# AUTHOR <EMAIL@ADDRESS>, YEAR.
# 
msgid ""
msgstr ""
"Project-Id-Version: Fedora Deployment Guide\n"
"POT-Creation-Date: 2011-02-22T00:50:50\n"
"PO-Revision-Date: 2011-08-21 06:50+0000\n"
"Last-Translator: Automatically generated\n"
"Language-Team: Japanese <trans-ja@lists.fedoraproject.org>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Language: ja\n"
"Plural-Forms: nplurals=1; plural=0\n"

#. Tag: title
#, no-c-format
msgid "Lightweight Directory Access Protocol (LDAP)"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"<systemitem class=\"protocol\">LDAP</systemitem> (Lightweight Directory "
"Access Protocol) is a set of open protocols used to access centrally stored "
"information over a network. It is based on the <systemitem "
"class=\"protocol\">X.500</systemitem> standard for directory sharing, but is"
" less complex and resource-intensive. For this reason, LDAP is sometimes "
"referred to as <quote>X.500 Lite</quote>."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"Like X.500, LDAP organizes information in a hierarchal manner using "
"directories. These directories can store a variety of information such as "
"names, addresses, or phone numbers, and can even be used in a manner similar"
" to the <firstterm>Network Information Service</firstterm> "
"(<acronym>NIS</acronym>), enabling anyone to access their account from any "
"machine on the LDAP enabled network."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"LDAP is commonly used as a virtual phone directory, allowing users to easily"
" access contact information for other users. Additionally, it can refer a "
"user to another LDAP servers throughout the world, and thus provide an ad-"
"hoc global repository of information. However, it is most frequently used "
"within individual organizations such as universities, government "
"departments, and private companies."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"This chapter cover the installation and configuration of "
"<application>OpenLDAP 2.4</application>, an open source implementation of "
"the LDAPv2 and LDAPv3 protocols."
msgstr ""

#. Tag: title
#, no-c-format
msgid "Introduction to LDAP"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"Using a client/server architecture, LDAP provides reliable means to create a"
" central information directory accessible from the network. When a client "
"attempts to modify information within this directory, the server verifies "
"the user has permission to make the change, and then adds or updates the "
"entry as requested. To ensure the communication is secure, the "
"<firstterm>Secure Sockets Layer</firstterm> (<acronym>SSL</acronym>) or "
"<firstterm>Transport Layer Security</firstterm> (<acronym>TLS</acronym>) "
"cryptographic protocols can be used to prevent an attacker from intercepting"
" the transmission."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"The LDAP server supports several database systems, which gives "
"administrators the flexibility to choose the best suited solution for the "
"type of information they are planning to serve. Because of a well-defined "
"client <firstterm>Application Programming Interface</firstterm> "
"(<acronym>API</acronym>), the number of applications able to communicate "
"with an LDAP server is numerous, and increasing in both quantity and "
"quality."
msgstr ""

#. Tag: title
#, no-c-format
msgid "LDAP Terminology"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"The following is a list of LDAP-specific terms that are used within this "
"chapter:"
msgstr ""

#. Tag: term
#, no-c-format
msgid "entry"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"A single unit within an LDAP directory. Each entry is identified by its "
"unique <firstterm>Distinguished Name</firstterm> (<acronym>DN</acronym>)."
msgstr ""

#. Tag: term
#, no-c-format
msgid "attribute"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"Information directly associated with an entry. For example, if an "
"organization is represented as an LDAP entry, attributes associated with "
"this organization might include an address, a fax number, etc. Similarly, "
"people can be represented as entries with common attributes such as personal"
" telephone number or email address."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"While certain attributes are optional, other are required. Required "
"attributes are specified using the <option>objectClass</option> definition, "
"and can be found in schema files located in the <filename "
"class=\"directory\">/etc/openldap/schema/</filename> directory."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"The assertion of an attribute and its corresponding value is also referred "
"to as a <firstterm>Relative Distinguished Name</firstterm> "
"(<acronym>RDN</acronym>). Unlike distinguished names that are unique "
"globally, a relative distinguished name is only unique per entry."
msgstr ""

#. Tag: term
#, no-c-format
msgid "LDIF"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"The <firstterm>LDAP Data Interchange Format</firstterm> "
"(<acronym>LDIF</acronym>) is a plain text representation of an LDAP entry. "
"It takes the following form:"
msgstr ""

