keystone/releasenotes/source/locale/en_GB/LC_MESSAGES/releasenotes.po

# Andi Chandler <andi@gowling.com>, 2017. #zanata
# Andi Chandler <andi@gowling.com>, 2018. #zanata
msgid ""
msgstr ""
"Project-Id-Version: Keystone Release Notes\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2018-02-14 07:05+0000\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"PO-Revision-Date: 2018-02-03 12:22+0000\n"
"Last-Translator: Andi Chandler <andi@gowling.com>\n"
"Language-Team: English (United Kingdom)\n"
"Language: en-GB\n"
"X-Generator: Zanata 3.9.6\n"
"Plural-Forms: nplurals=2; plural=(n != 1)\n"

msgid "'/' and ',' are not allowed to be in a tag"
msgstr "'/' and ',' are not allowed to be in a tag"

msgid ""
"**Experimental** - Domain specific configuration options can be stored in "
"SQL instead of configuration files, using the new REST APIs."
msgstr ""
"**Experimental** - Domain specific configuration options can be stored in "
"SQL instead of configuration files, using the new REST APIs."

msgid ""
"**Experimental** - Keystone now supports tokenless authorization with X.509 "
"SSL client certificate."
msgstr ""
"**Experimental** - Keystone now supports tokenless authorisation with X.509 "
"SSL client certificate."

msgid "10.0.0"
msgstr "10.0.0"

msgid "10.0.1"
msgstr "10.0.1"

msgid "10.0.3"
msgstr "10.0.3"

msgid "11.0.0"
msgstr "11.0.0"

msgid "11.0.1"
msgstr "11.0.1"

msgid "11.0.3"
msgstr "11.0.3"

msgid "11.0.3-3"
msgstr "11.0.3-3"

msgid "12.0.0"
msgstr "12.0.0"

msgid "13.0.0.0b1"
msgstr "13.0.0.0b1"

msgid "13.0.0.0b2"
msgstr "13.0.0.0b2"

msgid "13.0.0.0b3"
msgstr "13.0.0.0b3"

msgid "8.0.1"
msgstr "8.0.1"

msgid "8.1.0"
msgstr "8.1.0"

msgid "9.0.0"
msgstr "9.0.0"

msgid "9.2.0"
msgstr "9.2.0"

msgid ""
"A new ``secure_proxy_ssl_header`` configuration option is available when "
"running keystone behind a proxy."
msgstr ""
"A new ``secure_proxy_ssl_header`` configuration option is available when "
"running keystone behind a proxy."

msgid ""
"A new config option, `insecure_debug`, is added to control whether debug "
"information is returned to clients. This used to be controlled by the "
"`debug` option. If you'd like to return extra information to clients set the "
"value to ``true``. This extra information may help an attacker."
msgstr ""
"A new config option, `insecure_debug`, is added to control whether debug "
"information is returned to clients. This used to be controlled by the "
"`debug` option. If you'd like to return extra information to clients set the "
"value to ``true``. This extra information may help an attacker."

msgid ""
"Add ``cache_on_issue`` flag to ``[token]`` section that enables placing "
"issued tokens to validation cache thus reducing the first validation time as "
"if token is already validated and token data cached."
msgstr ""
"Add ``cache_on_issue`` flag to ``[token]`` section that enables placing "
"issued tokens to validation cache thus reducing the first validation time as "
"if token is already validated and token data cached."

msgid ""
"Add ``keystone-manage mapping_populate`` command, which should be used when "
"domain-specific LDAP backend is used."
msgstr ""
"Add ``keystone-manage mapping_populate`` command, which should be used when "
"domain-specific LDAP backend is used."

msgid ""
"Add ``keystone-manage mapping_populate`` command. This command will pre-"
"populate a mapping table with all users from LDAP, in order to improve "
"future query performance. It should be used when an LDAP is first "
"configured, or after calling ``keystone-manage mapping_purge``, before any "
"queries related to the domain are made. For more information see ``keystone-"
"manage mapping_populate --help``"
msgstr ""
"Add ``keystone-manage mapping_populate`` command. This command will pre-"
"populate a mapping table with all users from LDAP, in order to improve "
"future query performance. It should be used when an LDAP is first "
"configured, or after calling ``keystone-manage mapping_purge``, before any "
"queries related to the domain are made. For more information see ``keystone-"
"manage mapping_populate --help``"

msgid ""
"Added an option ``--check`` to ``keystone-manage db_sync``, the option will "
"allow a user to check the status of rolling upgrades in the database."
msgstr ""
"Added an option ``--check`` to ``keystone-manage db_sync``, the option will "
"allow a user to check the status of rolling upgrades in the database."

msgid ""
"Adjust configuration tools as necessary, see the ``fixes`` section for more "
"details on this change."
msgstr ""
"Adjust configuration tools as necessary, see the ``fixes`` section for more "
"details on this change."

msgid ""
"Any auth methods that are not defined in ``keystone.conf`` in the ``[auth] "
"methods`` option are ignored when the rules are processed. Empty rules are "
"not allowed. If a rule is empty due to no-valid auth methods existing within "
"it, the rule is discarded at authentication time. If there are no rules or "
"no valid rules for the user, authentication occurs in the default manner: "
"any single configured auth method is sufficient to receive a token."
msgstr ""
"Any auth methods that are not defined in ``keystone.conf`` in the ``[auth] "
"methods`` option are ignored when the rules are processed. Empty rules are "
"not allowed. If a rule is empty due to no-valid auth methods existing within "
"it, the rule is discarded at authentication time. If there are no rules or "
"no valid rules for the user, authentication occurs in the default manner: "
"any single configured auth method is sufficient to receive a token."

msgid "Bug Fixes"
msgstr "Bug Fixes"

msgid ""
"Certain deprecated methods from the assignment manager were removed in favor "
"of the same methods in the [resource] and [role] manager."
msgstr ""
"Certain deprecated methods from the assignment manager were removed in "
"favour of the same methods in the [resource] and [role] manager."

