Units
Translation components API.
See the Weblate's Web API documentation for detailed description of the API.
GET /api/translations/freeipa/ipa-4-8/fr/units/?format=api&page=90
{ "count": 4657, "next": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/units/?format=api&page=91", "previous": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/units/?format=api&page=89", "results": [ { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "\nModify a trust (for future use).\n\n Currently only the default option to modify the LDAP attributes is\n available. More specific options will be added in coming releases.\n " ], "previous_source": "\n Modify a trust (for future use).\n\n Currently only the default option to modify the LDAP attributes is\n available. More specific options will be added in coming releases.\n ", "target": [ "\n Modifier la confiance (pour utilisation future).\n\n Actuellement seule l'option par défaut pour modifier les attributs LDAP\n est disponible. D'autres options particulières seront ajoutées\n dans les versions à venir.\n " ], "id_hash": -7374588998119403870, "content_hash": -7374588998119403870, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1567, "has_suggestion": true, "has_comment": false, "has_failing_check": true, "num_words": 27, "source_unit": "https://translate.fedoraproject.org/api/units/2727896/?format=api", "priority": 100, "id": 4709681, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=19a83260e296cea2", "url": "https://translate.fedoraproject.org/api/units/4709681/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:16.640606Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "Results should contain primary key attribute only (\"domain\")" ], "previous_source": "Results should contain primary key attribute only (\"command\")", "target": [ "Les résultats doivent uniquement contenir un attribut de clé principale (« command »)" ], "id_hash": 1025575502350155847, "content_hash": 1025575502350155847, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1578, "has_suggestion": true, "has_comment": false, "has_failing_check": false, "num_words": 8, "source_unit": "https://translate.fedoraproject.org/api/units/2731365/?format=api", "priority": 100, "id": 4709683, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=8e3b937c53ec8047", "url": "https://translate.fedoraproject.org/api/units/4709683/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:16.686679Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "\nID ranges\n\nManage ID ranges used to map Posix IDs to SIDs and back.\n\nThere are two type of ID ranges which are both handled by this utility:\n\n - the ID ranges of the local domain\n - the ID ranges of trusted remote domains\n\nBoth types have the following attributes in common:\n\n - base-id: the first ID of the Posix ID range\n - range-size: the size of the range\n\nWith those two attributes a range object can reserve the Posix IDs starting\nwith base-id up to but not including base-id+range-size exclusively.\n\nAdditionally an ID range of the local domain may set\n - rid-base: the first RID(*) of the corresponding RID range\n - secondary-rid-base: first RID of the secondary RID range\n\nand an ID range of a trusted domain must set\n - rid-base: the first RID of the corresponding RID range\n - sid: domain SID of the trusted domain\n\n\n\nEXAMPLE: Add a new ID range for a trusted domain\n\nSince there might be more than one trusted domain the domain SID must be given\nwhile creating the ID range.\n\n ipa idrange-add --base-id=1200000 --range-size=200000 --rid-base=0 --dom-sid=S-1-5-21-123-456-789 trusted_dom_range\n\nThis ID range is then used by the IPA server and the SSSD IPA provider to\nassign Posix UIDs to users from the trusted domain.\n\nIf e.g. a range for a trusted domain is configured with the following values:\n base-id = 1200000\n range-size = 200000\n rid-base = 0\nthe RIDs 0 to 199999 are mapped to the Posix ID from 1200000 to 13999999. So\nRID 1000 <-> Posix ID 1201000\n\n\n\nEXAMPLE: Add a new ID range for the local domain\n\nTo create an ID range for the local domain it is not necessary to specify a\ndomain SID. But since it is possible that a user and a group can have the same\nvalue as Posix ID a second RID interval is needed to handle conflicts.\n\n ipa idrange-add --base-id=1200000 --range-size=200000 --rid-base=1000 --secondary-rid-base=1000000 local_range\n\nThe data from the ID ranges of the local domain are used by the IPA server\ninternally to assign SIDs to IPA users and groups. The SID will then be stored\nin the user or group objects.\n\nIf e.g. the ID range for the local domain is configured with the values from\nthe example above then a new user with the UID 1200007 will get the RID 1007.\nIf this RID is already used by a group the RID will be 1000007. This can only\nhappen if a user or a group object was created with a fixed ID because the\nautomatic assignment will not assign the same ID twice. Since there are only\nusers and groups sharing the same ID namespace it is sufficient to have only\none fallback range to handle conflicts.\n\nTo find the Posix ID for a given RID from the local domain it has to be\nchecked first if the RID falls in the primary or secondary RID range and\nthe rid-base or the secondary-rid-base has to be subtracted, respectively,\nand the base-id has to be added to get the Posix ID.\n\nTypically the creation of ID ranges happens behind the scenes and this CLI\nmust not be used at all. The ID range for the local domain will be created\nduring installation or upgrade from an older version. The ID range for a\ntrusted domain will be created together with the trust by 'ipa trust-add ...'.\n\nUSE CASES:\n\n Add an ID range from a transitively trusted domain\n\n If the trusted domain (A) trusts another domain (B) as well and this trust\n is transitive 'ipa trust-add domain-A' will only create a range for\n domain A. The ID range for domain B must be added manually.\n\n Add an additional ID range for the local domain\n\n If the ID range of the local domain is exhausted, i.e. no new IDs can be\n assigned to Posix users or groups by the DNA plugin, a new range has to be\n created to allow new users and groups to be added. (Currently there is no\n connection between this range CLI and the DNA plugin, but a future version\n might be able to modify the configuration of the DNS plugin as well)\n\nIn general it is not necessary to modify or delete ID ranges. If there is no\nother way to achieve a certain configuration than to modify or delete an ID\nrange it should be done with great care. Because UIDs are stored in the file\nsystem and are used for access control it might be possible that users are\nallowed to access files of other users if an ID range got deleted and reused\nfor a different domain.\n\n(*) The RID is typically the last integer of a user or group SID which follows\nthe domain SID. E.g. if the domain SID is S-1-5-21-123-456-789 and a user from\nthis domain has the SID S-1-5-21-123-456-789-1010 then 1010 id the RID of the\nuser. RIDs are unique in a domain, 32bit values and are used for users and\ngroups.\n\nWARNING:\n\nDNA plugin in 389-ds will allocate IDs based on the ranges configured for the\nlocal domain. Currently the DNA plugin *cannot* be reconfigured itself based\non the local ranges set via this family of commands.\n\nManual configuration change has to be done in the DNA plugin configuration for\nthe new local range. Specifically, The dnaNextRange attribute of 'cn=Posix\nIDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has to be\nmodified to match the new range.\n" ], "previous_source": "", "target": [ "" ], "id_hash": 2100861487553895582, "content_hash": 2100861487553895582, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 1580, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 898, "source_unit": "https://translate.fedoraproject.org/api/units/4672283/?format=api", "priority": 100, "id": 4709685, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=9d27c2645ff2dc9e", "url": "https://translate.fedoraproject.org/api/units/4709685/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:16.715526Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "member Certificate Profile" ], "previous_source": "Certificate Profile", "target": [ "Profil de certificat" ], "id_hash": -8695261978202988019, "content_hash": -8695261978202988019, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1607, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 3, "source_unit": "https://translate.fedoraproject.org/api/units/2732610/?format=api", "priority": 100, "id": 4709687, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=0754394ce040220d", "url": "https://translate.fedoraproject.org/api/units/4709687/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:16.763936Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "Certificate Profiles to add" ], "previous_source": "Certificate Profile to use", "target": [ "Profil de certificat à utiliser" ], "id_hash": -3738674812090902188, "content_hash": -3738674812090902188, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1608, "has_suggestion": true, "has_comment": false, "has_failing_check": false, "num_words": 4, "source_unit": "https://translate.fedoraproject.org/api/units/2728963/?format=api", "priority": 100, "id": 4709689, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=4c1d8f11169f1954", "url": "https://translate.fedoraproject.org/api/units/4709689/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:16.782929Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "Certificate Profiles to remove" ], "previous_source": "Certificate Profile to use", "target": [ "Profil de certificat à utiliser" ], "id_hash": -5893223697827709532, "content_hash": -5893223697827709532, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1618, "has_suggestion": true, "has_comment": false, "has_failing_check": false, "num_words": 4, "source_unit": "https://translate.fedoraproject.org/api/units/2728965/?format=api", "priority": 100, "id": 4709691, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=2e3710453d10bda4", "url": "https://translate.fedoraproject.org/api/units/4709691/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:16.808807Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "\nManage Certificate Profiles\n\nCertificate Profiles are used by Certificate Authority (CA) in the signing of\ncertificates to determine if a Certificate Signing Request (CSR) is acceptable,\nand if so what features and extensions will be present on the certificate.\n\nThe Certificate Profile format is the property-list format understood by the\nDogtag or Red Hat Certificate System CA.\n\nPROFILE ID SYNTAX:\n\nA Profile ID is a string without spaces or punctuation starting with a letter\nand followed by a sequence of letters, digits or underscore (\"_\").\n\nEXAMPLES:\n\n Import a profile that will not store issued certificates:\n ipa certprofile-import ShortLivedUserCert --file UserCert.profile --desc \"User Certificates\" --store=false\n\n Delete a certificate profile:\n ipa certprofile-del ShortLivedUserCert\n\n Show information about a profile:\n ipa certprofile-show ShortLivedUserCert\n\n Save profile configuration to a file:\n ipa certprofile-show caIPAserviceCert --out caIPAserviceCert.cfg\n\n Search for profiles that do not store certificates:\n ipa certprofile-find --store=false\n\nPROFILE CONFIGURATION FORMAT:\n\nThe profile configuration format is the raw property-list format\nused by Dogtag Certificate System. The XML format is not supported.\n\nThe following restrictions apply to profiles managed by FreeIPA:\n\n- When importing a profile the \"profileId\" field, if present, must\n match the ID given on the command line.\n\n- The \"classId\" field must be set to \"caEnrollImpl\"\n\n- The \"auth.instance_id\" field must be set to \"raCertAuth\"\n\n- The \"certReqInputImpl\" input class and \"certOutputImpl\" output\n class must be used.\n" ], "previous_source": "\nManage Certificate Profiles\n\nCertificate Profiles are used by Certificate Authority (CA) in the signing of\ncertificates to determine if a Certificate Signing Request (CSR) is acceptable,\nand if so what features and extensions will be present on the certificate.\n\nThe Certificate Profile format is the property-list format understood by the\nDogtag or Red Hat Certificate System CA.\n\nPROFILE ID SYNTAX:\n\nA Profile ID is a string without spaces or punctuation starting with a letter\nand followed by a sequence of letters, digits or underscore (\"_\").\n\nEXAMPLES:\n\n Import a profile that will not store issued certificates:\n ipa certprofile-import ShortLivedUserCert \\\n --file UserCert.profile --desc \"User Certificates\" \\\n --store=false\n\n Delete a certificate profile:\n ipa certprofile-del ShortLivedUserCert\n\n Show information about a profile:\n ipa certprofile-show ShortLivedUserCert\n\n Save profile configuration to a file:\n ipa certprofile-show caIPAserviceCert --out caIPAserviceCert.cfg\n\n Search for profiles that do not store certificates:\n ipa certprofile-find --store=false\n\nPROFILE CONFIGURATION FORMAT:\n\nThe profile configuration format is the raw property-list format\nused by Dogtag Certificate System. The XML format is not supported.\n\nThe following restrictions apply to profiles managed by FreeIPA:\n\n- When importing a profile the \"profileId\" field, if present, must\n match the ID given on the command line.\n\n- The \"classId\" field must be set to \"caEnrollImpl\"\n\n- The \"auth.instance_id\" field must be set to \"raCertAuth\"\n\n- The \"certReqInputImpl\" input class and \"certOutputImpl\" output\n class must be used.\n\n", "target": [ "\nGestion des profils de certificats\n\nLes profils de certificats sont utilisés par l'autorité de certification (AC) dans\nla signature de certificats afin de déterminer si une demande de signature de\ncertificat (Certificate Signing Request, CSR) est acceptable, et si oui, quelles\nfonctionnalités et extensions doivent figurer dans le certificat.