#. Tag: screen
#, no-c-format
msgid ""
"<optional><replaceable>id</replaceable></optional> dn: <replaceable>distinguished_name</replaceable>\n"
"<replaceable>attribute_type</replaceable>: <replaceable>attribute_value</replaceable>\n"
"<replaceable>attribute_type</replaceable>: <replaceable>attribute_value</replaceable>\n"
"…"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"The optional <replaceable>id</replaceable> is a number determined by the "
"application that is used to edit the entry. Each entry can contain as many "
"<replaceable>attribute_type</replaceable> and "
"<replaceable>attribute_value</replaceable> pairs as needed, as long as they "
"are all defined in a corresponding schema file. A blank line indicates the "
"end of an entry."
msgstr ""

#. Tag: title
#, no-c-format
msgid "OpenLDAP Features"
msgstr ""

#. Tag: para
#, no-c-format
msgid "The OpenLDAP suite provides a number of important features:"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"<emphasis>LDAPv3 Support</emphasis> — Many of the changes in the protocol "
"since LDAP version 2 are designed to make LDAP more secure. Among other "
"improvements, this includes the support for Simple Authentication and "
"Security Layer (<acronym>SASL</acronym>), Transport Layer Security "
"(<acronym>TLS</acronym>), and Secure Sockets Layer (<acronym>SSL</acronym>) "
"protocols."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"<emphasis>LDAP Over IPC</emphasis> — The use of inter-process communication "
"(<acronym>IPC</acronym>) enhances security by eliminating the need to "
"communicate over a network."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"<emphasis>IPv6 Support</emphasis> — OpenLDAP is compiant with Internet "
"Protocol version 6 (<acronym>IPv6</acronym>), the next generation of the "
"Internet Protocol."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"<emphasis>LDIFv1 Support</emphasis> — OpenLDAP is fully compliant with LDIF "
"version 1."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"<emphasis>Updated C API</emphasis> — The current C API improves the way "
"programmers can connect to and use LDAP directory servers."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"<emphasis>Enhanced Standalone LDAP Server</emphasis> — This includes an "
"updated access control system, thread pooling, better tools, and much more."
msgstr ""

#. Tag: title
#, no-c-format
msgid "OpenLDAP Server Setup"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"The typical steps to set up an LDAP server on &MAJOROS; are as follows:"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"Install the OpenLDAP suite. Refer to <xref linkend=\"s1-ldap-installation\" "
"/> for more information on required packages."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"Edit the LDIF files in the <filename "
"class=\"directory\">/etc/openldap/slapd.d/</filename> directory as described"
" in <xref linkend=\"s1-ldap-configuration\" />."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"Start the <systemitem class=\"service\">slapd</systemitem> service as "
"described in <xref linkend=\"s1-ldap-running\" />."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"Use the <command>ldapadd</command> utility to add entries to the LDAP "
"directory."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"Use the <command>ldapsearch</command> utility to verify that the <systemitem"
" class=\"service\">slapd</systemitem> service is accessing the information "
"correctly."
msgstr ""

#. Tag: title
#, no-c-format
msgid "Installing the OpenLDAP Suite"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"The suite of OpenLDAP libraries and tools is provided by the following "
"packages:"
msgstr ""

#. Tag: title
#, no-c-format
msgid "List of OpenLDAP packages"
msgstr ""

#. Tag: entry
#, no-c-format
msgid "Package"
msgstr ""

#. Tag: entry
#, no-c-format
msgid "Description"
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<package>openldap</package>"
msgstr ""

#. Tag: entry
#, no-c-format
msgid ""
"A package containing the libraries necessary to run the OpenLDAP server and "
"client applications."
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<package>openldap-clients</package>"
msgstr ""

#. Tag: entry
#, no-c-format
msgid ""
"A package containing the command line utilities for viewing and modifying "
"directories on an LDAP server."
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<package>openldap-servers</package>"
msgstr ""

#. Tag: entry
#, no-c-format
msgid ""
"A package containing both the services and utilities to configure and run an"
" LDAP server. This includes the <firstterm>Standalone LDAP "
"Daemon</firstterm>, <systemitem class=\"service\">slapd</systemitem>."
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<package>openldap-servers-sql</package>"
msgstr ""

#. Tag: entry
#, no-c-format
msgid "A package containing the SQL support module."
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<package>compat-openldap</package>"
msgstr ""

#. Tag: entry
#, no-c-format
msgid "A package containing the OpenLDAP compatibility libraries."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"Additionally, the following packages are commonly used along with the LDAP "
"server, and extend its functionality:"
msgstr ""

#. Tag: title
#, no-c-format
msgid "List of additional LDAP packages"
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<package>nss-pam-ldapd</package>"
msgstr ""