msgid ""
"Certain variables in ``keystone.conf`` now have options, which determine if "
"the user's setting is valid."
msgstr ""
"Certain variables in ``keystone.conf`` now have options, which determine if "
"the user's setting is valid."

msgid "Configuring per-Identity Provider WebSSO is now supported."
msgstr "Configuring per-Identity Provider WebSSO is now supported."

msgid "Critical Issues"
msgstr "Critical Issues"

msgid "Current Series Release Notes"
msgstr "Current Series Release Notes"

msgid "Deprecation Notes"
msgstr "Deprecation Notes"

msgid ""
"Domain name information can now be used in policy rules with the attribute "
"``domain_name``."
msgstr ""
"Domain name information can now be used in policy rules with the attribute "
"``domain_name``."

msgid ""
"Domains are now represented as top level projects with the attribute "
"`is_domain` set to true. Such projects will appear as parents for any "
"previous top level projects. Projects acting as domains can be created, "
"read, updated, and deleted via either the project API or the domain API (V3 "
"only)."
msgstr ""
"Domains are now represented as top level projects with the attribute "
"`is_domain` set to true. Such projects will appear as parents for any "
"previous top level projects. Projects acting as domains can be created, "
"read, updated, and deleted via either the project API or the domain API (V3 "
"only)."

msgid ""
"Each list of methods specifies a rule. If the auth methods provided by a "
"user match (or exceed) the auth methods in the list, that rule is used. The "
"first rule found (rules will not be processed in a specific order) that "
"matches will be used. If a user has the ruleset defined as ``[[\"password\", "
"\"totp\"]]`` the user must provide both password and totp auth methods (and "
"both methods must succeed) to receive a token. However, if a user has a "
"ruleset defined as ``[[\"password\"], [\"password\", \"totp\"]]`` the user "
"may use the ``password`` method on it's own but would be required to use "
"both ``password`` and ``totp`` if ``totp`` is specified at all."
msgstr ""
"Each list of methods specifies a rule. If the auth methods provided by a "
"user match (or exceed) the auth methods in the list, that rule is used. The "
"first rule found (rules will not be processed in a specific order) that "
"matches will be used. If a user has the ruleset defined as ``[[\"password\", "
"\"totp\"]]`` the user must provide both password and totp auth methods (and "
"both methods must succeed) to receive a token. However, if a user has a "
"ruleset defined as ``[[\"password\"], [\"password\", \"totp\"]]`` the user "
"may use the ``password`` method on it's own but would be required to use "
"both ``password`` and ``totp`` if ``totp`` is specified at all."

msgid "Each project can have up to 100 tags"
msgstr "Each project can have up to 100 tags"

msgid "Each tag can be up to 255 characters"
msgstr "Each tag can be up to 255 characters"

msgid ""
"Features that were \"extensions\" in previous releases (OAuth delegation, "
"Federated Identity support, Endpoint Policy, etc) are now enabled by default."
msgstr ""
"Features that were \"extensions\" in previous releases (OAuth delegation, "
"Federated Identity support, Endpoint Policy, etc) are now enabled by default."

msgid ""
"Fixes a bug related to the password create date.  If you deployed master "
"during Newton development, the password create date may be reset. This would "
"only be apparent if you have security compliance features enabled."
msgstr ""
"Fixes a bug related to the password create date.  If you deployed master "
"during Newton development, the password create date may be reset. This would "
"only be apparent if you have security compliance features enabled."

msgid ""
"For additional details see: `event notifications <See https://docs.openstack."
"org/developer/keystone/event_notifications.html>`_"
msgstr ""
"For additional details see: `event notifications <See https://docs.openstack."
"org/developer/keystone/event_notifications.html>`_"

msgid ""
"If PCI support is enabled, via the ``[security_compliance]`` configuration "
"options, then the ``password_expires_at`` field will be populated with a "
"timestamp. Otherwise, it will default to ``null``, indicating the password "
"does not expire."
msgstr ""
"If PCI support is enabled, via the ``[security_compliance]`` configuration "
"options, then the ``password_expires_at`` field will be populated with a "
"timestamp. Otherwise, it will default to ``null``, indicating the password "
"does not expire."

msgid ""
"If a password does not meet the specified criteria. See "
"``[security_compliance] password_regex``."
msgstr ""
"If a password does not meet the specified criteria. See "
"``[security_compliance] password_regex``."

msgid ""
"If a user attempts to change their password too often. See "
"``[security_compliance] minimum_password_age``."
msgstr ""
"If a user attempts to change their password too often. See "
"``[security_compliance] minimum_password_age``."

msgid ""
"If a user does not change their passwords at least once every X days. See "
"``[security_compliance] password_expires_days``."
msgstr ""
"If a user does not change their passwords at least once every X days. See "
"``[security_compliance] password_expires_days``."

msgid ""
"If a user is locked out after many failed authentication attempts. See "
"``[security_compliance] lockout_failure_attempts``."
msgstr ""
"If a user is locked out after many failed authentication attempts. See "
"``[security_compliance] lockout_failure_attempts``."

msgid ""
"If a user submits a new password that was recently used. See "
"``[security_compliance] unique_last_password_count``."
msgstr ""
"If a user submits a new password that was recently used. See "
"``[security_compliance] unique_last_password_count``."

msgid ""
"If performing rolling upgrades, set `[identity] "
"rolling_upgrade_password_hash_compat` to `True`. This will instruct keystone "
"to continue to hash passwords in a manner that older (pre Pike release) "
"keystones can still verify passwords. Once all upgrades are complete, ensure "
"this option is set back to `False`."
msgstr ""
"If performing rolling upgrades, set `[identity] "
"rolling_upgrade_password_hash_compat` to `True`. This will instruct keystone "
"to continue to hash passwords in a manner that older (pre Pike release) "
"keystones can still verify passwords. Once all upgrades are complete, ensure "
"this option is set back to `False`."

