# The contents of this file are subject to the terms of the Common Development and # Distribution License (the License). You may not use this file except in compliance with the # License. # # You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the # specific language governing permission and limitations under the License. # # When distributing Covered Software, include this CDDL Header Notice in each file and include # the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL # Header, with the fields enclosed by brackets [] replaced by your own identifying # information: "Portions Copyright [year] [name of copyright owner]". # # Copyright 2006-2008 Sun Microsystems, Inc. # Portions Copyright 2012-2016 ForgeRock AS. # # Global directives # #global.category=ACCESS_CONTROL # # Format string definitions # # Keys must be formatted as follows: # # [SEVERITY]_[DESCRIPTION]_[ORDINAL] # # where: # # SEVERITY is one of: # [INFO, WARN, ERR, DEBUG, NOTICE] # # DESCRIPTION is an upper case string providing a hint as to the context of # the message in upper case with the underscore ('_') character serving as # word separator # # ORDINAL is an integer unique among other ordinals in this file # WARN_ACI_SYNTAX_GENERAL_PARSE_FAILED_1=The provided string "%s" could \ not be parsed as a valid Access Control Instruction (ACI) because it failed \ general ACI syntax evaluation WARN_ACI_SYNTAX_INVAILD_VERSION_2=The provided Access Control \ Instruction (ACI) version value "%s" is invalid, only the version 3.0 is \ supported WARN_ACI_SYNTAX_INVALID_ACCESS_TYPE_VERSION_3=The provided Access \ Control Instruction access type value "%s" is invalid. A valid access type \ value is either allow or deny WARN_ACI_SYNTAX_INVALID_RIGHTS_SYNTAX_4=The provided Access Control \ Instruction (ACI) rights values "%s" are invalid. The rights must be a list \ of 1 to 6 comma-separated keywords enclosed in parentheses WARN_ACI_SYNTAX_INVALID_RIGHTS_KEYWORD_5=The provided Access Control \ Instruction (ACI) rights keyword values "%s" are invalid. The valid rights \ keyword values are one or more of the following: read, write, add, delete, \ search, compare or the single value all WARN_ACI_SYNTAX_BIND_RULE_MISSING_CLOSE_PAREN_6=The provided Access \ Control Instruction (ACI) bind rule value "%s" is invalid because it is \ missing a close parenthesis that corresponded to the initial open parenthesis WARN_ACI_SYNTAX_INVALID_BIND_RULE_SYNTAX_7=The provided Access Control \ Instruction (ACI) bind rule value "%s" is invalid. A valid bind rule value \ must be in the following form: keyword operator "expression" WARN_ACI_SYNTAX_INVALID_BIND_RULE_KEYWORD_8=The provided Access \ Control Instruction (ACI) bind rule keyword value "%s" is invalid. A valid \ keyword value is one of the following: userdn, groupdn, roledn, userattr,ip, \ dns, dayofweek, timeofday or authmethod WARN_ACI_SYNTAX_INVALID_BIND_RULE_OPERATOR_9=The provided Access \ Control Instruction (ACI) bind rule operator value "%s" is invalid. A valid \ bind rule operator value is either '=' or "!=" WARN_ACI_SYNTAX_MISSING_BIND_RULE_EXPRESSION_10=The provided Access \ Control Instruction (ACI) bind rule expression value corresponding to the \ keyword value "%s" is missing an expression. A valid bind rule value must be \ in the following form: keyword operator "expression" WARN_ACI_SYNTAX_INVALID_BIND_RULE_BOOLEAN_OPERATOR_11=The provided \ Access Control Instruction (ACI) bind rule boolean operator value "%s" is \ invalid. A valid bind rule boolean operator value is either "OR" or "AND" WARN_ACI_SYNTAX_INVALID_BIND_RULE_KEYWORD_OPERATOR_COMBO_12=The \ provided Access Control Instruction (ACI) bind rule keyword string "%s" is \ invalid for the bind rule operator string "%s" WARN_ACI_SYNTAX_INVALID_USERDN_URL_13=The provided Access Control \ Instruction (ACI) bind rule userdn expression failed to URL decode for the \ following reason: %s WARN_ACI_SYNTAX_INVALID_GROUPDN_EXPRESSION_16=The provided Access \ Control Instruction (ACI) bind rule groupdn expression value "%s" is invalid. \ A valid groupdn keyword expression value requires one or more LDAP URLs in \ the following format: ldap:///groupdn [|| ldap:///groupdn] ... [|| \ ldap:///groupdn] WARN_ACI_SYNTAX_INVALID_GROUPDN_URL_17=The provided Access Control \ Instruction (ACI) bind rule groupdn expression value failed to URL decode for \ the following reason: %s WARN_ACI_SYNTAX_INVALID_IP_EXPRESSION_21=The provided Access Control \ Instruction (ACI) bind rule ip expression value "%s" is invalid. A valid ip \ keyword expression requires one or more comma-separated elements of a valid \ IP address list expression WARN_ACI_SYNTAX_INVALID_DNS_EXPRESSION_22=The provided Access Control \ Instruction (ACI) bind rule dns expression value "%s" is invalid. A valid dns \ keyword expression value requires a valid fully qualified DNS domain name WARN_ACI_SYNTAX_INVALID_DNS_WILDCARD_23=The provided Access Control \ Instruction (ACI) bind rule dns expression value "%s" is invalid, because a \ wild-card pattern was found in the wrong position. A valid dns keyword \ wild-card expression value requires the '*' character only be in the leftmost \ position of the domain name WARN_ACI_SYNTAX_INVALID_DAYOFWEEK_24=The provided Access Control \ Instruction (ACI) bind rule dayofweek expression value "%s" is invalid, \ because of an invalid day of week value. A valid dayofweek value is one of \ the following English three-letter abbreviations for the days of the week: \ sun, mon, tue, wed, thu, fri, or sat WARN_ACI_SYNTAX_INVALID_TIMEOFDAY_25=The provided Access Control \ Instruction (ACI) bind rule timeofday expression value "%s" is invalid. A \ valid timeofday value is expressed as four digits representing hours and \ minutes in the 24-hour clock (0 to 2359) WARN_ACI_SYNTAX_INVALID_TIMEOFDAY_RANGE_26=The provided Access Control \ Instruction (ACI) bind rule timeofday expression value "%s" is not in the \ valid range. A valid timeofday value is expressed as four digits representing \ hours and minutes in the 24-hour clock (0 to 2359) WARN_ACI_SYNTAX_INVALID_AUTHMETHOD_EXPRESSION_27=The provided Access \ Control Instruction (ACI) bind rule authmethod expression value "%s" is \ invalid. A valid authmethod value is one of the following: none, simple,SSL, \ or "sasl mechanism", where mechanism is one of the supported SASL mechanisms \ including CRAM-MD5, DIGEST-MD5, and GSSAPI WARN_ACI_SYNTAX_INVALID_USERATTR_EXPRESSION_28=The provided Access \ Control Instruction (ACI) bind rule userattr expression value "%s" is invalid WARN_ACI_SYNTAX_INVALID_USERATTR_INHERITANCE_PATTERN_30=The provided \ Access Control Instruction (ACI) bind rule userattr expression inheritance \ pattern value "%s" is invalid. A valid inheritance pattern value must have the \ following format: parent[inheritance_level].attribute#bindType WARN_ACI_SYNTAX_MAX_USERATTR_INHERITANCE_LEVEL_EXCEEDED_31=The \ provided Access Control Instruction (ACI) bind rule userattr expression \ inheritance pattern value "%s" is invalid. The inheritance level value cannot \ exceed the max level limit of %s WARN_ACI_SYNTAX_INVALID_INHERITANCE_VALUE_32=The provided Access \ Control Instruction (ACI) bind rule userattr expression inheritance pattern \ value "%s" is invalid because it is non-numeric WARN_ACI_SYNTAX_INVALID_TARGET_SYNTAX_33=The provided Access Control \ Instruction (ACI) target rule value "%s" is invalid. A valid target rule value \ must be in the following form: keyword operator "expression" WARN_ACI_SYNTAX_INVALID_TARGET_KEYWORD_34=The provided Access Control \ Instruction (ACI) target keyword value "%s" is invalid. A valid target \ keyword value is one of the following: target, targetscope, targetfilter, \ targetattr or targattrfilters WARN_ACI_SYNTAX_INVALID_TARGET_NOT_OPERATOR_35=The provided Access \ Control Instruction (ACI) target operator value "%s" is invalid. The only \ valid target operator value for the "%s" keyword is '=' WARN_ACI_SYNTAX_INVALID_TARGET_DUPLICATE_KEYWORDS_37=The provided \ Access Control Instruction (ACI) target keyword value "%s" was seen multiple \ times in the ACI "%s" WARN_ACI_SYNTAX_INVALID_TARGETS_OPERATOR_38=The provided Access \ Control Instruction (ACI) target keyword operator value "%s" is invalid. A \ valid target keyword operator value is either '=' or "!