\n\nLe format du profil de certificat est un format de liste de propriétés qui sera\ncompris par une autorité de certification Dogtag ou Red Hat Certificate System.\n\nSYNTAXE DE L'IDENTIFIANT DE PROFIL :\n\nUn identifiant de profil est une chaîne de caractères sans espaces ni caractère de\nponctuation débutant par une lettre suivie d'une séquence de lettres, de chiffres et\nde caractère souligné (« _ »).\n\nEXEMPLES :\n\n Importer un profil qui ne stockera pas les certificats émis :\n ipa certprofile-import ShortLivedUserCert \\\n --file UserCert.profile --summary \"User Certificates\" \\\n --store=false\n\n Supprimer un profil de certificat :\n ipa certprofile-del ShortLivedUserCert\n\n Afficher les informations sur un profil :\n ipa certprofile-show ShortLivedUserCert\n\n Enregistrer la configuration du profil dans un fichier :\n ipa certprofile-show caIPAserviceCert --out caIPAserviceCert.cfg\n\n Rechercher des profils ne stockant pas les certificats :\n ipa certprofile-find --store=false\n\nFORMAT DE LA CONFIGURATION DE PROFIL :\n\nLe format de configuration de profil est un format brut de liste de \npropriété utilisé par Dogtag Certificate System. Le format XML n'est\npas pris en charge.\n\nLes restrictions suivantes s'appliquent aux profils gérés par FreeIPA :\n\n- Lors de l'import d'un profil, le champ « profileId » s'il est présent doit\n correspondre à l'identifiant donné sur la ligne de commande.\n\n- Le champ « classId » doit être « caEnrollImpl »\n\n- Le champ « auth.instance_id doit être « raCertAuth »\n\n- Les classe d'entrée « certReqInputImpl » et de sortie « certOutputImpl » doivent \n être utilisées.\n" ], "id_hash": -95608496639423207, "content_hash": -95608496639423207, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1622, "has_suggestion": true, "has_comment": false, "has_failing_check": true, "num_words": 222, "source_unit": "https://translate.fedoraproject.org/api/units/2727880/?format=api", "priority": 100, "id": 4709693, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=7eac5494304c4d19", "url": "https://translate.fedoraproject.org/api/units/4709693/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:16.843810Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "\nIPA servers\n\nGet information about installed IPA servers.\n\nEXAMPLES:\n\n Find all servers:\n ipa server-find\n\n Show specific server:\n ipa server-show ipa.example.com\n" ], "previous_source": "", "target": [ "" ], "id_hash": 3072663002766020125, "content_hash": 3072663002766020125, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 1657, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 20, "source_unit": "https://translate.fedoraproject.org/api/units/2727861/?format=api", "priority": 100, "id": 4709695, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=aaa44ab8aa5a8e1d", "url": "https://translate.fedoraproject.org/api/units/4709695/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:16.896571Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "member principal" ], "previous_source": "Member principals", "target": [ "Principaux membres de" ], "id_hash": -2293132937113220703, "content_hash": -2293132937113220703, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1674, "has_suggestion": true, "has_comment": false, "has_failing_check": false, "num_words": 2, "source_unit": "https://translate.fedoraproject.org/api/units/2732618/?format=api", "priority": 100, "id": 4709697, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=602d27be449e49a1", "url": "https://translate.fedoraproject.org/api/units/4709697/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:16.960345Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "principal to add" ], "previous_source": "principal not found\n", "target": [ "principal introuvable\n" ], "id_hash": 8116216494982493452, "content_hash": 8116216494982493452, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1675, "has_suggestion": false, "has_comment": false, "has_failing_check": true, "num_words": 3, "source_unit": "https://translate.fedoraproject.org/api/units/2732725/?format=api", "priority": 100, "id": 4709699, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=f0a297e68f98f50c", "url": "https://translate.fedoraproject.org/api/units/4709699/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:16.989958Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "member service delegation target" ], "previous_source": "service delegation target", "target": [ "cible de délégation de service" ], "id_hash": 8474836288480319152, "content_hash": 8474836288480319152, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1677, "has_suggestion": true, "has_comment": false, "has_failing_check": false, "num_words": 4, "source_unit": "https://translate.fedoraproject.org/api/units/2732625/?format=api", "priority": 100, "id": 4709701, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=f59caab3e87596b0", "url": "https://translate.fedoraproject.org/api/units/4709701/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:17.038492Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "service delegation targets to add" ], "previous_source": "service delegation targets", "target": [ "cibles de délégation de service" ], "id_hash": -864618004328886396, "content_hash": -864618004328886396, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1678, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 5, "source_unit": "https://translate.fedoraproject.org/api/units/2732793/?format=api", "priority": 100, "id": 4709702, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=740042818991cf84", "url": "https://translate.fedoraproject.org/api/units/4709702/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:17.066362Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "Results should contain primary key attribute only (\"delegation-name\")" ], "previous_source": "Results should contain primary key attribute only (\"group-name\")", "target": [ "Les résultats doivent uniquement contenir un attribut de clé principale (« group-name »)" ], "id_hash": -111740406444672378, "content_hash": -111740406444672378, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1681, "has_suggestion": true, "has_comment": false, "has_failing_check": false, "num_words": 8, "source_unit": "https://translate.fedoraproject.org/api/units/2731363/?format=api", "priority": 100, "id": 4709704, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=7e7304b13eceba86", "url": "https://translate.fedoraproject.org/api/units/4709704/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:17.118944Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "principal to remove" ], "previous_source": "roles to remove", "target": [ "rôles à supprimer" ], "id_hash": -4736315271564439744, "content_hash": -4736315271564439744, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1683, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 3, "source_unit": "https://translate.fedoraproject.org/api/units/2732727/?format=api", "priority": 100, "id": 4709706, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=3e453a5ac624cf40", "url": "https://translate.fedoraproject.org/api/units/4709706/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:17.149482Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "service delegation targets to remove" ], "previous_source": "service delegation targets", "target": [ "cibles de délégation de service" ], "id_hash": -2123361248130218089, "content_hash": -2123361248130218089, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1685, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 5, "source_unit": "https://translate.fedoraproject.org/api/units/2732795/?format=api", "priority": 100, "id": 4709708, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=62884e31e35e4797", "url": "https://translate.fedoraproject.org/api/units/4709708/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:17.180687Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "\nStageusers\n\nManage stage user entries.\n\nStage user entries are directly under the container: \"cn=stage users,\ncn=accounts, cn=provisioning, SUFFIX\".\nUser can not authenticate with those entries (even if the entries\ncontain credentials) and are candidate to become Active entries.\n\nActive user entries are Posix users directly under the container: \"cn=accounts, SUFFIX\".\nUser can authenticate with Active entries, at the condition they have\ncredentials\n\nDelete user entries are Posix users directly under the container: \"cn=deleted users,\ncn=accounts, cn=provisioning, SUFFIX\".\nUser can not authenticate with those entries (even if the entries contain credentials)\n\nThe stage user container contains entries\n - created by 'stageuser-add' commands that are Posix users\n - created by external provisioning system\n\nA valid stage user entry MUST:\n - entry RDN is 'uid'\n - ipaUniqueID is 'autogenerate'\n\nIPA supports a wide range of username formats, but you need to be aware of any\nrestrictions that may apply to your particular environment. For example,\nusernames that start with a digit or usernames that exceed a certain length\nmay cause problems for some UNIX systems.\nUse 'ipa config-mod' to change the username format allowed by IPA tools.\n\n\nEXAMPLES:\n\n Add a new stageuser:\n ipa stageuser-add --first=Tim --last=User --password tuser1\n\n Add a stageuser from the Delete container\n ipa stageuser-add --first=Tim --last=User --from-delete tuser1\n" ], "previous_source": "\nStageusers\n\nManage stage user entries.\n\nStage user entries are directly under the container: \"cn=stage users,\ncn=accounts, cn=provisioning, SUFFIX\".\nUsers can not authenticate with those entries (even if the entries\ncontain credentials). Those entries are only candidate to become Active entries.\n\nActive user entries are Posix users directly under the container: \"cn=accounts, SUFFIX\".\nUsers can authenticate with Active entries, at the condition they have\ncredentials.\n\nDeleted user entries are Posix users directly under the container: \"cn=deleted users,\ncn=accounts, cn=provisioning, SUFFIX\".\nUsers can not authenticate with those entries, even if the entries contain credentials.\n\nThe stage user container contains entries:\n - created by 'stageuser-add' commands that are Posix users,\n - created by external provisioning system.\n\nA valid stage user entry MUST have:\n - entry RDN is 'uid',\n - ipaUniqueID is 'autogenerate'.\n\nIPA supports a wide range of username formats, but you need to be aware of any\nrestrictions that may apply to your particular environment. For example,\nusernames that start with a digit or usernames that exceed a certain length\nmay cause problems for some UNIX systems.\nUse 'ipa config-mod' to change the username format allowed by IPA tools.\n\n\nEXAMPLES:\n\n Add a new stageuser:\n ipa stageuser-add --first=Tim --last=User --password tuser1\n\n Add a stageuser from the deleted users container:\n ipa stageuser-add --first=Tim --last=User --from-delete tuser1\n\n", "target": [ "\nUtilisateurs en attente\n\nGestion des entrées des utilisateurs en attente (« stage users »).\n\nLes entrées des utilisateurs en attente sont situées directement dans le \nconteneur « cn=stage users, cn=accounts, cn=provisioning, SUFFIXE x.\nLes utilisateurs ne peuvent utiliser ces entrées pour s'authentifier (même\nsi les entrées contiennent des données d'authentification) et ne sont que\ncandidates à devenir des entrées actives.\n\nLes entrées d'utilisateurs actifs sont des utilisateurs Posix situées dans le \nconteneur « cn=accounts, SUFFIXE ». Les utilisateurs peuvent les utiliser pour \ns'authentifier à la condition qu'elles comportent des données d'authentification.\n\nLes entrées d'utilisateurs supprimés sont des entrées d'utilisateurs Posix situées\ndans le conteneur « cn=deleted users, cn=accounts, cn=provisioning, SUFFIXE ».\nUn utilisateur ne peut s'authentifier à l'aide de ces entrées , même si elles contiennent\ndes données d'authentification valides.\n\nLe conteneur d'entrées utilisateurs en attente contient des entrées :\n - créées par les commandes « stageuser-add », qui sont des utilisateurs Posix,\n - créées par des systèmes d'approvisionnement externes.\n\nUn utilisateur en attente valide DOIT posséder les propriétés suivantes :\n - le RDN de l'entrée est « uid »\n - l'attribut « ipaUniqueID » est « autogenerate »\n\nIPA prend en charge une grande variété de formats de noms d'utilisateurs, mais\nil est important de savoir que des restrictions peuvent s'appliquer dans un environnement\nparticulier. Ainsi, les noms d'utilisateurs débutant par un chiffre ou ceux excédant une \ncertaine taille peuvent poser problème sur certains systèmes UNIX.\nUtiliser la commande « ipa config-mod » pour modifier le format autorisé par les outils IPA.