#. Tag: entry
#, no-c-format
msgid ""
"A package containing <systemitem class=\"service\">nslcd</systemitem>, a "
"local LDAP name service that allows a user to perform local LDAP queries."
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<package>mod_authz_ldap</package>"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"A package containing <systemitem "
"class=\"resource\">mod_authz_ldap</systemitem>, the LDAP authorization "
"module for the Apache HTTP Server. This module uses the short form of the "
"distinguished name for a subject and the issuer of the client SSL "
"certificate to determine the distinguished name of the user within an LDAP "
"directory. It is also capable of authorizing users based on attributes of "
"that user's LDAP directory entry, determining access to assets based on the "
"user and group privileges of the asset, and denying access for users with "
"expired passwords. Note that the <systemitem "
"class=\"resource\">mod_ssl</systemitem> module is required when using the "
"<systemitem class=\"resource\">mod_authz_ldap</systemitem> module."
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<package>php-ldap</package>"
msgstr ""

#. Tag: entry
#, no-c-format
msgid ""
"A package containing the <systemitem class=\"resource\">ldap</systemitem> "
"module, which allows PHP scripts to access information stored in an LDAP "
"directory."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"To install these packages, use the <command>yum</command> command in the "
"following form:"
msgstr ""

#. Tag: screen
#, no-c-format
msgid ""
"<command>yum</command> <option>install</option> "
"<replaceable>package</replaceable>…"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"For example, to perform the basic LDAP server installation, type the "
"following at a shell prompt:"
msgstr ""

#. Tag: screen
#, no-c-format
msgid ""
"~]# <command>yum install openldap openldap-clients openldap-servers compat-"
"openldap</command>"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"Note that you must have superuser privileges (that is, you must be logged in"
" as <systemitem class=\"username\">root</systemitem>) to run this command. "
"For more information on how to install new packages in &MAJOROS;, refer to "
"<xref linkend=\"sec-Installing\" />."
msgstr ""

#. Tag: title
#, no-c-format
msgid "Overview of OpenLDAP Server Utilities"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"To perform administrative tasks, the <package>openldap-servers</package> "
"package installs the following utilities along with the <systemitem "
"class=\"service\">slapd</systemitem> service:"
msgstr ""

#. Tag: title
#, no-c-format
msgid "List of OpenLDAP server utilities"
msgstr ""

#. Tag: entry
#, no-c-format
msgid "Command"
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<command>slapacl</command>"
msgstr ""

#. Tag: entry
#, no-c-format
msgid "Allows you to check the access to a list of attributes."
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<command>slapadd</command>"
msgstr ""

#. Tag: entry
#, no-c-format
msgid "Allows you to add entries from an LDIF file to an LDAP directory."
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<command>slapauth</command>"
msgstr ""

#. Tag: entry
#, no-c-format
msgid ""
"Allows you to check a list of IDs for authentication and authorization "
"permissions."
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<command>slapcat</command>"
msgstr ""

#. Tag: entry
#, no-c-format
msgid ""
"Allows you to pull entries from an LDAP directory in the default format and "
"save them in an LDIF file."
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<command>slapindex</command>"
msgstr ""

#. Tag: entry
#, no-c-format
msgid ""
"Allows you to re-index the <systemitem class=\"service\">slapd</systemitem> "
"directory based on the current content. Run this utility whenever you change"
" indexing options in the configuration file."
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<command>slappasswd</command>"
msgstr ""

#. Tag: entry
#, no-c-format
msgid ""
"Allows you to create an encrypted user password to be used with the "
"<command>ldapmodify</command> utility, or in the <systemitem "
"class=\"service\">slapd</systemitem> configuration file."
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<command>slapschema</command>"
msgstr ""

#. Tag: entry
#, no-c-format
msgid ""
"Allows you to check the compliance of a database with the corresponding "
"schema."
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<command>slaptest</command>"
msgstr ""

#. Tag: entry
#, no-c-format
msgid "Allows you to check the LDAP server configuration."
msgstr ""

#. Tag: entry
#, no-c-format
msgid ""
"<command>slapd_db_archive</command>, <command>slapd_db_checkpoint</command>,"
" <command>slapd_db_deadlock</command>, <command>slapd_db_dump</command>, "
"<command>slapd_db_hotbackup</command>, <command>slapd_db_load</command>, "
"<command>slapd_db_printlog</command>, <command>slapd_db_recover</command>, "
"<command>slapd_db_sql</command>, <command>slapd_db_stat</command>, "
"<command>slapd_db_upgrade</command>, <command>slapd_db_verify</command>"
msgstr ""

#. Tag: entry
#, no-c-format
msgid ""
"Provides a set of tools to work with <firstterm>Berkeley DB</firstterm> "
"(BDB)."
msgstr ""

