNIX en los casos donde los grupos anidados (vea "
"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle> <manvolnum>8</"
"manvolnum> </citerefentry>) sean necesarios. Los usuarios locales son "
"también útiles para la prueba y el desarrollo del SSSD sin tener que "
"desplegar un servidor remoto completo. Las herramientas <command>sss_user*</"
"command> y <command>sss_group*</command> usan un almacenamiento LDB local "
"para almacenar usuarios y grupos."

#. type: Content of: <refsect1><para>
#: include/seealso.xml:4
msgid ""
"<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </"
"citerefentry>, <citerefentry> <refentrytitle>sssd.conf</"
"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</manvolnum> </"
"citerefentry>, <citerefentry> <refentrytitle>sssd-ldap-attributes</"
"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> </"
"citerefentry>, <citerefentry> <refentrytitle>sssd-simple</"
"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle><manvolnum>5</manvolnum> </"
"citerefentry>, <citerefentry> <refentrytitle>sssd-ad</"
"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <phrase "
"condition=\"with_files_provider\"> <citerefentry> <refentrytitle>sssd-files</"
"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, </phrase> <phrase "
"condition=\"with_sudo\"> <citerefentry> <refentrytitle>sssd-sudo</"
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>, </phrase> "
"<citerefentry> <refentrytitle>sssd-session-recording</refentrytitle> "
"<manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
"<refentrytitle>sss_cache</refentrytitle><manvolnum>8</manvolnum> </"
"citerefentry>, <citerefentry> <refentrytitle>sss_debuglevel</"
"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
"<refentrytitle>sss_obfuscate</refentrytitle><manvolnum>8</manvolnum> </"
"citerefentry>, <citerefentry> <refentrytitle>sss_seed</"
"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
"<refentrytitle>sssd_krb5_locator_plugin</refentrytitle><manvolnum>8</"
"manvolnum> </citerefentry>, <phrase condition=\"with_ssh\"> <citerefentry> "
"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle> <manvolnum>8</"
"manvolnum> </citerefentry>, <citerefentry> "
"<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle> <manvolnum>8</"
"manvolnum> </citerefentry>, </phrase> <phrase condition=\"with_ifp\"> "
"<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</"
"refentrytitle><manvolnum>8</manvolnum> </citerefentry>.  <citerefentry> "
"<refentrytitle>sss_rpcidmapd</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> <phrase condition=\"with_stap\"> <citerefentry> "
"<refentrytitle>sssd-systemtap</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> </phrase>"
msgstr ""

#. type: Content of: <listitem><para>
#: include/ldap_search_bases.xml:3
msgid ""
"An optional base DN, search scope and LDAP filter to restrict LDAP searches "
"for this attribute type."
msgstr ""
"Una base DN opcional, alcance de la búsqueda y filtro LDAP para búsquedas "
"LDAP de este tipo de atributo."

#. type: Content of: <listitem><para><programlisting>
#: include/ldap_search_bases.xml:9
#, no-wrap
msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]\n"
msgstr ""
"search_base[?scope?[filter][?search_base?scope?[filter]]*]\n"
"\n"

#. type: Content of: <listitem><para>
#: include/ldap_search_bases.xml:7
msgid "syntax: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "sintaxis: <placeholder type=\"programlisting\" id=\"0\"/>"

#. type: Content of: <listitem><para>
#: include/ldap_search_bases.xml:13
msgid ""
"The scope can be one of \"base\", \"onelevel\" or \"subtree\". The scope "
"functions as specified in section 4.5.1.2 of http://tools.ietf.org/html/"
"rfc4511"
msgstr ""

#. type: Content of: <listitem><para>
#: include/ldap_search_bases.xml:23
msgid ""
"For examples of this syntax, please refer to the <quote>ldap_search_base</"
"quote> examples section."
msgstr ""
"Para ejemplos de esta sintaxis, por favor vea la sección de ejemplos de "
"<quote>ldap_search_base</quote>"

#. type: Content of: <listitem><para>
#: include/ldap_search_bases.xml:31
msgid ""
"Please note that specifying scope or filter is not supported for searches "
"against an Active Directory Server that might yield a large number of "
"results and trigger the Range Retrieval extension in the response."
msgstr ""
"Por favor advierta que especificar el alcance o el filtro no está soportado "
"para búsquedas contra un Active Directory Server que puede ceder un gran "
"número de resultados y disparar la extensión Range Retrieval en la respuesta."

#. type: Content of: <para>
#: include/autofs_restart.xml:2
msgid ""
"Please note that the automounter only reads the master map on startup, so if "
"any autofs-related changes are made to the sssd.conf, you typically also "
"need to restart the automounter daemon after restarting the SSSD."
msgstr ""
"Por favor advierta que el automontador sólo lee el mapa maestro en el "
"arranque, se modo que si se hace cualquier cambio relacionado con autofs al "
"sssd.conf, usted normalmente también necesitará reiniciar el demonio "
"automontador después de reiniciar el SSSD."

#. type: Content of: <varlistentry><term>
#: include/override_homedir.xml:2
msgid "override_homedir (string)"
msgstr "override_homedir (cadena)"

#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: include/override_homedir.xml:16
msgid "UID number"
msgstr "número UID"

#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: include/override_homedir.xml:20
msgid "domain name"
msgstr "nombre de dominio"

#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term>
#: include/override_homedir.xml:23
msgid "%f"
msgstr "%f"

#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: include/override_homedir.xml:24
msgid "fully qualified user name (user@domain)"
msgstr "nombre totalmente cualificado del usuario (user@domain)"

#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term>
#: include/override_homedir.xml:27
msgid "%l"
msgstr ""

#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: include/override_homedir.xml:28
msgid "The first letter of the login name."
msgstr ""

#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: include/override_homedir.xml:32
msgid "UPN - User Principal Name (name@REALM)"
msgstr ""

#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term>
#: include/override_homedir.xml:35
msgid "%o"
msgstr "%o"

#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: include/override_homedir.xml:37
msgid "The original home directory retrieved from the identity provider."
msgstr "El directorio home original recuperado del proveedor de identidad."

#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: include/override_homedir.xml:44
#, fuzzy
#| msgid "The original home directory retrieved from the identity provider."
msgid ""
"The original home directory retrieved from the identity provider, but in "
"lower case."
msgstr "El directorio home original recuperado del proveedor de identidad."