\n\n\nEXEMPLES :\n\n Ajouter un nouvel utilisateur en attente :\n ipa stageuser-add --first=Tim --last=User --password tuser1\n\n Ajouter un utilisateur en attente depuis le conteneur des utilisateurs supprimés :\n ipa stageuser-add --first=Tim --last=User --from-delete tuser1\n" ], "id_hash": -6243864614975504312, "content_hash": -6243864614975504312, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1693, "has_suggestion": true, "has_comment": false, "has_failing_check": true, "num_words": 208, "source_unit": "https://translate.fedoraproject.org/api/units/2727961/?format=api", "priority": 100, "id": 4709709, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=29595636cec10048", "url": "https://translate.fedoraproject.org/api/units/4709709/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:17.210560Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "Search for stage users with these member of groups." ], "previous_source": "Search for netgroups with these member of netgroups.", "target": [ "Rechercher des groupes réseaux avec ces membres de groupes réseau." ], "id_hash": -3936704368680801451, "content_hash": -3936704368680801451, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1699, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 9, "source_unit": "https://translate.fedoraproject.org/api/units/2731702/?format=api", "priority": 100, "id": 4709711, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=495e043bf70d6b55", "url": "https://translate.fedoraproject.org/api/units/4709711/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:17.257303Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "Search for stage users without these member of groups." ], "previous_source": "Search for netgroups without these member of netgroups.", "target": [ "Rechercher des groupes réseaux sans ces membres de groupes réseau." ], "id_hash": -951627341528695060, "content_hash": -951627341528695060, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1700, "has_suggestion": true, "has_comment": false, "has_failing_check": false, "num_words": 9, "source_unit": "https://translate.fedoraproject.org/api/units/2731712/?format=api", "priority": 100, "id": 4709713, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=72cb23f98da1feec", "url": "https://translate.fedoraproject.org/api/units/4709713/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:17.281683Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "Search for stage users with these member of netgroups." ], "previous_source": "Search for netgroups with these member of netgroups.", "target": [ "Rechercher des groupes réseaux avec ces membres de groupes réseau." ], "id_hash": -2496646751950542668, "content_hash": -2496646751950542668, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1701, "has_suggestion": true, "has_comment": false, "has_failing_check": false, "num_words": 9, "source_unit": "https://translate.fedoraproject.org/api/units/2731704/?format=api", "priority": 100, "id": 4709715, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=5d5a2101c45ae8b4", "url": "https://translate.fedoraproject.org/api/units/4709715/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:17.304734Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "Search for stage users without these member of netgroups." ], "previous_source": "Search for netgroups without these member of netgroups.", "target": [ "Rechercher des groupes réseaux sans ces membres de groupes réseau." ], "id_hash": -6880347366244008828, "content_hash": -6880347366244008828, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1702, "has_suggestion": true, "has_comment": false, "has_failing_check": false, "num_words": 9, "source_unit": "https://translate.fedoraproject.org/api/units/2731714/?format=api", "priority": 100, "id": 4709716, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=2084188627bb3c84", "url": "https://translate.fedoraproject.org/api/units/4709716/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:17.325572Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "Search for stage users with these member of roles." ], "previous_source": "Search for hosts without these member of roles.", "target": [ "Rechercher des hôtes sans ces membres de rôles." ], "id_hash": 6824821060073443001, "content_hash": 6824821060073443001, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1703, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 9, "source_unit": "https://translate.fedoraproject.org/api/units/2731706/?format=api", "priority": 100, "id": 4709718, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=deb6a2983d484eb9", "url": "https://translate.fedoraproject.org/api/units/4709718/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:17.350309Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "Search for stage users without these member of roles." ], "previous_source": "Search for hosts without these member of roles.", "target": [ "Rechercher des hôtes sans ces membres de rôles." ], "id_hash": 4526969471110313151, "content_hash": 4526969471110313151, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1704, "has_suggestion": true, "has_comment": false, "has_failing_check": false, "num_words": 9, "source_unit": "https://translate.fedoraproject.org/api/units/2731716/?format=api", "priority": 100, "id": 4709720, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=bed306bfc29174bf", "url": "https://translate.fedoraproject.org/api/units/4709720/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:17.374710Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "Search for stage users with these member of HBAC rules." ], "previous_source": "Search for hosts with these member of HBAC rules.", "target": [ "Rechercher des hôtes avec ces membres de règles HBAC." ], "id_hash": 9464019144775835, "content_hash": 9464019144775835, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1705, "has_suggestion": true, "has_comment": false, "has_failing_check": false, "num_words": 10, "source_unit": "https://translate.fedoraproject.org/api/units/2731700/?format=api", "priority": 100, "id": 4709722, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=80219f79ab45989b", "url": "https://translate.fedoraproject.org/api/units/4709722/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:17.400431Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "Search for stage users without these member of HBAC rules." ], "previous_source": "Search for hosts with these member of HBAC rules.", "target": [ "Rechercher des hôtes avec ces membres de règles HBAC." ], "id_hash": -8984762163372848585, "content_hash": -8984762163372848585, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1706, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 10, "source_unit": "https://translate.fedoraproject.org/api/units/2731710/?format=api", "priority": 100, "id": 4709724, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=034fb66a6cca8a37", "url": "https://translate.fedoraproject.org/api/units/4709724/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:17.428657Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "Search for stage users with these member of sudo rules." ], "previous_source": "Search for hosts without these member of sudo rules.", "target": [ "Rechercher des systèmes sans ces membres de règles sudo." ], "id_hash": -5920098238618340576, "content_hash": -5920098238618340576, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1707, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 10, "source_unit": "https://translate.fedoraproject.org/api/units/2731708/?format=api", "priority": 100, "id": 4709725, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=2dd796049bbcf320", "url": "https://translate.fedoraproject.org/api/units/4709725/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:17.451936Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "Search for stage users without these member of sudo rules." ], "previous_source": "Search for hosts without these member of sudo rules.", "target": [ "Rechercher des systèmes sans ces membres de règles sudo." ], "id_hash": -3765974089838187057, "content_hash": -3765974089838187057, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1708, "has_suggestion": true, "has_comment": false, "has_failing_check": false, "num_words": 10, "source_unit": "https://translate.fedoraproject.org/api/units/2731718/?format=api", "priority": 100, "id": 4709727, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=4bbc9284addeadcf", "url": "https://translate.fedoraproject.org/api/units/4709727/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:17.479049Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "Rename the stage user object" ], "previous_source": "Rename the group object", "target": [ "Renommer l'objet groupe" ], "id_hash": 1100597096156588336, "content_hash": 1100597096156588336, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1710, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 5, "source_unit": "https://translate.fedoraproject.org/api/units/2731314/?format=api", "priority": 100, "id": 4709728, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=8f461b3a4d3d6930", "url": "https://translate.fedoraproject.org/api/units/4709728/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:17.499768Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "Attributes to replicate" ], "previous_source": "Attributes to strip", "target": [ "Attributs à supprimer" ], "id_hash": 2472536115401480269, "content_hash": 2472536115401480269, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1723, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 3, "source_unit": "https://translate.fedoraproject.org/api/units/2728822/?format=api", "priority": 100, "id": 4709730, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=a250367f34d4584d", "url": "https://translate.fedoraproject.org/api/units/4709730/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:17.524727Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "\nVerify replication topology for suffix.\n\nChecks done:\n 1. check if a topology is not disconnected. In other words if there are\n replication paths between all servers.\n 2. check if servers don't have more than the recommended number of\n replication agreements\n " ], "previous_source": "\nVerify replication topology for suffix.\n\nChecks done:\n 1. check if a topology is not disconnected. In other words if there are\n replication paths between all servers.\n 2. check if servers don't have more than the recommended number of\n replication agreements\n", "target": [ "\nVérifier la topologie de réplication pour le suffixe.\n\nVérifications effectuées :\n 1. vérfier si la topologie n'est pas déconnectée. En d'autres mots, si des chemins\n de réplication existent bien entre tous les serveurs.\n 2. vérifier si tous les serveurs n'ont pas un nombre supérieur à celui recommandé\n d'agrément de réplication.\n" ], "id_hash": 5842981302331114739, "content_hash": 5842981302331114739, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1747, "has_suggestion": true, "has_comment": false, "has_failing_check": true, "num_words": 40, "source_unit": "https://translate.fedoraproject.org/api/units/2728000/?format=api", "priority": 100, "id": 4709732, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=d11670897ab204f3", "url": "https://translate.fedoraproject.org/api/units/4709732/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:17.562916Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "\nVaults\n\nManage vaults.\n\nVault is a secure place to store a secret.\n\nBased on the ownership there are three vault categories:\n* user/private vault\n* service vault\n* shared vault\n\nUser vaults are vaults owned used by a particular user. Private\nvaults are vaults owned the current user. Service vaults are\nvaults owned by a service. Shared vaults are owned by the admin\nbut they can be used by other users or services.\n\nBased on the security mechanism there are three types of\nvaults:\n* standard vault\n* symmetric vault\n* asymmetric vault\n\nStandard vault uses a secure mechanism to transport and\nstore the secret. The secret can only be retrieved by users\nthat have access to the vault.\n\nSymmetric vault is similar to the standard vault, but it\npre-encrypts the secret using a password before transport.\nThe secret can only be retrieved using the same password.\n\nAsymmetric vault is similar to the standard vault, but it\npre-encrypts the secret using a public key before transport.\nThe secret can only be retrieved using the private key.\n\nEXAMPLES:\n\n List vaults:\n ipa vault-find\n [--user <user>|--service <service>|--shared]\n\n Add a standard vault:\n ipa vault-add <name>\n [--user <user>|--service <service>|--shared]\n --type standard\n\n Add a symmetric vault:\n ipa vault-add <name>\n [--user <user>|--service <service>|--shared]\n --type symmetric --password-file password.txt\n\n Add an asymmetric vault:\n ipa vault-add <name>\n [--user <user>|--service <service>|--shared]\n --type asymmetric --public-key-file public.pem\n\n Show a vault:\n ipa vault-show <name>\n [--user <user>|--service <service>|--shared]\n\n Modify vault description:\n ipa vault-mod <name>\n [--user <user>|--service <service>|--shared]\n --desc <description>\n\n Modify vault type:\n ipa vault-mod <name>\n [--user <user>|--service <service>|--shared]\n --type <type>\n [old password/private key]\n [new password/public key]\n\n Modify symmetric vault password:\n ipa vault-mod <name>\n [--user <user>|--service <service>|--shared]\n --change-password\n ipa vault-mod <name>\n [--user <user>|--service <service>|--shared]\n --old-password <old password>\n --new-password <new password>\n ipa vault-mod <name>\n [--user <user>|--service <service>|--shared]\n --old-password-file <old password file>\n --new-password-file <new password file>\n\n Modify asymmetric vault keys:\n ipa vault-mod <name>\n [--user <user>|--service <service>|--shared]\n --private-key-file <old private key file>\n --public-key-file <new public key file>\n\n Delete a vault:\n ipa vault-del <name>\n [--user <user>|--service <service>|--shared]\n\n Display vault configuration:\n ipa vaultconfig-show\n\n Archive data into standard vault:\n ipa vault-archive <name>\n [--user <user>|--service <service>|--shared]\n --in <input file>\n\n Archive data into symmetric vault:\n ipa vault-archive <name>\n [--user <user>|--service <service>|--shared]\n --in <input file>\n --password-file password.txt\n\n Archive data into asymmetric vault:\n ipa vault-archive <name>\n [--user <user>|--service <service>|--shared]\n --in <input file>\n\n Retrieve data from standard vault:\n ipa vault-retrieve <name>\n [--user <user>|--service <service>|--shared]\n --out <output file>\n\n Retrieve data from symmetric vault:\n ipa vault-retrieve <name>\n [--user <user>|--service <service>|--shared]\n --out <output file>\n --password-file password.txt\n\n Retrieve data from asymmetric vault:\n ipa vault-retrieve <name>\n [--user <user>|--service <service>|--shared]\n --out <output file> --private-key-file private.pem\n\n Add vault owners:\n ipa vault-add-owner <name>\n [--user <user>|--service <service>|--shared]\n [--users <users>] [--groups <groups>] [--services <services>]\n\n Delete vault owners:\n ipa vault-remove-owner <name>\n [--user <user>|--service <service>|--shared]\n [--users <users>] [--groups <groups>] [--services <services>]\n\n Add vault members:\n ipa vault-add-member <name>\n [--user <user>|--service <service>|--shared]\n [--users <users>] [--groups <groups>] [--services <services>]\n\n Delete vault members:\n ipa vault-remove-member <name>\n [--user <user>|--service <service>|--shared]\n [--users <users>] [--groups <groups>] [--services <services>]\n" ], "previous_source": "", "target": [ "" ], "id_hash": -794037724542937281, "content_hash": -794037724542937281, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 1753, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 482, "source_unit": "https://translate.fedoraproject.org/api/units/2727997/?format=api", "priority": 100, "id": 4709734, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=74fb02e5825bd73f", "url": "https://translate.fedoraproject.org/api/units/4709734/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:17.610232Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "owner user" ], "previous_source": "Owner users", "target": [ "Utilisateurs propriétaires" ], "id_hash": -7004131910021713147, "content_hash": -7004131910021713147, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1773, "has_suggestion": true, "has_comment": false, "has_failing_check": false, "num_words": 2, "source_unit": "https://translate.fedoraproject.org/api/units/2732707/?format=api", "priority": 100, "id": 4709735, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=1ecc5323272d7305", "url": "https://translate.fedoraproject.org/api/units/4709735/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:17.645502Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "owner group" ], "previous_source": "Owner groups", "target": [ "Groupes propriétaires" ], "id_hash": 1939044988643259528, "content_hash": 1939044988643259528, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1774, "has_suggestion": true, "has_comment": false, "has_failing_check": false, "num_words": 2, "source_unit": "https://translate.fedoraproject.org/api/units/2732702/?format=api", "priority": 100, "id": 4709737, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=9ae8df24c7953488", "url": "https://translate.fedoraproject.org/api/units/4709737/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:17.672926Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "owner service" ], "previous_source": "Owner services", "target": [ "Services propriétaires" ], "id_hash": -7821012079565708576, "content_hash": -7821012079565708576, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1775, "has_suggestion": true, "has_comment": false, "has_failing_check": false, "num_words": 2, "source_unit": "https://translate.fedoraproject.org/api/units/2732705/?format=api", "priority": 100, "id": 4709738, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=13762ef37d7262e0", "url": "https://translate.fedoraproject.org/api/units/4709738/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:17.691264Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "\nID ranges\n\nManage ID ranges used to map Posix IDs to SIDs and back.\n\nThere are two type of ID ranges which are both handled by this utility:\n\n - the ID ranges of the local domain\n - the ID ranges of trusted remote domains\n\nBoth types have the following attributes in common:\n\n - base-id: the first ID of the Posix ID range\n - range-size: the size of the range\n\nWith those two attributes a range object can reserve the Posix IDs starting\nwith base-id up to but not including base-id+range-size exclusively.\n\nAdditionally an ID range of the local domain may set\n - rid-base: the first RID(*) of the corresponding RID range\n - secondary-rid-base: first RID of the secondary RID range\n\nand an ID range of a trusted domain must set\n - rid-base: the first RID of the corresponding RID range\n - sid: domain SID of the trusted domain\n\n\n\nEXAMPLE: Add a new ID range for a trusted domain\n\nSince there might be more than one trusted domain the domain SID must be given\nwhile creating the ID range.\n\n ipa idrange-add --base-id=1200000 --range-size=200000 --rid-base=0 --dom-sid=S-1-5-21-123-456-789 trusted_dom_range\n\nThis ID range is then used by the IPA server and the SSSD IPA provider to\nassign Posix UIDs to users from the trusted domain.\n\nIf e.g. a range for a trusted domain is configured with the following values:\n base-id = 1200000\n range-size = 200000\n rid-base = 0\nthe RIDs 0 to 199999 are mapped to the Posix ID from 1200000 to 13999999. So\nRID 1000 <-> Posix ID 1201000\n\n\n\nEXAMPLE: Add a new ID range for the local domain\n\nTo create an ID range for the local domain it is not necessary to specify a\ndomain SID. But since it is possible that a user and a group can have the same\nvalue as Posix ID a second RID interval is needed to handle conflicts.\n\n ipa idrange-add --base-id=1200000 --range-size=200000 --rid-base=1000 --secondary-rid-base=1000000 local_range\n\nThe data from the ID ranges of the local domain are used by the IPA server\ninternally to assign SIDs to IPA users and groups. The SID will then be stored\nin the user or group objects.\n\nIf e.g. the ID range for the local domain is configured with the values from\nthe example above then a new user with the UID 1200007 will get the RID 1007.\nIf this RID is already used by a group the RID will be 1000007. This can only\nhappen if a user or a group object was created with a fixed ID because the\nautomatic assignment will not assign the same ID twice. Since there are only\nusers and groups sharing the same ID namespace it is sufficient to have only\none fallback range to handle conflicts.\n\nTo find the Posix ID for a given RID from the local domain it has to be\nchecked first if the RID falls in the primary or secondary RID range and\nthe rid-base or the secondary-rid-base has to be subtracted, respectively,\nand the base-id has to be added to get the Posix ID.\n\nTypically the creation of ID ranges happens behind the scenes and this CLI\nmust not be used at all. The ID range for the local domain will be created\nduring installation or upgrade from an older version. The ID range for a\ntrusted domain will be created together with the trust by 'ipa trust-add ...'.\n\nUSE CASES:\n\n Add an ID range from a transitively trusted domain\n\n If the trusted domain (A) trusts another domain (B) as well and this trust\n is transitive 'ipa trust-add domain-A' will only create a range for\n domain A. The ID range for domain B must be added manually.\n\n Add an additional ID range for the local domain\n\n If the ID range of the local domain is exhausted, i.e. no new IDs can be\n assigned to Posix users or groups by the DNA plugin, a new range has to be\n created to allow new users and groups to be added. (Currently there is no\n connection between this range CLI and the DNA plugin, but a future version\n might be able to modify the configuration of the DNS plugin as well)\n\nIn general it is not necessary to modify or delete ID ranges. If there is no\nother way to achieve a certain configuration than to modify or delete an ID\nrange it should be done with great care. Because UIDs are stored in the file\nsystem and are used for access control it might be possible that users are\nallowed to access files of other users if an ID range got deleted and reused\nfor a different domain.\n\n(*) The RID is typically the last integer of a user or group SID which follows\nthe domain SID. E.g. if the domain SID is S-1-5-21-123-456-789 and a user from\nthis domain has the SID S-1-5-21-123-456-789-1010 then 1010 id the RID of the\nuser. RIDs are unique in a domain, 32bit values and are used for users and\ngroups.\n\n=======\nWARNING:\n\nDNA plugin in 389-ds will allocate IDs based on the ranges configured for the\nlocal domain. Currently the DNA plugin *cannot* be reconfigured itself based\non the local ranges set via this family of commands.\n\nManual configuration change has to be done in the DNA plugin configuration for\nthe new local range. Specifically, The dnaNextRange attribute of 'cn=Posix\nIDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has to be\nmodified to match the new range.\n=======\n" ], "previous_source": "", "target": [ "" ], "id_hash": 160957291323804816, "content_hash": 160957291323804816, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 1799, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 900, "source_unit": "https://translate.fedoraproject.org/api/units/4672324/?format=api", "priority": 100, "id": 4709740, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=823bd5cdbd5d4c90", "url": "https://translate.fedoraproject.org/api/units/4709740/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:17.714025Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "\nAdd new ID range.\n\n To add a new ID range you always have to specify\n\n --base-id\n --range-size\n\n Additionally\n\n --rid-base\n --secondary-rid-base\n\n may be given for a new ID range for the local domain while\n\n --rid-base\n --dom-sid\n\n must be given to add a new range for a trusted AD domain.\n\n=======\nWARNING:\n\nDNA plugin in 389-ds will allocate IDs based on the ranges configured for the\nlocal domain. Currently the DNA plugin *cannot* be reconfigured itself based\non the local ranges set via this family of commands.\n\nManual configuration change has to be done in the DNA plugin configuration for\nthe new local range. Specifically, The dnaNextRange attribute of 'cn=Posix\nIDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has to be\nmodified to match the new range.\n=======\n " ], "previous_source": "\nAdd new ID range.\n\n To add a new ID range you always have to specify\n\n --base-id\n --range-size\n\n Additionally\n\n --rid-base\n --secondary-rid-base\n\n may be given for a new ID range for the local domain while\n\n --rid-base\n --dom-sid\n\n must be given to add a new range for a trusted AD domain.\n\n WARNING:\n\n DNA plugin in 389-ds will allocate IDs based on the ranges configured for the\n local domain. Currently the DNA plugin *cannot* be reconfigured itself based\n on the local ranges set via this family of commands.\n\n Manual configuration change has to be done in the DNA plugin configuration for\n the new local range. Specifically, The dnaNextRange attribute of 'cn=Posix\n IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has to be\n modified to match the new range.\n ", "target": [ "\nAjouter une nouvelle plage d'identifiants.\n\n Pour ajouter une nouvelle plage d'identifiants vous devez toujours préciser\n\n --base-id\n --range-size\n\n En outre,\n\n --rid-base\n --secondary-rid-base\n\n seront indiqués pour une nouvelle plage d'ID dans le domaine local alors que\n\n --rid-base\n --dom-sid\n\n doivent l'être pour ajouter une nouvelle plage pour un domaine AD de confiance.\n\n AVERTISSEMENT :\n\n Le greffon DNA dans 389-ds alloue des ID selon les plages configurées au\n titre du domaine local. Actuellement le greffon DNA *ne peut pas* être\n lui-même reconfiguré selon les plages locales définies par l'intermédiaire\n de cette famille de commandes.\n\n Un changement manuel de configuration doit être opéré dans la configuration\n du greffon DNA pour cadrer avec la nouvelle plage locale. En particulier,\n l'attribut « dnaNextRange » de « cn=Posix IDs »,^n« cn=Distributed Numeric Assignment Plugin », « cn=plugins », « cn=config »\n doivent être modifiés pour correspondre à cette nouvelle plage.\n " ], "id_hash": -7194871590498221111, "content_hash": -7194871590498221111, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1800, "has_suggestion": true, "has_comment": false, "has_failing_check": true, "num_words": 122, "source_unit": "https://translate.fedoraproject.org/api/units/2727773/?format=api", "priority": 100, "id": 4709742, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=1c26ae6893cdc3c9", "url": "https://translate.fedoraproject.org/api/units/4709742/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:17.739316Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "\nModify ID range.\n\n=======\nWARNING:\n\nDNA plugin in 389-ds will allocate IDs based on the ranges configured for the\nlocal domain. Currently the DNA plugin *cannot* be reconfigured itself based\non the local ranges set via this family of commands.\n\nManual configuration change has to be done in the DNA plugin configuration for\nthe new local range. Specifically, The dnaNextRange attribute of 'cn=Posix\nIDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has to be\nmodified to match the new range.\n=======\n " ], "previous_source": "\nAdd new ID range.\n\n To add a new ID range you always have to specify\n\n --base-id\n --range-size\n\n Additionally\n\n --rid-base\n --secondary-rid-base\n\n may be given for a new ID range for the local domain while\n\n --rid-base\n --dom-sid\n\n must be given to add a new range for a trusted AD domain.\n\n WARNING:\n\n DNA plugin in 389-ds will allocate IDs based on the ranges configured for the\n local domain. Currently the DNA plugin *cannot* be reconfigured itself based\n on the local ranges set via this family of commands.\n\n Manual configuration change has to be done in the DNA plugin configuration for\n the new local range. Specifically, The dnaNextRange attribute of 'cn=Posix\n IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has to be\n modified to match the new range.\n ", "target": [ "\nAjouter une nouvelle plage d'identifiants.\n\n Pour ajouter une nouvelle plage d'identifiants vous devez toujours préciser\n\n --base-id\n --range-size\n\n En outre,\n\n --rid-base\n --secondary-rid-base\n\n seront indiqués pour une nouvelle plage d'ID dans le domaine local alors que\n\n --rid-base\n --dom-sid\n\n doivent l'être pour ajouter une nouvelle plage pour un domaine AD de confiance.\n\n AVERTISSEMENT :\n\n Le greffon DNA dans 389-ds alloue des ID selon les plages configurées au\n titre du domaine local. Actuellement le greffon DNA *ne peut pas* être\n lui-même reconfiguré selon les plages locales définies par l'intermédiaire\n de cette famille de commandes.