http://git-wip-us.apache.org/repos/asf/cloudstack-docs-admin/blob/a6b15cb9/source/locale/pot/virtual_machines/user-data.pot ---------------------------------------------------------------------- diff --git a/source/locale/pot/virtual_machines/user-data.pot b/source/locale/pot/virtual_machines/user-data.pot new file mode 100644 index 0000000..d3f3bb5 --- /dev/null +++ b/source/locale/pot/virtual_machines/user-data.pot @@ -0,0 +1,106 @@ +# SOME DESCRIPTIVE TITLE. +# Copyright (C) 2016, Apache Software Foundation +# This file is distributed under the same license as the Apache CloudStack Administration Documentation package. +# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR. +# +#, fuzzy +msgid "" +msgstr "" +"Project-Id-Version: Apache CloudStack Administration Documentation 4.8\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2016-08-22 13:55+0200\n" +"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" +"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" +"Language-Team: LANGUAGE <l...@li.org>\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#: ../../virtual_machines/user-data.rst:18 +msgid "User-Data and Meta-Data" +msgstr "" + +#: ../../virtual_machines/user-data.rst:20 +msgid "CloudStack provides API access to attach up to 2KB of data after base64 encoding to a deployed VM. Using HTTP POST(via POST body), you can send up to 32K of data after base64 encoding. Deployed VMs also have access to instance metadata via the virtual router." +msgstr "" + +#: ../../virtual_machines/user-data.rst:25 +msgid "Create virtual machine thru the API: `deployVirtualMachine <http://cloudstack.apache.org/docs/api/apidocs-4.5/user/deployVirtualMachine.html>`_ using the parameter ``userdata=`` to include user-data formated in `base64 <https://www.base64encode.org/>`_." +msgstr "" + +#: ../../virtual_machines/user-data.rst:29 +msgid "Accessed user-data from VM. Once the IP address of the virtual router is known, use the following steps to retrieve user-data:" +msgstr "" + +#: ../../virtual_machines/user-data.rst:32 +msgid "Run the following command to find the virtual router." +msgstr "" + +#: ../../virtual_machines/user-data.rst:38 +msgid "Access user-data by running the following command using the result of the above command" +msgstr "" + +#: ../../virtual_machines/user-data.rst:45 +msgid "Meta Data can be accessed similarly, using a URL of the form ``http://10.1.1.1/latest/meta-data/{metadata type}``. (For backwards compatibility, the previous URL ``http://10.1.1.1/latest/{metadata type}`` is also supported.) For metadata type, use one of the following:" +msgstr "" + +#: ../../virtual_machines/user-data.rst:50 +msgid "``service-offering``. A description of the VMs service offering" +msgstr "" + +#: ../../virtual_machines/user-data.rst:52 +msgid "``availability-zone``. The Zone name" +msgstr "" + +#: ../../virtual_machines/user-data.rst:54 +msgid "``local-ipv4``. The guest IP of the VM" +msgstr "" + +#: ../../virtual_machines/user-data.rst:56 +msgid "``local-hostname``. The hostname of the VM" +msgstr "" + +#: ../../virtual_machines/user-data.rst:58 +msgid "``public-ipv4``. The first public IP for the router. (E.g. the first IP of eth2)" +msgstr "" + +#: ../../virtual_machines/user-data.rst:61 +msgid "``public-hostname``. This is the same as public-ipv4" +msgstr "" + +#: ../../virtual_machines/user-data.rst:63 +msgid "``instance-id``. The instance name of the VM" +msgstr "" + +#: ../../virtual_machines/user-data.rst:67 +msgid "Using Cloud-Init" +msgstr "" + +#: ../../virtual_machines/user-data.rst:69 +msgid "`Cloud-Init <https://cloudinit.readthedocs.org/en/latest>`_ can be use to access an interpret user-data from virtual machines. Cloud-Init be installed into templates and also require CloudStack password and sshkey scripts (:ref:`adding-password-management-to-templates` and `using ssh keys <virtual_machines.html#using-ssh-keys-for-authentication>`_). User password management and ``resetSSHKeyForVirtualMachine`` API are not yet supported by cloud-init." +msgstr "" + +#: ../../virtual_machines/user-data.rst:74 +msgid "Install cloud-init package into a template:" +msgstr "" + +#: ../../virtual_machines/user-data.rst:82 +msgid "Create datasource configuration file: ``/etc/cloud/cloud.cfg.d/99_cloudstack.cfg``" +msgstr "" + +#: ../../virtual_machines/user-data.rst:94 +msgid "user-data example" +msgstr "" + +#: ../../virtual_machines/user-data.rst:96 +msgid "This example use cloud-init to Upgrade Operating-System of the newly created VM:" +msgstr "" + +#: ../../virtual_machines/user-data.rst:110 +msgid "base64 formated:" +msgstr "" + +#: ../../virtual_machines/user-data.rst:116 +msgid "Refer to `Cloud-Init CloudStack datasource <http://cloudinit.readthedocs.org/en/latest/topics/datasources.html#cloudstack>`_ documentation for latest capabilities. Cloud-Init and Cloud-Init CloudStack datasource are not supported by Apache CloudStack community." +msgstr "" +
http://git-wip-us.apache.org/repos/asf/cloudstack-docs-admin/blob/a6b15cb9/source/locale/zh_CN/LC_MESSAGES/accounts.po ---------------------------------------------------------------------- diff --git a/source/locale/zh_CN/LC_MESSAGES/accounts.po b/source/locale/zh_CN/LC_MESSAGES/accounts.po index 2d96d83..58e1868 100644 --- a/source/locale/zh_CN/LC_MESSAGES/accounts.po +++ b/source/locale/zh_CN/LC_MESSAGES/accounts.po @@ -1,265 +1,383 @@ # SOME DESCRIPTIVE TITLE. # Copyright (C) -# This file is distributed under the same license as the Apache CloudStack Administration Documentation package. -# +# This file is distributed under the same license as the Apache CloudStack +# Administration Documentation package. +# # Translators: msgid "" msgstr "" "Project-Id-Version: Apache CloudStack Administration RTD\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2014-06-30 12:52+0200\n" +"POT-Creation-Date: 2016-08-22 13:55+0200\n" "PO-Revision-Date: 2014-06-30 12:03+0000\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" -"Language-Team: Chinese (China) (http://www.transifex.com/projects/p/apache-cloudstack-administration-rtd/language/zh_CN/)\n" +"Language-Team: Chinese (China) (http://www.transifex.com/projects/p"; +"/apache-cloudstack-administration-rtd/language/zh_CN/)\n" "MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" +"Content-Type: text/plain; charset=utf-8\n" "Content-Transfer-Encoding: 8bit\n" -"Language: zh_CN\n" -"Plural-Forms: nplurals=1; plural=0;\n" +"Generated-By: Babel 2.3.4\n" -# bdc151e73be141a8ad0b4190c3102939 #: ../../accounts.rst:18 -msgid "Managing Accounts, Users and Domains" +#, fuzzy +msgid "Managing Roles, Accounts, Users and Domains" msgstr "管çè´¦æ·ï¼ç¨æ·åå" -# a49422e951994e72894009f0fc5cc963 #: ../../accounts.rst:21 -msgid "Accounts, Users, and Domains" +#, fuzzy +msgid "Roles, Accounts, Users, and Domains" msgstr "è´¦æ·ï¼ç¨æ·ï¼å" -# 7316ca3f637249cbbf2f29bd75791600 #: ../../accounts.rst:24 +msgid "Roles" +msgstr "" + +#: ../../accounts.rst:26 +msgid "" +"A role represents a set of allowed functions. All CloudStack accounts " +"have a role attached to them that enforce access rules on them to be " +"allowed or disallowed to make an API request. Typically there are four " +"default roles: root admin, resource admin, domain admin and user." +msgstr "" + +#: ../../accounts.rst:33 msgid "Accounts" msgstr "è´¦æ·" -# 7544ce31af194b279c9dcfb7ae37d3cc -#: ../../accounts.rst:26 +#: ../../accounts.rst:35 msgid "" "An account typically represents a customer of the service provider or a " -"department in a large organization. Multiple users can exist in an account." +"department in a large organization. Multiple users can exist in an " +"account." msgstr "ä¸ä¸ªè´¦æ·é常代表ä¸ä¸ªå®¢æ·çæå¡æä¾è æä¸ä¸ªå¤§ç»ç»ä¸çä¸ä¸ªé¨é¨ãä¸ä¸ªè´¦æ·å¯åå¨å¤ä¸ªç¨æ·ã" -# e758840629a8483ba31892ff437911e1 -#: ../../accounts.rst:32 +#: ../../accounts.rst:41 msgid "Domains" msgstr "å" -# 3e28d2a36b0642c08a698f6a4426e72c -#: ../../accounts.rst:34 +#: ../../accounts.rst:43 msgid "" -"Accounts are grouped by domains. Domains usually contain multiple accounts " -"that have some logical relationship to each other and a set of delegated " -"administrators with some authority over the domain and its subdomains. For " -"example, a service provider with several resellers could create a domain for" -" each reseller." +"Accounts are grouped by domains. Domains usually contain multiple " +"accounts that have some logical relationship to each other and a set of " +"delegated administrators with some authority over the domain and its " +"subdomains. For example, a service provider with several resellers could " +"create a domain for each reseller." msgstr "å¸æ·é常æåè¿è¡åç»ãåä¸ç»å¸¸å å«å¤ä¸ªè´¦æ·ï¼è¿äºè´¦æ·é´åå¨ä¸äºé»è¾ä¸å ³ç³»åä¸ç³»å该ååå ¶ååä¸çå§æ´¾ç管çåï¼è¿æ®µçææå°±æ¯è¯´å¨é»è¾ä¸åä¸å¯ä»¥æ管çåï¼ååä¸ä¹å¯ä»¥æ管çåï¼ãæ¯å¦ï¼ä¸ä¸ªæå¡æä¾åå¯æå¤ä¸ªåéåè¿æ ·çæå¡æä¾åå°±è½ä¸ºæ¯ä¸ä¸ªåéåå建ä¸ä¸ªå" -# 79060520f2e046868f58925f3f2efc01 -#: ../../accounts.rst:40 +#: ../../accounts.rst:49 msgid "" "For each account created, the Cloud installation creates three different " -"types of user accounts: root administrator, domain administrator, and user." +"types of user accounts: root administrator, domain administrator, and " +"user." msgstr "对äºæ¯ä¸ªè´¦æ·çå建,Cloudçå®è£ è¿ç¨ä¸å建äºä¸ç§ä¸åç±»åçç¨æ·è´¦æ·ï¼æ ¹ç®¡çåï¼å管çåï¼æ®éç¨æ·ã" -# 341bf7792d884c2d8180600a07351f62 -#: ../../accounts.rst:46 +#: ../../accounts.rst:55 msgid "Users" msgstr "æ®éç¨æ·" -# 8efee3ca63e44a4098ff5086e58f1249 -#: ../../accounts.rst:48 +#: ../../accounts.rst:57 msgid "" "Users are like aliases in the account. Users in the same account are not " "isolated from each other, but they are isolated from users in other " -"accounts. Most installations need not surface the notion of users; they just" -" have one user per account. The same user cannot belong to multiple " +"accounts. Most installations need not surface the notion of users; they " +"just have one user per account. The same user cannot belong to multiple " "accounts." msgstr "ç¨æ·å°±åæ¯è´¦æ·çå«åãå¨åä¸è´¦æ·ä¸çç¨æ·å½¼æ¤ä¹é´å¹¶éé离çãä½æ¯ä»ä»¬ä¸ä¸åè´¦æ·ä¸çç¨æ·æ¯ç¸äºé离çã大å¤æ°å®è£ ä¸éè¦ç¨æ·ç表é¢æ¦å¿µï¼ä»ä»¬åªæ¯æ¯ä¸ä¸ªå¸æ·çç¨æ·ãåä¸ç¨æ·ä¸è½å±äºå¤ä¸ªå¸æ·ã" -# 67a573904306470f87a1f3f6ad52a15f -#: ../../accounts.rst:54 +#: ../../accounts.rst:63 msgid "" "Username is unique in a domain across accounts in that domain. The same " -"username can exist in other domains, including sub-domains. Domain name can " -"repeat only if the full pathname from root is unique. For example, you can " -"create root/d1, as well as root/foo/d1, and root/sales/d1." +"username can exist in other domains, including sub-domains. Domain name " +"can repeat only if the full pathname from root is unique. For example, " +"you can create root/d1, as well as root/foo/d1, and root/sales/d1." msgstr "å¤ä¸ªè´¦æ·ä¸çç¨æ·åå¨åä¸åºè¯¥æ¯å¯ä¸çãç¸åçç¨æ·åè½å¨å ¶ä»çåä¸åå¨ï¼å æ¬ååãåååªæå¨å ¨è·¯å¾åå¯ä¸çæ¶åæè½éå¤ãæ¯å¦ï¼ä½ è½å建ä¸ä¸ªroot/d1ï¼ä¹å¯ä»¥å建root/foo/d1åroot/sales/d1ã" -# af85977a7aeb4aff9010bde059e08b23 -#: ../../accounts.rst:59 +#: ../../accounts.rst:68 msgid "" -"Administrators are accounts with special privileges in the system. There may" -" be multiple administrators in the system. Administrators can create or " -"delete other administrators, and change the password for any user in the " -"system." +"Administrators are accounts with special privileges in the system. There " +"may be multiple administrators in the system. Administrators can create " +"or delete other administrators, and change the password for any user in " +"the system." msgstr "管çåå¨ç³»ç»ä¸æ¯æ¥æç¹æçè´¦æ·ãå¯è½æå¤ä¸ªç®¡çåå¨ç³»ç»ä¸ï¼ç®¡çåè½å建å é¤å ¶ä»ç®¡çåï¼å¹¶ä¸ä¿®æ¹ç³»ç»ä¸ä»»æç¨æ·çå¯ç ã" -# 8613eb42958647fba87ae1b922d58740 -#: ../../accounts.rst:66 +#: ../../accounts.rst:75 msgid "Domain Administrators" msgstr "å管çå" -# 901efdb2c8554033b865587a48a319f9 -#: ../../accounts.rst:68 +#: ../../accounts.rst:77 msgid "" -"Domain administrators can perform administrative operations for users who " -"belong to that domain. Domain administrators do not have visibility into " -"physical servers or other domains." +"Domain administrators can perform administrative operations for users who" +" belong to that domain. Domain administrators do not have visibility into" +" physical servers or other domains." msgstr "å管çåå¯ä»¥å¯¹å±äºè¯¥åçç¨æ·è¿è¡ç®¡çæä½ãå管çåå¨ç©çæå¡å¨æå ¶ä»åä¸ä¸å¯è§ã" -# 5922a532b5814e479301a7d697eb8854 -#: ../../accounts.rst:74 +#: ../../accounts.rst:83 msgid "Root Administrator" msgstr "æ ¹ç®¡çå" -# 20be104d0a134bab92309e774b538dd4 -#: ../../accounts.rst:76 +#: ../../accounts.rst:85 msgid "" -"Root administrators have complete access to the system, including managing " -"templates, service offerings, customer care administrators, and domains" +"Root administrators have complete access to the system, including " +"managing templates, service offerings, customer care administrators, and " +"domains" msgstr "æ ¹ç®¡çåæ¥æç³»ç»å®å ¨è®¿é®æéï¼å æ¬ç®¡ç模æ¿ï¼æå¡æ¹æ¡ï¼å®¢æ·æå¡ç®¡çåååã" -# 7f9e7eaa9c5b4eaba5575b81514d4040 -#: ../../accounts.rst:82 +#: ../../accounts.rst:91 msgid "Resource Ownership" msgstr "èµæºæææ" -# 3fad6f5edfb34464b707419ce6b7b4a6 -#: ../../accounts.rst:84 -msgid "" -"Resources belong to the account, not individual users in that account. For " -"example, billing, resource limits, and so on are maintained by the account, " -"not the users. A user can operate on any resource in the account provided " -"the user has privileges for that operation. The privileges are determined by" -" the role. A root administrator can change the ownership of any virtual " -"machine from one account to any other account by using the " -"assignVirtualMachine API. A domain or sub-domain administrator can do the " -"same for VMs within the domain from one account to any other account in the " -"domain or any of its sub-domains." -msgstr "èµæºå±äºå¸æ·ï¼èä¸æ¯å¸æ·ä¸çå个ç¨æ·ãä¾å¦ï¼è´¦åãèµæºéå¶çç±å¸æ·ç»´æ¤ï¼èä¸æ¯ç¨æ·ç»´æ¤ãç¨æ·ææéæä½ä»»ä½å¨å¸æ·ä¸æä¾çèµæºãæéæè§è²å³å®ãæ ¹ç®¡çåéè¿ä½¿ç¨assignVirtualMachine APIå¯ä»¥å°ä»»ä½èææºçæææä»ä¸ä¸ªå¸æ·è°æ´å°å¦ä¸ä¸ªå¸æ·ãåæåå管çåå¯ä»¥å¯¹åä¸çVMsååæ ·çæä½ï¼å æ¬ååã" - -# f25ec45041cd435d83eaf32720407dd4 -#: ../../accounts.rst:96 +#: ../../accounts.rst:93 +msgid "" +"Resources belong to the account, not individual users in that account. " +"For example, billing, resource limits, and so on are maintained by the " +"account, not the users. A user can operate on any resource in the account" +" provided the user has privileges for that operation. The privileges are " +"determined by the role. A root administrator can change the ownership of " +"any virtual machine from one account to any other account by using the " +"assignVirtualMachine API. A domain or sub-domain administrator can do the" +" same for VMs within the domain from one account to any other account in " +"the