msgid ""
"In ``keystone-paste.ini``, using ``paste.filter_factory`` is deprecated in "
"favor of the \"use\" directive, specifying an entrypoint."
msgstr ""
"In ``keystone-paste.ini``, using ``paste.filter_factory`` is deprecated in "
"favour of the \"use\" directive, specifying an entrypoint."

msgid ""
"In the [resource] and [role] sections of the ``keystone.conf`` file, not "
"specifying the driver and using the assignment driver is deprecated. In the "
"Mitaka release, the resource and role drivers will default to the SQL driver."
msgstr ""
"In the [resource] and [role] sections of the ``keystone.conf`` file, not "
"specifying the driver and using the assignment driver is deprecated. In the "
"Mitaka release, the resource and role drivers will default to the SQL driver."

msgid ""
"In the case a user should be exempt from MFA Rules, regardless if they are "
"set, the User-Option ``multi_factor_auth_enabled`` may  be set to ``False`` "
"for that user via the user create and update API (``POST/PATCH /v3/users``) "
"call. If this option is set to ``False`` the MFA rules will be ignored for "
"the user. Any other value except ``False`` will result in the MFA Rules "
"being processed; the option can only be a boolean (``True`` or ``False``) or "
"\"None\" (which will result in the default behavior (same as ``True``) but "
"the option will no longer be shown in the ``user[\"options\"]`` dictionary."
msgstr ""
"In the case a user should be exempt from MFA Rules, regardless if they are "
"set, the User-Option ``multi_factor_auth_enabled`` may  be set to ``False`` "
"for that user via the user create and update API (``POST/PATCH /v3/users``) "
"call. If this option is set to ``False`` the MFA rules will be ignored for "
"the user. Any other value except ``False`` will result in the MFA Rules "
"being processed; the option can only be a boolean (``True`` or ``False``) or "
"\"None\" (which will result in the default behaviour (same as ``True``) but "
"the option will no longer be shown in the ``user[\"options\"]`` dictionary."

msgid ""
"In the policy.json file, we changed `identity:list_projects_for_groups` to "
"`identity:list_projects_for_user`. Likewise, we changed `identity:"
"list_domains_for_groups` to `identity:list_domains_for_user`. If you have "
"customized the policy.json file, you will need to make these changes. This "
"was done to better support new features around federation."
msgstr ""
"In the policy.json file, we changed `identity:list_projects_for_groups` to "
"`identity:list_projects_for_user`. Likewise, we changed `identity:"
"list_domains_for_groups` to `identity:list_domains_for_user`. If you have "
"customized the policy.json file, you will need to make these changes. This "
"was done to better support new features around federation."

msgid ""
"It is recommended to have the ``healthcheck`` middleware first in the "
"pipeline::"
msgstr ""
"It is recommended to have the ``healthcheck`` middleware first in the "
"pipeline::"

msgid "Keystone Release Notes"
msgstr "Keystone Release Notes"

msgid ""
"Keystone cache backends have been removed in favor of their `oslo.cache` "
"counter-part. This affects:"
msgstr ""
"Keystone cache backends have been removed in favour of their `oslo.cache` "
"counter-part. This affects:"

msgid ""
"Keystone now relies on pyldap instead of python-ldap. The pyldap library is "
"a fork of python-ldap and is a drop-in replacement with modifications to be "
"py3 compatible."
msgstr ""
"Keystone now relies on pyldap instead of python-ldap. The pyldap library is "
"a fork of python-ldap and is a drop-in replacement with modifications to be "
"py3 compatible."

msgid ""
"Keystone now supports authorizing a request token by providing a role name. "
"A `role` in the `roles` parameter can include either a role name or role id, "
"but not both."
msgstr ""
"Keystone now supports authorising a request token by providing a role name. "
"A `role` in the `roles` parameter can include either a role name or role id, "
"but not both."

msgid ""
"Keystone now supports being run under Python 3. The Python 3 and Python 3.4 "
"classifiers have been added."
msgstr ""
"Keystone now supports being run under Python 3. The Python 3 and Python 3.4 "
"classifiers have been added."

msgid ""
"Keystone now supports encrypted credentials at rest. In order to upgrade "
"successfully to Newton, deployers must encrypt all credentials currently "
"stored before contracting the database. Deployers must run `keystone-manage "
"credential_setup` in order to use the credential API within Newton, or "
"finish the upgrade from Mitaka to Newton. This will result in a service "
"outage for the credential API where credentials will be read-only for the "
"duration of the upgrade process. Once the database is contracted credentials "
"will be writeable again. Database contraction phases only apply to rolling "
"upgrades."
msgstr ""
"Keystone now supports encrypted credentials at rest. In order to upgrade "
"successfully to Newton, deployers must encrypt all credentials currently "
"stored before contracting the database. Deployers must run `keystone-manage "
"credential_setup` in order to use the credential API within Newton, or "
"finish the upgrade from Mitaka to Newton. This will result in a service "
"outage for the credential API where credentials will be read-only for the "
"duration of the upgrade process. Once the database is contracted credentials "
"will be writeable again. Database contraction phases only apply to rolling "
"upgrades."

msgid ""
"Keystone now uses oslo.cache. Update the `[cache]` section of `keystone."
"conf` to point to oslo.cache backends: ``oslo_cache.memcache_pool`` or "
"``oslo_cache.mongo``. Refer to the sample configuration file for examples. "
"See `oslo.cache <http://docs.openstack.org/developer/oslo.cache>`_ for "
"additional documentation."
msgstr ""
"Keystone now uses oslo.cache. Update the `[cache]` section of `keystone."
"conf` to point to oslo.cache backends: ``oslo_cache.memcache_pool`` or "
"``oslo_cache.mongo``. Refer to the sample configuration file for examples. "
"See `oslo.cache <http://docs.openstack.org/developer/oslo.cache>`_ for "
"additional documentation."