#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term>
#: include/override_homedir.xml:49
msgid "%H"
msgstr ""

#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: include/override_homedir.xml:51
msgid "The value of configure option <emphasis>homedir_substring</emphasis>."
msgstr ""

#. type: Content of: <varlistentry><listitem><para>
#: include/override_homedir.xml:5
msgid ""
"Override the user's home directory. You can either provide an absolute value "
"or a template. In the template, the following sequences are substituted: "
"<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
"Anula el directorio home del usuario. Usted puede suministras bien un valor "
"absoluto o una plantilla. En la plantilla, serán sustituidas las siguientes "
"secuencias: <placeholder type=\"variablelist\" id=\"0\"/>"

#. type: Content of: <varlistentry><listitem><para>
#: include/override_homedir.xml:63
msgid "This option can also be set per-domain."
msgstr "Esta opción puede ser también fijada por dominio."

#. type: Content of: <varlistentry><listitem><para><programlisting>
#: include/override_homedir.xml:68
#, no-wrap
msgid ""
"override_homedir = /home/%u\n"
"        "
msgstr ""

#. type: Content of: <varlistentry><listitem><para>
#: include/override_homedir.xml:72
msgid "Default: Not set (SSSD will use the value retrieved from LDAP)"
msgstr "Por defecto: No fijado (SSSD usará el valor recuperado desde LDAP)"

#. type: Content of: <varlistentry><listitem><para>
#: include/override_homedir.xml:76
msgid ""
"Please note, the home directory from a specific override for the user, "
"either locally (see <citerefentry><refentrytitle>sss_override</"
"refentrytitle> <manvolnum>8</manvolnum></citerefentry>) or centrally managed "
"IPA id-overrides, has a higher precedence and will be used instead of the "
"value given by override_homedir."
msgstr ""

#. type: Content of: <varlistentry><term>
#: include/homedir_substring.xml:2
msgid "homedir_substring (string)"
msgstr ""

#. type: Content of: <varlistentry><listitem><para>
#: include/homedir_substring.xml:5
msgid ""
"The value of this option will be used in the expansion of the "
"<emphasis>override_homedir</emphasis> option if the template contains the "
"format string <emphasis>%H</emphasis>. An LDAP directory entry can directly "
"contain this template so that this option can be used to expand the home "
"directory path for each client machine (or operating system). It can be set "
"per-domain or globally in the [nss] section. A value specified in a domain "
"section will override one set in the [nss] section."
msgstr ""

#. type: Content of: <varlistentry><listitem><para>
#: include/homedir_substring.xml:15
msgid "Default: /home"
msgstr ""

#. type: Content of: <refsect1><title>
#: include/ad_modified_defaults.xml:2 include/ipa_modified_defaults.xml:2
msgid "MODIFIED DEFAULT OPTIONS"
msgstr ""

#. type: Content of: <refsect1><para>
#: include/ad_modified_defaults.xml:4
msgid ""
"Certain option defaults do not match their respective backend provider "
"defaults, these option names and AD provider-specific defaults are listed "
"below:"
msgstr ""

#. type: Content of: <refsect1><refsect2><title>
#: include/ad_modified_defaults.xml:9 include/ipa_modified_defaults.xml:9
msgid "KRB5 Provider"
msgstr ""

#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para>
#: include/ad_modified_defaults.xml:13 include/ipa_modified_defaults.xml:13
msgid "krb5_validate = true"
msgstr ""

#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para>
#: include/ad_modified_defaults.xml:18
msgid "krb5_use_enterprise_principal = true"
msgstr ""

#. type: Content of: <refsect1><refsect2><title>
#: include/ad_modified_defaults.xml:24
msgid "LDAP Provider"
msgstr ""

#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para>
#: include/ad_modified_defaults.xml:28
msgid "ldap_schema = ad"
msgstr ""

#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para>
#: include/ad_modified_defaults.xml:33 include/ipa_modified_defaults.xml:38
msgid "ldap_force_upper_case_realm = true"
msgstr ""

#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para>
#: include/ad_modified_defaults.xml:38
msgid "ldap_id_mapping = true"
msgstr ""

#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para>
#: include/ad_modified_defaults.xml:43
msgid "ldap_sasl_mech = GSS-SPNEGO"
msgstr ""

#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para>
#: include/ad_modified_defaults.xml:48
msgid "ldap_referrals = false"
msgstr ""

#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para>
#: include/ad_modified_defaults.xml:53
msgid "ldap_account_expire_policy = ad"
msgstr ""

#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para>
#: include/ad_modified_defaults.xml:58 include/ipa_modified_defaults.xml:58
msgid "ldap_use_tokengroups = true"
msgstr ""

#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para>
#: include/ad_modified_defaults.xml:63
msgid "ldap_sasl_authid = sAMAccountName@REALM (typically SHORTNAME$@REALM)"
msgstr ""

#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para>
#: include/ad_modified_defaults.xml:66
msgid ""
"The AD provider looks for a different principal than the LDAP provider by "
"default, because in an Active Directory environment the principals are "
"divided into two groups - User Principals and Service Principals. Only User "
"Principal can be used to obtain a TGT and by default, computer object's "
"principal is constructed from its sAMAccountName and the AD realm. The well-"
"known host/hostname@REALM principal is a Service Principal and thus cannot "
"be used to get a TGT with."
msgstr ""

#. type: Content of: <refsect1><refsect2><title>
#: include/ad_modified_defaults.xml:80
msgid "NSS configuration"
msgstr ""

#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para>
#: include/ad_modified_defaults.xml:84
msgid "fallback_homedir = /home/%d/%u"
msgstr ""

#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para>
#: include/ad_modified_defaults.xml:87
msgid ""
"The AD provider automatically sets \"fallback_homedir = /home/%d/%u\" to "
"provide personal home directories for users without the homeDirectory "
"attribute. If your AD Domain is properly populated with Posix attributes, "
"and you want to avoid this fallback behavior, you can explicitly set "
"\"fallback_homedir = %o\"."
msgstr ""

#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para>
#: include/ad_modified_defaults.xml:96
msgid ""
"Note that the system typically expects a home directory in /home/%u folder. "
"If you decide to use a different directory structure, some other parts of "
"your system may need adjustments."
msgstr ""

#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para>
#: include/ad_modified_defaults.xml:102
msgid ""
"For example automated creation of home directories in combination with "
"selinux requires selinux adjustment, otherwise the home directory will be "
"created with wrong selinux context."
msgstr ""