domain or any of its sub-domains." +msgstr "" +"èµæºå±äºå¸æ·ï¼èä¸æ¯å¸æ·ä¸çå个ç¨æ·ãä¾å¦ï¼è´¦åãèµæºéå¶çç±å¸æ·ç»´æ¤ï¼èä¸æ¯ç¨æ·ç»´æ¤ãç¨æ·ææéæä½ä»»ä½å¨å¸æ·ä¸æä¾çèµæºãæéæè§è²å³å®ãæ ¹ç®¡çåéè¿ä½¿ç¨assignVirtualMachine" +" APIå¯ä»¥å°ä»»ä½èææºçæææä»ä¸ä¸ªå¸æ·è°æ´å°å¦ä¸ä¸ªå¸æ·ãåæåå管çåå¯ä»¥å¯¹åä¸çVMsååæ ·çæä½ï¼å æ¬ååã" + +#: ../../accounts.rst:105 +msgid "Using Dynamic Roles" +msgstr "" + +#: ../../accounts.rst:107 +msgid "" +"In addition to the four default roles, the dynamic role-based API checker" +" feature allows CloudStack root admins to create new roles with " +"customized permissions. The allow/deny rules can be configured " +"dynamically during runtime without restarting the management server(s)." +msgstr "" + +#: ../../accounts.rst:112 +msgid "" +"For backward compatiblity, all roles resolve to one of the four role " +"types: admin, resource admin, domain admin and user. A new role can be " +"created using the roles tab in the UI and specifying a name, a role type " +"and optionally a description." +msgstr "" + +#: ../../accounts.rst:117 +msgid "" +"Role specific rules can be configured through the rules tab on role " +"specific details page. A rule is either an API name or a wildcard string " +"that are one of allow or deny permission and optionally a description." +msgstr "" + +#: ../../accounts.rst:121 +msgid "" +"When a user makes an API request, the backend checks the requested API " +"against configured rules (in the order the rules were configured) for the" +" caller user-account's role. It will iterate through the rules and would " +"allow the API request if the API matches an allow rule, else if it " +"matches a deny rule it would deny the request. Next, if the request API " +"fails to match any of the configured rules it would allow if the " +"requested API's default authorized annotaions allow that user role type " +"and finally deny the user API request if it fails to be explicitly " +"allowed/denied by the role permission rules or the default API authorize " +"annotations. Note: to avoid root admin being locked out of the system, " +"all root admin accounts are allowed all APIs." +msgstr "" + +#: ../../accounts.rst:132 +msgid "" +"The dynamic-roles feature is enabled by default only for all new " +"CloudStack installations since version `4.9.x " +"<https://cwiki.apache.org/confluence/display/CLOUDSTACK/Dynamic+Role+Based+API+Access+Checker+for+CloudStack>`_." +msgstr "" + +#: ../../accounts.rst:135 +msgid "" +"After an upgrade, existing deployments can be migrated to use this " +"feature by running a migration tool by the CloudStack admin. The " +"migration tool is located at ``/usr/share/cloudstack-common/scripts/util" +"/migrate-dynamicroles.py``." +msgstr "" + +#: ../../accounts.rst:139 +msgid "" +"During migration, this tool enables an internal flag in the database, " +"copies existing static role-based rules from provided commands.properties" +" file (typically at ``/etc/cloudstack/management/commands.properties``) " +"to the database and renames the commands.properties file (typically to " +"/etc/cloudstack/management/commands.properties.deprecated). The migration" +" process does not require restarting the management server(s)." +msgstr "" + +#: ../../accounts.rst:146 +msgid "Usage: ``migrate-dynamicroles.py`` [options] [-h for help]" +msgstr "" + +#: ../../accounts.rst:148 +msgid "Options:" +msgstr "" + +#: ../../accounts.rst:151 +msgid "The name of the database, default: cloud" +msgstr "" + +#: ../../accounts.rst:153 +msgid "User name a MySQL user with privileges on cloud database, default: cloud" +msgstr "" + +#: ../../accounts.rst:155 +msgid "Password of a MySQL user with privileges on cloud database" +msgstr "" + +#: ../../accounts.rst:157 +msgid "Host or IP of the MySQL server" +msgstr "" + +#: ../../accounts.rst:159 +msgid "Host or IP of the MySQL server, default: 3306" +msgstr "" + +#: ../../accounts.rst:161 +msgid "" +"The commands.properties file, default: " +"/etc/cloudstack/management/commands.properties" +msgstr "" + +#: ../../accounts.rst:163 +msgid "Dry run and debug operations this tool will perform" +msgstr "" + +#: ../../accounts.rst:166 +msgid "Example:" +msgstr "" + +#: ../../accounts.rst:168 +msgid "" +"sudo python /usr/share/cloudstack-common/scripts/util/migrate-" +"dynamicroles.py -u cloud -p cloud -h localhost -p 3006 -f " +"/etc/cloudstack/management/commands.properties" +msgstr "" + +#: ../../accounts.rst:170 +msgid "" +"If you've multiple management servers, remove or rename the " +"commands.properties file on all management servers typically in " +"/etc/cloudstack/management path, after running the migration tool for the" +" first management server" +msgstr "" + +#: ../../accounts.rst:176 msgid "Dedicating Resources to Accounts and Domains" msgstr "ç»å¸æ·åååé ä¸ç¨èµæº" -# 8a6427fc034647e681a14ca03224406c -#: ../../accounts.rst:98 +#: ../../accounts.rst:178 msgid "" "The root administrator can dedicate resources to a specific domain or " "account that needs private infrastructure for additional security or " -"performance guarantees. A zone, pod, cluster, or host can be reserved by the" -" root administrator for a specific domain or account. Only users in that " -"domain or its subdomain may use the infrastructure. For example, only users " -"in a given domain can create guests in a zone dedicated to that domain." +"performance guarantees. A zone, pod, cluster, or host can be reserved by " +"the root administrator for a specific domain or account. Only users in " +"that domain or its subdomain may use the infrastructure. For example, " +"only users in a given domain can create guests in a zone dedicated to " +"that domain." msgstr "æ ¹ç®¡çåå¯ä»¥å°èµæºåé ç»æå®çåæ为äºä¿è¯é¢å¤çå®å ¨ææ§è½ä»èéè¦åç¬åºç¡æ¶æå¸æ·ã为äºä¸ä¸ªæå®çåæè´¦å·ï¼åºåãæºæ¶ã群éæè 主æºå¯ä»¥è¢«æ ¹ç®¡çåä¿çãåªæåæå®çååä¸çç¨æ·å¯ä»¥ä½¿ç¨è¿ä¸ªåºç¡æ¶æãæ¯å¦ï¼åªæåä¸çç¨æ·å¯ä»¥å¨å ¶ä¸çåºåä¸å建æ¥å®¾èæºã" -# 13b20e92d1144d5da1089384a9ce4e59 -#: ../../accounts.rst:106 +#: ../../accounts.rst:186 msgid "There are several types of dedication available:" msgstr "è¿éæå ç§ææçåé æ¹å¼ï¼" -# a62e7433baeb444386932b41fe5601fa -#: ../../accounts.rst:108 +#: ../../accounts.rst:188 msgid "" "Explicit dedication. A zone, pod, cluster, or host is dedicated to an " -"account or domain by the root administrator during initial deployment and " -"configuration." +"account or domain by the root administrator during initial deployment and" +" configuration." msgstr "æç¡®çä¸ç¨ãæ ¹ç®¡çåå¨åå§é¨ç½²åé ç½®æé´ç»ä¸ä¸ªå¸æ·æè ååé äºä¸ä¸ªåºåãæºæ¶ã群éæè 主æºã" -# 29fbffa86cfd49b4aa29ea7d373eaa03 -#: ../../accounts.rst:112 +#: ../../accounts.rst:192 msgid "" "Strict implicit dedication. A host will not be shared across multiple " -"accounts. For example, strict implicit dedication is useful for deployment " -"of certain types of applications, such as desktops, where no host can be " -"shared between different accounts without violating the desktop software's " -"terms of license." +"accounts. For example, strict implicit dedication is useful for " +"deployment of certain types of applications, such as desktops, where no " +"host can be shared between different accounts without violating the " +"desktop software's terms of license." msgstr "ä¸¥æ ¼çæ½å¨ä¸ç¨ï¼ä¸ä¸ªä¸»æºç¦æ¢éè¿å¤ä¸ªè´¦å·å ±äº«ãä¾å¦ï¼ä¸¥æ ¼ç§èªå ±äº«å¯¹äºé¨ç½²çæäºåºç¨æ¯æç¨å¤çï¼å没æ软件ææ主æºä¸è½å¨ä¸åè´¦å·é´è¿è¡æ¡é¢å ±äº«ã" -# a821acd0f71541708e12788d2fbc5d75 -#: ../../accounts.rst:118 +#: ../../accounts.rst:198 msgid "" "Preferred implicit dedication. The VM will be deployed in dedicated " "infrastructure if possible. Otherwise, the VM can be deployed in shared " "infrastructure." msgstr "ä¼å çæ½å¨ä¸ç¨ãå¦æå¯ä»¥çè¯ï¼VMä¼è¢«é¨ç½²å¨ä¸ç¨çåºç¡æ¶æä¸ãå¦åï¼VMå¯è¢«é¨ç½²å¨å ±äº«åºç¡æ¶æä¸ã" -# b498c9fe36a94f2588d7a9e4494a761d -#: ../../accounts.rst:124 +#: ../../accounts.rst:204 msgid "How to Dedicate a Zone, Cluster, Pod, or Host to an Account or Domain" msgstr "å¦ä½ç»å¸æ·æè åæå®ä¸ä¸ªåºåã群éãæºæ¶æè 主æº" -# 62ce22c4d6f346b79218ff7a937ee3e2 -#: ../../accounts.rst:126 +#: ../../accounts.rst:206 msgid "" -"For explicit dedication: When deploying a new zone, pod, cluster, or host, " -"the root administrator can click the Dedicated checkbox, then choose a " -"domain or account to own the resource." +"For explicit dedication: When deploying a new zone, pod, cluster, or " +"host, the root administrator can click the Dedicated checkbox, then " +"choose a domain or account to own the resource." msgstr "对äºæç¡®çä¸ç¨ï¼å½é¨ç½²ä¸ä¸ªæ°çåºåãæºæ¶ã群éæè 主æºçæ¶åï¼æ ¹ç®¡çåå¯ä»¥ç¹å»Dedicatedéæ¡ï¼ç¶åéæ©åæè å¸æ·æ¥æ¥æè¿äºèµæºã" -# 9dfe3b7a9e87411d9694c32c5e4f891e -#: ../../accounts.rst:130 +#: ../../accounts.rst:210 msgid "" -"To explicitly dedicate an existing zone, pod, cluster, or host: log in as " -"the root admin, find the resource in the UI, and click the Dedicate button. " -"|button to dedicate a zone, pod,cluster, or host|" -msgstr "对äºæç¡®çä¸ç¨ä¸ä¸ªå·²åå¨çåºåãæºæ¶ã群éæè 主æºï¼ä½¿ç¨æ ¹ç®¡çåç»å½ï¼å¨UIä¸æ¾å°èµæºï¼ç¶åç¹å»Dedicateæé®ã|button to dedicate a zone, pod,cluster, or host|" +"To explicitly dedicate an existing zone, pod, cluster, or host: log in as" +" the root admin, find the resource in the UI, and click the Dedicate " +"button. |button to dedicate a zone, pod,cluster, or host|" +msgstr "" +"对äºæç¡®çä¸ç¨ä¸ä¸ªå·²åå¨çåºåãæºæ¶ã群éæè 主æºï¼ä½¿ç¨æ ¹ç®¡çåç»å½ï¼å¨UIä¸æ¾å°èµæºï¼ç¶åç¹å»Dedicateæé®ã|button to " +"dedicate a zone, pod,cluster, or host|" -# 90707af3ed2b4e6fa7875e9bdd890252 -#: ../../accounts.rst:134 +#: ../../accounts.rst:214 msgid "" "For implicit dedication: The administrator creates a compute service " "offering and in the Deployment Planner field, chooses " -"ImplicitDedicationPlanner. Then in Planner Mode, the administrator specifies" -" either Strict or Preferred, depending on whether it is permissible to allow" -" some use of shared resources when dedicated resources are not available. " -"Whenever a user creates a VM based on this service offering, it is allocated" -" on one of the dedicated hosts." +"ImplicitDedicationPlanner. Then in Planner Mode, the administrator " +"specifies either Strict or Preferred, depending on whether it is " +"permissible to allow some use of shared resources when dedicated " +"resources are not available. Whenever a user creates a VM based on this " +"service offering, it is allocated on one of the dedicated hosts." msgstr "对äºéå¼çä¸ç¨ï¼ç®¡çåå建ç计ç®æå¡æ¹æ¡åå¨é¨ç½²è§ååºåéæ©ImplicitDedicationPlannerãç¶åå¨è§å模åä¸ï¼ç®¡çåæç §æ¯å¦å 许ä¸äºäººå½æ²¡æä¸ç¨èµæºå¯ç¨çæ¶å使ç¨å ±äº«èµæºæ¥éæ©ä¸¥æ ¼çæè ä¼å çãæ 论ä½æ¶ï¼ç¨æ·åºäºè¿ä¸ªæå¡æ¹æ¡å建çVMé½ä¼ä½äºä¸ç¨ä¸»æºã" -# fda3697ce3a4454da72edbe9f02b3564 -#: ../../accounts.rst:144 +#: ../../accounts.rst:224 msgid "How to Use Dedicated Hosts" msgstr "å¦ä½ä½¿ç¨ä¸ç¨ä¸»æº" -# cfd0e245a5a2498b9fa7c89160957ffe -#: ../../accounts.rst:146 +#: ../../accounts.rst:226 msgid "" "To use an explicitly dedicated host, use the explicit-dedicated type of " "affinity group (see `âAffinity Groupsâ <virtual_machines.html#affinity-" -"groups>`_). For example, when creating a new VM, an end user can choose to " -"place it on dedicated infrastructure. This operation will succeed only if " -"some infrastructure has already been assigned as dedicated to the user's " -"account or domain." -msgstr "è¦ä½¿ç¨æç¡®ä¸ç¨ä¸»æºï¼å¨å ³èç» (åé `âå ³èç»â <virtual_machines.html#affinity-groups>`_)ä¸éæ©explicit-dedicated ç±»åãæ¯å¦ï¼å½å建æ°VMçæ¶åï¼ç»ç«¯ç¨æ·å¯ä»¥éæ©å°å ¶è¿è¡å¨ä¸ç¨åºç¡æ¶æä¸ãå¦æä¸äºåºç¡æ¶æå·²ç»è¢«åé ç»ä¸ç¨çç¨æ·å¸å·æåï¼é£ä¹è¿ä¸ªæä½æè½æåã" +"groups>`_). For example, when creating a new VM, an end user can choose " +"to place it on dedicated infrastructure. This operation will succeed only" +" if some infrastructure has already been assigned as dedicated to the " +"user's account or domain." +msgstr "" +"è¦ä½¿ç¨æç¡®ä¸ç¨ä¸»æºï¼å¨å ³èç» (åé `âå ³èç»â <virtual_machines.html#affinity-groups>`_" +")ä¸éæ©explicit-dedicated " +"ç±»åãæ¯å¦ï¼å½å建æ°VMçæ¶åï¼ç»ç«¯ç¨æ·å¯ä»¥éæ©å°å ¶è¿è¡å¨ä¸ç¨åºç¡æ¶æä¸ãå¦æä¸äºåºç¡æ¶æå·²ç»è¢«åé ç»ä¸ç¨çç¨æ·å¸å·æåï¼é£ä¹è¿ä¸ªæä½æè½æåã" -# 86abbd3940f34e96a1ad71a01dc6339d -#: ../../accounts.rst:155 +#: ../../accounts.rst:235 msgid "Behavior of Dedicated Hosts, Clusters, Pods, and Zones" msgstr "ä¸ç¨ä¸»æºã群éãæºæ¶ååºåçè¡ä¸º" -# a9963e63da4e48f2a2b7b7fdad96ba29 -#: ../../accounts.rst:157 +#: ../../accounts.rst:237 msgid "" -"The administrator can live migrate VMs away from dedicated hosts if desired," -" whether the destination is a host reserved for a different account/domain " -"or a host that is shared (not dedicated to any particular account or " -"domain). CloudStack will generate an alert, but the operation is allowed." +"The administrator can live migrate VMs away from dedicated hosts if " +"desired, whether the destination is a host reserved for a different " +"account/domain or a host that is shared (not dedicated to any particular " +"account or domain). CloudStack will generate an alert, but the operation " +"is allowed." msgstr "管çåå¯ä»¥å°VMsä»ä¸ç¨ä¸»æºä¸è¿ç§»å°ä»»ä½æ³è¦çå°æ¹ï¼ä¸ç®¡ç®æ 主æºæ¯ä¸åå¸å·/åä¸ç¨çè¿æ¯å ±äº«ç主æº(ä¸å¯¹ä»»ä½ç¹æ®å¸å·æåä¸ç¨)ãCloudStackå°çæä¸ä¸ªè¦åï¼ä¸è¿æä½è¿æ¯å 许çã" -# a9a8992734b0490aac5bd5e5efa45483 -#: ../../accounts.rst:163 +#: ../../accounts.rst:243 msgid "" -"Dedicated hosts can be used in conjunction with host tags. If both a host " -"tag and dedication are requested, the VM will be placed only on a host that " -"meets both requirements. If there is no dedicated resource available to that" -" user that also has the host tag requested by the user, then the VM will not" -" deploy." +"Dedicated hosts can be used in conjunction with host tags. If both a host" +" tag and dedication are requested, the VM will be placed only on a host " +"that meets both requirements. If there is no dedicated resource available" +" to that user that also has the host tag requested by the user, then the " +"VM will not deploy." msgstr "ä¸ç¨ä¸»æºå¯ç¨ä¸»æºæ ç¾è¿æ¥ãå¦æåæ¶éè¦ä¸»æºæ ç¾åä¸ç¨ï¼é£ä¹VMå°åªä¼å¨å¹é ææéæ±ç主æºä¸è¿è¡ãå¦æ没æä¸ç¨èµæºå¯ç¨äºè¿ç±»ç¨æ·ï¼é£ä¹VMå°±ä¸ä¼è¢«ä¸é¨ç½²ã" -# 694b1842b07049c094a79e240c2db934 -#: ../../accounts.rst:169 +#: ../../accounts.rst:249 msgid "" "If you delete an account or domain, any hosts, clusters, pods, and zones " "that were dedicated to it are freed up. They will now be available to be " @@ -267,284 +385,592 @@ msgid "" "dedicate them to a different account or domain." msgstr "å¦æä½ å é¤äºä¸ä¸ªæå®äºä¸ç¨èµæºçå¸å·æè åï¼é£ä¹å ¶ä¸çä»»ä½ä¸»æºã群éãæºæ¶ååºåå°±ä¼è¢«éæ¾ãå®ä»¬ä¼åæå¯è¢«ä»»ä½å¸æ·æè åå ±äº«ï¼æè 管çåå¯éæ©éæ°æå®ä»¬æå®ç»ä¸åçå¸å·æåã" -# 9676e7d49a4247c0bd41a3d53e7482a1 -#: ../../accounts.rst:174 +#: ../../accounts.rst:254 msgid "" "System VMs and virtual routers affect the behavior of host dedication. " -"System VMs and virtual routers are owned by the CloudStack system account, " -"and they can be deployed on any host. They do not adhere to