#. Tag: title
#, no-c-format
msgid "Important: Make Sure the Files Have Correct Owner"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"Although only <systemitem class=\"username\">root</systemitem> can run "
"<command>slapadd</command>, the <systemitem "
"class=\"service\">slapd</systemitem> service runs as the <systemitem "
"class=\"username\">ldap</systemitem> user. Because of this, the directory "
"server is unable to modify any files created by <command>slapadd</command>. "
"To correct this issue, after running the <command>slapd</command> utility, "
"type the following at a shell prompt:"
msgstr ""

#. Tag: screen
#, no-c-format
msgid "~]# <command>chown -R ldap:ldap /var/lib/ldap</command>"
msgstr ""

#. Tag: title
#, no-c-format
msgid ""
"Warning: Stop <systemitem class=\"service\">slapd</systemitem> Before Using "
"These Utilities"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"To preserve the data integrity, stop the <systemitem "
"class=\"service\">slapd</systemitem> service before using "
"<command>slapadd</command>, <command>slapcat</command>, or "
"<command>slapindex</command>. You can do so by typing the following at a "
"shell prompt:"
msgstr ""

#. Tag: screen
#, no-c-format
msgid ""
"~]# <command>service slapd stop</command>\n"
"Stopping slapd:                                            [  OK  ]"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"For more information on how to start, stop, restart, and check the current "
"status of the <systemitem class=\"service\">slapd</systemitem> service, "
"refer to <xref linkend=\"s1-ldap-running\" />."
msgstr ""

#. Tag: title
#, no-c-format
msgid "Overview of OpenLDAP Client Utilities"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"The <package>openldap-clients</package> package installs the following "
"utilities which can be used to add, modify, and delete entries in an LDAP "
"directory:"
msgstr ""

#. Tag: title
#, no-c-format
msgid "List of OpenLDAP client utilities"
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<command>ldapadd</command>"
msgstr ""

#. Tag: entry
#, no-c-format
msgid ""
"Allows you to add entries to an LDAP directory, either from a file, or from "
"standard input. It is a symbolic link to <command>ldapmodify -a</command>."
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<command>ldapcompare</command>"
msgstr ""

#. Tag: entry
#, no-c-format
msgid "Allows you to compare given attribute with an LDAP directory entry."
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<command>ldapdelete</command>"
msgstr ""

#. Tag: entry
#, no-c-format
msgid "Allows you to delete entries from an LDAP directory."
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<command>ldapexop</command>"
msgstr ""

#. Tag: entry
#, no-c-format
msgid "Allows you to perform extended LDAP operations."
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<command>ldapmodify</command>"
msgstr ""

#. Tag: entry
#, no-c-format
msgid ""
"Allows you to modify entries in an LDAP directory, either from a file, or "
"from standard input."
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<command>ldapmodrdn</command>"
msgstr ""

#. Tag: entry
#, no-c-format
msgid "Allows you to modify the RDN value of an LDAP directory entry."
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<command>ldappasswd</command>"
msgstr ""

#. Tag: entry
#, no-c-format
msgid "Allows you to set or change the password for an LDAP user."
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<command>ldapsearch</command>"
msgstr ""

#. Tag: entry
#, no-c-format
msgid "Allows you to search LDAP directory entries."
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<command>ldapurl</command>"
msgstr ""

#. Tag: entry
#, no-c-format
msgid "Allows you to compose or decompose LDAP URLs."
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<command>ldapwhoami</command>"
msgstr ""

#. Tag: entry
#, no-c-format
msgid ""
"Allows you to perform a <option>whoami</option> operation on an LDAP server."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"With the exception of <command>ldapsearch</command>, each of these utilities"
" is more easily used by referencing a file containing the changes to be made"
" rather than typing a command for each entry to be changed within an LDAP "
"directory. The format of such a file is outlined in the man page for each "
"utility."
msgstr ""

#. Tag: title
#, no-c-format
msgid "Overview of Common LDAP Client Applications"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"Although there are various graphical LDAP clients capable of creating and "
"modifying directories on the server, none of them is included in &MAJOROS;. "
"Popular applications that can access directories in a read-only mode include"
" <application>Mozilla Thunderbird</application>, "
"<application>Evolution</application>, or <application>Ekiga</application>."
msgstr ""

#. Tag: title
#, no-c-format
msgid "Configuring an OpenLDAP Server"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"OpenLDAP configuration files are installed into the "
"<filename>/etc/openldap/</filename> directory. The following is a brief list"
" highlighting the most important directories and files:"
msgstr ""

#. Tag: title
#, no-c-format
msgid "List of OpenLDAP configuration files and directories"
msgstr ""

