diff options
| author | Arthur de Jong <arthur@arthurdejong.org> | 2011-08-08 10:09:10 +0200 |
|---|---|---|
| committer | Arthur de Jong <arthur@arthurdejong.org> | 2011-08-08 10:09:10 +0200 |
| commit | 727133912fbc4ec592c00df888e646555e5cf8c5 (patch) | |
| tree | 40ed0949b7add44c5b8b943ecda662baf80212ab | |
| parent | 938d9decdb5c1e1543454b557f1269b310d897c8 (diff) | |
incorporate feedback on debconf templates by debian-l10n-english@lists.debian.org (thanks Justin B Rye and Christian PERRIER)
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1492 ef36b2f9-881f-0410-afb5-c4e39611909c
| -rw-r--r-- | debian/nslcd.templates | 41 |
1 files changed, 21 insertions, 20 deletions
diff --git a/debian/nslcd.templates b/debian/nslcd.templates index 874a348..51b23f8 100644 --- a/debian/nslcd.templates +++ b/debian/nslcd.templates @@ -2,8 +2,8 @@ Template: nslcd/ldap-uris Type: string _Description: LDAP server URI: Please enter the Uniform Resource Identifier of the LDAP server. The format - is 'ldap://<hostname_or_IP_address>:<port>/'. Alternatively, 'ldaps://' or - 'ldapi://' can be used. The port number is optional. + is "ldap://<hostname_or_IP_address>:<port>/". Alternatively, "ldaps://" or + "ldapi://" can be used. The port number is optional. . When using an ldap or ldaps scheme it is recommended to use an IP address to avoid failures when domain name services are unavailable. @@ -23,13 +23,12 @@ Type: select __Choices: none, simple, SASL Default: none _Description: LDAP authentication to use: - If your LDAP database requires authentication you can choose which mechanism - should be used. Please choose the mechanism by which authentication should - be done: + Please choose what type of authentication the LDAP database should + require (if any): + . * none: no authentication; * simple: simple clear text binddn/password; - * SASL: one of the Simple Authentication and Security Layer - mechanisms. + * SASL: any Simple Authentication and Security Layer mechanism. Template: nslcd/ldap-binddn Type: string @@ -44,13 +43,14 @@ _Description: LDAP user password: Template: nslcd/ldap-sasl-mech Type: select -__Choices: auto, LOGIN, PLAIN, NTLM, CRAM-MD5, DIGEST-MD5, GSSAPI, OTP +Choices: auto, LOGIN, PLAIN, NTLM, CRAM-MD5, DIGEST-MD5, GSSAPI, OTP _Description: SASL mechanism to use: Choose the SASL mechanism that will be used to authenticate to the LDAP database: - * auto: autonegociation; - * LOGIN: deprecated in flavor of PLAIN; - * PLAIN: simple cleartext password mechanism; + . + * auto: auto-negotiation; + * LOGIN: deprecated in favor of PLAIN; + * PLAIN: clear-text user/password mechanism; * NTLM: NT LAN Manager authentication mechanism; * CRAM-MD5: challenge-response scheme based on HMAC-MD5; * DIGEST-MD5: HTTP Digest compatible challenge-response scheme; @@ -63,11 +63,10 @@ _Description: SASL realm: Enter the SASL realm that will be used to authenticate to the LDAP database. . - If empty, the GSSAPI mechanism will use information from the Kerberos - credential cache. Others mechanisms may need @<REALM> suffixing sasl_authcid - and sasl_authzid. + The realm is appended to authentication and authorization identities. . - The realm is appended to authentication and authorisation identities. + For GSSAPI this can be left blank to use information from the Kerberos + credential cache. Template: nslcd/ldap-sasl-authcid Type: string @@ -75,21 +74,21 @@ _Description: SASL authentication identity: Enter the SASL authentication identity that will be used to authenticate to the LDAP database. . - This is the login used in LOGIN, PLAIN, CRAM-MD5 and DIGEST-MD5 mechanisms. + This is the login used in LOGIN, PLAIN, CRAM-MD5, and DIGEST-MD5 mechanisms. Template: nslcd/ldap-sasl-authzid Type: string -_Description: SASL proxy authorisation identity: - Enter the proxy authorisation identity that will be used to authenticate to +_Description: SASL proxy authorization identity: + Enter the proxy authorization identity that will be used to authenticate to the LDAP database. . - This is the object in the name of witch the LDAP request are done. + This is the object in the name of which the LDAP request is done. This value should be specified as a DN (distinguished name). Template: nslcd/ldap-sasl-secprops Type: string _Description: Cyrus SASL security properties: - Enter the Cyrus SASL security properties. + Enter the Cyrus SASL security properties. Allowed values are described in the ldap.conf(5) manual page in the SASL OPTIONS section. @@ -112,11 +111,13 @@ _Description: Check server's SSL certificate: When an encrypted connection is used, a server certificate can be requested and checked. Please choose whether lookups should be configured to require a certificate, and whether certificates should be checked for validity: + . * never: no certificate will be requested or checked; * allow: a certificate will be requested, but it is not required or checked; * try: a certificate will be requested and checked, but if no certificate is provided it is ignored; * demand: a certificate will be requested, required, and checked. + . If certificate checking is enabled, at least one of the tls_cacertdir or tls_cacertfile options must be put in /etc/nslcd.conf. |