#. type: Content of: <refsect1><para>
#: include/ipa_modified_defaults.xml:4
msgid ""
"Certain option defaults do not match their respective backend provider "
"defaults, these option names and IPA provider-specific defaults are listed "
"below:"
msgstr ""

#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para>
#: include/ipa_modified_defaults.xml:18
msgid "krb5_use_fast = try"
msgstr ""

#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para>
#: include/ipa_modified_defaults.xml:23
msgid "krb5_canonicalize = true"
msgstr ""

#. type: Content of: <refsect1><refsect2><title>
#: include/ipa_modified_defaults.xml:29
msgid "LDAP Provider - General"
msgstr ""

#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para>
#: include/ipa_modified_defaults.xml:33
msgid "ldap_schema = ipa_v1"
msgstr ""

#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para>
#: include/ipa_modified_defaults.xml:43
msgid "ldap_sasl_mech = GSSAPI"
msgstr ""

#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para>
#: include/ipa_modified_defaults.xml:48
msgid "ldap_sasl_minssf = 56"
msgstr ""

#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para>
#: include/ipa_modified_defaults.xml:53
msgid "ldap_account_expire_policy = ipa"
msgstr ""

#. type: Content of: <refsect1><refsect2><title>
#: include/ipa_modified_defaults.xml:64
msgid "LDAP Provider - User options"
msgstr ""

#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para>
#: include/ipa_modified_defaults.xml:68
msgid "ldap_user_member_of = memberOf"
msgstr ""

#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para>
#: include/ipa_modified_defaults.xml:73
msgid "ldap_user_uuid = ipaUniqueID"
msgstr ""

#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para>
#: include/ipa_modified_defaults.xml:78
msgid "ldap_user_ssh_public_key = ipaSshPubKey"
msgstr ""

#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para>
#: include/ipa_modified_defaults.xml:83
msgid "ldap_user_auth_type = ipaUserAuthType"
msgstr ""

#. type: Content of: <refsect1><refsect2><title>
#: include/ipa_modified_defaults.xml:89
msgid "LDAP Provider - Group options"
msgstr ""

#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para>
#: include/ipa_modified_defaults.xml:93
msgid "ldap_group_object_class = ipaUserGroup"
msgstr ""

#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para>
#: include/ipa_modified_defaults.xml:98
msgid "ldap_group_object_class_alt = posixGroup"
msgstr ""

#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para>
#: include/ipa_modified_defaults.xml:103
msgid "ldap_group_member = member"
msgstr ""

#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para>
#: include/ipa_modified_defaults.xml:108
msgid "ldap_group_uuid = ipaUniqueID"
msgstr ""

#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para>
#: include/ipa_modified_defaults.xml:113
msgid "ldap_group_objectsid = ipaNTSecurityIdentifier"
msgstr ""

#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para>
#: include/ipa_modified_defaults.xml:118
msgid "ldap_group_external_member = ipaExternalMember"
msgstr ""

#. type: Content of: <variablelist><varlistentry><term>
#: include/krb5_options.xml:3
msgid "krb5_auth_timeout (integer)"
msgstr "krb5_auth_timeout (entero)"

#. type: Content of: <variablelist><varlistentry><listitem><para>
#: include/krb5_options.xml:6
msgid ""
"Timeout in seconds after an online authentication request or change password "
"request is aborted. If possible, the authentication request is continued "
"offline."
msgstr ""

#. type: Content of: <variablelist><varlistentry><term>
#: include/krb5_options.xml:17
msgid "krb5_validate (boolean)"
msgstr "krb5_validate (boolean)"

#. type: Content of: <variablelist><varlistentry><listitem><para>
#: include/krb5_options.xml:20
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed. The keytab is checked for entries sequentially, and the first entry "
"with a matching realm is used for validation. If no entry matches the realm, "
"the last entry in the keytab is used. This process can be used to validate "
"environments using cross-realm trust by placing the appropriate keytab entry "
"as the last entry or the only entry in the keytab file."
msgstr ""

#. type: Content of: <variablelist><varlistentry><listitem><para>
#: include/krb5_options.xml:29
#, fuzzy
#| msgid "Default: True (False for AD provider)"
msgid "Default: false (IPA and AD provider: true)"
msgstr "Predeterminado: True (False para proveedor AD)"

#. type: Content of: <variablelist><varlistentry><listitem><para>
#: include/krb5_options.xml:32
#, fuzzy
#| msgid ""
#| "Please refer to the <quote>dns_discovery_domain</quote> parameter in the "
#| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
#| "manvolnum> </citerefentry> manual page for more details."
msgid ""
"Please note that the ticket validation is the first step when checking the "
"PAC (see 'pac_check' in the <citerefentry> <refentrytitle>sssd.conf</"
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page for "
"details). If ticket validation is disabled the PAC checks will be skipped as "
"well."
msgstr ""
"Por favor vea el parámetro <quote>dns_discovery_domain</quote> en la página "
"de manual <citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
"<manvolnum>5</manvolnum> </citerefentry> para más detalles."

#. type: Content of: <variablelist><varlistentry><term>
#: include/krb5_options.xml:44
msgid "krb5_renewable_lifetime (string)"
msgstr "krb5_renewable_lifetime (cadena)"

#. type: Content of: <variablelist><varlistentry><listitem><para>
#: include/krb5_options.xml:47
msgid ""
"Request a renewable ticket with a total lifetime, given as an integer "
"immediately followed by a time unit:"
msgstr ""

#. type: Content of: <variablelist><varlistentry><listitem><para>
#: include/krb5_options.xml:52 include/krb5_options.xml:86
#: include/krb5_options.xml:123
msgid "<emphasis>s</emphasis> for seconds"
msgstr ""

#. type: Content of: <variablelist><varlistentry><listitem><para>
#: include/krb5_options.xml:55 include/krb5_options.xml:89
#: include/krb5_options.xml:126
msgid "<emphasis>m</emphasis> for minutes"
msgstr ""

#. type: Content of: <variablelist><varlistentry><listitem><para>
#: include/krb5_options.xml:58 include/krb5_options.xml:92
#: include/krb5_options.xml:129
msgid "<emphasis>h</emphasis> for hours"
msgstr ""

#. type: Content of: <variablelist><varlistentry><listitem><para>
#: include/krb5_options.xml:61 include/krb5_options.xml:95
#: include/krb5_options.xml:132
msgid "<emphasis>d</emphasis> for days."
msgstr ""