msgid ""
"Keystone supports ``$(project_id)s`` in the catalog. It works the same as ``"
"$(tenant_id)s``. Use of ``$(tenant_id)s`` is deprecated and catalog "
"endpoints should be updated to use ``$(project_id)s``."
msgstr ""
"Keystone supports ``$(project_id)s`` in the catalogue. It works the same as "
"``$(tenant_id)s``. Use of ``$(tenant_id)s`` is deprecated and catalogue "
"endpoints should be updated to use ``$(project_id)s``."

msgid "Liberty Series Release Notes"
msgstr "Liberty Series Release Notes"

msgid "Mitaka Series Release Notes"
msgstr "Mitaka Series Release Notes"

msgid "New Features"
msgstr "New Features"

msgid "Newton Series Release Notes"
msgstr "Newton Series Release Notes"

msgid ""
"Not specifying a domain during a create user, group or project call, which "
"relied on falling back to the default domain, is now deprecated and will be "
"removed in the N release."
msgstr ""
"Not specifying a domain during a create user, group or project call, which "
"relied on falling back to the default domain, is now deprecated and will be "
"removed in the N release."

msgid ""
"OSprofiler support was added. This cross-project profiling library allows to "
"trace various requests through all OpenStack services that support it. To "
"initiate OpenStack request tracing `--profile <HMAC_KEY>` option needs to be "
"added to the CLI command. Configuration and usage details can be foung in "
"[`OSProfiler documentation <http://docs.openstack.org/developer/osprofiler/"
"api.html>`_]"
msgstr ""
"OSprofiler support was added. This cross-project profiling library allows to "
"trace various requests through all OpenStack services that support it. To "
"initiate OpenStack request tracing `--profile <HMAC_KEY>` option needs to be "
"added to the CLI command. Configuration and usage details can be foung in "
"[`OSProfiler documentation <http://docs.openstack.org/developer/osprofiler/"
"api.html>`_]"

msgid ""
"OSprofiler support was introduced. To allow its usage the keystone-paste.ini "
"file needs to be modified to contain osprofiler middleware."
msgstr ""
"OSprofiler support was introduced. To allow its usage the keystone-paste.ini "
"file needs to be modified to contain osprofiler middleware."

msgid "Ocata Series Release Notes"
msgstr "Ocata Series Release Notes"

msgid "Other Notes"
msgstr "Other Notes"

msgid "PKI and PKIz token formats have been removed in favor of Fernet tokens."
msgstr ""
"PKI and PKIz token formats have been removed in favour of Fernet tokens."

msgid "Pike Series Release Notes"
msgstr "Pike Series Release Notes"

msgid "Prelude"
msgstr "Prelude"

msgid ""
"Project tags are implemented following the guidelines set by the `API "
"Working Group <https://specs.openstack.org/openstack/api-wg/guidelines/tags."
"html>`_"
msgstr ""
"Project tags are implemented following the guidelines set by the `API "
"Working Group <https://specs.openstack.org/openstack/api-wg/guidelines/tags."
"html>`_"

msgid ""
"Routes and SQL backends for the contrib extensions have been removed, they "
"have been incorporated into keystone and are no longer optional. This "
"affects:"
msgstr ""
"Routes and SQL backends for the contrib extensions have been removed, they "
"have been incorporated into Keystone and are no longer optional. This "
"affects:"

msgid ""
"Running keystone in eventlet remains deprecated and will be removed in the "
"Mitaka release."
msgstr ""
"Running Keystone in eventlet remains deprecated and will be removed in the "
"Mitaka release."

msgid ""
"SECURITY INFO: The MFA rules are only processed when authentication happens "
"through the V3 authentication APIs. If V2 Auth is enabled it is possible to "
"circumvent the MFA rules if the user can authenticate via V2 Auth API. It is "
"recommended to disable V2 authentication for full enforcement of the MFA "
"rules."
msgstr ""
"SECURITY INFO: The MFA rules are only processed when authentication happens "
"through the V3 authentication APIs. If V2 Auth is enabled it is possible to "
"circumvent the MFA rules if the user can authenticate via V2 Auth API. It is "
"recommended to disable V2 authentication for full enforcement of the MFA "
"rules."

msgid ""
"Schema downgrades via ``keystone-manage db_sync`` are no longer supported. "
"Only upgrades are supported."
msgstr ""
"Schema downgrades via ``keystone-manage db_sync`` are no longer supported. "
"Only upgrades are supported."

msgid "Security Issues"
msgstr "Security Issues"

msgid ""
"See `Project Tags <https://developer.openstack.org/api-ref/identity/v3/"
"#project-tags>`_"
msgstr ""
"See `Project Tags <https://developer.openstack.org/api-ref/identity/v3/"
"#project-tags>`_"

msgid ""
"Set the following user attributes to ``True`` or ``False`` in an API "
"request. To mark a user as exempt from the PCI password lockout policy::"
msgstr ""
"Set the following user attributes to ``True`` or ``False`` in an API "
"request. To mark a user as exempt from the PCI password lockout policy::"

msgid ""
"Several configuration options have been deprecated, renamed, or moved to new "
"sections in the ``keystone.conf`` file."
msgstr ""
"Several configuration options have been deprecated, renamed, or moved to new "
"sections in the ``keystone.conf`` file."

msgid ""
"Several features were hardened, including Fernet tokens, federation, domain "
"specific configurations from database and role assignments."
msgstr ""
"Several features were hardened, including Fernet tokens, federation, domain "
"specific configurations from database and role assignments."