#. Tag: entry
#, no-c-format
msgid "Path"
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<filename>/etc/openldap/ldap.conf</filename>"
msgstr ""

#. Tag: entry
#, no-c-format
msgid ""
"The configuration file for client applications that use the OpenLDAP "
"libraries. This includes <command>ldapadd</command>, "
"<command>ldapsearch</command>, <application>Evolution</application>, etc."
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<filename class=\"directory\">/etc/openldap/slapd.d/</filename>"
msgstr ""

#. Tag: entry
#, no-c-format
msgid ""
"The directory containing the <systemitem "
"class=\"service\">slapd</systemitem> configuration files."
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<filename class=\"directory\">/etc/openldap/schema/</filename>"
msgstr ""

#. Tag: entry
#, no-c-format
msgid ""
"The directory containing the schema files used by the <systemitem "
"class=\"service\">slapd</systemitem> service. The <filename "
"class=\"directory\">redhat/</filename> subdirectory holds customized schemas"
" distributed by &OSORG; for &MAJOROS;."
msgstr ""

#. Tag: title
#, no-c-format
msgid "The <filename>/etc/openldap/schema/</filename> Directory"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"The <filename>/etc/openldap/schema/</filename> directory holds LDAP "
"definitions, previously located in the <filename>slapd.at.conf</filename> "
"and <filename>slapd.oc.conf</filename> files. The "
"<filename>/etc/openldap/schema/redhat/</filename> directory holds customized"
" schemas distributed by Red Hat for &MAJOROS;."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"All <firstterm>attribute syntax definitions</firstterm> and "
"<firstterm>objectclass definitions</firstterm> are now located in the "
"different schema files. The various schema files are referenced in "
"<filename>/etc/openldap/slapd.conf</filename> using "
"<filename>include</filename> lines, as shown in this example:"
msgstr ""

#. Tag: screen
#, no-c-format
msgid ""
"include    /etc/openldap/schema/core.schema\n"
"include    /etc/openldap/schema/cosine.schema\n"
"include    /etc/openldap/schema/inetorgperson.schema\n"
"include    /etc/openldap/schema/nis.schema\n"
"include    /etc/openldap/schema/rfc822-MailMember.schema\n"
"include    /etc/openldap/schema/redhat/autofs.schema"
msgstr ""

#. Tag: title
#, no-c-format
msgid "Warning"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"Do not modify schema items defined in the schema files installed by "
"OpenLDAP."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"It is possible to extend the schema used by OpenLDAP to support additional "
"attribute types and object classes using the default schema files as a "
"guide. To do this, create a <filename>local.schema</filename> file in the "
"<filename>/etc/openldap/schema/</filename> directory. Reference this new "
"schema within <filename>slapd.conf</filename> by adding the following line "
"below the default <filename>include</filename> schema lines:"
msgstr ""

#. Tag: screen
#, no-c-format
msgid "include    /etc/openldap/schema/local.schema"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"Next, define new attribute types and object classes within the "
"<filename>local.schema</filename> file. Many organizations use existing "
"attribute types from the schema files installed by default and add new "
"object classes to the <filename>local.schema</filename> file."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"Extending the schema to match certain specialized requirements is quite "
"involved and beyond the scope of this chapter. Refer to <ulink "
"url=\"http://www.openldap.org/doc/admin/schema.html\" /> for information."
msgstr ""

#. Tag: title
#, no-c-format
msgid "Editing <filename>/etc/openldap/slapd.conf</filename>"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"To use the <command>slapd</command> LDAP server, modify its configuration "
"file, <filename>/etc/openldap/slapd.conf</filename>, to specify the correct "
"domain and server."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"The <command>suffix</command> line names the domain for which the LDAP "
"server provides information and should be changed from:"
msgstr ""

#. Tag: screen
#, no-c-format
msgid "suffix    \"dc=your-domain,dc=com\""
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"Edit it accordingly so that it reflects a fully qualified domain name. For "
"example:"
msgstr ""

#. Tag: screen
#, no-c-format
msgid "suffix    \"dc=example,dc=com\""
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"The <command>rootdn</command> entry is the Distinguished Name (DN) for a "
"user who is unrestricted by access controls or administrative limit "
"parameters set for operations on the LDAP directory. The "
"<command>rootdn</command> user can be thought of as the root user for the "
"LDAP directory. In the configuration file, change the "
"<command>rootdn</command> line from its default value as in the following "
"example:"
msgstr ""

#. Tag: screen
#, no-c-format
msgid "rootdn    \"cn=root,dc=example,dc=com\""
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"When populating an LDAP directory over a network, change the "
"<command>rootpw</command> line — replacing the default value with an "
"encrypted password string. To create an encrypted password string, type the "
"following command:"
msgstr ""