#. type: Content of: <variablelist><varlistentry><listitem><para>
#: include/krb5_options.xml:64 include/krb5_options.xml:135
msgid "If there is no unit given, <emphasis>s</emphasis> is assumed."
msgstr ""

#. type: Content of: <variablelist><varlistentry><listitem><para>
#: include/krb5_options.xml:68 include/krb5_options.xml:139
msgid ""
"NOTE: It is not possible to mix units.  To set the renewable lifetime to one "
"and a half hours, use '90m' instead of '1h30m'."
msgstr ""

#. type: Content of: <variablelist><varlistentry><listitem><para>
#: include/krb5_options.xml:73
msgid "Default: not set, i.e. the TGT is not renewable"
msgstr "Por defecto: no fijado, esto es el TGT no es renovable"

#. type: Content of: <variablelist><varlistentry><term>
#: include/krb5_options.xml:79
msgid "krb5_lifetime (string)"
msgstr "krb5_lifetime (cadena)"

#. type: Content of: <variablelist><varlistentry><listitem><para>
#: include/krb5_options.xml:82
msgid ""
"Request ticket with a lifetime, given as an integer immediately followed by "
"a time unit:"
msgstr ""

#. type: Content of: <variablelist><varlistentry><listitem><para>
#: include/krb5_options.xml:98
msgid "If there is no unit given <emphasis>s</emphasis> is assumed."
msgstr ""

#. type: Content of: <variablelist><varlistentry><listitem><para>
#: include/krb5_options.xml:102
msgid ""
"NOTE: It is not possible to mix units.  To set the lifetime to one and a "
"half hours please use '90m' instead of '1h30m'."
msgstr ""

#. type: Content of: <variablelist><varlistentry><listitem><para>
#: include/krb5_options.xml:107
msgid ""
"Default: not set, i.e. the default ticket lifetime configured on the KDC."
msgstr ""
"Por defecto: no fijado, esto es el tiempo de vida de la entrada por defecto "
"configurado en el KDC."

#. type: Content of: <variablelist><varlistentry><term>
#: include/krb5_options.xml:114
msgid "krb5_renew_interval (string)"
msgstr ""

#. type: Content of: <variablelist><varlistentry><listitem><para>
#: include/krb5_options.xml:117
msgid ""
"The time in seconds between two checks if the TGT should be renewed. TGTs "
"are renewed if about half of their lifetime is exceeded, given as an integer "
"immediately followed by a time unit:"
msgstr ""

#. type: Content of: <variablelist><varlistentry><listitem><para>
#: include/krb5_options.xml:144
msgid "If this option is not set or is 0 the automatic renewal is disabled."
msgstr ""

#. type: Content of: <variablelist><varlistentry><listitem><para>
#: include/krb5_options.xml:157
msgid ""
"Specifies if the host and user principal should be canonicalized. This "
"feature is available with MIT Kerberos 1.7 and later versions."
msgstr ""

#, fuzzy
#~| msgid "This option is not available in IPA provider."
#~ msgid "This option is ignored for the files provider."
#~ msgstr "Esta opción no está disponible en el proveedor IPA."

#, fuzzy
#~| msgid ""
#~| "Determines if user credentials are also cached in the local LDB cache"
#~ msgid ""
#~ "Determines if user credentials are also cached in the local LDB cache."
#~ msgstr ""
#~ "Determina si las credenciales del usuario están también escondidas en el "
#~ "cache LDB local"

#~ msgid "User credentials are stored in a SHA512 hash, not in plaintext"
#~ msgstr ""
#~ "Las credenciales de usuario son almacenadas en un hash SHA512, no en "
#~ "texto plano"

#~ msgid ""
#~ "Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
#~ "which translates to \"the name is everything up to the <quote>@</quote> "
#~ "sign, the domain everything after that\""
#~ msgstr ""
#~ "Predeterminado: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</"
#~ "quote> que traduce al \"todo lo que hay hasta el signo <quote>@</quote> "
#~ "es el nombre, el dominio es el resto detrás de este signo\""

#~ msgid ""
#~ "The difference between these options is the action taken if user password "
#~ "is expired: pwd_expire_policy_reject - user is denied to log in, "
#~ "pwd_expire_policy_warn - user is still able to log in, "
#~ "pwd_expire_policy_renew - user is prompted to change his password "
#~ "immediately."
#~ msgstr ""
#~ "La diferencia entre estas opciones es la acción que se toma si la "
#~ "contraseña de usuario ha expirado: pwd_expire_policy_reject - se deniega "
#~ "el acceso al usuario, pwd_expire_policy_warn - el usuario es todavía "
#~ "capaz de acceder, pwd_expire_policy_renew - al usuario se le pide que "
#~ "cambie la contraseña inmediatamente."

#~ msgid ""
#~ "Note If user password is expired no explicit message is prompted by SSSD."
#~ msgstr ""
#~ "Nota: si la contraseña de usuario expiró, SSSD no solicita ningún mensaje "
#~ "explícito."

#~ msgid "The LDAP attribute that corresponds to the group name."
#~ msgstr "El atributo LDAP que corresponde al nombre de grupo."

#~ msgid ""
#~ "NOTE: Some Active Directory groups, typically those used for MS Exchange "
#~ "contain an <quote>@</quote> sign in the name, which clashes with the "
#~ "default re_expression value for the AD and IPA providers. To support "
#~ "these groups, consider changing the re_expression value to: <quote>((?"
#~ "P&lt;name&gt;.+)@(?P&lt;domain&gt;[^@]+$))</quote>."
#~ msgstr ""
#~ "AVISO: Algunos grupos Active Directory, normalmente aquellos que se usan "
#~ "por MS Exchange contienen un signo <quote>@</quote> en el nombre, lo que "
#~ "choca con el valor predeterminado de re_expressionpara los proveedores AD "
#~ "e IPA. Para soportar estos grupos, considere cambiar el valor de "
#~ "re_expression a: <quote>((?P&lt;name&gt;.+)@(?P&lt;domain&gt;[^@]+$))</"
#~ "quote>."

#~ msgid ""
#~ "Specifies the upper bound of the range of POSIX IDs to use for mapping "
#~ "Active Directory user and group SIDs."
#~ msgstr ""
#~ "Especifica el límite superior del rango de IDs POXIS a usar para la "
#~ "asignación de SIDs de usuario y grupo por Active Directory."