=" WARN_ACI_SYNTAX_INVALID_TARGETSCOPE_EXPRESSION_39=The provided Access \ Control Instruction (ACI) targetscope expression operator value "%s" is \ invalid. A valid targetscope expression value is one of the following: one, \ onelevel, subtree or subordinate WARN_ACI_SYNTAX_INVALID_TARGETKEYWORD_EXPRESSION_40=The provided \ Access Control Instruction (ACI) target expression value "%s" is invalid. A \ valid target keyword expression value requires a LDAP URL in the following \ format: ldap:///distinguished_name_pattern WARN_ACI_SYNTAX_TARGET_DN_NOT_DESCENDENTOF_41=The provided Access \ Control Instruction (ACI) target expression DN value "%s" is invalid. The \ target expression DN value must be a descendant of the ACI entry DN "%s", if \ no wild-card is specified in the target expression DN WARN_ACI_SYNTAX_INVALID_TARGETATTRKEYWORD_EXPRESSION_42=The provided \ Access Control Instruction (ACI) targetattr expression value "%s" is invalid. \ A valid targetattr keyword expression value requires one or more valid \ attribute type names in the following format: attribute1 [|| attribute2] ... \ [|| attributeN]. Attribute options are not supported WARN_ACI_SYNTAX_INVALID_TARGETFILTERKEYWORD_EXPRESSION_43=The provided \ Access Control Instruction (ACI) targetfilter expression value "%s" is \ invalid because it is not a valid LDAP filter INFO_ACI_ADD_FAILED_PRIVILEGE_44=An attempt to add the entry "%s" containing \ an aci attribute type failed, because the authorization DN "%s" lacked \ modify-acl privileges INFO_ACI_MODIFY_FAILED_PRIVILEGE_45=An attempt to modify an aci attribute \ type in the entry "%s" failed, because the authorization DN "%s" lacked \ modify-acl privileges WARN_ACI_ADD_FAILED_DECODE_46=An attempt to add the entry "%s" \ containing an aci attribute type failed because of the following reason: %s WARN_ACI_MODIFY_FAILED_DECODE_47=An attempt to modify an aci attribute \ type in the entry "%s" failed because of the following reason: %s WARN_ACI_ADD_LIST_FAILED_DECODE_48= "%s", located in the entry "%s", \ because of the following reason: %s INFO_ACI_ADD_LIST_ACIS_50=Added %s Access Control Instruction (ACI) attribute \ types found in context "%s" to the access control evaluation engine WARN_ACI_SYNTAX_INVALID_USERATTR_ROLEDN_INHERITANCE_PATTERN_51=The \ provided Access Control Instruction (ACI) bind rule userattr expression \ inheritance pattern value "%s" is invalid for the roledn keyword because it \ starts with the string "parent[" WARN_ACI_SYNTAX_INVALID_TARGATTRFILTERS_EXPRESSION_53=The provided \ Access Control Instruction (ACI) targattrfilter expression value %s is \ invalid because it is not in the correct format.A valid targattrsfilters \ expression value must be in the following format: "add=attr1: F1 && attr2: F2 \ ... && attrN: FN,del= attr1: F1 && attr2: F2 ... && attrN: FN" WARN_ACI_SYNTAX_INVALID_TARGATTRFILTERS_OPS_MATCH_54=The provided \ Access Control Instruction (ACI) targattrfilter expression value %s is \ invalid because the both operation tokens match in the two filter lists WARN_ACI_SYNTAX_INVALID_TARGATTRFILTERS_MAX_FILTER_LISTS_55=The \ provided Access Control Instruction (ACI) targattrfilters expression value %s \ is invalid because there are more than two filter list statements WARN_ACI_SYNTAX_INVALID_TARGATTRFILTERS_FILTER_LIST_FORMAT_56=The \ provided Access Control Instruction (ACI) targattrfilters expression value %s \ is invalid because the provided filter list string is in the wrong format. A \ valid targattrfilters filter list must be in the following format: add=attr1: \ F1 && attr2: F2 ... && attrN: FN WARN_ACI_SYNTAX_INVALID_TARGATTRFILTERS_FILTER_LISTS_FILTER_57=The \ provided Access Control Instruction (ACI) targattrfilters expression value %s \ is invalid because one or more of the specified filters are invalid for the \ following reason: %s WARN_ACI_SYNTAX_INVALID_TARGATTRFILTERS_FILTER_LISTS_ATTR_FILTER_58=The \ provided Access Control Instruction (ACI) targattrfilters expression value %s \ is invalid because one or more of the specified filters are invalid because \ of non-matching attribute type names in the filter WARN_ACI_SYNTAX_INVALID_ATTRIBUTE_TYPE_NAME_59=The provided Access \ Control Instruction (ACI) attribute name value %s is invalid. A valid \ attribute