explicit " -"dedication. The presence of system vms and virtual routers on a host makes " -"it unsuitable for strict implicit dedication. The host can not be used for " -"strict implicit dedication, because the host already has VMs of a specific " -"account (the default system account). However, a host with system VMs or " -"virtual routers can be used for preferred implicit dedication." +"System VMs and virtual routers are owned by the CloudStack system " +"account, and they can be deployed on any host. They do not adhere to " +"explicit dedication. The presence of system vms and virtual routers on a " +"host makes it unsuitable for strict implicit dedication. The host can not" +" be used for strict implicit dedication, because the host already has VMs" +" of a specific account (the default system account). However, a host with" +" system VMs or virtual routers can be used for preferred implicit " +"dedication." msgstr "ç³»ç»VMsåèæè·¯ç±å¨å½±åä¸ç¨ä¸»æºçè¡ä¸ºãç³»ç»VMsåèæè·¯ç±å¨ç±CloudStackç³»ç»è´¦å·æ¥æï¼å¹¶ä¸å®ä»¬å¯å¨ä»»ä½ä¸»æºä¸é¨ç½²ãå®ä»¬ä¸ä¼ä¼´éçæç¡®ä¸ç¨ä¸»æºã主æºä¸çç³»ç»èæºåèæè·¯ç±å¨ä½¿å ¶ä¸åéåä½ä¸ºä¸¥æ ¼çæ½å¨ä¸ç¨ä¸»æºã主æºä¹æ以ä¸è½ç¨äºä¸¥æ ¼çæ½å¨ä¸ç¨ä¸»æºï¼æ¯å 为主æºå·²ç»æé对å¸å·(é»è®¤ç³»ç»è´¦å·)çVMsã尽管å¦æ¤ï¼è¿è¡çç³»ç»VMsæèæè·¯ç±å¨ç主æºå¯ä»¥è¢«ç¨äºä¼å çæ½å¨ä¸ç¨ã" -# c3ac9b9cb46f4fa7b6ea8d96adc7111e -#: ../../accounts.rst:186 +#: ../../accounts.rst:266 msgid "Using an LDAP Server for User Authentication" msgstr "使ç¨LDAPæå¡å¨ç¨äºç¨æ·éªè¯" -# 4c358cdbd0ef4ea8bae9aa240f1b4e4a -#: ../../accounts.rst:188 +#: ../../accounts.rst:268 msgid "" -"You can use an external LDAP server such as Microsoft Active Directory or " -"ApacheDS to authenticate CloudStack end-users. Just map CloudStack accounts " -"to the corresponding LDAP accounts using a query filter. The query filter is" -" written using the query syntax of the particular LDAP server, and can " -"include special wildcard characters provided by CloudStack for matching " -"common values such as the userâs email address and name. CloudStack will " -"search the external LDAP directory tree starting at a specified base " -"directory and return the distinguished name (DN) and password of the " -"matching user. This information along with the given password is used to " -"authenticate the user.." -msgstr "ä½ å¯ä»¥ä½¿ç¨ä¸ä¸ªå¤é¨LDAPæå¡å¨ï¼ä¾å¦å¾®è½¯æ´»å¨ç®å½æApacheDSè¿è¡CloudStackçç»ç«¯ç¨æ·éªè¯ãä» ä» ä½¿ç¨æ¥è¯¢è¿æ»¤å¨æ å°CloudStackè´¦æ·ä¸å¯¹åºçLDAPå¸æ·ãæ¥è¯¢è¿æ»¤å¨æ¯ä½¿ç¨æ¥è¯¢è¯æ³åçç¹å«çLDAPæå¡å¨ï¼å¯ä»¥å æ¬ç¨CloudStackæä¾çç¹æ®éé 符å¹é éç¨çåç¨æ·ççµåé®ä»¶å°ååå称è¿ç§å¼ãCloudStackå°å¨å¤é¨LDAPç®å½æ ä¸ä»ä¸ä¸ªæå®çåºç®æç´¢å½å¹¶è¿åä¸æå称(DN)åå¯ç å¹é ç¨æ·ãè¿ä¸ªä¿¡æ¯ä»¥åç»å®çå¯ç æ¯ç¨äºéªè¯ç¨æ·ãã" +"You can use an external LDAP server such as Microsoft Active Directory or" +" ApacheDS to authenticate CloudStack end-users. CloudStack will search " +"the external LDAP directory tree starting at a specified base directory " +"and gets user info such as first name, last name, email and username." +msgstr "" -# 14c749c7da61408588c8e8cdaa11796c -#: ../../accounts.rst:199 +#: ../../accounts.rst:273 +msgid "" +"To authenticate, username and password entered by the user are used. " +"Cloudstack does a search for a user with the given username. If it " +"exists, it does a bind request with DN and password." +msgstr "" + +#: ../../accounts.rst:277 +msgid "" +"To set up LDAP authentication in CloudStack, call the CloudStack API " +"command ``addLdapConfiguration`` and provide Hostname or IP address and " +"listening port of the LDAP server. You could configure multiple servers " +"as well. These are expected to be replicas. If one fails, the next one is" +" used." +msgstr "" + +#: ../../accounts.rst:283 msgid "" -"To set up LDAP authentication in CloudStack, call the CloudStack API command" -" ldapConfig and provide the following:" -msgstr "å¨CloudStackä¸è®¾ç½®LDAPéªè¯ï¼è°ç¨CloudStack APIæ令ldapConfigï¼å¹¶æä¾å¦ä¸ï¼" +"The following global configurations should also be configured (the " +"default values are for openldap)" +msgstr "" + +#: ../../accounts.rst:286 +msgid "" +"``ldap.basedn``: Sets the basedn for LDAP. Ex: " +"**OU=APAC,DC=company,DC=com**" +msgstr "" + +#: ../../accounts.rst:288 +msgid "" +"``ldap.bind.principal``, ``ldap.bind.password``: DN and password for a " +"user who can list all the users in the above basedn. Ex: " +"**CN=Administrator, OU=APAC, DC=company, DC=com**" +msgstr "" + +#: ../../accounts.rst:292 +msgid "" +"``ldap.user.object``: object type of users within LDAP. Defaults value is" +" **user** for AD and **inetorgperson** for openldap." +msgstr "" + +#: ../../accounts.rst:295 +msgid "" +"``ldap.email.attribute``: email attribute within ldap for a user. Default" +" value for AD and openldap is **mail**." +msgstr "" + +#: ../../accounts.rst:298 +msgid "" +"``ldap.firstname.attribute``: firstname attribute within ldap for a user." +" Default value for AD and openldap is **givenname**." +msgstr "" + +#: ../../accounts.rst:301 +msgid "" +"``ldap.lastname.attribute``: lastname attribute within ldap for a user. " +"Default value for AD and openldap is **sn**." +msgstr "" + +#: ../../accounts.rst:304 +msgid "" +"``ldap.username.attribute``: username attribute for a user within LDAP. " +"Default value is **SAMAccountName** for AD and **uid** for openldap." +msgstr "" + +#: ../../accounts.rst:309 +msgid "Restricting LDAP users to a group:" +msgstr "" + +#: ../../accounts.rst:311 +msgid "" +"``ldap.search.group.principle``: this is optional and if set only users " +"from this group are listed." +msgstr "" + +#: ../../accounts.rst:316 +msgid "LDAP SSL:" +msgstr "" + +#: ../../accounts.rst:318 +msgid "" +"If the LDAP server requires SSL, you need to enable the below " +"configurations. Before enabling SSL for LDAP, you need to get the " +"certificate which the LDAP server is using and add it to a trusted " +"keystore. You will need to know the path to the keystore and the " +"password." +msgstr "" + +#: ../../accounts.rst:322 +msgid "``ldap.truststore`` : truststore path" +msgstr "" + +#: ../../accounts.rst:323 +msgid "``ldap.truststore.password`` : truststore password" +msgstr "" + +#: ../../accounts.rst:327 +msgid "LDAP groups:" +msgstr "" + +#: ../../accounts.rst:329 +msgid "" +"``ldap.group.object``: object type of groups within LDAP. Default value " +"is group for AD and **groupOfUniqueNames** for openldap." +msgstr "" + +#: ../../accounts.rst:332 +msgid "" +"``ldap.group.user.uniquemember``: attribute for uniquemembers within a " +"group. Default value is **member** for AD and **uniquemember** for " +"openldap." +msgstr "" + +#: ../../accounts.rst:335 +msgid "" +"Once configured, on Add Account page, you will see an \"Add LDAP " +"Account\" button which opens a dialog and the selected users can be " +"imported." +msgstr "" + +#: ../../accounts.rst:342 +msgid "" +"You could also use api commands: ``listLdapUsers``, ``ldapCreateAccount``" +" and ``importLdapUsers``." +msgstr "" + +#: ../../accounts.rst:345 +msgid "" +"Once LDAP is enabled, the users will not be allowed to changed password " +"directly in cloudstack." +msgstr "" + +#: ../../accounts.rst:353 +#, fuzzy +msgid "Using a SAML 2.0 Identity Provider for User Authentication" +msgstr "使ç¨LDAPæå¡å¨ç¨äºç¨æ·éªè¯" + +#: ../../accounts.rst:355 +msgid "" +"You can use a SAML 2.0 Identity Provider with CloudStack for user " +"authentication. This will require enabling the SAML 2.0 