#~ msgid "sss_groupmod"
#~ msgstr "sss_groupmod"

#~ msgid "modify a group"
#~ msgstr "modifica un grupo"

#~ msgid ""
#~ "<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</"
#~ "replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></"
#~ "arg>"
#~ msgstr ""
#~ "<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</"
#~ "replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></"
#~ "arg>"

#~ msgid ""
#~ "<command>sss_groupmod</command> modifies the group to reflect the changes "
#~ "that are specified on the command line."
#~ msgstr ""
#~ "<command>sss_groupmod</command> modifica el grupo para reflejar los "
#~ "cambios indicados en la línea de comandos."

#~ msgid ""
#~ "<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</"
#~ "replaceable>"
#~ msgstr ""
#~ "<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</"
#~ "replaceable>"

#~ msgid ""
#~ "Append this group to groups specified by the <replaceable>GROUPS</"
#~ "replaceable> parameter.  The <replaceable>GROUPS</replaceable> parameter "
#~ "is a comma separated list of group names."
#~ msgstr ""
#~ "Agrega este grupo a otros grupos que hayan sido indicados con el "
#~ "parámetro <replaceable>GROUPS</replaceable>. El parámetros "
#~ "<replaceable>GROUPS</replaceable> es una lista de nombres de grupos "
#~ "separados por comas."

#~ msgid ""
#~ "<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</"
#~ "replaceable>"
#~ msgstr ""
#~ "<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</"
#~ "replaceable>"

#~ msgid ""
#~ "Remove this group from groups specified by the <replaceable>GROUPS</"
#~ "replaceable> parameter."
#~ msgstr ""
#~ "Elimina este grupo de los grupos especificados con el parámetro "
#~ "<replaceable>GROUPS</replaceable>"

#~ msgid ""
#~ "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)."
#~ msgstr ""
#~ "<quote>local</quote>: Proveedor SSSD interno para usuarios locales "
#~ "(OBSOLETO)."

#~ msgid "<quote>local</quote>: SSSD internal provider for local users"
#~ msgstr "<quote>local</quote>: Proveedor interno SSSD para usuarios locales"

#~ msgid ""
#~ "Treat user and group names as case sensitive.  <phrase "
#~ "condition=\"enable_local_provider\"> At the moment, this option is not "
#~ "supported in the local provider.  </phrase> Possible option values are: "
#~ "<placeholder type=\"variablelist\" id=\"0\"/>"
#~ msgstr ""
#~ "Trata nombres de usuario y de grupo como sensibles a mayúsculas/"
#~ "minúsculas.  <phrase condition=\"enable_local_provider\"> En este momento "
#~ "esta opción no está soportada en el proveedor local.  </phrase> Los "
#~ "valores de opción posibles son: <placeholder type=\"variablelist\" "
#~ "id=\"0\"/>"

#~ msgid "The local domain section"
#~ msgstr "La sección de dominio local"

#~ msgid ""
#~ "This section contains settings for domain that stores users and groups in "
#~ "SSSD native database, that is, a domain that uses "
#~ "<replaceable>id_provider=local</replaceable>."
#~ msgstr ""
#~ "Esta sección contiene la configuración para dominio que almacena los "
#~ "usuarios y grupos en la base de datos SSSD nativa, es decir, un dominio "
#~ "que utiliza <replaceable>id_provider=local</replaceable>."

#~ msgid "default_shell (string)"
#~ msgstr "default_shell (cadena)"

#~ msgid "The default shell for users created with SSSD userspace tools."
#~ msgstr ""
#~ "El shell predeterminado para los usuarios creados con herramientas de "
#~ "espacio de usuario SSSD."

#~ msgid "Default: <filename>/bin/bash</filename>"
#~ msgstr "Predeterminado: <filename>/bin/bash</filename>"

#~ msgid "base_directory (string)"
#~ msgstr "base_directory (cadena)"

#~ msgid ""
#~ "The tools append the login name to <replaceable>base_directory</"
#~ "replaceable> and use that as the home directory."
#~ msgstr ""
#~ "Las herramientas anexan el nombre de inicio de sesión para "
#~ "<replaceable>base_directory</replaceable> y utilizan éste como el "
#~ "directorio de inicio."

#~ msgid "Default: <filename>/home</filename>"
#~ msgstr "Predeterminado: <filename>/home</filename>"

#~ msgid "create_homedir (bool)"
#~ msgstr "create_homedir (bool)"

#~ msgid ""
#~ "Indicate if a home directory should be created by default for new users.  "
#~ "Can be overridden on command line."
#~ msgstr ""
#~ "Indica si se creará un directorio home por defecto para los nuevos "
#~ "usuarios. Puede ser anulado desde la línea de comando."

#~ msgid "remove_homedir (bool)"
#~ msgstr "remove_homedir (bool)"

#~ msgid ""
#~ "Indicate if a home directory should be removed by default for deleted "
#~ "users.  Can be overridden on command line."
#~ msgstr ""
#~ "Indica si el directorio home será borrado por defecto para los usuarios "
#~ "borrados. Puede ser anulado desde la línea de comando."

#~ msgid "homedir_umask (integer)"
#~ msgstr "homedir_umask (entero)"

#~ msgid ""
#~ "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
#~ "<manvolnum>8</manvolnum> </citerefentry> to specify the default "
#~ "permissions on a newly created home directory."
#~ msgstr ""
#~ "Utilizado por <citerefentry><refentrytitle>sss_useradd</refentrytitle> "
#~ "<manvolnum>8</manvolnum></citerefentry> para especificar los permisos "
#~ "predeterminados en un directorio de inicio recién creado."

#~ msgid "Default: 077"
#~ msgstr "Predeterminado: 077"

#~ msgid "skel_dir (string)"
#~ msgstr "skel_dir (cadena)"

#~ msgid ""
#~ "The skeleton directory, which contains files and directories to be copied "
#~ "in the user's home directory, when the home directory is created by "
#~ "<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</"
#~ "manvolnum> </citerefentry>"
#~ msgstr ""
#~ "El directorio esqueleto, el cual contiene archivos y directorios a "
#~ "copiarse en el directorio principal del usuario, cuando se crea el "
#~ "directorio principal de <citerefentry><refentrytitle>sss_useradd</"
#~ "refentrytitle> <manvolnum>8</manvolnum></citerefentry>"

#~ msgid "Default: <filename>/etc/skel</filename>"
#~ msgstr "Predeterminado: <filename>/etc/skel</filename>"

#~ msgid "mail_dir (string)"
#~ msgstr "mail_dir (cadena)"

#~ msgid ""
#~ "The mail spool directory. This is needed to manipulate the mailbox when "
#~ "its corresponding user account is modified or deleted.  If not specified, "
#~ "a default value is used."
#~ msgstr ""
#~ "El directorio carreta de correo. Es necesario para manipular el buzón de "
#~ "correo cuando la cuenta de usuario correspondiente es modificada o "
#~ "borrada. Si no se especifica, se utiliza un valor por defecto."

