.

KGRKJGETMRETU895U-589TY5MIGM5JGB5SDFESFREWTGR54TY
Server : Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.2.17
System : Linux localhost 2.6.18-419.el5 #1 SMP Fri Feb 24 22:47:42 UTC 2017 x86_64
User : nobody ( 99)
PHP Version : 5.2.17
Disable Function : NONE
Directory : /proc/21585/root/usr/share/authconfig/
Upload File :
Current File : //proc/21585/root/usr/share/authconfig/authconfig.pyc
mò
µÉ(Nc@s<dkZdkZdkZdkZdkZdkZeiZdkl	Z	dk
Z
e
ie
idƒd„Z
e
dƒo
dkZnde	fd„ƒYZdfd„ƒYZd	efd
„ƒYZedjoaeieieiƒeidƒe
dƒo
eƒZn
eƒZeiƒeid
ƒndS(N(sOptionParsertcCstidi|ƒdjS(Ni(tsystargvtfindtname(R((t#/usr/share/authconfig/authconfig.pytrunsAs"ssauthconfig-tuitUnihelpOptionParsercBstZdd„ZRS(NcCsƒ|djo
ti}ntiƒ}t|ddƒ}|p
|djo
|}n|i	|iƒi|ƒi
|dƒƒdS(Ntencodingtasciitreplace(tfiletNoneRtstdouttlocaletgetpreferredencodingtsrcencodingtgetattrRtwritetselftformat_helptdecodetencode(RRRR((Rt
print_help)s


(t__name__t
__module__RR(((RR(st
AuthconfigcBs}tZd„Zd„Zd„Zd„Zd„Zd„Zd„Zd„Z	d	„Z
d
„Zd„Zd„Z
d
„ZRS(NcCs"t}t}t}t}t}dS(N(tFalset	nis_availtkerberos_availt
ldap_availt	smb_availtcache_avail(RRRRRR ((Rt__init__3s
cCsdS(Nt
authconfig((R((Rtmodule:scCs$tiid|iƒ|fƒdS(Ns%s: %s
(RtstderrRRR#terror(RR%((Rt
printError=scCsyd}d}x\|D]T}|djo|d7}n|o|t|ƒd7}n||7}|d7}qW|d7}|S(Nit<t|t=it>(tidxthelptltitemtaddidxtstr(RR-R/R,R+R.((RtlistHelp@s