msgid ""
"Several token issuance methods from the abstract class ``keystone.token."
"providers.base.Provider`` were removed (see below) in favor of a single "
"method to issue tokens (``issue_token``). If using a custom token provider, "
"updated the custom provider accordingly."
msgstr ""
"Several token issuance methods from the abstract class ``keystone.token."
"providers.base.Provider`` were removed (see below) in favour of a single "
"method to issue tokens (``issue_token``). If using a custom token provider, "
"updated the custom provider accordingly."

msgid ""
"Several token validation methods from the abstract class ``keystone.token."
"providers.base.Provider`` were removed (see below) in favor of a single "
"method to validate tokens (``validate_token``), that has the signature "
"``validate_token(self, token_ref)``. If using a custom token provider, "
"update the custom provider accordingly."
msgstr ""
"Several token validation methods from the abstract class ``keystone.token."
"providers.base.Provider`` were removed (see below) in favour of a single "
"method to validate tokens (``validate_token``), that has the signature "
"``validate_token(self, token_ref)``. If using a custom token provider, "
"update the custom provider accordingly."

msgid ""
"Support for writing to LDAP has been removed. See ``Other Notes`` for more "
"details."
msgstr ""
"Support for writing to LDAP has been removed. See ``Other Notes`` for more "
"details."

msgid ""
"Support has now been added to send notification events on user/group "
"membership. When a user is added or removed from a group a notification will "
"be sent including the identifiers of both the user and the group."
msgstr ""
"Support has now been added to send notification events on user/group "
"membership. When a user is added or removed from a group a notification will "
"be sent including the identifiers of both the user and the group."

msgid ""
"Support was improved for out-of-tree drivers by defining stable driver "
"interfaces."
msgstr ""
"Support was improved for out-of-tree drivers by defining stable driver "
"interfaces."

msgid "Tags are case sensitive"
msgstr "Tags are case sensitive"

msgid ""
"The EC2 token middleware, deprecated in Juno, is no longer available in "
"keystone. It has been moved to the keystonemiddleware package."
msgstr ""
"The EC2 token middleware, deprecated in Juno, is no longer available in "
"Keystone. It has been moved to the keystonemiddleware package."

msgid ""
"The LDAP driver now also maps the user description attribute after user "
"retrieval from LDAP. If this is undesired behavior for your setup, please "
"add `description` to the `user_attribute_ignore` LDAP driver config setting. "
"The default mapping of the description attribute is set to `description`. "
"Please adjust the LDAP driver config setting `user_description_attribute` if "
"your LDAP uses a different attribute name (for instance to `displayName` in "
"case of an AD backed LDAP). If your `user_additional_attribute_mapping` "
"setting contains `description:description` you can remove this mapping, "
"since this is now the default behavior."
msgstr ""
"The LDAP driver now also maps the user description attribute after user "
"retrieval from LDAP. If this is undesired behaviour for your setup, please "
"add `description` to the `user_attribute_ignore` LDAP driver config setting. "
"The default mapping of the description attribute is set to `description`. "
"Please adjust the LDAP driver config setting `user_description_attribute` if "
"your LDAP uses a different attribute name (for instance to `displayName` in "
"case of an AD backed LDAP). If your `user_additional_attribute_mapping` "
"setting contains `description:description` you can remove this mapping, "
"since this is now the default behaviour."

msgid ""
"The MFA rules are set via the user create and update API (``POST/PATCH /v3/"
"users``) call; the options allow an admin to force a user to use specific "
"forms of authentication or combinations of forms of authentication to get a "
"token. The rules are specified as follows::"
msgstr ""
"The MFA rules are set via the user create and update API (``POST/PATCH /v3/"
"users``) call; the options allow an admin to force a user to use specific "
"forms of authentication or combinations of forms of authentication to get a "
"token. The rules are specified as follows::"

msgid ""
"The PKI and PKIz token format has been removed. See ``Other Notes`` for more "
"details."
msgstr ""
"The PKI and PKIz token format has been removed. See ``Other Notes`` for more "
"details."

msgid ""
"The V8 Federation driver interface is deprecated in favor of the V9 "
"Federation driver interface. Support for the V8 Federation driver interface "
"is planned to be removed in the 'O' release of OpenStack."
msgstr ""
"The V8 Federation driver interface is deprecated in favour of the V9 "
"Federation driver interface. Support for the V8 Federation driver interface "
"is planned to be removed in the 'O' release of OpenStack."

msgid ""
"The V8 Resource driver interface is deprecated. Support for the V8 Resource "
"driver interface is planned to be removed in the 'O' release of OpenStack."
msgstr ""
"The V8 Resource driver interface is deprecated. Support for the V8 Resource "
"driver interface is planned to be removed in the 'O' release of OpenStack."

msgid ""
"The XML middleware stub has been removed, so references to it must be "
"removed from the ``keystone-paste.ini`` configuration file."
msgstr ""
"The XML middleware stub has been removed, so references to it must be "
"removed from the ``keystone-paste.ini`` configuration file."

msgid ""
"The ``/OS-FEDERATION/projects`` and ``/OS-FEDERATION/domains`` APIs are "
"deprecated in favor of the ``/v3/auth/projects`` and ``/v3/auth/domains`` "
"APIs. These APIs were originally marked as deprecated during the Juno "
"release cycle, but we never deprecated using ``versionutils`` from oslo. "
"More information regarding this deprecation can be found in the `patch "
"<https://review.openstack.org/#/c/115423/>`_ that proposed the deprecation."
msgstr ""
"The ``/OS-FEDERATION/projects`` and ``/OS-FEDERATION/domains`` APIs are "
"deprecated in favour of the ``/v3/auth/projects`` and ``/v3/auth/domains`` "
"APIs. These APIs were originally marked as deprecated during the Juno "
"release cycle, but we never deprecated using ``versionutils`` from oslo. "
"More information regarding this deprecation can be found in the `patch "
"<https://review.openstack.org/#/c/115423/>`_ that proposed the deprecation."

