From 727133912fbc4ec592c00df888e646555e5cf8c5 Mon Sep 17 00:00:00 2001
From: Arthur de Jong <arthur@arthurdejong.org>
Date: Mon, 8 Aug 2011 08:09:10 +0000
Subject: incorporate feedback on debconf templates by
 debian-l10n-english@lists.debian.org (thanks Justin B Rye and Christian
 PERRIER)

git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1492 ef36b2f9-881f-0410-afb5-c4e39611909c
---
 debian/nslcd.templates | 41 +++++++++++++++++++++--------------------
 1 file changed, 21 insertions(+), 20 deletions(-)

diff --git a/debian/nslcd.templates b/debian/nslcd.templates
index 874a348..51b23f8 100644
--- a/debian/nslcd.templates
+++ b/debian/nslcd.templates
@@ -2,8 +2,8 @@ Template: nslcd/ldap-uris
 Type: string
 _Description: LDAP server URI:
  Please enter the Uniform Resource Identifier of the LDAP server. The format
- is 'ldap://<hostname_or_IP_address>:<port>/'. Alternatively, 'ldaps://' or
- 'ldapi://' can be used. The port number is optional.
+ is "ldap://<hostname_or_IP_address>:<port>/". Alternatively, "ldaps://" or
+ "ldapi://" can be used. The port number is optional.
  .
  When using an ldap or ldaps scheme it is recommended to use an IP address to
  avoid failures when domain name services are unavailable.
@@ -23,13 +23,12 @@ Type: select
 __Choices: none, simple, SASL
 Default: none
 _Description: LDAP authentication to use:
- If your LDAP database requires authentication you can choose which mechanism
- should be used. Please choose the mechanism by which authentication should
- be done:
+ Please choose what type of authentication the LDAP database should
+ require (if any):
+ .
   * none: no authentication;
   * simple: simple clear text binddn/password;
-  * SASL: one of the Simple Authentication and Security Layer
-          mechanisms.
+  * SASL: any Simple Authentication and Security Layer mechanism.
 
 Template: nslcd/ldap-binddn
 Type: string
@@ -44,13 +43,14 @@ _Description: LDAP user password:
 
 Template: nslcd/ldap-sasl-mech
 Type: select
-__Choices: auto, LOGIN, PLAIN, NTLM, CRAM-MD5, DIGEST-MD5, GSSAPI, OTP
+Choices: auto, LOGIN, PLAIN, NTLM, CRAM-MD5, DIGEST-MD5, GSSAPI, OTP
 _Description: SASL mechanism to use:
  Choose the SASL mechanism that will be used to authenticate to the LDAP
  database:
-  * auto: autonegociation;
-  * LOGIN: deprecated in flavor of PLAIN;
-  * PLAIN: simple cleartext password mechanism;
+ .
+  * auto: auto-negotiation;
+  * LOGIN: deprecated in favor of PLAIN;
+  * PLAIN: clear-text user/password mechanism;
   * NTLM: NT LAN Manager authentication mechanism;
   * CRAM-MD5: challenge-response scheme based on HMAC-MD5;
   * DIGEST-MD5: HTTP Digest compatible challenge-response scheme;
@@ -63,11 +63,10 @@ _Description: SASL realm:
  Enter the SASL realm that will be used to authenticate to the LDAP
  database.
  .
- If empty, the GSSAPI mechanism will use information from the Kerberos
- credential cache. Others mechanisms may need @<REALM> suffixing sasl_authcid
- and sasl_authzid.
+ The realm is appended to authentication and authorization identities.
  .
- The realm is appended to authentication and authorisation identities.
+ For GSSAPI this can be left blank to use information from the Kerberos
+ credential cache.
 
 Template: nslcd/ldap-sasl-authcid
 Type: string
@@ -75,21 +74,21 @@ _Description: SASL authentication identity:
  Enter the SASL authentication identity that will be used to authenticate to
  the LDAP database.
  .
- This is the login used in LOGIN, PLAIN, CRAM-MD5 and DIGEST-MD5 mechanisms.
+ This is the login used in LOGIN, PLAIN, CRAM-MD5, and DIGEST-MD5 mechanisms.
 
 Template: nslcd/ldap-sasl-authzid
 Type: string
-_Description: SASL proxy authorisation identity:
- Enter the proxy authorisation identity that will be used to authenticate to
+_Description: SASL proxy authorization identity:
+ Enter the proxy authorization identity that will be used to authenticate to
  the LDAP database.
  .
- This is the object in the name of witch the LDAP request are done.
+ This is the object in the name of which the LDAP request is done.
  This value should be specified as a DN (distinguished name).
 
 Template: nslcd/ldap-sasl-secprops
 Type: string
 _Description: Cyrus SASL security properties:
- Enter the Cyrus  SASL  security properties.
+ Enter the Cyrus SASL security properties.
  Allowed values are described in the ldap.conf(5) manual page
  in the SASL OPTIONS section.
 
@@ -112,11 +111,13 @@ _Description: Check server's SSL certificate:
  When an encrypted connection is used, a server certificate can be requested
  and checked. Please choose whether lookups should be configured to require
  a certificate, and whether certificates should be checked for validity:
+ .
   * never: no certificate will be requested or checked;
   * allow: a certificate will be requested, but it is not
            required or checked;
   * try: a certificate will be requested and checked, but if no
          certificate is provided it is ignored;
   * demand: a certificate will be requested, required, and checked.
+ .
  If certificate checking is enabled, at least one of the tls_cacertdir or
  tls_cacertfile options must be put in /etc/nslcd.conf.
-- 
cgit v1.2.3