cCs•tdƒ|iƒ}|iƒdjo|d7}nt|ƒ}|idddddtd	ƒƒ|id
dddtdƒƒ|idd
dddtdƒƒ|iddddtdƒƒ|idd|iti	t
ƒdtdƒƒ|iddddtdƒƒ|iddddtdƒƒ|iddtdƒdtdƒƒ|iddtdƒdtdƒƒ|iddddtdƒƒ|id dddtd!ƒƒ|id"dddtd#ƒƒ|id$dddtd%ƒƒ|id&dtdƒdtd'ƒƒ|id(dtd)ƒdtd*ƒƒ|id+d,dddtd-ƒƒ|id.d/dddtd0ƒƒ|id1dtd2ƒdtd3ƒƒ|id4dddtd5ƒƒ|id6dddtd7ƒƒ|id8dddtd9ƒƒ|id:dddtd;ƒƒ|id<dtd=ƒdtd>ƒƒ|itiƒtƒ}|id?d|dtd@ƒƒ|idAdddtdBƒƒ|idCdddtdDƒƒ|idEdtdƒdtdFƒƒ|idGdtdƒdtdHƒƒ|idIdtdJƒdtdKƒƒ|idLdddtdMƒƒ|idNdddtdOƒƒ|idPdddtdQƒƒ|idRdddtdSƒƒ|idTdddtdUƒƒ|idVdddtdWƒƒ|idXdtdYƒdtdZƒƒ|id[dtd\ƒdtd]ƒƒ|id^dddtd_ƒƒ|id`dddtdaƒƒ|idbdddtdcƒƒ|idddddtdeƒƒ|idfddgdtdhƒƒ|ididtdJƒdtdjƒƒ|idkdtdlƒdtdmƒƒ|idndtdlƒdtdoƒƒ|idpddqdtdrƒƒ|idsddtdtduƒƒ|idvddwdtdxƒƒ|idyddzdtd{ƒƒ|id|dddtd}ƒƒ|id~dddtdƒƒ|id€dddtdƒƒ|id‚dddtdƒƒƒ|id„dd…dtd†ƒƒ|id‡dddtdˆƒƒ|id‰dddtdŠƒƒ|id‹dddtdŒƒƒ|iddddtdŽƒƒ|iddddtdƒƒ|id‘dddtd’ƒƒ|id“dd”dtd•ƒƒ|id–dd—dtd˜ƒƒ|id™dddtdšƒƒ|id›dddtdœƒƒ|iddddtdžƒƒ|idŸdddtd ƒƒ|id¡dddtd¢ƒƒ|id£dddtd¤ƒƒ|id¥dddtd¦ƒƒ|id§dddtd¨ƒƒ|id©dddtdªƒƒ|id«dddtd¬ƒƒ|iddddtd®ƒƒ|id¯dddtd°ƒƒ|id±dddtd²ƒƒ|id³dddtd´ƒƒ|idµdddtd¶ƒƒ|id·dddtd¸ƒƒ|iƒd¹joB|idºdddtd»ƒƒ|id¼dddtd½ƒƒn#|id¾d¼dddtd¿ƒƒ|idÀdddtdÁƒƒ|idÂdddtdÃƒƒ|iƒ\|_}|o$|itdÄƒƒtidÅƒn|iƒd¹joL|iio>|iio0|iio"|iio|idÆgƒndS(ÇNsusage: %s [options]R"s <--update|--test|--probe>s--enableshadows--useshadowtactiont
store_trueR,s$enable shadowed passwords by defaults--disableshadows%disable shadowed passwords by defaults--enablemd5s--usemd5senable MD5 passwords by defaults--disablemd5s disable MD5 passwords by defaults
--passalgotmetavars&hash/crypt algorithm for new passwordss--enableniss*enable NIS for user information by defaults--disableniss+disable NIS for user information by defaults--nisdomains<domain>sdefault NIS domains--nisservers<server>sdefault NIS servers--enableldaps+enable LDAP for user information by defaults
--disableldaps,disable LDAP for user information by defaults--enableldapauths)enable LDAP for authentication by defaults--disableldapauths*disable LDAP for authentication by defaults--ldapserversdefault LDAP servers--ldapbasedns<dn>sdefault LDAP base DNs--enableldaptlss--enableldapsslsenable use of TLS with LDAPs--disableldaptlss--disableldapsslsdisable use of TLS with LDAPs--ldaploadcacerts<URL>s load CA certificate from the URLs--enablesmartcards0enable authentication with smart card by defaults--disablesmartcards1disable authentication with smart card by defaults--enablerequiresmartcards0require smart card for authentication by defaults--disablerequiresmartcards7do not require smart card for authentication by defaults--smartcardmodules<module>s default smart card module to uses--smartcardactions(action to be taken on smart card removals--enablekrb5s)enable kerberos authentication by defaults
--disablekrb5s*disable kerberos authentication by defaults	--krb5kdcsdefault kerberos KDCs--krb5adminserversdefault kerberos admin servers--krb5realms<realm>sdefault kerberos realms--enablekrb5kdcdnss'enable use of DNS to find kerberos KDCss--disablekrb5kdcdnss(disable use of DNS to find kerberos KDCss--enablekrb5realmdnss)enable use of DNS to find kerberos realmss--disablekrb5realmdnss*disable use of DNS to find kerberos realmss--enablesmbauths$enable SMB authentication by defaults--disablesmbauths%disable SMB authentication by defaults--smbserverss	<servers>s(names of servers to authenticate againsts--smbworkgroups<workgroup>s'workgroup authentication servers are ins--enablewinbinds.enable winbind for user information by defaults--disablewinbinds/disable winbind for user information by defaults--enablewinbindauths,enable winbind for authentication by defaults--disablewinbindauths-disable winbind for authentication by defaults
--smbsecuritys<user|server|domain|ads>s*security mode to use for samba and winbinds