service provider " +"plugin in CloudStack. To do that first, enable the SAML plugin by setting" +" ``saml2.enabled`` to ``true`` and restart management server." +msgstr "" + +#: ../../accounts.rst:360 +msgid "" +"Starting 4.5.2, the SAML plugin uses an authorization workflow where " +"users should be authorized by an admin using ``authorizeSamlSso`` API " +"before those users can use Single Sign On against a specific IDP. This " +"can be done by ticking the enable SAML Single Sign On checkbox and " +"selecting a IDP when adding or importing users. For existing users, admin" +" can go to the user's page and click on configure SAML SSO option to " +"enable/disable SSO for a user and select a Identity Provider. A user can " +"be authorized to authenticate against only one IDP." +msgstr "" + +#: ../../accounts.rst:368 +msgid "" +"The CloudStack service provider metadata is accessible using the " +"``getSPMetadata`` API command, or from the URL http://acs-"; +"server:8080/client/api?command=getSPMetadata where acs-server is the " +"domain name or IP address of the management server. The IDP administrator" +" can get the SP metadata from CloudStack and add it to their IDP server." +msgstr "" + +#: ../../accounts.rst:374 +msgid "" +"To start a SAML 2.0 Single Sign-On authentication, on the login page " +"users need to select the Identity Provider or Institution/Department they" +" can authenticate with and click on Login button. This action call the " +"``samlsso`` API command which will redirect the user to the Identity " +"Provider's login page. Upon successful authentication, the IdP will " +"redirect the user to CloudStack. In case a user has multiple user " +"accounts with the same username (across domains) for the same authorized " +"IDP, that user would need to specify domainpath after selecting their IDP" +" server from the dropdown list. By default, users don't need to specify " +"any domain path. After a user is successfully authenticated by an IDP " +"server, the SAML authentication plugin finds user accounts whose username" +" match the username attribute value returned by the SAML authentication " +"response; it fails only when it finds that there are multiple user " +"accounts with the same user name for the specific IDP otherwise the " +"unique useraccount is allowed to proceed and the user is logged into " +"their account." +msgstr "" + +#: ../../accounts.rst:389 +msgid "Limitations:" +msgstr "" + +#: ../../accounts.rst:391 +msgid "" +"The plugin uses a user attribute returned by the IDP server in the SAML " +"response to find and map the authorized user in CloudStack. The default " +"attribute is `uid`." +msgstr "" + +#: ../../accounts.rst:394 +msgid "" +"The SAML authentication plugin supports HTTP-Redirect and HTTP-Post " +"bindings." +msgstr "" + +#: ../../accounts.rst:396 +msgid "" +"Tested with Shibboleth 2.4, SSOCircle, Microsoft ADFS, OneLogin, Feide " +"OpenIDP, PingIdentity." +msgstr "" + +#: ../../accounts.rst:399 +msgid "The following global configuration should be configured:" +msgstr "" + +#: ../../accounts.rst:401 +msgid "" +"``saml2.enabled``: Indicates whether SAML SSO plugin is enabled or not " +"true. Default is **false**" +msgstr "" + +#: ../../accounts.rst:403 +msgid "``saml2.sp.id``: SAML2 Service Provider Identifier string" +msgstr "" + +#: ../../accounts.rst:405 +msgid "" +"``saml2.idp.metadata.url``: SAML2 Identity Provider Metadata XML Url or " +"Filename. If a URL is not provided, it will look for a file in the config" +" directory /etc/cloudstack/management" +msgstr "" + +#: ../../accounts.rst:407 +msgid "" +"``saml2.default.idpid``: The default IdP entity ID to use only in case of" +" multiple IdPs" +msgstr "" + +#: ../../accounts.rst:409 +msgid "" +"``saml2.sigalg``: The algorithm to use to when signing a SAML request. " +"Default is SHA1, allowed algorithms: SHA1, SHA256, SHA384, SHA512." +msgstr "" + +#: ../../accounts.rst:411 +msgid "" +"``saml2.redirect.url``: The CloudStack UI url the SSO should redirected " +"to when successful. Default is **http://localhost:8080/client**"; +msgstr "" + +#: ../../accounts.rst:413 +msgid "``saml2.sp.org.name``: SAML2 Service Provider Organization Name" +msgstr "" + +#: ../../accounts.rst:415 +msgid "``saml2.sp.org.url``: SAML2 Service Provider Organization URL" +msgstr "" + +#: ../../accounts.rst:417 +msgid "``saml2.sp.contact.email``: SAML2 Service Provider Contact Email Address" +msgstr "" + +#: ../../accounts.rst:419 +msgid "``saml2.sp.contact.person``: SAML2 Service Provider Contact Person Name" +msgstr "" + +#: ../../accounts.rst:421 +msgid "``saml2.sp.slo.url``: SAML2 CloudStack Service Provider Single Log Out URL" +msgstr "" + +#: ../../accounts.rst:423 +msgid "``saml2.sp.sso.url``: SAML2 CloudStack Service Provider Single Sign On URL" +msgstr "" + +#: ../../accounts.rst:425 +msgid "" +"``saml2.user.attribute``: Attribute name to be looked for in SAML " +"response that will contain the username. Default is **uid**" +msgstr "" + +#: ../../accounts.rst:427 +msgid "" +"``saml2.timeout``: SAML2 IDP Metadata refresh interval in seconds, " +"minimum value is set to 300. Default is 1800" +msgstr "" + +# 4c358cdbd0ef4ea8bae9aa240f1b4e4a +#~ msgid "" +#~ "You can use an external LDAP " +#~ "server such as Microsoft Active " +#~ "Directory or ApacheDS to authenticate " +#~ "CloudStack end-users. Just map " +#~ "CloudStack accounts to the corresponding " +#~ "LDAP accounts using a query filter. " +#~ "The query filter is written using " +#~ "the query syntax of the particular " +#~ "LDAP server, and can include special " +#~ "wildcard characters provided by CloudStack " +#~ "for matching common values such as " +#~ "the userâs email address and name. " +#~ "CloudStack will search the external LDAP" +#~ " directory tree starting at a " +#~ "specified base directory and return the" +#~ " distinguished name (DN) and password " +#~ "of the matching user. This information" +#~ " along with the given password is " +#~ "used to authenticate the user.." +#~ msgstr "ä½ å¯ä»¥ä½¿ç¨ä¸ä¸ªå¤é¨LDAPæå¡å¨ï¼ä¾å¦å¾®è½¯æ´»å¨ç®å½æApacheDSè¿è¡CloudStackçç»ç«¯ç¨æ·éªè¯ãä» ä» ä½¿ç¨æ¥è¯¢è¿æ»¤å¨æ å°CloudStackè´¦æ·ä¸å¯¹åºçLDAPå¸æ·ãæ¥è¯¢è¿æ»¤å¨æ¯ä½¿ç¨æ¥è¯¢è¯æ³åçç¹å«çLDAPæå¡å¨ï¼å¯ä»¥å æ¬ç¨CloudStackæä¾çç¹æ®éé 符å¹é éç¨çåç¨æ·ççµåé®ä»¶å°ååå称è¿ç§å¼ãCloudStackå°å¨å¤é¨LDAPç®å½æ ä¸ä»ä¸ä¸ªæå®çåºç®æç´¢å½å¹¶è¿åä¸æå称(DN)åå¯ç å¹é ç¨æ·ãè¿ä¸ªä¿¡æ¯ä»¥åç»å®çå¯ç æ¯ç¨äºéªè¯ç¨æ·ãã" + +# 14c749c7da61408588c8e8cdaa11796c +#~ msgid "" +#~ "To set up LDAP authentication in " +#~ "CloudStack, call the CloudStack API " +#~ "command ldapConfig and provide the " +#~ "following:" +#~ msgstr "å¨CloudStackä¸è®¾ç½®LDAPéªè¯ï¼è°ç¨CloudStack APIæ令ldapConfigï¼å¹¶æä¾å¦ä¸ï¼" # c4708aa56b75423080f17f84ec2a37a4 -#: ../../accounts.rst:202 -msgid "Hostname or IP address and listening port of the LDAP server" -msgstr "LDAPæå¡å¨ç主æºåæIPå°ååçå¬ç«¯å£" +#~ msgid "Hostname or IP address and listening port of the LDAP server" +#~ msgstr "LDAPæå¡å¨ç主æºåæIPå°ååçå¬ç«¯å£" # ff4d11fcc40f4d5c86ce032c3d6e6a76 -#: ../../accounts.rst:204 -msgid "Base directory and query filter" -msgstr "åºæ¬ç®å½åæ¥è¯¢è¿æ»¤å¨" +#~ msgid "Base directory and query filter" +#~ msgstr "åºæ¬ç®å½åæ¥è¯¢è¿æ»¤å¨" # 0b5fce75930e49b19cf1d00062c78539 -#: ../../accounts.rst:206 -msgid "" -"Search user DN credentials, which give CloudStack permission to search on " -"the LDAP server" -msgstr "æç´¢ç¨æ·DN