\n\n Un changement manuel de configuration doit être opéré dans la configuration\n du greffon DNA pour cadrer avec la nouvelle plage locale. En particulier,\n l'attribut « dnaNextRange » de « cn=Posix IDs »,^n« cn=Distributed Numeric Assignment Plugin », « cn=plugins », « cn=config »\n doivent être modifiés pour correspondre à cette nouvelle plage.\n " ], "id_hash": -6371281274070293621, "content_hash": -6371281274070293621, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1801, "has_suggestion": false, "has_comment": false, "has_failing_check": true, "num_words": 77, "source_unit": "https://translate.fedoraproject.org/api/units/2727894/?format=api", "priority": 100, "id": 4709743, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=2794a9700ef1238b", "url": "https://translate.fedoraproject.org/api/units/4709743/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:17.784867Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "\nSimulate use of Host-based access controls\n\nHBAC rules control who can access what services on what hosts.\nYou can use HBAC to control which users or groups can access a service,\nor group of services, on a target host.\n\nSince applying HBAC rules implies use of a production environment,\nthis plugin aims to provide simulation of HBAC rules evaluation without\nhaving access to the production environment.\n\n Test user coming to a service on a named host against\n existing enabled rules.\n\n ipa hbactest --user= --host= --service=\n [--rules=rules-list] [--nodetail] [--enabled] [--disabled]\n [--sizelimit= ]\n\n --user, --host, and --service are mandatory, others are optional.\n\n If --rules is specified simulate enabling of the specified rules and test\n the login of the user using only these rules.\n\n If --enabled is specified, all enabled HBAC rules will be added to simulation\n\n If --disabled is specified, all disabled HBAC rules will be added to simulation\n\n If --nodetail is specified, do not return information about rules matched/not matched.\n\n If both --rules and --enabled are specified, apply simulation to --rules _and_\n all IPA enabled rules.\n\n If no --rules specified, simulation is run against all IPA enabled rules.\n By default there is a IPA-wide limit to number of entries fetched, you can change it\n with --sizelimit option.\n\nEXAMPLES:\n\n 1. Use all enabled HBAC rules in IPA database to simulate:\n $ ipa hbactest --user=a1a --host=bar --service=sshd\n --------------------\n Access granted: True\n --------------------\n Not matched rules: my-second-rule\n Not matched rules: my-third-rule\n Not matched rules: myrule\n Matched rules: allow_all\n\n 2. Disable detailed summary of how rules were applied:\n $ ipa hbactest --user=a1a --host=bar --service=sshd --nodetail\n --------------------\n Access granted: True\n --------------------\n\n 3. Test explicitly specified HBAC rules:\n $ ipa hbactest --user=a1a --host=bar --service=sshd --rules=myrule --rules=my-second-rule\n ---------------------\n Access granted: False\n ---------------------\n Not matched rules: my-second-rule\n Not matched rules: myrule\n\n 4. Use all enabled HBAC rules in IPA database + explicitly specified rules:\n $ ipa hbactest --user=a1a --host=bar --service=sshd --rules=myrule --rules=my-second-rule --enabled\n --------------------\n Access granted: True\n --------------------\n Not matched rules: my-second-rule\n Not matched rules: my-third-rule\n Not matched rules: myrule\n Matched rules: allow_all\n\n 5. Test all disabled HBAC rules in IPA database:\n $ ipa hbactest --user=a1a --host=bar --service=sshd --disabled\n ---------------------\n Access granted: False\n ---------------------\n Not matched rules: new-rule\n\n 6. Test all disabled HBAC rules in IPA database + explicitly specified rules:\n $ ipa hbactest --user=a1a --host=bar --service=sshd --rules=myrule --rules=my-second-rule --disabled\n ---------------------\n Access granted: False\n ---------------------\n Not matched rules: my-second-rule\n Not matched rules: my-third-rule\n Not matched rules: myrule\n\n 7. Test all (enabled and disabled) HBAC rules in IPA database:\n $ ipa hbactest --user=a1a --host=bar --service=sshd --enabled --disabled\n --------------------\n Access granted: True\n --------------------\n Not matched rules: my-second-rule\n Not matched rules: my-third-rule\n Not matched rules: myrule\n Not matched rules: new-rule\n Matched rules: allow_all\n\n\nHBACTEST AND TRUSTED DOMAINS\n\nWhen an external trusted domain is configured in IPA, HBAC rules are also applied\non users accessing IPA resources from the trusted domain. Trusted domain users and\ngroups (and their SIDs) can be then assigned to external groups which can be\nmembers of POSIX groups in IPA which can be used in HBAC rules and thus allowing\naccess to resources protected by the HBAC system.\n\nhbactest plugin is capable of testing access for both local IPA users and users\nfrom the trusted domains, either by a fully qualified user name or by user SID.\nSuch user names need to have a trusted domain specified as a short name\n(DOMAIN\\Administrator) or with a user principal name (UPN), Administrator@ad.test.\n\nPlease note that hbactest executed with a trusted domain user as --user parameter\ncan be only run by members of \"trust admins\" group.\n\nEXAMPLES:\n\n 1. Test if a user from a trusted domain specified by its shortname matches any\n rule:\n\n $ ipa hbactest --user 'DOMAIN\\Administrator' --host `hostname` --service sshd\n --------------------\n Access granted: True\n --------------------\n Matched rules: allow_all\n Matched rules: can_login\n\n 2. Test if a user from a trusted domain specified by its domain name matches\n any rule:\n\n $ ipa hbactest --user 'Administrator@domain.com' --host `hostname` --service sshd\n --------------------\n Access granted: True\n --------------------\n Matched rules: allow_all\n Matched rules: can_login\n\n 3. Test if a user from a trusted domain specified by its SID matches any rule:\n\n $ ipa hbactest --user S-1-5-21-3035198329-144811719-1378114514-500 --host `hostname` --service sshd\n --------------------\n Access granted: True\n --------------------\n Matched rules: allow_all\n Matched rules: can_login\n\n 4. Test if other user from a trusted domain specified by its SID matches any rule:\n\n $ ipa hbactest --user S-1-5-21-3035198329-144811719-1378114514-1203 --host `hostname` --service sshd\n --------------------\n Access granted: True\n --------------------\n Matched rules: allow_all\n Not matched rules: can_login\n\n 5. Test if other user from a trusted domain specified by its shortname matches\n any rule:\n\n $ ipa hbactest --user 'DOMAIN\\Otheruser' --host `hostname` --service sshd\n --------------------\n Access granted: True\n --------------------\n Matched rules: allow_all\n Not matched rules: can_login\n" ], "previous_source": "\nSimulate use of Host-based access controls\n\nHBAC rules control who can access what services on what hosts.\nYou can use HBAC to control which users or groups can access a service,\nor group of services, on a target host.\n\nSince applying HBAC rules implies use of a production environment,\nthis plugin aims to provide simulation of HBAC rules evaluation without\nhaving access to the production environment.\n\n Test user coming to a service on a named host against\n existing enabled rules.\n\n ipa hbactest --user= --host= --service=\n [--rules=rules-list] [--nodetail] [--enabled] [--disabled]\n [--sizelimit= ]\n\n --user, --host, and --service are mandatory, others are optional.\n\n If --rules is specified simulate enabling of the specified rules and test\n the login of the user using only these rules.\n\n If --enabled is specified, all enabled HBAC rules will be added to simulation\n\n If --disabled is specified, all disabled HBAC rules will be added to simulation\n\n If --nodetail is specified, do not return information about rules matched/not matched.\n\n If both --rules and --enabled are specified, apply simulation to --rules _and_\n all IPA enabled rules.\n\n If no --rules specified, simulation is run against all IPA enabled rules.\n By default there is a IPA-wide limit to number of entries fetched, you can change it\n with --sizelimit option.\n\nEXAMPLES:\n\n 1. Use all enabled HBAC rules in IPA database to simulate:\n $ ipa hbactest --user=a1a --host=bar --service=sshd\n --------------------\n Access granted: True\n --------------------\n Not matched rules: my-second-rule\n Not matched rules: my-third-rule\n Not matched rules: myrule\n Matched rules: allow_all\n\n 2. Disable detailed summary of how rules were applied:\n $ ipa hbactest --user=a1a --host=bar --service=sshd --nodetail\n --------------------\n Access granted: True\n --------------------\n\n 3. Test explicitly specified HBAC rules:\n $ ipa hbactest --user=a1a --host=bar --service=sshd \\\n --rules=myrule --rules=my-second-rule\n ---------------------\n Access granted: False\n ---------------------\n Not matched rules: my-second-rule\n Not matched rules: myrule\n\n 4. Use all enabled HBAC rules in IPA database + explicitly specified rules:\n $ ipa hbactest --user=a1a --host=bar --service=sshd \\\n --rules=myrule --rules=my-second-rule --enabled\n --------------------\n Access granted: True\n --------------------\n Not matched rules: my-second-rule\n Not matched rules: my-third-rule\n Not matched rules: myrule\n Matched rules: allow_all\n\n 5. Test all disabled HBAC rules in IPA database:\n $ ipa hbactest --user=a1a --host=bar --service=sshd --disabled\n ---------------------\n Access granted: False\n ---------------------\n Not matched rules: new-rule\n\n 6. Test all disabled HBAC rules in IPA database + explicitly specified rules:\n $ ipa hbactest --user=a1a --host=bar --service=sshd \\\n --rules=myrule --rules=my-second-rule --disabled\n ---------------------\n Access granted: False\n ---------------------\n Not matched rules: my-second-rule\n Not matched rules: my-third-rule\n Not matched rules: myrule\n\n 7. Test all (enabled and disabled) HBAC rules in IPA database:\n $ ipa hbactest --user=a1a --host=bar --service=sshd \\\n --enabled --disabled\n --------------------\n Access granted: True\n --------------------\n Not matched rules: my-second-rule\n Not matched rules: my-third-rule\n Not matched rules: myrule\n Not matched rules: new-rule\n Matched rules: allow_all\n\n\nHBACTEST AND TRUSTED DOMAINS\n\nWhen an external trusted domain is configured in IPA, HBAC rules are also applied\non users accessing IPA resources from the trusted domain. Trusted domain users and\ngroups (and their SIDs) can be then assigned to external groups which can be\nmembers of POSIX groups in IPA which can be used in HBAC rules and thus allowing\naccess to resources protected by the HBAC system.\n\nhbactest plugin is capable of testing access for both local IPA users and users\nfrom the trusted domains, either by a fully qualified user name or by user SID.\nSuch user names need to have a trusted domain specified as a short name\n(DOMAIN\\Administrator) or with a user principal name (UPN), Administrator@ad.test.\n\nPlease note that hbactest executed with a trusted domain user as --user parameter\ncan be only run by members of \"trust admins\" group.\n\nEXAMPLES:\n\n 1. Test if a user from a trusted domain specified by its shortname matches any\n rule:\n\n $ ipa hbactest --user 'DOMAIN\\Administrator' --host `hostname` --service sshd\n --------------------\n Access granted: True\n --------------------\n Matched rules: allow_all\n Matched rules: can_login\n\n 2. Test if a user from a trusted domain specified by its domain name matches\n any rule:\n\n $ ipa hbactest --user 'Administrator@domain.com' --host `hostname` --service sshd\n --------------------\n Access granted: True\n --------------------\n Matched rules: allow_all\n Matched rules: can_login\n\n 3. Test if a user from a trusted domain specified by its SID matches any rule:\n\n $ ipa hbactest --user S-1-5-21-3035198329-144811719-1378114514-500 \\\n --host `hostname` --service sshd\n --------------------\n Access granted: True\n --------------------\n Matched rules: allow_all\n Matched rules: can_login\n\n 4. Test if other user from a trusted domain specified by its SID matches any rule:\n\n $ ipa hbactest --user S-1-5-21-3035198329-144811719-1378114514-1203 \\\n --host `hostname` --service sshd\n --------------------\n Access granted: True\n --------------------\n Matched rules: allow_all\n Not matched rules: can_login\n\n 5. Test if other user from a trusted domain specified by its shortname matches\n any rule:\n\n $ ipa hbactest --user 'DOMAIN\\Otheruser' --host `hostname` --service sshd\n --------------------\n Access granted: True\n --------------------\n Matched rules: allow_all\n Not matched rules: can_login\n", "target": [ "\nSimuler l'utilisation des contrôles d'accès fondés sur l'hôte\n\nLes règles HBAC contrôlent qui peut accéder à quel service sur quels hôtes.\nVous pouvez utiliser HBAC pour contrôler quels utilisateurs ou quels groupes\nont accés à un service ou à un groupe de services, sur un hôte cible.\n\nL'application de règles HBAC présuppose un environnement de production ;\nce greffon a pour objet de fournir une simulation de l'évaluation des règles\nHBAC sans nécessiter d'accès à cet environnement.\n\n Tester l'arrivée d'un utilisateur dans un service sur un hôte donné\n vis à vis des règles actives existantes.\n\nipa hbactest --user= --host= --service=\\\n [--rules=rules-list] [--nodetail] [--enabled] [--disabled]\\\n [--sizelimit= ]\n\n--user, --host et --service sont obligatoires, les autres sont optionnelles.\n\n Si --rules est défini, simule l'activation des règles « rules-list » et\n teste la connexion de l'utilisateur uniquement sur ces règles.\n\n Si --enabled est défini, toutes les règles HBAC activées sont ajoutées à\n la simulation\n\n Si --disabled est défini, toutes les règles HBAC désactivées sont ajoutées\n à la simulation\n\n Si --nodetail est défini, il n'est pas renvoyé d'information sur les règles satisfaites ou non satisfaites.