--smbrealms5default realm for samba and winbind when security=adss
--smbidmapuids<lowest-highest>s4uid range winbind will assign to domain or ads userss
--smbidmapgids4gid range winbind will assign to domain or ads userss--winbindseparators<\>sthe character which will be used to separate the domain and user part of winbind-created user names if winbindusedefaultdomain is not enableds--winbindtemplatehomedirs
</home/%D/%U>sGthe directory which winbind-created users will have as home directoriess--winbindtemplateprimarygroups<nobody>sFthe group which winbind-created users will have as their primary groups--winbindtemplateshells</bin/false>sDthe shell which winbind-created users will have as their login shells--enablewinbindusedefaultdomains[configures winbind to assume that users with no domain in their user names are domain userss --disablewinbindusedefaultdomains_configures winbind to assume that users with no domain in their user names are not domain userss--enablewinbindofflines)configures winbind to allow offline logins--disablewinbindofflines+configures winbind to prevent offline logins
--winbindjoins<Administrator>s>join the winbind domain or ads realm now as this administrators--enablewinss#enable wins for hostname resolutions
--disablewinss$disable wins for hostname resolutions--enablepreferdnss3prefer dns over wins or nis for hostname resolutions--disablepreferdnss:do not prefer dns over wins or nis for hostname resolutions--enablehesiods-enable hesiod for user information by defaults--disablehesiods.disable hesiod for user information by defaults--hesiodlhss<lhs>sdefault hesiod LHSs--hesiodrhss<rhs>sdefault hesiod RHSs--enablesssdsOenable SSSD for user information by default with manually managed configurations
--disablesssdsVdisable SSSD for user information by default (still used for supported configurations)s--enablesssdauthsMenable SSSD for authentication by default with manually managed configurations--disablesssdauthsSdisable SSSD for authentication by default (still used for supported configurationss
--enablecaches-enable caching of user information by defaults--disablecaches.disable caching of user information by defaults--enablelocauthorizes1local authorization is sufficient for local userss--disablelocauthorizes1authorize local users also through remote services--enablepamaccesss.check access.conf during account authorizations--disablepamaccesss5do not check access.conf during account authorizations--enablesysnetauths0authenticate system accounts by network servicess--disablesysnetauths0authenticate system accounts by local files onlys--enablemkhomedirs6create home directories for users on their first logins--disablemkhomedirs=do not create home directories for users on their first logins	--nostarts+do not start/stop portmap, ypbind, and nscds--tests>do not update the configuration files, only print new settingssauthconfig-tuis--backs<display Back instead of Cancel in the main dialog of the TUIs--kickstarts1do not display the deprecated text user interfaces--updatesDopposite of --test, update configuration files with changed settingss--updateallsupdate all configuration filess--probes)probe network for defaults and print themsunexpected argumentis-h(t_RR#tusageRtparsert
add_optionR1tauthinfotpassword_algorithmsRtgetSmartcardActionstTruetactshelpt
parse_argstoptionstargsR&Rtexittprobettesttupdatet	updateall(RR@R7R=R6((RtparseOptionsMsf	LcCs±ti|iƒ}|iƒ|io#|iod|i|ifGHn|io#|i	od|i|i	fGHn|i
o-d|i
|ipd|ipdfGHndS(Nshesiod %s/%ssldap %s/%s
skrb5 %s/%s/%s
R(
R9tAuthInfoRR&tinfoRBt	hesiodLHSt	hesiodRHSt
ldapServert
ldapBaseDNt
kerberosRealmtkerberosKDCtkerberosAdminServer(RRH((RRBs