#~ msgid "Default: <filename>/var/mail</filename>"
#~ msgstr "Predeterminado: <filename>/var/mail</filename>"

#~ msgid "userdel_cmd (string)"
#~ msgstr "userdel_cmd (cadena)"

#~ msgid ""
#~ "The command that is run after a user is removed.  The command us passed "
#~ "the username of the user being removed as the first and only parameter. "
#~ "The return code of the command is not taken into account."
#~ msgstr ""
#~ "El comando que está corriendo después de que un usuario es borrado. El "
#~ "comando us para el nombre de usuario que está siendo borrado como primer "
#~ "y único parámetro. El código de retorno del comando no es tenido en "
#~ "cuenta."

#~ msgid "Default: None, no command is run"
#~ msgstr "Predeterminado: None, no se ejecuta comando"

#~ msgid "sss_useradd"
#~ msgstr "sss_useradd"

#~ msgid "create a new user"
#~ msgstr "Crea un nuevo usuario"

#~ msgid ""
#~ "<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</"
#~ "replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></"
#~ "arg>"
#~ msgstr ""
#~ "<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</"
#~ "replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></"
#~ "arg>"

#~ msgid ""
#~ "<command>sss_useradd</command> creates a new user account using the "
#~ "values specified on the command line plus the default values from the "
#~ "system."
#~ msgstr ""
#~ "<command>sss_useradd</command> crea una nueva cuenta de usuario usando "
#~ "los valores especificados en la línea de comandos más los valores por "
#~ "defecto del sistema."

#~ msgid ""
#~ "Set the UID of the user to the value of <replaceable>UID</replaceable>.  "
#~ "If not given, it is chosen automatically."
#~ msgstr ""
#~ "Fija la UID del usuario al valor de <replaceable>UID</replaceable>. Si no "
#~ "se da, se elige automáticamente."

#~ msgid ""
#~ "The home directory of the user account.  The default is to append the "
#~ "<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and "
#~ "use that as the home directory.  The base that is prepended before "
#~ "<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/"
#~ "baseDirectory</quote> setting in sssd.conf."
#~ msgstr ""
#~ "El directorio home de la cuenta de usuario. Por defecto se añade el "
#~ "nombre <replaceable>LOGIN</replaceable> a <filename>/home</filename> y "
#~ "utiliza esto como directorio home. La base de que se antepondrá antes "
#~ "<replaceable>LOGIN</replaceable> es sintonizable con el ajuste "
#~ "<quote>user_defaults/baseDirectory</quote> en sssd.conf."

#~ msgid ""
#~ "The user's login shell. The default is currently <filename>/bin/bash</"
#~ "filename>.  The default can be changed with <quote>user_defaults/"
#~ "defaultShell</quote> setting in sssd.conf."
#~ msgstr ""
#~ "La shell de acceso del usuario. Por defecto es actualmente <filename>/bin/"
#~ "bash</filename>. El valor por defecto puede ser cambiado con el ajuste "
#~ "<quote>user_defaults/defaultShell</quote> en sssd.conf."

#~ msgid ""
#~ "<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</"
#~ "replaceable>"
#~ msgstr ""
#~ "<option>-G</option>,<option>--groups</option> <replaceable>GRUPOS</"
#~ "replaceable>"

#~ msgid "A list of existing groups this user is also a member of."
#~ msgstr ""
#~ "Una lista de grupos existentes de los que el usuario también es miembro."

#~ msgid "<option>-m</option>,<option>--create-home</option>"
#~ msgstr "<option>-m</option>,<option>--create-home</option>"

#~ msgid ""
#~ "Create the user's home directory if it does not exist. The files and "
#~ "directories contained in the skeleton directory (which can be defined "
#~ "with the -k option or in the config file) will be copied to the home "
#~ "directory."
#~ msgstr ""
#~ "Crea el directorio home del usuario si no existe. Los ficheros y "
#~ "directorios contenidos en el directorio esqueleto (que pueden ser "
#~ "definidos con la opción –k o en el fichero de configuración) serán "
#~ "copiados en el directorio home."

#~ msgid "<option>-M</option>,<option>--no-create-home</option>"
#~ msgstr "<option>-M</option>,<option>--no-create-home</option>"

#~ msgid ""
#~ "Do not create the user's home directory. Overrides configuration settings."
#~ msgstr ""
#~ "No se crear el directorio principal del usuario. Reemplaza los valores de "
#~ "configuración."

#~ msgid ""
#~ "<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</"
#~ "replaceable>"
#~ msgstr ""
#~ "<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</"
#~ "replaceable>"

#~ msgid ""
#~ "The skeleton directory, which contains files and directories to be copied "
#~ "in the user's home directory, when the home directory is created by "
#~ "<command>sss_useradd</command>."
#~ msgstr ""
#~ "El directorio esqueleto, que contiene ficheros y directorios a copiar en "
#~ "el directorio home del usuario, cuando el directorio home es creado por "
#~ "<command>sss_useradd</command>."

#~ msgid ""
#~ "This option is only valid if the <option>-m</option> (or <option>--create-"
#~ "home</option>) option is specified, or creation of home directories is "
#~ "set to TRUE in the configuration."
#~ msgstr ""
#~ "Esta opción sólo es válida si se ha especificado la opción <option>-m</"
#~ "option> (o <option>--create-home</option>), o la creación de directorios "
#~ "home está fijada a TRUE en la configuración."

#~ msgid ""
#~ "<option>-Z</option>,<option>--selinux-user</option> "
#~ "<replaceable>SELINUX_USER</replaceable>"
#~ msgstr ""
#~ "<option>-Z</option>,<option>--selinux-user</option> "
#~ "<replaceable>SELINUX_USER</replaceable>"

#~ msgid ""
#~ "The SELinux user for the user's login. If not specified, the system "
#~ "default will be used."
#~ msgstr ""
#~ "El usuario SELinux para el acceso de usuario. Si no se especifica, se "
#~ "usará el valor por defecto del sistema."