#. Tag: screen
#, no-c-format
msgid "slappasswd"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"When prompted, type and then re-type a password. The program prints the "
"resulting encrypted password to the shell prompt."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"Next, copy the newly created encrypted password into the "
"<filename>/etc/openldap/slapd.conf</filename> on one of the "
"<command>rootpw</command> lines and remove the hash sign "
"(<command>#</command>)."
msgstr ""

#. Tag: para
#, no-c-format
msgid "When finished, the line should look similar to the following example:"
msgstr ""

#. Tag: screen
#, no-c-format
msgid "rootpw {SSHA}vv2y+i6V6esazrIv70xSSnNAJE18bb2u"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"LDAP passwords, including the <command>rootpw</command> directive specified "
"in <filename>/etc/openldap/slapd.conf</filename>, are sent over the network "
"<emphasis>unencrypted</emphasis>, unless TLS encryption is enabled."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"To enable TLS encryption, review the comments in "
"<filename>/etc/openldap/slapd.conf</filename> and refer to the man page for "
"<filename>slapd.conf</filename>."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"For added security, the <command>rootpw</command> directive should be "
"commented out after populating the LDAP directory by preceding it with a "
"hash sign (<command>#</command>)."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"When using the <command>/usr/sbin/slapadd</command> command line tool "
"locally to populate the LDAP directory, use of the <command>rootpw</command>"
" directive is not necessary."
msgstr ""

#. Tag: title
#, no-c-format
msgid "Important"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"Only the root user can use <command>/usr/sbin/slapadd</command>. However, "
"the directory server runs as the <filename>ldap</filename> user. Therefore, "
"the directory server is unable to modify any files created by "
"<command>slapadd</command>. To correct this issue, after using "
"<command>slapadd</command>, type the following command:"
msgstr ""

#. Tag: screen
#, no-c-format
msgid "chown -R ldap /var/lib/ldap"
msgstr ""

#. Tag: title
#, no-c-format
msgid "Running an OpenLDAP Server"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"This section describes how to start, stop, restart, and check the current "
"status of the <application>Standalone LDAP Daemon</application>. For more "
"information on how to manage system services in general, refer to <xref "
"linkend=\"ch-Controlling_Access_to_Services\" />."
msgstr ""

#. Tag: title
#, no-c-format
msgid "Starting the Service"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"To run the <systemitem class=\"service\">slapd</systemitem> service, type "
"the following at a shell prompt:"
msgstr ""

#. Tag: screen
#, no-c-format
msgid ""
"~]# <command>service slapd start</command>\n"
"Starting slapd:                                            [  OK  ]"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"If you want the service to start automatically at the boot time, use the "
"following command:"
msgstr ""

#. Tag: screen
#, no-c-format
msgid "~]# <command>chkconfig slapd on</command>"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"Note that you can also use the <application>Service "
"Configuration</application> utility as described in <xref linkend=\"s3"
"-services-serviceconf-enabling\" />."
msgstr ""

#. Tag: title
#, no-c-format
msgid "Stopping the Service"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"To stop the running <systemitem class=\"service\">slapd</systemitem> "
"service, type the following at a shell prompt:"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"To prevent the service from starting automatically at the boot time, type:"
msgstr ""

#. Tag: screen
#, no-c-format
msgid "~]# <command>chkconfig slapd off</command>"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"Alternatively, you can use the <application>Service "
"Configuration</application> utility as described in <xref linkend=\"s3"
"-services-serviceconf-disabling\" />."
msgstr ""

#. Tag: title
#, no-c-format
msgid "Restarting the Service"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"To restart the running <systemitem class=\"service\">slapd</systemitem> "
"service, type the following at a shell prompt:"
msgstr ""

#. Tag: screen
#, no-c-format
msgid ""
"~]# <command>service slapd restart</command>\n"
"Stopping slapd:                                            [  OK  ]\n"
"Starting slapd:                                            [  OK  ]"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"This stops the service, and then starts it again. Use this command to reload"
" the configuration."
msgstr ""

#. Tag: title
#, no-c-format
msgid "Checking the Service Status"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"To check whether the service is running, type the following at a shell "
"prompt:"
msgstr ""

#. Tag: screen
#, no-c-format
msgid ""
"~]# <command>service slapd status</command>\n"
"slapd (pid  3672) is running..."
msgstr ""