cCs+ti|iƒ|_|iiƒ|_dS(N(R9treadRR&RHtcopytpristineinfo(R((RtreadAuthInfo,scCs½tititiƒotititiƒ|_tititiƒ|_	titi
tiƒotititiƒ|_titi
tiƒ|_tititiƒ|_dS(N(tostaccessR9tPATH_YPBINDtX_OKtPATH_LIBNSS_NISRRt
PATH_PAM_KRB5Rt
PATH_PAM_LDAPtPATH_LIBNSS_LDAPRtPATH_PAM_SMBRt	PATH_NSCDR (R((RttestAvailableSubsys1s
44cCsThdd<dd<dd<dd<d	d
<dd<d
d<dd<dd<dd<dd<dd<dd<dd<dd<dd <d!d"<d#d$<d%d&<d'd(<d)d*<d+d,<d-d.<d/d0<d1d2<}hd3d4<d5d6<d7d8<d9d:<d;d<<d=d><d?d@<dAdB<dCdD<dEdF<dGdH<dIdJ<dKdL<dMdN<dOdP<dQdR<dSdT<dUdV<dWdX<dYdZ<d[d\<d]d^<d_d`<}xv|iƒD]h\}}t|ida|ƒot|i	|t
ƒnt|idb|ƒot|i	|tƒqÉqÉW|iioY|ii|i	i
jo@|i	i|iiƒ|i	_|i	i|iiƒ|i	_nxV|iƒD]H\}}t|i|ƒdjo#t|i	|t|i|ƒƒq¨q¨W|iioS|iiidcddƒ}|de|i	_t|ƒddjo|dd|i	_qTn|iioky,t|iiƒ}tiƒ||i	_WqÌtt fj
o&|i!t"dfƒƒdg|i	_qÌXn|ii#p>|ii$odh|i	_%n|ii&odi|i	_%qPn:|ii#ti'jo#|i!t"djƒƒdk|i	_%ndS(lNtshadowtenableShadowtlocauthorizetenableLocAuthorizet	pamaccesstenablePAMAccesst
sysnetauthtenableSysNetAutht	mkhomedirtenableMkHomeDirtcachetenableCachethesiodtenableHesiodtldapt
enableLDAPtldaptlstenableLDAPStldapauthtenableLDAPAuthtkrb5tenableKerberostnist	enableNISt
krb5kdcdnstkerberosKDCviaDNStkrb5realmdnstkerberosRealmviaDNSt	smartcardtenableSmartcardtrequiresmartcardtforceSmartcardtsmbautht	enableSMBtwinbindt
enableWinbindtwinbindauthtenableWinbindAuthtwinbindusedefaultdomaintwinbindUseDefaultDomaintwinbindofflinetwinbindOfflinetwinst
enableWINStsssdt
enableSSSDtsssdauthtenableSSSDAutht	preferdnstpreferDNSinHoststpassalgotpasswordAlgorithmt	hesiodlhsRIt	hesiodrhsRJt
ldapserverRKt
ldapbasednRLtldaploadcacertt
ldapCacertURLt	krb5realmRMtkrb5kdcRNtkrb5adminserverROtsmartcardmoduletsmartcardModuletsmartcardactiontsmartcardActiont	nisdomaint	nisDomaint	nisservert	nisServertsmbworkgrouptsmbWorkgroupt
smbserverst
smbServerstsmbsecuritytsmbSecuritytsmbrealmtsmbRealmtsmbidmapuidtsmbIdmapUidtsmbidmapgidtsmbIdmapGidtwinbindseparatortwinbindSeparatortwinbindtemplatehomedirtwinbindTemplateHomedirtwinbindtemplateprimarygrouptwinbindTemplatePrimaryGrouptwinbindtemplateshelltwinbindTemplateShelltenabletdisablet%iis(Bad smart card removal action specified.Rtmd5tdescrypts;Unknown password hashing algorithm specified, using sha256.tsha256((t
bool_settingststring_settingst	iteritemstopttaivalRRR?tsetattrRHR<RR™RMtgetKerberosKDCRNtgetKerberosAdminServerRORtwinbindjointsplittlsttjoinUsertlentjoinPasswordRžtintR+R9R;RŸt
ValueErrort
IndexErrorR&R5R‘t	enablemd5R’t
disablemd5R:(RRÁRÂR+R¿RÈR¾((RtoverrideSettings:sFçÕ
&"
'