#~ msgid "sss_groupadd"
#~ msgstr "sss_groupadd"

#~ msgid "create a new group"
#~ msgstr "Crea un nuevo grupo"

#~ msgid ""
#~ "<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</"
#~ "replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></"
#~ "arg>"
#~ msgstr ""
#~ "<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</"
#~ "replaceable> </arg> <arg choice='plain'><replaceable>GRUPO</replaceable></"
#~ "arg>"

#~ msgid ""
#~ "<command>sss_groupadd</command> creates a new group. These groups are "
#~ "compatible with POSIX groups, with the additional feature that they can "
#~ "contain other groups as members."
#~ msgstr ""
#~ "<command>sss_groupadd</command> cre un nuevo grupo. Estos grupos son "
#~ "compatibles con grupos POXIS, con la característica adicional que pueden "
#~ "contener otros grupos como miembros."

#~ msgid ""
#~ "Set the GID of the group to the value of <replaceable>GID</replaceable>.  "
#~ "If not given, it is chosen automatically."
#~ msgstr ""
#~ "Fija el GID del grupo al valor de <replaceable>GID</replaceable>. Si no "
#~ "se da, se elige automáticamente."

#~ msgid "sss_userdel"
#~ msgstr "sss_userdel"

#~ msgid "delete a user account"
#~ msgstr "eliminar una cuenta de usuario"

#~ msgid ""
#~ "<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</"
#~ "replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></"
#~ "arg>"
#~ msgstr ""
#~ "<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</"
#~ "replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></"
#~ "arg>"

#~ msgid ""
#~ "<command>sss_userdel</command> deletes a user identified by login name "
#~ "<replaceable>LOGIN</replaceable> from the system."
#~ msgstr ""
#~ "<command>sss_userdel</command> borra del sistema un usuario identificado "
#~ "por su nombre de acceso <replaceable>LOGIN</replaceable>."

#~ msgid "<option>-r</option>,<option>--remove</option>"
#~ msgstr "<option>-r</option>,<option>--remove</option>"

#~ msgid ""
#~ "Files in the user's home directory will be removed along with the home "
#~ "directory itself and the user's mail spool. Overrides the configuration."
#~ msgstr ""
#~ "Los ficheros en el directorio home del usuario serán borrados así como el "
#~ "directorio home mismo y el buzón de correo del usuario. Reescribe la "
#~ "configuración."

#~ msgid "<option>-R</option>,<option>--no-remove</option>"
#~ msgstr "<option>-R</option>,<option>--no-remove</option>"

#~ msgid ""
#~ "Files in the user's home directory will NOT be removed along with the "
#~ "home directory itself and the user's mail spool. Overrides the "
#~ "configuration."
#~ msgstr ""
#~ "Los ficheros en el directorio home del usuario NO serán borrados así como "
#~ "el directorio home mismo y el buzón de correo del usuario. Reescribe la "
#~ "configuración."

#~ msgid "<option>-f</option>,<option>--force</option>"
#~ msgstr "<option>-f</option>,<option>--force</option>"

#~ msgid ""
#~ "This option forces <command>sss_userdel</command> to remove the user's "
#~ "home directory and mail spool, even if they are not owned by the "
#~ "specified user."
#~ msgstr ""
#~ "Esta opción fuerza a <command>sss_userdel</command> a borrar el "
#~ "directorio home del usuario y el buzón de correo, aunque no sea propiedad "
#~ "del usuario especificado."

#~ msgid "<option>-k</option>,<option>--kick</option>"
#~ msgstr "<option>-k</option>,<option>--kick</option>"

#~ msgid "Before actually deleting the user, terminate all his processes."
#~ msgstr ""
#~ "Antes de realmente eliminar al usuario, terminar todos sus procesos."

#~ msgid "sss_groupdel"
#~ msgstr "sss_groupdel"

#~ msgid "delete a group"
#~ msgstr "eliminar un grupo"

#~ msgid ""
#~ "<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</"
#~ "replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></"
#~ "arg>"
#~ msgstr ""
#~ "<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</"
#~ "replaceable> </arg> <arg choice='plain'><replaceable>GRUPO</replaceable></"
#~ "arg>"

#~ msgid ""
#~ "<command>sss_groupdel</command> deletes a group identified by its name "
#~ "<replaceable>GROUP</replaceable> from the system."
#~ msgstr ""
#~ "<command>sss_groupdel</command> borra del sistema un grupo identificado "
#~ "por su nombre <replaceable>GROUP</replaceable>."

#~ msgid "sss_groupshow"
#~ msgstr "sss_groupshow"

#~ msgid "print properties of a group"
#~ msgstr "imprime las propiedades de un grupo"

#~ msgid ""
#~ "<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</"
#~ "replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></"
#~ "arg>"
#~ msgstr ""
#~ "<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</"
#~ "replaceable> </arg> <arg choice='plain'><replaceable>GRUPO</replaceable></"
#~ "arg>"

#~ msgid ""
#~ "<command>sss_groupshow</command> displays information about a group "
#~ "identified by its name <replaceable>GROUP</replaceable>. The information "
#~ "includes the group ID number, members of the group and the parent group."
#~ msgstr ""
#~ "<command>sss_groupshow</command> muestra información sobre un grupo "
#~ "identificado por su nombre <replaceable>GROUP</replaceable>. La "
#~ "información incluye el número de ID del grupo, miembros del grupo y "
#~ "padres del grupo."

#~ msgid "<option>-R</option>,<option>--recursive</option>"
#~ msgstr "<option>-R</option>,<option>--recursive</option>"

#~ msgid ""
#~ "Also print indirect group members in a tree-like hierarchy.  Note that "
#~ "this also affects printing parent groups - without <option>R</option>, "
#~ "only the direct parent will be printed."
#~ msgstr ""
#~ "También imprime miembros indirectos del grupo en una jerarquía de árbol. "
#~ "Advierta que esto también afecta a la impresión de los grupos padres – "
#~ "sin <option>R</option>,, sólo se imprimirá los padres directos."