#. Tag: title
#, no-c-format
msgid "Configuring a System to Authenticate Using OpenLDAP"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"In order to configure a system to authenticate using OpenLDAP, make sure "
"that the appropriate packages are installed on both LDAP server and client "
"machines. For information on how to set up the server, follow the "
"instructions in <xref linkend=\"s1-ldap-installation\" /> and <xref "
"linkend=\"s1-ldap-configuration\" />. On a client, type the following at a "
"shell prompt:"
msgstr ""

#. Tag: screen
#, no-c-format
msgid ""
"~]# <command>yum install openldap openldap-clients nss-pam-ldapd</command>"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"Note that this section provides a brief overview only. Unless you are an "
"OpenLDAP expert, refer to <xref linkend=\"s1-ldap-resources\" /> for more "
"detailed information."
msgstr ""

#. Tag: title
#, no-c-format
msgid "Using LDAP with PAM"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"&MAJOROS; allows you to configure standard PAM-enabled applications to use "
"LDAP for authentication. To do so, select "
"<menuchoice><guimenu>System</guimenu><guisubmenu>Administration</guisubmenu><guimenuitem>Authentication</guimenuitem></menuchoice>"
" from the panel (or type <command>system-config-authentication</command> at "
"a shell prompt) to start the <application>Authentication "
"Configuration</application>, and enter the superuser password when prompted."
" Then select the <guimenuitem>LDAP</guimenuitem> option from the "
"<guilabel>User Account Database</guilabel> pulldown menu, adjust the "
"additional options, and click <guibutton>Apply</guibutton> to confirm your "
"changes."
msgstr ""

#. Tag: title
#, no-c-format
msgid ""
"Using the <application>Authentication Configuration</application> utility"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"For more information about configuring PAM, refer to the <citetitle "
"pubwork=\"chapter\">Pluggable Authentication Modules (PAM)</citetitle> "
"chapter of the &MAJOROSVER; <citetitle>Security Guide</citetitle> and the "
"PAM man pages."
msgstr ""

#. Tag: title
#, no-c-format
msgid "Migrating Old Authentication Information to LDAP Format"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"The <package>migrationtools</package> package provides a set of shell and "
"Perl scripts to help you migrate authentication information into an LDAP "
"format. To install this package, type the following at a shell prompt:"
msgstr ""

#. Tag: screen
#, no-c-format
msgid "~]# <command>yum install migrationtools</command>"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"This will install the scripts to the <filename "
"class=\"directory\">/usr/share/migrationtools/</filename> directory. Once "
"installed, open the "
"<filename>/usr/share/migrationtools/migrate_common.ph</filename> file in the"
" text editor such as <application>vi</application> or "
"<application>nano</application>, and change the following lines to reflect "
"the correct domain, for example:"
msgstr ""

#. Tag: screen
#, no-c-format
msgid ""
"# Default DNS domain\n"
"$DEFAULT_MAIL_DOMAIN = \"example.com\";\n"
"\n"
"# Default base\n"
"$DEFAULT_BASE = \"dc=example,dc=com\";"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"Refer to <xref linkend=\"table-ldap-migrationtools\" /> to decide which "
"script to run in order to migrate the user database."
msgstr ""

#. Tag: title
#, no-c-format
msgid "Commonly used LDAP migration scripts"
msgstr ""

#. Tag: entry
#, no-c-format
msgid "Existing Name Service"
msgstr ""

#. Tag: entry
#, no-c-format
msgid "Is LDAP Running?"
msgstr ""

#. Tag: entry
#, no-c-format
msgid "Script to Use"
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<filename class=\"directory\">/etc</filename> flat files"
msgstr ""

#. Tag: entry
#, no-c-format
msgid "yes"
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<filename>migrate_all_online.sh</filename>"
msgstr ""

#. Tag: entry
#, no-c-format
msgid "no"
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<filename>migrate_all_offline.sh</filename>"
msgstr ""

#. Tag: entry
#, no-c-format
msgid "NetInfo"
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<filename>migrate_all_netinfo_online.sh</filename>"
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<filename>migrate_all_netinfo_offline.sh</filename>"
msgstr ""

#. Tag: entry
#, no-c-format
msgid "NIS (YP)"
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<filename>migrate_all_nis_online.sh</filename>"
msgstr ""

#. Tag: entry
#, no-c-format
msgid "<filename>migrate_all_nis_offline.sh</filename>"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"For more information on how to use these scripts, refer to the "
"<filename>README</filename> and the <filename>migration-tools.txt</filename>"
" files in the "
"<filename>/usr/share/doc/migrationtools-<replaceable>version</replaceable>/</filename>"
" directory."
msgstr ""

#. Tag: title
#, no-c-format
msgid "Additional Resources"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"The following resources offer additional information on the Lightweight "
"Directory Access Protocol. Before configuring LDAP on your system, it is "
"highly recommended that you review these resources, especially the OpenLDAP "
"website and the LDAP HOWTO."
msgstr ""