cCstS(N(R<(R((RtdoUI’scCs%|iio|iitƒndS(N(RR?RÆRHt
joinDomainR<(R((RRÓ•s
cCs|iiƒ|iio|iiƒn|iiƒ|iio|iiƒn|ii	|i
ƒ|iƒ|ii|ii
ƒdS(N(RRHttestLDAPCACertsR˜tdownloadLDAPCACerttrehashLDAPCACertsR?RERtwriteChangedRRRÓtposttnostart(R((Rt
writeAuthInfo™s




cCs|iƒ|iio|iƒtidƒn|iio7tiƒdjo$|i	t
dƒƒtidƒn|iƒ|iƒ|i
ƒ|iƒp5|iio|i	t
dƒƒntidƒn|iio|iiƒn|iƒdS(Niscan only be run as rootisdialog was cancelledi(RRFR?RBRRARCRTtgetuidR&R5RSR^RÑRÒRHt	printInfoRÚ(R((Rtrun¦s"

!





(RRR!R#R&R1RFRBRSR^RÑRÒRÓRÚRÝ(((RR2s				
	Ò	
				X			
t
AuthconfigTUIcBsžtZd„Zd„Zd„Zd„Zddd„Zd„Zd„Z	d„Z
d	„Zd
„Zd„Z
d„Zd
„Zd„Zd„Zd„ZRS(NcCsdS(Nsauthconfig-tui((R((RR#»scCs2|iio!|iio|iitƒndS(N(RR?t	kickstartRÆRHRÓR<(R((RRÓ¾scCs©|\}}|iƒpdSnx|oyti|dtiƒpQtdƒ|d|d|df}t	i
|itdƒ|tdƒgƒn|d}q$WdS(Nis€The %s file was not found, but it is required for %s support to work properly.
Install the %s package, which provides this file.iitWarningtOki(
tdatatcomptwarningtselectedRTRUtR_OKR5ttexttsnacktButtonChoiceWindowRtscreen(RRâRãRäRç((RtwarnCallbackÃs
%,c!
CsDtitdƒddg}titdƒddg}titdƒddg}ti	tdƒddg}titdƒd	dg}ti
td
ƒddg}titdƒd
dg}titdƒddg}
titdƒd|
g}titdƒd|g}tiddƒ}titdƒƒ}|i|ddddddƒtitdƒt|i i!ƒƒ}	}|i|ddddddƒ|i$|i%||fƒtitdƒt|i i&ƒƒ}}|i|ddddddƒtitdƒt|i i(ƒƒ}}|i|ddddddƒ|i$|i%||fƒtitdƒt|i i*ƒƒ}}|i|ddddddƒ|i$|i%||fƒtitdƒt|i i,ƒƒ}}|i|dd ddddƒtidd!ƒ} titd"ƒƒ}| i|ddddddƒtitd#ƒt|i i/d$jƒƒ}}| i|ddddddƒtitd%ƒt|i i1ƒƒ}}| i|ddddddƒ|i$|i%||fƒtitd&ƒt|i i3ƒƒ}}| i|ddddddƒ|i$|i%||fƒtitd'ƒt|i i5ƒƒ}}| i|ddddddƒ|i$|i%||fƒtitd(ƒt|i i7ƒƒ}}| i|dd ddddƒ|i$|i%||fƒtitd)ƒt|i i9ƒƒ}
}| i|ddddddƒ|i$|i%||fƒtitd*ƒt|i i;ƒƒ}}| i|dd+ddddƒtiddƒ}|i|ddddd,dd-d4ƒ|i| ddd.dd,dd-d5ƒtiddƒ}ti?|i@iAo
td/ƒp
td0ƒƒ}ti?td1ƒƒ}|i|ddƒ|i|ddƒtiddƒ}|i|ddddƒ|i|ddddƒtiEƒ}|iGiH|td2ƒƒ|iI|ƒ|iJƒ}||jo
|	iKƒ|i _!|iKƒ|i _&|iKƒ|i _(|iKƒ|i _*|iKƒ|i _,|iKƒ|i _1|iKƒod$|i _/n$|i i/d$jod3|i _/n|iKƒ|i _3|iKƒ|i _5|iKƒ|i _7|
iKƒ|i _9|iKƒ|i _;n|iGiLƒ||jS(6NtcachingtnscdtKerberostpam_krb5sLDAP authenticationtnss_ldaptLDAPtNIStypbindsshadow passwordsshadow-utilssSMB authenticationtpam_smbtWinbindssamba-clientsWinbind authenticationssamba-commoniisUser Informationit
anchorLefttgrowxsCache Informations
Use HesiodisUse LDAPisUse NISisUse WinbindiitAuthenticationsUse MD5 PasswordsR»sUse Shadow PasswordssUse LDAP AuthenticationsUse KerberossUse SMB AuthenticationsUse Winbind Authentications!Local authorization is sufficientit	anchorToptpaddingtanchorRighttBacktCanceltNextsAuthentication ConfigurationR¼(iiii(iiii(MR9R]R5Rt	warnCacheRYtwarnKerberosRZtwarnLDAPAuthR[twarnLDAPRVtwarnNIStPATH_PWCONVt
warnShadowR\twarnSMBtPATH_WINBIND_NETtwarnWinbindNettPATH_PAM_WINBINDtwarnWinbindAuthtPATH_LIBNSS_WINBINDtwarnWinbindRètGridtinfoGridtLabelRãtsetFieldtCheckboxtboolRRHRjRitcbtsetCallbackRëRlRkRnRmRvRuR‚RtauthGridR’R»R`R_RrtldapaRtRsR€tsmbR„RƒRbRatmechGridt
buttonGridtButtonR?tbacktcanceltoktmainGridtFormtformRêtgridWrappedWindowtaddRÝRåt	popWindow(!RRsRkRRRÿRRRRiRRRRƒRmRRRR RRRaRuR_RR»RRRRR
RãR((RtgetMainChoicesÏs¢(((((.((((((%%/