msgid ""
"The ``[DEFAULT] domain_id_immutable`` configuration option has been removed "
"in favor of strictly immutable domain IDs."
msgstr ""
"The ``[DEFAULT] domain_id_immutable`` configuration option has been removed "
"in favour of strictly immutable domain IDs."

msgid ""
"The ``[DEFAULT] domain_id_immutable`` option has been removed. This removes "
"the ability to change the ``domain_id`` attribute of users, groups, and "
"projects. The behavior was introduced to allow deployers to migrate entities "
"from one domain to another by updating the ``domain_id`` attribute of an "
"entity. This functionality was deprecated in the Mitaka release is now "
"removed."
msgstr ""
"The ``[DEFAULT] domain_id_immutable`` option has been removed. This removes "
"the ability to change the ``domain_id`` attribute of users, groups, and "
"projects. The behaviour was introduced to allow deployers to migrate "
"entities from one domain to another by updating the ``domain_id`` attribute "
"of an entity. This functionality was deprecated in the Mitaka release is now "
"removed."

msgid ""
"The ``[assignment] driver`` now defaults to ``sql``. Logic to determine the "
"default assignment driver if one wasn't supplied through configuration has "
"been removed. Keystone only supports one assignment driver and it shouldn't "
"be changed unless you're deploying a custom assignment driver."
msgstr ""
"The ``[assignment] driver`` now defaults to ``sql``. Logic to determine the "
"default assignment driver if one wasn't supplied through configuration has "
"been removed. Keystone only supports one assignment driver and it shouldn't "
"be changed unless you're deploying a custom assignment driver."

msgid ""
"The ``[endpoint_policy] enabled`` configuration option has been removed in "
"favor of always enabling the endpoint policy extension."
msgstr ""
"The ``[endpoint_policy] enabled`` configuration option has been removed in "
"favour of always enabling the endpoint policy extension."

msgid ""
"The ``[os_inherit] enabled`` config option has been removed, the `OS-"
"INHERIT` extension is now always enabled."
msgstr ""
"The ``[os_inherit] enabled`` config option has been removed, the `OS-"
"INHERIT` extension is now always enabled."

msgid ""
"The ``[resource] driver`` now defaults to ``sql``. Logic to determine the "
"default resource driver if one wasn't supplied through configuration has "
"been removed. Keystone only supports one resource driver and it shouldn't be "
"changed unless you're deploying a custom resource driver."
msgstr ""
"The ``[resource] driver`` now defaults to ``sql``. Logic to determine the "
"default resource driver if one wasn't supplied through configuration has "
"been removed. Keystone only supports one resource driver and it shouldn't be "
"changed unless you're deploying a custom resource driver."

msgid ""
"The ``[security_compliance] password_expires_ignore_user_ids`` option has "
"been removed. Each user that should ignore password expiry should have the "
"value set to \"true\" in the user's ``options`` attribute (e.g. "
"``user['options']['ignore_password_expiry'] = True``) with a user update "
"call."
msgstr ""
"The ``[security_compliance] password_expires_ignore_user_ids`` option has "
"been removed. Each user that should ignore password expiry should have the "
"value set to \"true\" in the user's ``options`` attribute (e.g. "
"``user['options']['ignore_password_expiry'] = True``) with a user update "
"call."

msgid ""
"The ``compute_port`` configuration option, deprecated in Juno, is no longer "
"available."
msgstr ""
"The ``compute_port`` configuration option, deprecated in Juno, is no longer "
"available."

msgid ""
"The ``enabled`` config option of the ``trust`` feature is deprecated and "
"will be removed in the next release. Trusts will then always be enabled."
msgstr ""
"The ``enabled`` config option of the ``trust`` feature is deprecated and "
"will be removed in the next release. Trusts will then always be enabled."

msgid ""
"The ``httpd/keystone.py`` file has been removed in favor of the ``keystone-"
"wsgi-admin`` and ``keystone-wsgi-public`` scripts."
msgstr ""
"The ``httpd/keystone.py`` file has been removed in favour of the ``keystone-"
"wsgi-admin`` and ``keystone-wsgi-public`` scripts."

msgid ""
"The ``keystone.conf`` file now references entrypoint names for drivers. For "
"example, the drivers are now specified as \"sql\", \"ldap\", \"uuid\", "
"rather than the full module path. See the sample configuration file for "
"other examples."
msgstr ""
"The ``keystone.conf`` file now references entrypoint names for drivers. For "
"example, the drivers are now specified as \"sql\", \"ldap\", \"uuid\", "
"rather than the full module path. See the sample configuration file for "
"other examples."

msgid ""
"The ``keystone/service.py`` file has been removed, the logic has been moved "
"to the ``keystone/version/service.py``."
msgstr ""
"The ``keystone/service.py`` file has been removed, the logic has been moved "
"to the ``keystone/version/service.py``."

msgid ""
"The ``memcache`` and ``memcache_pool`` token persistence backends have been "
"removed in favor of using Fernet tokens (which require no persistence)."
msgstr ""
"The ``memcache`` and ``memcache_pool`` token persistence backends have been "
"removed in favour of using Fernet tokens (which require no persistence)."

msgid ""
"The ``policies`` API is deprecated. Keystone is not a policy management "
"service."
msgstr ""
"The ``policies`` API is deprecated. Keystone is not a policy management "
"service."

msgid ""
"The ``token`` auth method typically should not be specified in any MFA "
"Rules. The ``token`` auth method will include all previous auth methods for "
"the original auth request and will match the appropriate ruleset. This is "
"intentional, as the ``token`` method is used for rescoping/changing active "
"projects."
msgstr ""
"The ``token`` auth method typically should not be specified in any MFA "
"Rules. The ``token`` auth method will include all previous auth methods for "
"the original auth request and will match the appropriate ruleset. This is "
"intentional, as the ``token`` method is used for rescoping/changing active "
"projects."