\n\n Si --rules et --enabled sont définis tous deux, la simulation est appliquée\n à --rules _et_ à tous les règles IPA activées.\n\n Si --rules n'est pas défini, la simulation est lancée vis à sis de toutes\n les règles IPA activées.\n Par défaut, il y a une limite globale IPA pour le nombre d'entrées\n renvoyées, vous pouvez la modifier avec l'option « --sizelimit ».\n\nEXEMPLES :\n\n 1. Utiliser toutes les règles HBAC activées dans la base de données IPA\n pour la simulation :\n $ ipa hbactest --user=a1a --host=bar --service=sshd\n --------------------\n Access granted: True\n --------------------\n notmatched: my-second-rule\n notmatched: my-third-rule\n notmatched: myrule\n matched: allow_all\n\n 2. Désactiver le résumé détaillé sur l'application des règles :\n $ ipa hbactest --user=a1a --host=bar --service=sshd --nodetail\n --------------------\n Access granted: True\n --------------------\n\n 3. Tester explicitement les règles HBAC indiquées :\n $ ipa hbactest --user=a1a --host=bar --service=sshd \n--rules=my-second-rule,myrule\n ---------------------\n Access granted: False\n ---------------------\n notmatched: my-second-rule\n notmatched: myrule\n\n 4. Utiliser toutes les règles HBAC activées de la base de données IPA\n plus les règles explicitement définies :\n $ ipa hbactest --user=a1a --host=bar --service=sshd \n--rules=my-second-rule,myrule --enabled\n --------------------\n Access granted: True\n --------------------\n notmatched: my-second-rule\n notmatched: my-third-rule\n notmatched: myrule\n matched: allow_all\n\n 5. Tester toutes les règles HBAC désactivées de la base de données IPA :\n $ ipa hbactest --user=a1a --host=bar --service=sshd --disabled\n ---------------------\n Access granted: False\n ---------------------\n notmatched: new-rule\n\n 6. Tester toutes les règles HBAC désactivées de la base de données IPA\n plus les règles explicitement définies :\n $ ipa hbactest --user=a1a --host=bar --service=sshd \n--rules=my-second-rule,myrule --disabled\n ---------------------\n Access granted: False\n ---------------------\n notmatched: my-second-rule\n notmatched: my-third-rule\n notmatched: myrule\n\n 7. Tester toutes les règles HBAC (activées et désactivées) de la base\n de données IPA :\n $ ipa hbactest --user=a1a --host=bar --service=sshd \\\n --enabled --disabled\n --------------------\n Access granted: True\n --------------------\n notmatched: my-second-rule\n notmatched: my-third-rule\n notmatched: myrule\n notmatched: new-rule\n matched: allow_all\n\n\nTEST HBAC ET domaines approuvés\n\nSi un domaine approuvé externe est configuré dans IPA, les règles HBAC\nsont aussi appliquées aux utilisateurs accédant aux ressources IPA à partir\ndu domaine approuvé. Les utilisateurs des domaines approuvés et les\ngroupes (et leur SID) peuvent être assignés à des groupes externes pouvant\nêtre membres de groupes POSIX d'IPA éligibles aux règles HBAC, ce qui\nautorise un accès aux ressources protégées par le système HBAC.\n\nLe greffon « hbactest » peut tester des accès, à la fois d'utilisateurs\nIPA locaux et d'utilisateurs de domaines approuvés à partir, soit du\nnom d'utilisateur pleinement qualifié, soit du SID utilisateur. De tels noms\nd'utilisateur doivent avoir un domaine approuvé précisé comme nom court\n(DOMAINE\\Administrateur) ou avec un nom de principal d'utilisateur (UPN),\nAdministrator@ad.test.\n\nVeuillez noter que « hbactest » exécuté avec un utilisateur de domaine de\nconfiance en tant que paramètre --user ne peut être lancé que par des\nmembres du groupe des « administrateurs de confiance ».\n\nEXEMPLES :\n\n 1. Tester si un utilisateur d'un domaine approuvé défini par son\n nom court satisfait à toute règle :\n\n $ ipa hbactest --user 'DOMAIN\\Administrator' --host `hostname` --service sshd\n --------------------\n Access granted: True\n --------------------\n Matched rules: allow_all\n Matched rules: can_login\n\n 2. Tester si un utilisateur d'un domaine approuvé défini par son\n nom de domaine satisfait à toute règle :\n\n $ ipa hbactest --user 'Administrator@domain.com' --host `hostname` --service sshd\n --------------------\n Access granted: True\n --------------------\n Matched rules: allow_all\n Matched rules: can_login\n\n 3. Tester si un utilisateur d'un domaine approuvé défini par son\n SID satisfait à toute règle :\n\n $ ipa hbactest --user S-1-5-21-3035198329-144811719-1378114514-500 \\\n --host `hostname` --service sshd\n --------------------\n Access granted: True\n --------------------\n Matched rules: allow_all\n Matched rules: can_login\n\n 4. Tester si un autre utilisateur d'un domaine approuvé défini\n par son SID satisfait à toute règle :\n\n $ ipa hbactest --user S-1-5-21-3035198329-144811719-1378114514-1203 \\\n --host `hostname` --service sshd\n --------------------\n Access granted: True\n --------------------\n Matched rules: allow_all\n Not matched rules: can_login\n\n 5. Tester si un autre utilisateur d'un domaine approuvé défini par\n son nom court satisfait à toute règle :\n\n $ ipa hbactest --user 'DOMAIN\\Otheruser' --host `hostname` --service sshd\n --------------------\n Access granted: True\n --------------------\n Matched rules: allow_all\n Not matched rules: can_login\n" ], "id_hash": 4990478087492997847, "content_hash": 4990478087492997847, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1807, "has_suggestion": true, "has_comment": false, "has_failing_check": true, "num_words": 769, "source_unit": "https://translate.fedoraproject.org/api/units/2727956/?format=api", "priority": 100, "id": 4709746, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=c541bd61406412d7", "url": "https://translate.fedoraproject.org/api/units/4709746/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:17.843977Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "Search for servers with these managed suffixes." ], "previous_source": "Search for netgroups with these member users.", "target": [ "Rechercher des groupes réseaux dont les membres sont ces utilisateurs." ], "id_hash": 1063991174164605247, "content_hash": 1063991174164605247, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1813, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 7, "source_unit": "https://translate.fedoraproject.org/api/units/2731692/?format=api", "priority": 100, "id": 4709748, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=8ec40e55ec3b693f", "url": "https://translate.fedoraproject.org/api/units/4709748/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:17.931831Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "Search for servers without these managed suffixes." ], "previous_source": "Search for netgroups without these member users.", "target": [ "Rechercher des groupes réseaux dont les membres ne sont pas ces utilisateurs." ], "id_hash": -201358645996376654, "content_hash": -201358645996376654, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1814, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 7, "source_unit": "https://translate.fedoraproject.org/api/units/2731694/?format=api", "priority": 100, "id": 4709750, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=7d34a160d8eeadb2", "url": "https://translate.fedoraproject.org/api/units/4709750/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:17.958519Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "\nTopology\n\nManagement of a replication topology at domain level 1.\n\nIPA server's data is stored in LDAP server in two suffixes:\n* domain suffix, e.g., 'dc=example,dc=com', contains all domain related data\n* ca suffix, 'o=ipaca', is present only on server with CA installed. It\n contains data for Certificate Server component\n\nData stored on IPA servers is replicated to other IPA servers. The way it is\nreplicated is defined by replication agreements. Replication agreements needs\nto be set for both suffixes separately. On domain level 0 they are managed\nusing ipa-replica-manage and ipa-csreplica-manage tools. With domain level 1\nthey are managed centrally using `ipa topology*` commands.\n\nAgreements are represented by topology segments. By default topology segment\nrepresents 2 replication agreements - one for each direction, e.g., A to B and\nB to A. Creation of unidirectional segments is not allowed.\n\nTo verify that no server is disconnected in the topology of the given suffix,\nuse:\n ipa topologysuffix-verify $suffix\n\n\nExamples:\n Find all IPA servers:\n ipa server-find\n\n Find all suffixes:\n ipa topologysuffix-find\n\n Add topology segment to 'domain' suffix:\n ipa topologysegment-add domain --left IPA_SERVER_A --right IPA_SERVER_B\n\n Add topology segment to 'ca' suffix:\n ipa topologysegment-add ca --left IPA_SERVER_A --right IPA_SERVER_B\n\n List all topology segments in 'domain' suffix:\n ipa topologysegment-find domain\n\n List all topology segments in 'ca' suffix:\n ipa topologysegment-find ca\n\n Delete topology segment in 'domain' suffix:\n ipa topologysegment-del domain segment_name\n\n Delete topology segment in 'ca' suffix:\n ipa topologysegment-del ca segment_name\n\n Verify topology of 'domain' suffix:\n ipa topologysuffix-verify domain\n\n Verify topology of 'ca' suffix:\n ipa topologysuffix-verify ca\n" ], "previous_source": "", "target": [ "" ], "id_hash": 1909699744103143581, "content_hash": 1909699744103143581, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 1817, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 251, "source_unit": "https://translate.fedoraproject.org/api/units/2727986/?format=api", "priority": 100, "id": 4709752, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=9a809dcc9aec189d", "url": "https://translate.fedoraproject.org/api/units/4709752/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:17.985370Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "\nDirectory Server Access Control Instructions (ACIs)\n\nACIs are used to allow or deny access to information. This module is\ncurrently designed to allow, not deny, access.\n\nThe aci commands are designed to grant permissions that allow updating\nexisting entries or adding or deleting new ones. The goal of the ACIs\nthat ship with IPA is to provide a set of low-level permissions that\ngrant access to special groups called taskgroups. These low-level\npermissions can be combined into roles that grant broader access. These\nroles are another type of group, roles.\n\nFor example, if you have taskgroups that allow adding and modifying users you\ncould create a role, useradmin. You would assign users to the useradmin\nrole to allow them to do the operations defined by the taskgroups.\n\nYou can create ACIs that delegate permission so users in group A can write\nattributes on group B.\n\nThe type option is a map that applies to all entries in the users, groups or\nhost location. It is primarily designed to be used when granting add\npermissions (to write new entries).\n\nAn ACI consists of three parts:\n1. target\n2. permissions\n3. bind rules\n\nThe target is a set of rules that define which LDAP objects are being\ntargeted. This can include a list of attributes, an area of that LDAP\ntree or an LDAP filter.\n\nThe targets include:\n- attrs: list of attributes affected\n- type: an object type (user, group, host, service, etc)\n- memberof: members of a group\n- targetgroup: grant access to modify a specific group. This is primarily\n designed to enable users to add or remove members of a specific group.\n- filter: A legal LDAP filter used to narrow the scope of the target.\n- subtree: Used to apply a rule across an entire set of objects. For example,\n to allow adding users you need to grant \"add\" permission to the subtree\n ldap://uid=*,cn=users,cn=accounts,dc=example,dc=com. The subtree option\n is a fail-safe for objects that may not be covered by the type option.\n\nThe permissions define what the ACI is allowed to do, and are one or\nmore of:\n1. write - write one or more attributes\n2. read - read one or more attributes\n3. add - add a new entry to the tree\n4. delete - delete an existing entry\n5. all - all permissions are granted\n\nNote the distinction between attributes and entries. The permissions are\nindependent, so being able to add a user does not mean that the user will\nbe editable.\n\nThe bind rule defines who this ACI grants permissions to. The LDAP server\nallows this to be any valid LDAP entry but we encourage the use of\ntaskgroups so that the rights can be easily shared through roles.\n\nFor a more thorough description of access controls see\nhttp://www.redhat.com/docs/manuals/dir-server/ag/8.0/Managing_Access_Control.html\n\nEXAMPLES:\n\nNOTE: ACIs are now added via the permission plugin. These examples are to\ndemonstrate how the various options work but this is done via the permission\ncommand-line now (see last example).\n\n Add an ACI so that the group \"secretaries\" can update the address on any user:\n ipa group-add --desc=\"Office secretaries\" secretaries\n ipa aci-add --attrs=streetAddress --memberof=ipausers --group=secretaries --permissions=write --prefix=none \"Secretaries write addresses\"\n\n Show the new ACI:\n ipa aci-show --prefix=none \"Secretaries write addresses\"\n\n Add an ACI that allows members of the \"addusers\" permission to add new users:\n ipa aci-add --type=user --permission=addusers --permissions=add --prefix=none \"Add new users\"\n\n Add an ACI that allows members of the editors manage members of the admins group:\n ipa aci-add --permissions=write --attrs=member --targetgroup=admins --group=editors --prefix=none \"Editors manage admins\"\n\n Add an ACI that allows members of the admins group to manage the street and zip code of those in the editors group:\n ipa aci-add --permissions=write --memberof=editors --group=admins --attrs=street,postalcode --prefix=none \"admins edit the address of editors\"\n\n Add an ACI that allows the admins group manage the street and zipcode of those who work for the boss:\n ipa aci-add --permissions=write --group=admins --attrs=street,postalcode --filter=\"(manager=uid=boss,cn=users,cn=accounts,dc=example,dc=com)\" --prefix=none \"Edit the address of those who work for the boss\"\n\n Add an entirely new kind of record to IPA that isn't covered by any of the --type options, creating a permission:\n ipa permission-add --permissions=add --subtree=\"cn=*,cn=orange,cn=accounts,dc=example,dc=com\" --desc=\"Add Orange Entries\" add_orange\n\n\nThe show command shows the raw 389-ds ACI.