cCst|ƒ}tid|ƒ}d}
g}xx|D]p\}}}}|djopti|t
t|i|ƒƒƒ}|i|ƒ|itidƒd|
ddƒ|i|d|
ddƒnØ|djo|ti|ƒ}|i|d|
d	dddƒtid
t|i|ƒd|ƒ}|i|ƒ|i|d|
ddƒnO|d
joìti|ƒ}|i|d|
d	dddddƒy#t|i|ƒ}|i|ƒWntj
o|d}nXd}g}x*|D]"}|i||||jfƒqàWtid|ƒ}|i|ƒ|i|d|
ddƒnV|djoHtid|ddddƒ}|i|ƒ|i|d|
ddƒn|
d7}
q1Wti|odpddƒ}ti"|ƒ}	ti"|ƒ}|oti"|ƒpd}
|i|	ddƒ|o|i|
ddƒn|i||odpddƒtiddƒ}|i|ddd	dddƒ|i|ddd	dddƒti)ƒ}|i+i,||ƒ|i.|ƒx)t/o!|i0ƒ}||	joPn|}xÑ|D]É\}}}}|djo&t2|i||i3dƒi4ƒƒq|djo&t2|i||i3dƒi5ƒƒq|d
jo&t2|i||i3dƒi6ƒƒq|djo|i3dƒqqW||
joPn|o|ƒqÑqÑW|i+i8ƒ||	jS(NiittfvalueRRûiRötsvalueRúi(thiddenR÷trvalueRùtlvaluei2tflexDowntflexUpi(iiii(iiii(iiii(iiii(9RÊtitemstrowsRèR
tquestionGridtrowtwidgetstttdesctattrtvalRRRRRHRtappendRRRãtEntrytseltindexRÍRt
buttonlisttvtRadioBartradioBartTextboxReflowedt
anothertxtRRt	canceltxtRtoktxtRtanotherRRR RêR!tdtitleR"R<RÝtwcopyRÃtpopRåtvaluetgetSelectiont	anothercbR#(RRBR,R?R@R>RGRRRRARR7R/R-R4RCR0R RãR2RR3R<R1R:R.R9((RtgetGenericChoicesAs”
$
"
$

% 


 !


&
&
&


cCsldtdƒddfdtdƒddfg}|itdƒ|tdƒ|o
td	ƒp
td
ƒƒS(NR&sLHS:RIisRHS:RJsHesiod SettingsRüRþRá(R5t	questionsRRHtnext(RRJRI((RtgetHesiodSettings s0cCsdtdƒddfdtdƒddfdtdƒd	dfg}|itd
ƒ|tdƒ|o
tdƒp
td
ƒƒS(NR%sUse TLSRpR&sServer:RKisBase DN:RLs
LDAP SettingsRüRþRá(R5RRIRRHRJ(RRJRI((RtgetLDAPSettings¦sEcCsldtdƒddfdtdƒddfg}|itdƒ|tdƒ|o
td	ƒp
td
ƒƒS(NR&sDomain:R¡isServer:R£sNIS SettingsRüRþRá(R5RIRRHRJ(RRJRI((RtgetNISSettingss0cCs«dtdƒddfdtdƒddfdtdƒddfd	td
ƒddfd	tdƒd
dfg}|itdƒ|tdƒ|o
tdƒp
tdƒƒS(NR&sRealm:RMisKDC:RNs
Admin Server:ROR%s"Use DNS to resolve hosts to realmsRzs!Use DNS to locate KDCs for realmsRxsKerberos SettingsRüRþRá(R5RRIRRHRJ(RRJRI((RtgetKerberosSettings³socCsdtdƒddfdtdƒddfdtdƒddfg}|itd	ƒ|td
ƒ|o
tdƒp
tdƒƒS(
NR&s
Workgroup:R¥isServers:R§sShell:R·sSMB SettingsRüRþRá(R5RIRRHRJ(RRJRI((RtgetSMBSettings¼sEcCs·dtdƒddfdtdƒddfg}|iipd|i_n|itd	ƒ|td
ƒtdƒƒo;|iiƒ|iiƒ|ii	t
ƒ|iiƒnt
S(NR&sDomain Administrator:RÉis	Password:RËit
Administrators
Join SettingsRýRá(R5RIRRHRÉRHRêtsuspendRDRÓR<tresume(RRI((RtgetJoinSettingsÃs0