msgid ""
"The `keystone-paste.ini` file must be updated to remove extension filters, "
"and their use in ``[pipeline:api_v3]``. Remove the following filters: "
"``[filter:oauth1_extension]``, ``[filter:federation_extension]``, ``[filter:"
"endpoint_filter_extension]``, and ``[filter:revoke_extension]``. See the "
"sample `keystone-paste.ini <https://git.openstack.org/cgit/openstack/"
"keystone/tree/etc/keystone-paste.ini>`_ file for guidance."
msgstr ""
"The `keystone-paste.ini` file must be updated to remove extension filters, "
"and their use in ``[pipeline:api_v3]``. Remove the following filters: "
"``[filter:oauth1_extension]``, ``[filter:federation_extension]``, ``[filter:"
"endpoint_filter_extension]``, and ``[filter:revoke_extension]``. See the "
"sample `keystone-paste.ini <https://git.openstack.org/cgit/openstack/"
"keystone/tree/etc/keystone-paste.ini>`_ file for guidance."

msgid ""
"The `keystone-paste.ini` file must be updated to remove extension filters, "
"and their use in ``[pipeline:public_api]`` and ``[pipeline:admin_api]`` "
"pipelines. Remove the following filters: ``[filter:user_crud_extension]``, "
"``[filter:crud_extension]``. See the sample `keystone-paste.ini <https://git."
"openstack.org/cgit/openstack/keystone/tree/etc/keystone-paste.ini>`_ file "
"for guidance."
msgstr ""
"The `keystone-paste.ini` file must be updated to remove extension filters, "
"and their use in ``[pipeline:public_api]`` and ``[pipeline:admin_api]`` "
"pipelines. Remove the following filters: ``[filter:user_crud_extension]``, "
"``[filter:crud_extension]``. See the sample `keystone-paste.ini <https://git."
"openstack.org/cgit/openstack/keystone/tree/etc/keystone-paste.ini>`_ file "
"for guidance."

msgid ""
"The `os_inherit` configuration option is disabled. In the future, this "
"option will be removed and this portion of the API will be always enabled."
msgstr ""
"The `os_inherit` configuration option is disabled. In the future, this "
"option will be removed and this portion of the API will be always enabled."

msgid ""
"The ability to validate a trust-scoped token against the v2.0 API has been "
"removed, in favor of using the version 3 of the API."
msgstr ""
"The ability to validate a trust-scoped token against the v2.0 API has been "
"removed, in favour of using the version 3 of the API."

msgid ""
"The admin_token method of authentication was never intended to be used for "
"any purpose other than bootstrapping an install. However many deployments "
"had to leave the admin_token method enabled due to restrictions on editing "
"the paste file used to configure the web pipelines.  To minimize the risk "
"from this mechanism, the `admin_token` configuration value now defaults to a "
"python `None` value.  In addition, if the value is set to `None`, either "
"explicitly or implicitly, the `admin_token` will not be enabled, and an "
"attempt to use it will lead to a failed authentication."
msgstr ""
"The admin_token method of authentication was never intended to be used for "
"any purpose other than bootstrapping an install. However many deployments "
"had to leave the admin_token method enabled due to restrictions on editing "
"the paste file used to configure the web pipelines.  To minimize the risk "
"from this mechanism, the `admin_token` configuration value now defaults to a "
"python `None` value.  In addition, if the value is set to `None`, either "
"explicitly or implicitly, the `admin_token` will not be enabled, and an "
"attempt to use it will lead to a failed authentication."

msgid ""
"The auth plugin ``keystone.auth.plugins.saml2.Saml2`` has been removed in "
"favor of the auth plugin ``keystone.auth.plugins.mapped.Mapped``."
msgstr ""
"The auth plugin ``keystone.auth.plugins.saml2.Saml2`` has been removed in "
"favour of the auth plugin ``keystone.auth.plugins.mapped.Mapped``."

msgid ""
"The catalog backend ``endpoint_filter.sql`` has been removed. It has been "
"consolidated with the ``sql`` backend, therefore replace the "
"``endpoint_filter.sql`` catalog backend with the ``sql`` backend."
msgstr ""
"The catalogue backend ``endpoint_filter.sql`` has been removed. It has been "
"consolidated with the ``sql`` backend, therefore replace the "
"``endpoint_filter.sql`` catalogue backend with the ``sql`` backend."

msgid ""
"The check for admin token from ``build_auth_context`` middleware has been "
"removed. If your deployment requires the use of `admin token`, update "
"``keystone-paste.ini`` so that ``admin_token_auth`` is before "
"``build_auth_context`` in the paste pipelines, otherwise remove the "
"``admin_token_auth`` middleware from ``keystone-paste.ini`` entirely."
msgstr ""
"The check for admin token from ``build_auth_context`` middleware has been "
"removed. If your deployment requires the use of `admin token`, update "
"``keystone-paste.ini`` so that ``admin_token_auth`` is before "
"``build_auth_context`` in the paste pipelines, otherwise remove the "
"``admin_token_auth`` middleware from ``keystone-paste.ini`` entirely."

msgid ""
"The config option ``rolling_upgrade_password_hash_compat`` is removed. It is "
"only used for rolling-upgrade from Ocata release to Pike release."
msgstr ""
"The config option ``rolling_upgrade_password_hash_compat`` is removed. It is "
"only used for rolling-upgrade from Ocata release to Pike release."

msgid ""
"The configuration options for LDAP connection pooling, `[ldap] use_pool` and "
"`[ldap] use_auth_pool`, are now both enabled by default. Only deployments "
"using LDAP drivers are affected. Additional configuration options are "
"available in the `[ldap]` section to tune connection pool size, etc."
msgstr ""
"The configuration options for LDAP connection pooling, `[ldap] use_pool` and "
"`[ldap] use_auth_pool`, are now both enabled by default. Only deployments "
"using LDAP drivers are affected. Additional configuration options are "
"available in the `[ldap]` section to tune connection pool size, etc."