\n\nIMPORTANT: When modifying the target attributes of an existing ACI you\nmust include all existing attributes as well. When doing an aci-mod the\ntargetattr REPLACES the current attributes, it does not add to them.\n" ], "previous_source": "", "target": [ "" ], "id_hash": -4448344688745965227, "content_hash": -4448344688745965227, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 1822, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 728, "source_unit": "https://translate.fedoraproject.org/api/units/2727807/?format=api", "priority": 100, "id": 4709754, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=42444e12eccd1955", "url": "https://translate.fedoraproject.org/api/units/4709754/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:18.012308Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "comma-separated list of permissions to grant(read, write, add, delete, all)" ], "previous_source": "Permissions to grant(read, write, add, delete, all)", "target": [ "Permissions à accorder (« read », « write », « add », « delete », « all »)" ], "id_hash": 7515347074530814609, "content_hash": 7515347074530814609, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1823, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 10, "source_unit": "https://translate.fedoraproject.org/api/units/2732461/?format=api", "priority": 100, "id": 4709755, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=e84be058a52e2a91", "url": "https://translate.fedoraproject.org/api/units/4709755/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:18.039090Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "Comma-separated list of attributes" ], "previous_source": "", "target": [ "" ], "id_hash": 2835191426234785491, "content_hash": 2835191426234785491, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 1824, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 4, "source_unit": "https://translate.fedoraproject.org/api/units/2718588/?format=api", "priority": 100, "id": 4709757, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=a7589f94a6f51ed3", "url": "https://translate.fedoraproject.org/api/units/4709757/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:18.066916Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "\nAuto Membership Rule.\n\nBring clarity to the membership of hosts and users by configuring inclusive\nor exclusive regex patterns, you can automatically assign a new entries into\na group or hostgroup based upon attribute information.\n\nA rule is directly associated with a group by name, so you cannot create\na rule without an accompanying group or hostgroup.\n\nA condition is a regular expression used by 389-ds to match a new incoming\nentry with an automember rule. If it matches an inclusive rule then the\nentry is added to the appropriate group or hostgroup.\n\nA default group or hostgroup could be specified for entries that do not\nmatch any rule. In case of user entries this group will be a fallback group\nbecause all users are by default members of group specified in IPA config.\n\n\nEXAMPLES:\n\n Add the initial group or hostgroup:\n ipa hostgroup-add --desc=\"Web Servers\" webservers\n ipa group-add --desc=\"Developers\" devel\n\n Add the initial rule:\n ipa automember-add --type=hostgroup webservers\n ipa automember-add --type=group devel\n\n Add a condition to the rule:\n ipa automember-add-condition --key=fqdn --type=hostgroup --inclusive-regex=^web[1-9]+\\.example\\.com webservers\n ipa automember-add-condition --key=manager --type=group --inclusive-regex=^uid=mscott devel\n\n Add an exclusive condition to the rule to prevent auto assignment:\n ipa automember-add-condition --key=fqdn --type=hostgroup --exclusive-regex=^web5\\.example\\.com webservers\n\n Add a host:\n ipa host-add web1.example.com\n\n Add a user:\n ipa user-add --first=Tim --last=User --password tuser1 --manager=mscott\n\n Verify automembership:\n ipa hostgroup-show webservers\n Host-group: webservers\n Description: Web Servers\n Member hosts: web1.example.com\n\n ipa group-show devel\n Group name: devel\n Description: Developers\n GID: 1004200000\n Member users: tuser\n\n Remove a condition from the rule:\n ipa automember-remove-condition --key=fqdn --type=hostgroup --inclusive-regex=^web[1-9]+\\.example\\.com webservers\n\n Modify the automember rule:\n ipa automember-mod\n\n Set the default (fallback) target group:\n ipa automember-default-group-set --default-group=webservers --type=hostgroup\n ipa automember-default-group-set --default-group=ipausers --type=group\n\n Remove the default (fallback) target group:\n ipa automember-default-group-remove --type=hostgroup\n ipa automember-default-group-remove --type=group\n\n Show the default (fallback) target group:\n ipa automember-default-group-show --type=hostgroup\n ipa automember-default-group-show --type=group\n\n Find all of the automember rules:\n ipa automember-find\n\n Display a automember rule:\n ipa automember-show --type=hostgroup webservers\n ipa automember-show --type=group devel\n\n Delete an automember rule:\n ipa automember-del --type=hostgroup webservers\n ipa automember-del --type=group devel\n" ], "previous_source": "", "target": [ "" ], "id_hash": -3296921653643209388, "content_hash": -3296921653643209388, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 1825, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 327, "source_unit": "https://translate.fedoraproject.org/api/units/2727783/?format=api", "priority": 100, "id": 4709758, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=523efb394e4d9554", "url": "https://translate.fedoraproject.org/api/units/4709758/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:18.095813Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "\nIPA certificate operations\n\nImplements a set of commands for managing server SSL certificates.\n\nCertificate requests exist in the form of a Certificate Signing Request (CSR)\nin PEM format.\n\nIf using the selfsign back end then the subject in the CSR needs to match\nthe subject configured in the server. The dogtag CA uses just the CN\nvalue of the CSR and forces the rest of the subject.\n\nA certificate is stored with a service principal and a service principal\nneeds a host.\n\nIn order to request a certificate:\n\n* The host must exist\n* The service must exist (or you use the --add option to automatically add it)\n\nEXAMPLES:\n\n Request a new certificate and add the principal:\n ipa cert-request --add --principal=HTTP/lion.example.com example.csr\n\n Retrieve an existing certificate:\n ipa cert-show 1032\n\n Revoke a certificate (see RFC 5280 for reason details):\n ipa cert-revoke --revocation-reason=6 1032\n\n Remove a certificate from revocation hold status:\n ipa cert-remove-hold 1032\n\n Check the status of a signing request:\n ipa cert-status 10\n\nIPA currently immediately issues (or declines) all certificate requests so\nthe status of a request is not normally useful. This is for future use\nor the case where a CA does not immediately issue a certificate.\n\nThe following revocation reasons are supported:\n\n * 0 - unspecified\n * 1 - keyCompromise\n * 2 - cACompromise\n * 3 - affiliationChanged\n * 4 - superseded\n * 5 - cessationOfOperation\n * 6 - certificateHold\n * 8 - removeFromCRL\n * 9 - privilegeWithdrawn\n * 10 - aACompromise\n\nNote that reason code 7 is not used. See RFC 5280 for more details:\n\nhttp://www.ietf.org/rfc/rfc5280.txt\n" ], "previous_source": "\nIPA certificate operations\n\nImplements a set of commands for managing server SSL certificates.\n\nCertificate requests exist in the form of a Certificate Signing Request (CSR)\nin PEM format.\n\nThe dogtag CA uses just the CN value of the CSR and forces the rest of the\nsubject to values configured in the server.\n\nA certificate is stored with a service principal and a service principal\nneeds a host.\n\nIn order to request a certificate:\n\n* The host must exist\n* The service must exist (or you use the --add option to automatically add it)\n\nSEARCHING:\n\nCertificates may be searched on by certificate subject, serial number,\nrevocation reason, validity dates and the issued date.\n\nWhen searching on dates the _from date does a >= search and the _to date\ndoes a <= search. When combined these are done as an AND.\n\nDates are treated as GMT to match the dates in the certificates.\n\nThe date format is YYYY-mm-dd.\n\nEXAMPLES:\n\n Request a new certificate and add the principal:\n ipa cert-request --add --principal=HTTP/lion.example.com example.csr\n\n Retrieve an existing certificate:\n ipa cert-show 1032\n\n Revoke a certificate (see RFC 5280 for reason details):\n ipa cert-revoke --revocation-reason=6 1032\n\n Remove a certificate from revocation hold status:\n ipa cert-remove-hold 1032\n\n Check the status of a signing request:\n ipa cert-status 10\n\n Search for certificates by hostname:\n ipa cert-find --subject=ipaserver.example.com\n\n Search for revoked certificates by reason:\n ipa cert-find --revocation-reason=5\n\n Search for certificates based on issuance date\n ipa cert-find --issuedon-from=2013-02-01 --issuedon-to=2013-02-07\n\nIPA currently immediately issues (or declines) all certificate requests so\nthe status of a request is not normally useful. This is for future use\nor the case where a CA does not immediately issue a certificate.\n\nThe following revocation reasons are supported:\n\n * 0 - unspecified\n * 1 - keyCompromise\n * 2 - cACompromise\n * 3 - affiliationChanged\n * 4 - superseded\n * 5 - cessationOfOperation\n * 6 - certificateHold\n * 8 - removeFromCRL\n * 9 - privilegeWithdrawn\n * 10 - aACompromise\n\nNote that reason code 7 is not used. See RFC 5280 for more details:\n\nhttp://www.ietf.org/rfc/rfc5280.txt\n", "target": [ "\nGestion de certficats IPA\n\nImplémente un jeu de commandes pour gérer les certificats SSL du serveur.\n\nLes demandes de certificats existent sous la forme de\n« Certificate Signing Request (CSR) » au format PEM.\n\nLa plaque d'identité CA n'utilise que la valeur CN du CSR et force le reste\ndu sujet aux valeurs configurées dans le serveur.\n\nUn certificat est enregistré avec un principal de service et un principal\n de service a besoin d'un hôte.\n\nDonc, pour demander un certificat :\n\n* l'hôte doit exister\n* le service doit exister (utiliser --add pour l'ajouter automatiquement)\n\nRECHERCHE :\n\nLes certificats peuvent être recherchés par sujet, numéro de série,\nmotif de révocation, dates de validité et date d'émission.\n\nEn recherchant par dates, _from effectue une recherche >= à la date et _to\nune recherche <= à la date. Combinées, elles sont équivalentes à un AND.\n\nLa date est traitée comme GMT pour correspondre aux dates de certificats.\n\nLa date est au format YYYY-mm-dd.\n\nEXEMPLES :\n\n Demander un nouveau certificat et ajouter le principal :\n ipa cert-request --add --principal=HTTP/lion.example.com example.csr\n\n Retrouver un certificat existant :\n ipa cert-show 1032\n\n Révoquer un certificat (voir RFC 5280 pour le détail des raisons) :\n ipa cert-revoke --revocation-reason=6 1032\n\n Lever l'état de maintien de révocation d'un certificat :\n ipa cert-remove-hold 1032\n\n Vérifier l'état d'une demande de signature :\n ipa cert-status 10\n\n Rechercher des certificats par nom d'hôte :\n ipa cert-find --subject=ipaserver.example.com\n\n Rechercher les certificats révoqués par motif :\n ipa cert-find --revocation-reason=5\n\n Rechercher les certificats selon la date d'émission :\n ipa cert-find --issuedon-from=2013-02-01 --issuedon-to=2013-02-07\n\nActuellement IPA émet (ou refuse) aussitôt toute demande de certificat, donc\nl'état d'une requête ne sert normalement pas. C'est en vue d'une utilisation\nfuture ou au cas où un CA n'émettrait pas immédiatement un certificat.\n\nLes motifs de révocation suivants sont pris en charge :\n\n * 0 - « unspecified » (non précisé)\n * 1 - « keyCompromise » (clé compromise)\n * 2 - « cACompromise » (CA compromis)\n * 3 - « affiliationChanged » (affiliation modifiée)\n * 4 - « superseded » (remplacé)\n * 5 - « cessationOfOperation » (arrêt d'opération)\n * 6 - « certificateHold » (certificat retenu)\n * 8 - « removeFromCRL » (sorti du CRL)\n * 9 - « privilegeWithdrawn » (retrait de privilège)\n * 10 - « aACompromise » (compromission)\n\nNotez que le motif code 7 ne sert pas. Voir RFC 5280 pour plus de détails :\n\nhttp://www.ietf.org/rfc/rfc5280.txt\n\n" ], "id_hash": 7167776203398983793, "content_hash": 7167776203398983793, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1826, "has_suggestion": false, "has_comment": false, "has_failing_check": true, "num_words": 259, "source_unit": "https://translate.fedoraproject.org/api/units/2727852/?format=api", "priority": 100, "id": 4709760, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=e3790e7b01183071", "url": "https://translate.fedoraproject.org/api/units/4709760/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:18.118392Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "\nGroup to Group Delegation\n\nA permission enables fine-grained delegation of permissions. Access Control\nRules, or instructions (ACIs), grant permission to permissions to perform\ngiven tasks such as adding a user, modifying a group, etc.\n\nGroup to Group Delegations grants the members of one group to update a set\nof attributes of members of another group.