åè¯ï¼è¿ä¸ªåè¯æ¯æäºCloudStackå 许æç´¢LDAPæå¡å¨ä¸çåè¯" +#~ msgid "" +#~ "Search user DN credentials, which give" +#~ " CloudStack permission to search on " +#~ "the LDAP server" +#~ msgstr "æç´¢ç¨æ·DN åè¯ï¼è¿ä¸ªåè¯æ¯æäºCloudStackå 许æç´¢LDAPæå¡å¨ä¸çåè¯" # c3d66516470141c3af861a4b24f45150 -#: ../../accounts.rst:209 -msgid "SSL keystore and password, if SSL is used" -msgstr "SSLå¯é¥åºåå¯ç ï¼å¦æ使ç¨äºSSL" +#~ msgid "SSL keystore and password, if SSL is used" +#~ msgstr "SSLå¯é¥åºåå¯ç ï¼å¦æ使ç¨äºSSL" # 6e565fd7b02d4a97b86b380e839f129f -#: ../../accounts.rst:213 -msgid "Example LDAP Configuration Commands" -msgstr "LDAPé ç½®å½ä»¤ç¤ºä¾" +#~ msgid "Example LDAP Configuration Commands" +#~ msgstr "LDAPé ç½®å½ä»¤ç¤ºä¾" # ee72e29a6b33456684ebcbfd012c075a -#: ../../accounts.rst:215 -msgid "" -"To understand the examples in this section, you need to know the basic " -"concepts behind calling the CloudStack API, which are explained in the " -"Developerâs Guide." -msgstr "为äºæç½æ¬ç« èç示ä¾ï¼ ä½ éè¦ç¥éè°ç¨CloudStack APIçåºæ¬æ¦å¿µï¼è¿å¨å¼åè ææ¡£ä¸æ讲解ã" +#~ msgid "" +#~ "To understand the examples in this " +#~ "section, you need to know the " +#~ "basic concepts behind calling the " +#~ "CloudStack API, which are explained in" +#~ " the Developerâs Guide." +#~ msgstr "为äºæç½æ¬ç« èç示ä¾ï¼ ä½ éè¦ç¥éè°ç¨CloudStack APIçåºæ¬æ¦å¿µï¼è¿å¨å¼åè ææ¡£ä¸æ讲解ã" # 065e58a0d0f74c8d84670251cf00c487 -#: ../../accounts.rst:219 -msgid "" -"The following shows an example invocation of ldapConfig with an ApacheDS " -"LDAP server" -msgstr "以ä¸å±ç¤ºäºéè¿ApacheDS LDAPæå¡å¨è°ç¨ ldapConfigå½ä»¤ç示ä¾" +#~ msgid "" +#~ "The following shows an example " +#~ "invocation of ldapConfig with an " +#~ "ApacheDS LDAP server" +#~ msgstr "以ä¸å±ç¤ºäºéè¿ApacheDS LDAPæå¡å¨è°ç¨ ldapConfigå½ä»¤ç示ä¾" # 31d88144f8004adf8efd11cf7f9db7bd -#: ../../accounts.rst:226 -msgid "" -"The command must be URL-encoded. Here is the same example without the URL " -"encoding:" -msgstr "å½ä»¤è°ç¨çURLå¿ é¡»è¿è¡ç¼ç . è¿éæ¯ä¸ä¸ªæ²¡æè¿è¡URLç¼ç ç示ä¾ï¼" +#~ msgid "" +#~ "The command must be URL-encoded. " +#~ "Here is the same example without " +#~ "the URL encoding:" +#~ msgstr "å½ä»¤è°ç¨çURLå¿ é¡»è¿è¡ç¼ç . è¿éæ¯ä¸ä¸ªæ²¡æè¿è¡URLç¼ç ç示ä¾ï¼" # 884cde7f5dbd499ba1c28ff09380c692 -#: ../../accounts.rst:244 -msgid "" -"The following shows a similar command for Active Directory. Here, the search" -" base is the testing group within a company, and the users are matched up " -"based on email address." -msgstr "以ä¸å±ç¤ºäºä¸æ´»å¨ç®å½ç±»ä¼¼çå½ä»¤ãè¿éï¼æç´¢æ¯åºäºä¸ä¸ªå ¬å¸çæµè¯ç»ï¼ç¨æ·æ¯æ ¹æ®é®ä»¶å°åè¿è¡æ¥æ¾ã" +#~ msgid "" +#~ "The following shows a similar command" +#~ " for Active Directory. Here, the " +#~ "search base is the testing group " +#~ "within a company, and the users " +#~ "are matched up based on email " +#~ "address." +#~ msgstr "以ä¸å±ç¤ºäºä¸æ´»å¨ç®å½ç±»ä¼¼çå½ä»¤ãè¿éï¼æç´¢æ¯åºäºä¸ä¸ªå ¬å¸çæµè¯ç»ï¼ç¨æ·æ¯æ ¹æ®é®ä»¶å°åè¿è¡æ¥æ¾ã" # d2675a267aa34f4ea3fe2bba2300b61c -#: ../../accounts.rst:252 -msgid "" -"The next few sections explain some of the concepts you will need to know " -"when filling out the ldapConfig parameters." -msgstr "æ¥ä¸æ¥çå ä¸ªç« è解éäºå½å¡«åldapConfigåæ°æ¶ä½ éè¦ç¥éçä¸äºæ¦å¿µã" +#~ msgid "" +#~ "The next few sections explain some " +#~ "of the concepts you will need to" +#~ " know when filling out the ldapConfig" +#~ " parameters." +#~ msgstr "æ¥ä¸æ¥çå ä¸ªç« è解éäºå½å¡«åldapConfigåæ°æ¶ä½ éè¦ç¥éçä¸äºæ¦å¿µã" # befdce0cfd624549844139c917a82bb4 -#: ../../accounts.rst:257 -msgid "Search Base" -msgstr "æç´¢åºç¡ç®å½" +#~ msgid "Search Base" +#~ msgstr "æç´¢åºç¡ç®å½" # 1522f19d5a2a4e35a8bedc5d147a1af1 -#: ../../accounts.rst:259 -msgid "" -"An LDAP query is relative to a given node of the LDAP directory tree, called" -" the search base. The search base is the distinguished name (DN) of a level " -"of the directory tree below which all users can be found. The users can be " -"in the immediate base directory or in some subdirectory. The search base may" -" be equivalent to the organization, group, or domain name. The syntax for " -"writing a DN varies depending on which LDAP server you are using. A full " -"discussion of distinguished names is outside the scope of our documentation." -" The following table shows some examples of search bases to find users in " -"the testing department.." -msgstr "LDAPæ¥è¯¢ä¸ä¸ä¸ªLDAPç®å½æ ä¸çèç¹æå ³ï¼ç§°ä¹ä¸ºåæç´¢åºç¡ç®å½ãæç´¢åºç¡ç®å½æ¯ç®å½åºä¸çä¸çº§çdistinguished name(DN)ï¼å¨è¿éè½æ¾å°ææç¨æ·ãç¨æ·å¯ä»¥ç´å±äºæ ¹ç®å½æè ä¸äºåç®å½ãæç´¢åºç¡ç®å½å¯è½æ¯ç»ç»ãç»æè åç¨æ·åãç¨äºåDNåéçè¯æ³åå³äºä½ æ使ç¨çLDAPæå¡ãåæ·±å ¥å ¨é¢ç讨论distinguished namesè¶ åºäºæ们ææ¡£çèå´ã以ä¸è¡¨æ ¼ä¸å±ç¤ºäºä¸äºå¨æç´¢åºç¡ç®å½ä¸æ¥æ¾æµè¯é¨é¨ä¸ç¨æ·ç示ä¾ã" +#~ msgid "" +#~ "An LDAP query is relative to a " +#~ "given node of the LDAP directory " +#~ "tree, called the search base. The " +#~ "search base is the distinguished name" +#~ " (DN) of a level of the " +#~ "directory tree below which all users " +#~ "can be found. The users can be " +#~ "in the immediate base directory or " +#~ "in some subdirectory. The search base" +#~ " may be equivalent to the " +#~ "organization, group, or domain name. The" +#~ " syntax for writing a DN varies " +#~ "depending on which LDAP server you " +#~ "are using. A full discussion of " +#~ "distinguished names is outside the scope" +#~ " of our documentation. The following " +#~ "table shows some examples of search " +#~ "bases to find users in the testing" +#~ " department.." +#~ msgstr "" +#~ "LDAPæ¥è¯¢ä¸ä¸ä¸ªLDAPç®å½æ ä¸çèç¹æå ³ï¼ç§°ä¹ä¸ºåæç´¢åºç¡ç®å½ãæç´¢åºç¡ç®å½æ¯ç®å½åºä¸çä¸çº§çdistinguished " +#~ "name(DN)ï¼å¨è¿éè½æ¾å°ææç¨æ·ãç¨æ·å¯ä»¥ç´å±äºæ ¹ç®å½æè ä¸äºåç®å½ãæç´¢åºç¡ç®å½å¯è½æ¯ç»ç»ãç»æè åç¨æ·åãç¨äºåDNåéçè¯æ³åå³äºä½ æ使ç¨çLDAPæå¡ãåæ·±å ¥å ¨é¢ç讨论distinguished" +#~ " namesè¶ åºäºæ们ææ¡£çèå´ã以ä¸è¡¨æ ¼ä¸å±ç¤ºäºä¸äºå¨æç´¢åºç¡ç®å½ä¸æ¥æ¾æµè¯é¨é¨ä¸ç¨æ·ç示ä¾ã" # 3649e87915d24059beec30463e0abd10 # eb0f32160dd24b21991c2f454df60742 -#: ../../accounts.rst:270 ../../accounts.rst:328 -msgid "LDAP Server" -msgstr "LDAPæå¡å¨" +#~ msgid "LDAP Server" +#~ msgstr "LDAPæå¡å¨" # d8fb5f498afb4ee1aa6669b39f1e34be -#: ../../accounts.rst:270 -msgid "Example Search Base DN" -msgstr "æç´¢åºæ¬DN示ä¾" +#~ msgid "Example Search Base DN" +#~ msgstr "æç´¢åºæ¬DN示ä¾" # 2e421fc0d49d4a819b31999dc3cae2e0 # a0327a00878d45dab6dc0bc777814674 -#: ../../accounts.rst:272 ../../accounts.rst:330 -msgid "ApacheDS" -msgstr "ApacheDS" +#~ msgid "ApacheDS" +#~ msgstr "ApacheDS" # 6c854d5e6cdd4e3aadda7dd9be769a53 -#: ../../accounts.rst:272 -msgid "OU=testing, O=project" -msgstr "OU=testing, O=project" +#~ msgid "OU=testing, O=project" +#~ msgstr "OU=testing, O=project" # a1fbaf989c584a248386911c51fd2fba # c776e850eb3e4d64b262a32a9d302bfb -#: ../../accounts.rst:273 ../../accounts.rst:331 -msgid "Active Directory" -msgstr "Active Directory" +#~ msgid "Active Directory" +#~ msgstr "Active Directory" # 5d0095ff2d7044e7b60bc1754210dd3c -#: ../../accounts.rst:273 -msgid "OU=testing, DC=company" -msgstr "OU=testing, DC=company" +#~ msgid "OU=testing, DC=company" +#~ msgstr "OU=testing, DC=company" # 8309dae488944f0aae3e84a8e1a97ac3 -#: ../../accounts.rst:278 -msgid "Query Filter" -msgstr "æ¥è¯¢è¿æ»¤" +#~ msgid "Query Filter" +#~ msgstr "æ¥è¯¢è¿æ»¤" # c523dbbf5dd94c62a2e3927a8f3123dc -#: ../../accounts.rst:280 -msgid "" -"The query filter is used to find a mapped user in the external LDAP server. " -"The query filter should uniquely map the CloudStack user to LDAP user for a " -"meaningful