msgid ""
"The credentials list call can now have its results filtered by credential "
"type."
msgstr ""
"The credentials list call can now have its results filtered by credential "
"type."

msgid ""
"The default setting for the `os_inherit` configuration option is changed to "
"True. If it is required to continue with this portion of the API disabled, "
"then override the default setting by explicitly specifying the os_inherit "
"option as False."
msgstr ""
"The default setting for the `os_inherit` configuration option is changed to "
"True. If it is required to continue with this portion of the API disabled, "
"then override the default setting by explicitly specifying the os_inherit "
"option as False."

msgid "The default token provider is now Fernet."
msgstr "The default token provider is now Fernet."

msgid ""
"The external authentication plugins ExternalDefault, ExternalDomain, "
"LegacyDefaultDomain, and LegacyDomain, deprecated in Icehouse, are no longer "
"available."
msgstr ""
"The external authentication plugins ExternalDefault, ExternalDomain, "
"LegacyDefaultDomain, and LegacyDomain, deprecated in Icehouse, are no longer "
"available."

msgid ""
"The functionality of the ``ADMIN_TOKEN`` remains, but has been incorporated "
"into the main auth middleware (``keystone.middleware.auth."
"AuthContextMiddleware``)."
msgstr ""
"The functionality of the ``ADMIN_TOKEN`` remains, but has been incorporated "
"into the main auth middleware (``keystone.middleware.auth."
"AuthContextMiddleware``)."

msgid ""
"The identity backend driver interface has changed. A new method, "
"`unset_default_project_id(project_id)`, was added to unset a user's default "
"project ID for a given project ID. Custom backend implementations must "
"implement this method."
msgstr ""
"The identity backend driver interface has changed. A new method, "
"`unset_default_project_id(project_id)`, was added to unset a user's default "
"project ID for a given project ID. Custom backend implementations must "
"implement this method."

msgid ""
"The identity backend driver interface has changed. We've added a new "
"``change_password()`` method for self service password changes. If you have "
"a custom implementation for the identity driver, you will need to implement "
"this new method."
msgstr ""
"The identity backend driver interface has changed. We've added a new "
"``change_password()`` method for self service password changes. If you have "
"a custom implementation for the identity driver, you will need to implement "
"this new method."

msgid ""
"The implementation for checking database state during an upgrade with the "
"use of `keystone-manage db_sync --check` has been corrected. This allows "
"users and automation to determine what step is next in a rolling upgrade "
"based on logging and command status codes."
msgstr ""
"The implementation for checking database state during an upgrade with the "
"use of `keystone-manage db_sync --check` has been corrected. This allows "
"users and automation to determine what step is next in a rolling upgrade "
"based on logging and command status codes."

msgid "The method signature has changed from::"
msgstr "The method signature has changed from::"

msgid "``keystone.token.persistence.backends.kvs.Token``"
msgstr "``keystone.token.persistence.backends.kvs.Token``"

msgid "``keystone/common/cache/backends/memcache_pool``"
msgstr "``keystone/common/cache/backends/memcache_pool``"

msgid "``keystone/common/cache/backends/mongo``"
msgstr "``keystone/common/cache/backends/mongo``"

msgid "``keystone/common/cache/backends/noop``"
msgstr "``keystone/common/cache/backends/noop``"

msgid "``keystone/contrib/admin_crud``"
msgstr "``keystone/contrib/admin_crud``"

msgid "``keystone/contrib/endpoint_filter``"
msgstr "``keystone/contrib/endpoint_filter``"

msgid "``keystone/contrib/federation``"
msgstr "``keystone/contrib/federation``"

msgid "``keystone/contrib/oauth1``"
msgstr "``keystone/contrib/oauth1``"

msgid "``keystone/contrib/revoke``"
msgstr "``keystone/contrib/revoke``"

msgid "``keystone/contrib/simple_cert``"
msgstr "``keystone/contrib/simple_cert``"

msgid "``keystone/contrib/user_crud``"
msgstr "``keystone/contrib/user_crud``"

msgid "``update user``"
msgstr "``update user``"

msgid "``validate_non_persistent_token``"
msgstr "``validate_non_persistent_token``"

msgid "``validate_v2_token``"
msgstr "``validate_v2_token``"

msgid "``validate_v3_token``"
msgstr "``validate_v3_token``"

msgid "all config options under ``[kvs]`` in `keystone.conf`"
msgstr "all config options under ``[kvs]`` in `keystone.conf`"

msgid "and will return a list of mappings for a given domain ID."
msgstr "and will return a list of mappings for a given domain ID."

msgid "eq - password expires at the timestamp"
msgstr "eq - password expires at the timestamp"

msgid "gt - password expires after the timestamp"
msgstr "gt - password expires after the timestamp"

msgid "gte - password expires at or after the timestamp"
msgstr "gte - password expires at or after the timestamp"

msgid "lt - password expires before the timestamp"
msgstr "lt - password expires before the timestamp"

msgid "lte - password expires at or before timestamp"
msgstr "lte - password expires at or before timestamp"

msgid "neq - password expires not at the timestamp"
msgstr "neq - password expires not at the timestamp"

msgid ""
"stats_monitoring and stats_reporting paste filters have been removed, so "
"references to it must be removed from the ``keystone-paste.ini`` "
"configuration file."
msgstr ""
"stats_monitoring and stats_reporting paste filters have been removed, so "
"references to it must be removed from the ``keystone-paste.ini`` "
"configuration file."

msgid "the config option ``[memcached] servers`` in `keystone.conf`"
msgstr "the config option ``[memcached] servers`` in `keystone.conf`"

msgid "to::"
msgstr "to::"