#. Tag: title
#, no-c-format
msgid "Installed Documentation"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"<filename>/usr/share/docs/openldap-<replaceable>&lt;versionnumber&gt;</replaceable>/</filename>"
" directory — Contains a general <filename>README</filename> document and "
"miscellaneous information."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"LDAP related man pages — There are a number of man pages for the various "
"applications and configuration files involved with LDAP. The following is a "
"list of some of the more important man pages."
msgstr ""

#. Tag: term
#, no-c-format
msgid "Client Applications"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"<command>man ldapadd</command> — Describes how to add entries to an LDAP "
"directory."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"<command>man ldapdelete</command> — Describes how to delete entries within "
"an LDAP directory."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"<command>man ldapmodify</command> — Describes how to modify entries within "
"an LDAP directory."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"<command>man ldapsearch</command> — Describes how to search for entries "
"within an LDAP directory."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"<command>man ldappasswd</command> — Describes how to set or change the "
"password of an LDAP user."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"<command>man ldapcompare</command> — Describes how to use the "
"<command>ldapcompare</command> tool."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"<command>man ldapwhoami</command> — Describes how to use the "
"<command>ldapwhoami</command> tool."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"<command>man ldapmodrdn</command> — Describes how to modify the RDNs of "
"entries."
msgstr ""

#. Tag: term
#, no-c-format
msgid "Server Applications"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"<command>man slapd</command> — Describes command line options for the LDAP "
"server."
msgstr ""

#. Tag: term
#, no-c-format
msgid "Administrative Applications"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"<command>man slapadd</command> — Describes command line options used to add "
"entries to a <command>slapd</command> database."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"<command>man slapcat</command> — Describes command line options used to "
"generate an LDIF file from a <command>slapd</command> database."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"<command>man slapindex</command> — Describes command line options used to "
"regenerate an index based upon the contents of a <command>slapd</command> "
"database."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"<command>man slappasswd</command> — Describes command line options used to "
"generate user passwords for LDAP directories."
msgstr ""

#. Tag: term
#, no-c-format
msgid "Configuration Files"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"<command>man ldap.conf</command> — Describes the format and options "
"available within the configuration file for LDAP clients."
msgstr ""

#. Tag: title
#, no-c-format
msgid "Useful Websites"
msgstr ""

#. Tag: term
#, no-c-format
msgid "<ulink url=\"http://www.openldap.org/doc/admin24/\" />"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"The current version of the <citetitle pubwork=\"webpage\">OpenLDAP Software "
"Administrator's Guide</citetitle>."
msgstr ""

#. Tag: term
#, no-c-format
msgid "<ulink url=\"http://www.kingsmountain.com/ldapRoadmap.shtml\" />"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"Jeff Hodges' <citetitle pubwork=\"webpage\">LDAP Roadmap &amp; "
"FAQ</citetitle> containing links to several useful resources and emerging "
"news concerning the LDAP protocol."
msgstr ""

#. Tag: term
#, no-c-format
msgid "<ulink url=\"http://www.ldapman.org/articles/\" />"
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"A collection of articles that offer a good introduction to LDAP, including "
"methods to design a directory tree and customizing directory structures."
msgstr ""

#. Tag: term
#, no-c-format
msgid "<ulink url=\"http://www.padl.com/\" />"
msgstr ""

#. Tag: para
#, no-c-format
msgid "A website of developers of several useful LDAP tools."
msgstr ""

#. Tag: title
#, no-c-format
msgid "Related Books"
msgstr ""

#. Tag: term
#, no-c-format
msgid ""
"<citetitle pubwork=\"book\">OpenLDAP by Example</citetitle> by John Terpstra"
" and Benjamin Coles; Prentice Hall."
msgstr ""

#. Tag: para
#, no-c-format
msgid "A collection of practical exercises in the OpenLDAP deployment."
msgstr ""

#. Tag: term
#, no-c-format
msgid ""
"<citetitle pubwork=\"book\">Implementing LDAP</citetitle> by Mark Wilcox; "
"Wrox Press, Inc."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"A book covering LDAP from both the system administrator's and software "
"developer's perspective."
msgstr ""

#. Tag: term
#, no-c-format
msgid ""
"<citetitle>Understanding and Deploying LDAP Directory Services</citetitle> "
"by Tim Howes et al.; Macmillan Technical Publishing."
msgstr ""

#. Tag: para
#, no-c-format
msgid ""
"A book covering LDAP design principles, as well as its deployment in a "
"production environment."
msgstr ""