authentication. For more information about query filter syntax, " -"consult the documentation for your LDAP server." -msgstr "æ¥è¯¢è¿æ»¤å¨ç¨äºå¨å¤é¨LDAPæå¡å¨ä¸æ¥æ¾ä¸ä¸ªæ å°çç¨æ·ã为å®ç°ææ认è¯ï¼æ¥è¯¢è¿æ»¤å¨åºè¯¥å°CloudStackçç¨æ·å¯ä¸æ å°å°LDAPç¨æ·ãå ³äºæ¥è¯¢è¿æ»¤å¨çè¯æ³ï¼è¯·åèæ¨ä½¿ç¨çLDAPæå¡å¨ææ¡£ã" +#~ msgid "" +#~ "The query filter is used to find" +#~ " a mapped user in the external " +#~ "LDAP server. The query filter should " +#~ "uniquely map the CloudStack user to " +#~ "LDAP user for a meaningful " +#~ "authentication. For more information about " +#~ "query filter syntax, consult the " +#~ "documentation for your LDAP server." +#~ msgstr "æ¥è¯¢è¿æ»¤å¨ç¨äºå¨å¤é¨LDAPæå¡å¨ä¸æ¥æ¾ä¸ä¸ªæ å°çç¨æ·ã为å®ç°ææ认è¯ï¼æ¥è¯¢è¿æ»¤å¨åºè¯¥å°CloudStackçç¨æ·å¯ä¸æ å°å°LDAPç¨æ·ãå ³äºæ¥è¯¢è¿æ»¤å¨çè¯æ³ï¼è¯·åèæ¨ä½¿ç¨çLDAPæå¡å¨ææ¡£ã" # f4f9c13ceefa4163962bd3cfab257852 -#: ../../accounts.rst:285 -msgid "The CloudStack query filter wildcards are:" -msgstr "CloudStackæ¥è¯¢è¿æ»¤çéé 符æ:" +#~ msgid "The CloudStack query filter wildcards are:" +#~ msgstr "CloudStackæ¥è¯¢è¿æ»¤çéé 符æ:" # bab683973b9045339c8df3488bc5dd1c -#: ../../accounts.rst:288 -msgid "Query Filter Wildcard" -msgstr "æ¥è¯¢è¿æ»¤éé 符" +#~ msgid "Query Filter Wildcard" +#~ msgstr "æ¥è¯¢è¿æ»¤éé 符" # a94af335cc864d9a962f1fb9b7b5f72c -#: ../../accounts.rst:288 -msgid "Description" -msgstr "æè¿°" +#~ msgid "Description" +#~ msgstr "æè¿°" # 334393ba6786415e91a2ed1a22d26adb -#: ../../accounts.rst:290 -msgid "%u" -msgstr "%u" +#~ msgid "%u" +#~ msgstr "%u" # 151cd28e952d4ff98ff9d1544698ccb8 -#: ../../accounts.rst:290 -msgid "User name" -msgstr "ç¨æ·å" +#~ msgid "User name" +#~ msgstr "ç¨æ·å" # f1f86cbcf39e412fb298da7653a123d3 -#: ../../accounts.rst:291 -msgid "%e" -msgstr "%e" +#~ msgid "%e" +#~ msgstr "%e" # fdf52531788c41fabb814f45f07b178a -#: ../../accounts.rst:291 -msgid "Email address" -msgstr "é®ä»¶å°å" +#~ msgid "Email address" +#~ msgstr "é®ä»¶å°å" # 6e5b529e3da248ee85f1e20f81bd8e1c -#: ../../accounts.rst:292 -msgid "%n" -msgstr "%n" +#~ msgid "%n" +#~ msgstr "%n" # 4704eb3b3e494ad3bc2105d98a3c84a9 -#: ../../accounts.rst:292 -msgid "First and last name" -msgstr "å§å" +#~ msgid "First and last name" +#~ msgstr "å§å" # 51612c6475e246f7b7d8a156605a2323 -#: ../../accounts.rst:295 -msgid "" -"The following examples assume you are using Active Directory, and refer to " -"user attributes from the Active Directory schema." -msgstr "ä¸é¢ç示ä¾åè®¾ä½ ä½¿ç¨æ´»å¨ç®å½, 并ä»æ´»å¨ç®å½æ¶æä¸è·å¾ç¨æ·å±æ§." +#~ msgid "" +#~ "The following examples assume you are" +#~ " using Active Directory, and refer to" +#~ " user attributes from the Active " +#~ "Directory schema." +#~ msgstr "ä¸é¢ç示ä¾åè®¾ä½ ä½¿ç¨æ´»å¨ç®å½, 并ä»æ´»å¨ç®å½æ¶æä¸è·å¾ç¨æ·å±æ§." # d853815e3f894dcdbb92be883305dc5b -#: ../../accounts.rst:298 -msgid "If the CloudStack user name is the same as the LDAP user ID:" -msgstr "å¦æ CloudStack çç¨æ·åä¸LDAPä¸çç¨æ·IDä¸è´:" +#~ msgid "If the CloudStack user name is the same as the LDAP user ID:" +#~ msgstr "å¦æ CloudStack çç¨æ·åä¸LDAPä¸çç¨æ·IDä¸è´:" # d0bb623240d0410eb8d70ed22ba5a2f8 -#: ../../accounts.rst:304 -msgid "If the CloudStack user name is the LDAP display name:" -msgstr "å¦æCloudStackçç¨æ·åæ¯LDAPä¸çæ¾ç¤ºååï¼" +#~ msgid "If the CloudStack user name is the LDAP display name:" +#~ msgstr "å¦æCloudStackçç¨æ·åæ¯LDAPä¸çæ¾ç¤ºååï¼" # 0a96c3c2516946c1b4260fd4d4d6ffb7 -#: ../../accounts.rst:310 -msgid "To find a user by email address:" -msgstr "使ç¨é®ä»¶å°åæ¥æ¾ç¨æ·:" +#~ msgid "To find a user by email address:" +#~ msgstr "使ç¨é®ä»¶å°åæ¥æ¾ç¨æ·:" # 5b63c901fb5a4d208df8e362234d1cba -#: ../../accounts.rst:318 -msgid "Search User Bind DN" -msgstr "æç´¢ç¨æ·ç»å®çDN" +#~ msgid "Search User Bind DN" +#~ msgstr "æç´¢ç¨æ·ç»å®çDN" # 92769f4cb5be444cab0bcb685ebe1cc4 -#: ../../accounts.rst:320 -msgid "" -"The bind DN is the user on the external LDAP server permitted to search the " -"LDAP directory within the defined search base. When the DN is returned, the " -"DN and passed password are used to authenticate the CloudStack user with an " -"LDAP bind. A full discussion of bind DNs is outside the scope of our " -"documentation. The following table shows some examples of bind DNs." -msgstr "bind DNæ¯ä½äºå¤é¨è¢«å 许å¨å®ä¹çæç´¢åºç¡ç®å½ä¸æç´¢LDAPç®å½çLDAPæå¡å¨ä¸çç¨æ·ãå½DNè¿åå¼çæ¶åï¼DNåéè¿çå¯ç å°±ä¸LDAPbindä¸èµ·è¢«ç¨äºéªè¯CloudStack ç¨æ·ãåæ·±å ¥å®å ¨ç讨论bind DNsè¶ åºäºææ¡£çèå´ãä¸é¢çè¡¨æ ¼å±ç¤ºäºä¸äºbind DNsçå®ä¾ã" +#~ msgid "" +#~ "The bind DN is the user on " +#~ "the external LDAP server permitted to" +#~ " search the LDAP directory within the" +#~ " defined search base. When the DN " +#~ "is returned, the DN and passed " +#~ "password are used to authenticate the" +#~ " CloudStack user with an LDAP bind." +#~ " A full discussion of bind DNs " +#~ "is outside the scope of our " +#~ "documentation. The following table shows " +#~ "some examples of bind DNs." +#~ msgstr "" +#~ "bind " +#~ "DNæ¯ä½äºå¤é¨è¢«å 许å¨å®ä¹çæç´¢åºç¡ç®å½ä¸æç´¢LDAPç®å½çLDAPæå¡å¨ä¸çç¨æ·ãå½DNè¿åå¼çæ¶åï¼DNåéè¿çå¯ç å°±ä¸LDAPbindä¸èµ·è¢«ç¨äºéªè¯CloudStack" +#~ " ç¨æ·ãåæ·±å ¥å®å ¨ç讨论bind DNsè¶ åºäºææ¡£çèå´ãä¸é¢çè¡¨æ ¼å±ç¤ºäºä¸äºbind DNsçå®ä¾ã" # 7fcc45a0be9241b09a01d2287541d652 -#: ../../accounts.rst:328 -msgid "Example Bind DN" -msgstr "ç»å®DN示ä¾" +#~ msgid "Example Bind DN" +#~ msgstr "ç»å®DN示ä¾" # b4c0b2f84be54e32820cac392b6c9c75 -#: ../../accounts.rst:330 -msgid "CN=Administrator,DC=testing,OU=project,OU=org" -msgstr "CN=Administrator,DC=testing,OU=project,OU=org" +#~ msgid "CN=Administrator,DC=testing,OU=project,OU=org" +#~ msgstr "CN=Administrator,DC=testing,OU=project,OU=org" # 46e145ddbc9f47e08b21fa2631ed9fa7 -#: ../../accounts.rst:331 -msgid "CN=Administrator, OU=testing, DC=company, DC=com" -msgstr "CN=Administrator, OU=testing, DC=company, DC=com" +#~ msgid "CN=Administrator, OU=testing, DC=company, DC=com" +#~ msgstr "CN=Administrator, OU=testing, DC=company, DC=com" # cbaaf7054abf480eb88b336ba62a097b -#: ../../accounts.rst:336 -msgid "SSL Keystore Path and Password" -msgstr "SSL å¯é¥åºè·¯å¾åå¯ç " +#~ msgid "SSL Keystore Path and Password" +#~ msgstr "SSL å¯é¥åºè·¯å¾åå¯ç " # 8a6a84c57cc144edb9a20e63c71ddedc -#: ../../accounts.rst:338 -msgid "" -"If the LDAP server requires SSL, you need to enable it in the ldapConfig " -"command by setting the parameters ssl, truststore, and truststorepass. " -"Before enabling SSL for ldapConfig, you need to get the certificate which " -"the LDAP server is using and add it to a trusted keystore. You will need to " -"know the path to the keystore and the password." -msgstr "å¦æLDAP æå¡å¨è¦æ±SSLï¼ ä½ éè¦å¨ldapConfigå½ä»¤ä¸éè¿è®¾ç½®åæ°ssl, truststoreåtruststorepassä½¿å ¶çæãå¨ä½¿SSL 对ldapConfig çæä¹åï¼ä½ éè¦å¾å°LDAPæå¡å¨å¨ä½¿ç¨çè¯ä¹¦å¹¶æå®å å°è¢«ä¿¡ä»»çå¯é¥åºä¸ãä½ å°éè¦ç¥éå°å¯é¥åºåå¯ç çè·¯å¾ã" +#~ msgid "" +#~ "If the LDAP server requires SSL, " +#~ "you need to enable it in the " +#~ "ldapConfig command by setting the " +#~ "parameters ssl, truststore, and " +#~ "truststorepass. Before enabling SSL for " +#~ "ldapConfig, you need to get the " +#~ "certificate which the LDAP server is " +#~ "using and add it to a trusted " +#~ "keystore. You will need to know " +#~ "the path to the keystore and the" +#~ " password." +#~ msgstr "" +#~ "å¦æLDAP æå¡å¨è¦æ±SSLï¼ ä½ éè¦å¨ldapConfigå½ä»¤ä¸éè¿è®¾ç½®åæ°ssl, " +#~ "truststoreåtruststorepassä½¿å ¶çæãå¨ä½¿SSL 对ldapConfig " +#~ "çæä¹åï¼ä½ éè¦å¾å°LDAPæå¡å¨å¨ä½¿ç¨çè¯ä¹¦å¹¶æå®å å°è¢«ä¿¡ä»»çå¯é¥åºä¸ãä½ å°éè¦ç¥éå°å¯é¥åºåå¯ç çè·¯å¾ã" +