cCs±dtdƒddfg}ti|iƒ}|iƒ|i	iƒt
}|i	i|ƒo.|i
tdƒ|tdƒtdƒƒ}n|o|i	iƒn|iƒtS(NR)s°Some of the configuration changes you've made should be saved to disk before continuing.  If you do not save them, then your attempt to join the domain may fail.  Save changes?s
Save SettingstNotYes(R5RRIR9RPRR&t	orig_infoRDRHRtrettdiffersRHRRSR<(RRWRIRV((RtmaybeGetJoinSettingsÐs


c	Csüddg}ddddddg}d	„}t||ƒ}d
tdƒd|fd
tdƒddfd
tdƒddfd
tdƒddfd
tdƒd|fg}|itdƒ|tdƒ|o
tdƒp
tdƒdtdƒd|i	ƒS(Ntadstdomains
/sbin/nologins/bin/shs	/bin/bashs	/bin/tcshs/bin/kshs/bin/zshcCsti|tiƒS(N(RTRUtshellRW(R\((RtshellexistsåsR(sSecurity Model:R©R&sDomain:R¥isDomain Controllers:R§s
ADS Realm:R«sTemplate Shell:R·sWinbind SettingsRüRþRáR>sJoin DomainRG(
tsecuritytshellsR]tfilterR5RIRRHRJRY(RRJR_R]RIR^((RtgetWinbindSettingsàs	o)cCsûd}t}xâ|djoÔ|djoÇ|iiƒ|djo|iƒ}nn|djo~|iiom|iipK|ii	p>|ii
p1|iip$|iip|ii
p
|ii}|i|ƒ}qÀnã|djoq|iip
|ii	oS|ii
p1|iip$|iip|ii
p
|ii}|i|ƒ}qÀne|djoW|iioF|ii
p$|iip|ii
p
|ii}|i|ƒ}qÀn|djoJ|ii
o9|iip|ii
p
|ii}|i|ƒ}qÀnª|djoX|iioG|ii
p
|iio,|ii
p
|ii}|i|ƒ}qÀnE|djo7|ii
p
|iiot}|i|ƒ}qÀn|iiƒ|o|d7}q|d8}qW|d	jS(
Niiiiiiiii(RJRtrcRRHRDR$RlRnRrRtRvR€R‚R„tmoreRKRLRMRNRORa(RRcRbRJ((Rt
getChoicesõsH



Z
@

3

&
(

cCsBtdƒ|ii}ti|itdƒ|tdƒgƒdS(NsÄTo connect to a LDAP server with TLS protocol enabled you need a CA certificate which signed your server's certificate. Copy the certificate in the PEM format to the '%s' directory.
Then press OK.RàRá(R5RRHt
ldapCacertDirRçRèRéRê(RRç((RtdisplayCACertsMessage,scCsÆ|iiotSnzœtiƒ|_|iƒ}|ii	t
dƒƒ|iidd|dƒ|iƒp|ii
ƒtSn|iio|iiƒo|iƒnWd|ii
ƒXtS(NsN <Tab>/<Alt-Tab> between elements   |   <Space> selects   |  <F12> next screenis - (c) 1999-2005 Red Hat, Inc.(RR?RßR<RètSnackScreenRêR#tpackageversiontpushHelpLineR5tdrawRootTextRdtfinishRRHRpRÔRf(RRh((RRÒ4s


(RRR#RÓRëR$RRHRKRLRMRNRORSRYRaRdRfRÒ(((RRÞºs 				r_							
			7	t__main__R"i(R9tacutiltgettextRTtsignalRtlgettextR5toptparsetOptionParserRt	setlocaletLC_ALLRRèRRRÞRtSIGINTtSIG_DFLt
textdomainR#RÝRA(RèR#RÞRRoRRmRnRRR9RRrRTR5((Rt?s*$	
		


ÿ‰ÿ
Anon7 - 2021