#~ msgid "sss_usermod"
#~ msgstr "sss_usermod"

#~ msgid "modify a user account"
#~ msgstr "Modifica una cuenta de usuario"

#~ msgid ""
#~ "<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</"
#~ "replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></"
#~ "arg>"
#~ msgstr ""
#~ "<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</"
#~ "replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></"
#~ "arg>"

#~ msgid ""
#~ "<command>sss_usermod</command> modifies the account specified by "
#~ "<replaceable>LOGIN</replaceable> to reflect the changes that are "
#~ "specified on the command line."
#~ msgstr ""
#~ "<command>sss_usermod</command> modifica la cuenta especificada por "
#~ "<replaceable>LOGIN</replaceable> para reflejar los cambios que se han "
#~ "especificado en la línea de comando."

#~ msgid "The home directory of the user account."
#~ msgstr "El directorio principal de la cuenta de usuario."

#~ msgid "The user's login shell."
#~ msgstr "Shell de inicio de sesión del usuario."

#~ msgid ""
#~ "Append this user to groups specified by the <replaceable>GROUPS</"
#~ "replaceable> parameter.  The <replaceable>GROUPS</replaceable> parameter "
#~ "is a comma separated list of group names."
#~ msgstr ""
#~ "Añade este usuario a los grupos especificados por el parámetro "
#~ "<replaceable>GROUPS</replaceable>. El parámetro <replaceable>GROUPS</"
#~ "replaceable> es una lista separada por comas de nombres de grupo."

#~ msgid ""
#~ "Remove this user from groups specified by the <replaceable>GROUPS</"
#~ "replaceable> parameter."
#~ msgstr ""
#~ "Borrar este usuario de los grupos especificados por el parámetro "
#~ "<replaceable>GROUPS</replaceable>."

#~ msgid "<option>-l</option>,<option>--lock</option>"
#~ msgstr "<option>-l</option>,<option>--lock</option>"

#~ msgid "Lock the user account. The user won't be able to log in."
#~ msgstr "Bloquea la cuenta de usuario. El usuario no será capaz de acceder."

#~ msgid "<option>-u</option>,<option>--unlock</option>"
#~ msgstr "<option>-u</option>,<option>--unlock</option>"

#~ msgid "Unlock the user account."
#~ msgstr "Desbloquea la cuenta de usuario."

#~ msgid "The SELinux user for the user's login."
#~ msgstr "El usuario SELinux para el acceso del usuario."

#~ msgid "Default: /etc/krb5.keytab"
#~ msgstr "Predeterminado: /etc/krb5.keytab"

#~ msgid "(NSS Version) This option is ignored."
#~ msgstr "(Versión NSS) Esta opción es ignorada."

#~ msgid "Default: sha256"
#~ msgstr "Predeterminado: sha256"

#~ msgid ""
#~ "(NSS Version) This option is ignored, because NSS uses sha1 "
#~ "unconditionally."
#~ msgstr ""
#~ "(Versión NSS) Esta opción es ignorada, porque NSS usa sha1 "
#~ "incondicionalmente."

#~ msgid ""
#~ "(NSS Version) This option must be used together with "
#~ "ocsp_default_responder_signing_cert."
#~ msgstr ""
#~ "(Versión NSS) Esta opción debe ser usada junto con "
#~ "ocsp_default_responder_signing_cert."

#~ msgid ""
#~ "(NSS Version) The nickname of the cert to trust (expected) to sign the "
#~ "OCSP responses.  The certificate with the given nickname must be "
#~ "available in the systems NSS database."
#~ msgstr ""
#~ "(NSS Version) El apodo del certificado en el que confiar (esperado) para "
#~ "firmar las respuestas OCSP.  El certificado con el apodo dado debe estar "
#~ "disponible en la base de datos NSS del sistema."

#~ msgid "This option must be used together with ocsp_default_responder."
#~ msgstr "Esta opción debe ser usada junto con ocsp_default_responder."

#~ msgid ""
#~ "(NSS Version) This option is ignored, please see <citerefentry> "
#~ "<refentrytitle>crlutil</refentrytitle> <manvolnum>1</manvolnum> </"
#~ "citerefentry> how to import a Certificate Revocation List (CRL) into a "
#~ "NSS database."
#~ msgstr ""
#~ "(Versión NSS) Esta opción se ignora, por favor vea en <citerefentry> "
#~ "<refentrytitle>crlutil</refentrytitle> <manvolnum>1</manvolnum> </"
#~ "citerefentry> como importar una Lista de Revocación de Certificado (CRL) "
#~ "en una base de datos NSS."

#~ msgid "This man page was generated for the NSS version."
#~ msgstr "Esta página de manual fue generada para la versión NSS."

#~ msgid "This man page was generated for the OpenSSL version."
#~ msgstr "Esta página de manual fue generada para la versión OPENSSL."

#~ msgid ""
#~ "The random offset can increment up to 30 seconds.  After each "
#~ "unsuccessful attempt to go online, the new interval is recalculated by "
#~ "the following:"
#~ msgstr ""
#~ "El desplazamiento aleatorio puede ser incrementado a 30 segundos.  "
#~ "Después de cada intento fracasado de ir a línea, el nuevo intervalo se re-"
#~ "calcula de la siguiente forma:"

#~ msgid "new_interval = old_interval*2 + random_offset"
#~ msgstr "new_interval = old_interval*2 + random_offset"

#~ msgid ""
#~ "Note that the maximum length of each interval is currently limited to one "
#~ "hour. If the calculated length of new_interval is greater than an hour, "
#~ "it will be forced to one hour."
#~ msgstr ""
#~ "Advierta que la longitud máxima de cada intervalo está limitada "
#~ "actualmente a una hora. Si la longitud calculada de new_interval es mayor "
#~ "de una hora se forzará a una hora."

#~ msgid "memcache_timeout (int)"
#~ msgstr "memcache_timeout (entero)"

#~ msgid "/etc/pki/nssdb (NSS version, path to a NSS database)"
#~ msgstr "/etc/pki/nssdb (versión NSS, ruta a la base de datos NSS)"

#~ msgid "<option>-f</option>,<option>--debug-to-files</option>"
#~ msgstr "<option>-f</option>,<option>--debug-to-files</option>"

#~ msgid ""
#~ "Send the debug output to files instead of stderr. By default, the log "
#~ "files are stored in <filename>/var/log/sssd</filename> and there are "
#~ "separate log files for every SSSD service and domain."
#~ msgstr ""
#~ "Envía la salida de depuración a ficheros en lugar de a stderr. Por "
#~ "defecto, los ficheros de registro se almacenan en <filename>/var/log/"
#~ "sssd</filename> y hay ficheros de registro separados para cada servicio y "
#~ "dominio SSSD."