\n\nEXAMPLES:\n\n Add a delegation rule to allow managers to edit employee's addresses:\n ipa delegation-add --attrs=street --group=managers --membergroup=employees \"managers edit employees' street\"\n\n When managing the list of attributes you need to include all attributes\n in the list, including existing ones. Add postalCode to the list:\n ipa delegation-mod --attrs=street,postalCode --group=managers --membergroup=employees \"managers edit employees' street\"\n\n Display our updated rule:\n ipa delegation-show \"managers edit employees' street\"\n\n Delete a rule:\n ipa delegation-del \"managers edit employees' street\"\n" ], "previous_source": "\nGroup to Group Delegation\n\nA permission enables fine-grained delegation of permissions. Access Control\nRules, or instructions (ACIs), grant permission to permissions to perform\ngiven tasks such as adding a user, modifying a group, etc.\n\nGroup to Group Delegations grants the members of one group to update a set\nof attributes of members of another group.\n\nEXAMPLES:\n\n Add a delegation rule to allow managers to edit employee's addresses:\n ipa delegation-add --attrs=street --group=managers --membergroup=employees \"managers edit employees' street\"\n\n When managing the list of attributes you need to include all attributes\n in the list, including existing ones. Add postalCode to the list:\n ipa delegation-mod --attrs=street --attrs=postalCode --group=managers --membergroup=employees \"managers edit employees' street\"\n\n Display our updated rule:\n ipa delegation-show \"managers edit employees' street\"\n\n Delete a rule:\n ipa delegation-del \"managers edit employees' street\"\n", "target": [ "\nDélégation de groupe à groupe\n\nUne permission permet une délégation fine des autorisations. Les règles de\ncontrôle d'accès, ou les instructions (ACI), accordent la possibilité aux\npermissions de réaliser certaines tâches comme l'ajout d'utilisateur, la\nmodification d'un groupe, etc.\n\nLa délégation de groupe à groupe permet aux membres d'un groupe de modifier\nun jeu d'attributs de membres d'un autre groupe.\n\nEXEMPLES:\n\n Ajouter une règle de délégation permettant aux gestionnaires de modifier\n les adresses des employés :\n ipa delegation-add --attrs=street --group=managers --membergroup=employees \"managers edit employees' street\"\n\n En gérant une liste d'attributs, vous devez inclure tous les attributs,\n y compris les existants. Ajouter « postalCode » à la liste :\n ipa delegation-mod --attrs=street --attrs=postalCode --group=managers --membergroup=employees \"managers edit employees' street\"\n\n Afficher la règle modifiée :\n ipa delegation-show \"managers edit employees' street\"\n\n Supprimer une règle :\n ipa delegation-del \"managers edit employees' street\"\n" ], "id_hash": 3718650907369577619, "content_hash": 3718650907369577619, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1827, "has_suggestion": true, "has_comment": false, "has_failing_check": true, "num_words": 127, "source_unit": "https://translate.fedoraproject.org/api/units/2727822/?format=api", "priority": 100, "id": 4709762, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=b39b4d4c49729c93", "url": "https://translate.fedoraproject.org/api/units/4709762/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:18.159841Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "Comma-separated list of permissions to grant (read, write). Default is write." ], "previous_source": "Permissions to grant (read, write). Default is write.", "target": [ "Permissions à accorder (« read », « write »). Par défaut : « write »." ], "id_hash": -3391317693462143744, "content_hash": -3391317693462143744, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1828, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 11, "source_unit": "https://translate.fedoraproject.org/api/units/2729030/?format=api", "priority": 100, "id": 4709764, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=50ef9e8698b11d00", "url": "https://translate.fedoraproject.org/api/units/4709764/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:18.204671Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "\nDomain Name System (DNS)\n\nManage DNS zone and resource records.\n\n\nUSING STRUCTURED PER-TYPE OPTIONS\n\nThere are many structured DNS RR types where DNS data stored in LDAP server\nis not just a scalar value, for example an IP address or a domain name, but\na data structure which may be often complex. A good example is a LOC record\n[RFC1876] which consists of many mandatory and optional parts (degrees,\nminutes, seconds of latitude and longitude, altitude or precision).\n\nIt may be difficult to manipulate such DNS records without making a mistake\nand entering an invalid value. DNS module provides an abstraction over these\nraw records and allows to manipulate each RR type with specific options. For\neach supported RR type, DNS module provides a standard option to manipulate\na raw records with format --<rrtype>-rec, e.g. --mx-rec, and special options\nfor every part of the RR structure with format --<rrtype>-<partname>, e.g.\n--mx-preference and --mx-exchanger.\n\nWhen adding a record, either RR specific options or standard option for a raw\nvalue can be used, they just should not be combined in one add operation. When\nmodifying an existing entry, new RR specific options can be used to change\none part of a DNS record, where the standard option for raw value is used\nto specify the modified value. The following example demonstrates\na modification of MX record preference from 0 to 1 in a record without\nmodifying the exchanger:\nipa dnsrecord-mod --mx-rec=\"0 mx.example.com.\" --mx-preference=1\n\n\nEXAMPLES:\n\n Add new zone:\n ipa dnszone-add example.com --name-server=ns --admin-email=admin@example.com --ip-address=10.0.0.1\n\n Add system permission that can be used for per-zone privilege delegation:\n ipa dnszone-add-permission example.com\n\n Modify the zone to allow dynamic updates for hosts own records in realm EXAMPLE.COM:\n ipa dnszone-mod example.com --dynamic-update=TRUE\n\n This is the equivalent of:\n ipa dnszone-mod example.com --dynamic-update=TRUE --update-policy=\"grant EXAMPLE.COM krb5-self * A; grant EXAMPLE.COM krb5-self * AAAA; grant EXAMPLE.COM krb5-self * SSHFP;\"\n\n Modify the zone to allow zone transfers for local network only:\n ipa dnszone-mod example.com --allow-transfer=10.0.0.0/8\n\n Add new reverse zone specified by network IP address:\n ipa dnszone-add --name-from-ip=80.142.15.0/24 --name-server=ns.example.com.\n\n Add second nameserver for example.com:\n ipa dnsrecord-add example.com @ --ns-rec=nameserver2.example.com\n\n Add a mail server for example.com:\n ipa dnsrecord-add example.com @ --mx-rec=\"10 mail1\"\n\n Add another record using MX record specific options:\n ipa dnsrecord-add example.com @ --mx-preference=20 --mx-exchanger=mail2\n\n Add another record using interactive mode (started when dnsrecord-add, dnsrecord-mod,\n or dnsrecord-del are executed with no options):\n ipa dnsrecord-add example.com @\n Please choose a type of DNS resource record to be added\n The most common types for this type of zone are: NS, MX, LOC\n\n DNS resource record type: MX\n MX Preference: 30\n MX Exchanger: mail3\n Record name: example.com\n MX record: 10 mail1, 20 mail2, 30 mail3\n NS record: nameserver.example.com., nameserver2.example.com.\n\n Delete previously added nameserver from example.com:\n ipa dnsrecord-del example.com @ --ns-rec=nameserver2.example.com.\n\n Add LOC record for example.com:\n ipa dnsrecord-add example.com @ --loc-rec=\"49 11 42.4 N 16 36 29.6 E 227.64m\"\n\n Add new A record for www.example.com. Create a reverse record in appropriate\n reverse zone as well. In this case a PTR record \"2\" pointing to www.example.com\n will be created in zone 15.142.80.in-addr.arpa.\n ipa dnsrecord-add example.com www --a-rec=80.142.15.2 --a-create-reverse\n\n Add new PTR record for www.example.com\n ipa dnsrecord-add 15.142.80.in-addr.arpa. 2 --ptr-rec=www.example.com.\n\n Add new SRV records for LDAP servers. Three quarters of the requests\n should go to fast.example.com, one quarter to slow.example.com. If neither\n is available, switch to backup.example.com.\n ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"0 3 389 fast.example.com\"\n ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"0 1 389 slow.example.com\"\n ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"1 1 389 backup.example.com\"\n\n The interactive mode can be used for easy modification:\n ipa dnsrecord-mod example.com _ldap._tcp\n No option to modify specific record provided.\n Current DNS record contents:\n\n SRV record: 0 3 389 fast.example.com, 0 1 389 slow.example.com, 1 1 389 backup.example.com\n\n Modify SRV record '0 3 389 fast.example.com'? Yes/No (default No):\n Modify SRV record '0 1 389 slow.example.com'? Yes/No (default No): y\n SRV Priority [0]: (keep the default value)\n SRV Weight [1]: 2 (modified value)\n SRV Port [389]: (keep the default value)\n SRV Target [slow.example.com]: (keep the default value)\n 1 SRV record skipped. Only one value per DNS record type can be modified at one time.\n Record name: _ldap._tcp\n SRV record: 0 3 389 fast.example.com, 1 1 389 backup.example.com, 0 2 389 slow.example.com\n\n After this modification, three fifths of the requests should go to\n fast.example.com and two fifths to slow.example.com.\n\n An example of the interactive mode for dnsrecord-del command:\n ipa dnsrecord-del example.com www\n No option to delete specific record provided.\n Delete all? Yes/No (default No): (do not delete all records)\n Current DNS record contents:\n\n A record: 1.2.3.4, 11.22.33.44\n\n Delete A record '1.2.3.4'? Yes/No (default No):\n Delete A record '11.22.33.44'? Yes/No (default No): y\n Record name: www\n A record: 1.2.3.4 (A record 11.22.33.44 has been deleted)\n\n Show zone example.com:\n ipa dnszone-show example.com\n\n Find zone with \"example\" in its domain name:\n ipa dnszone-find example\n\n Find records for resources with \"www\" in their name in zone example.com:\n ipa dnsrecord-find example.com www\n\n Find A records with value 10.10.0.1 in zone example.com\n ipa dnsrecord-find example.com --a-rec=10.10.0.1\n\n Show records for resource www in zone example.com\n ipa dnsrecord-show example.com www\n\n Delegate zone sub.example to another nameserver:\n ipa dnsrecord-add example.com ns.sub --a-rec=10.0.100.5\n ipa dnsrecord-add example.com sub --ns-rec=ns.sub.example.com.\n\n If global forwarder is configured, all requests to sub.example.com will be\n routed through the global forwarder. To change the behavior for example.com\n zone only and forward the request directly to ns.sub.example.com., global\n forwarding may be disabled per-zone:\n ipa dnszone-mod example.com --forward-policy=none\n\n Forward all requests for the zone external.com to another nameserver using\n a \"first\" policy (it will send the queries to the selected forwarder and if\n not answered it will use global resolvers):\n ipa dnszone-add external.com\n ipa dnszone-mod external.com --forwarder=10.20.0.1 --forward-policy=first\n\n Delete zone example.com with all resource records:\n ipa dnszone-del example.com\n\n Resolve a host name to see if it exists (will add default IPA domain\n if one is not included):\n ipa dns-resolve www.example.com\n ipa dns-resolve www\n\n\nGLOBAL DNS CONFIGURATION\n\nDNS configuration passed to command line install script is stored in a local\nconfiguration file on each IPA server where DNS service is configured. These\nlocal settings can be overridden with a common configuration stored in LDAP\nserver:\n\n Show global DNS configuration:\n ipa dnsconfig-show\n\n Modify global DNS configuration and set a list of global forwarders:\n ipa dnsconfig-mod --forwarder=10.0.0.1\n" ], "previous_source": "", "target": [ "" ], "id_hash": -4853321902092799017, "content_hash": -4853321902092799017, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 1829, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 1024, "source_unit": "https://translate.fedoraproject.org/api/units/2727810/?format=api", "priority": 100, "id": 4709765, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=3ca58971ad22b3d7", "url": "https://translate.fedoraproject.org/api/units/4709765/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:18.228808Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "A list of global forwarders. A custom port can be specified for each forwarder using a standard format \"IP_ADDRESS port PORT\"" ], "previous_source": "Global forwarders. A custom port can be specified for each forwarder using a standard format \"IP_ADDRESS port PORT\"", "target": [ "Redirecteurs globaux. Un port personnalisé peut être indiqué pour chaque redirecteur en utilisant le format standard « adresse_IP port PORT »" ], "id_hash": -5741858570212410585, "content_hash": -5741858570212410585, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 10, "fuzzy": true, "translated": false, "approved": false, "position": 1830, "has_suggestion": true, "has_comment": false, "has_failing_check": false, "num_words": 21, "source_unit": "https://translate.fedoraproject.org/api/units/2728227/?format=api", "priority": 100, "id": 4709767, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=3050d20d53f4fb27", "url": "https://translate.fedoraproject.org/api/units/4709767/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:18.254833Z", "last_updated": "2023-06-16T11:46:33.795393Z" }, { "translation": "https://translate.fedoraproject.org/api/translations/freeipa/ipa-4-8/fr/?format=api", "source": [ "Comma-separated list of raw A records" ], "previous_source": "", "target": [ "" ], "id_hash": -1968092244340825243, "content_hash": -1968092244340825243, "location": "", "context": "", "note": "", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 1833, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 6, "source_unit": "https://translate.fedoraproject.org/api/units/2729033/?format=api", "priority": 100, "id": 4709768, "web_url": "https://translate.fedoraproject.org/translate/freeipa/ipa-4-8/fr/?checksum=64afee87fadd2365", "url": "https://translate.fedoraproject.org/api/units/4709768/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2020-08-04T08:20:18.286342Z", "last_updated": "2023-06-16T11:46:33.795393Z" } ] }