type name must begin with an ASCII letter and must contain only \ ASCII letters,digits or the "-" character NOTE_ACI_SYNTAX_DUBIOUS_AUTHMETHOD_SASL_MECHANISM_60=The SASL mechanism \ "%s" provided in the Access Control Instruction (ACI) bind rule authmethod \ expression is not one of the currently registered mechanisms in the server WARN_ACI_LOCALHOST_DOESNT_MATCH_CANONICAL_VALUE_61=The provided Access \ Control Instruction (ACI) bind rule dns expression value "%s" references \ hostname %s, but the canonical representation for that hostname is configured \ to be %s. The server will attempt to automatically interpret the correct \ localhost value WARN_ACI_HOSTNAME_DOESNT_MATCH_CANONICAL_VALUE_62=The provided Access \ Control Instruction (ACI) bind rule dns expression value "%s" references \ hostname %s, which resolves to IP address %s, but the canonical hostname for \ that IP address is %s. This likely means that the provided hostname will \ never match any clients WARN_ACI_ERROR_CHECKING_CANONICAL_HOSTNAME_63=An error occurred while \ attempting to determine whether hostname %s referenced in dns expression bind \ rule "%s" used the correct canonical representation: %s. This likely means \ that the provided hostname will never match any clients INFO_ACI_ADD_LIST_GLOBAL_ACIS_66=Added %s Global Access Control Instruction \ (ACI) attribute types to the access control evaluation engine INFO_ACI_HANDLER_FAIL_PROCESS_GLOBAL_ACI_67=An unexpected error occurred \ while processing the ds-cfg-global-aci attribute in configuration entry %s INFO_ACI_HANDLER_FAIL_PROCESS_ACI_68=An unexpected error occurred while \ processing the aci attributes in the configuration system WARN_PATTERN_DN_CONSECUTIVE_WILDCARDS_IN_VALUE_69=The pattern DN %s is \ not valid because it contains two consecutive wildcards in an attribute value WARN_PATTERN_DN_TYPE_CONTAINS_SUBSTRINGS_70=The pattern DN %s is not \ valid because it uses wildcards for substring matching on an attribute type. \ A single wildcard is allowed in place of an attribute type WARN_PATTERN_DN_TYPE_WILDCARD_IN_MULTIVALUED_RDN_71=The pattern DN %s \ is not valid because it contains a wildcard in an attribute type in a \ multi-valued RDN WARN_ACI_NOT_VALID_DN_73=Selfwrite check skipped because an attribute \ "%s" with a distinguished name syntax was not a valid DN WARN_ACI_TARGETATTR_INVALID_ATTR_TOKEN_74=The provided Access Control \ Instruction (ACI) targetattr expression value "%s" is invalid because the \ expression contains invalid or duplicate tokens WARN_ACI_SYNTAX_ROLEDN_NOT_SUPPORTED_75=The provided Access Control \ Instruction (ACI) expression value "%s" is invalid because it contains the \ roledn keyword, which is not supported, replace it with the groupdn keyword WARN_ACI_SERVER_DECODE_FAILED_76=Failed to decode the Access Control \ Instruction (ACI)%s WARN_ACI_ENTER_LOCKDOWN_MODE_77=The server is being put into lockdown \ mode because invalid ACIs rules were detected either when the server was \ started or during a backend initialization WARN_ACI_SYNTAX_INVALID_USERATTR_URL_78=The provided Access Control \ Instruction (ACI) bind rule userattr expression value failed to URL decode \ for the following reason: %s WARN_ACI_SYNTAX_INVALID_USERATTR_BASEDN_URL_79=The provided Access \ Control Instruction (ACI) bind rule userattr expression value failed to parse \ because the ldap URL "%s" contains an empty base DN WARN_ACI_SYNTAX_INVALID_USERATTR_ATTR_URL_80=The provided Access \ Control Instruction (ACI) bind rule userattr expression value failed to parse \ because the attribute field of the ldap URL "%s" either contains more than \ one description or the field is empty WARN_ACI_SYNTAX_INVALID_PREFIX_FORMAT_81=The provided Access Control \ Instruction (ACI) bind rule IP address expression failed to parse because the \ prefix part of the expression "%s" has an invalid format WARN_ACI_SYNTAX_INVALID_PREFIX_VALUE_82=The provided Access Control \ Instruction (ACI) bind rule IP address expression failed to parse because the \ prefix value of the expression "%s" was an invalid value. All values must \ greater than or equal to 0 and either less than or equal 32 for IPV4 \ addresses or less than or equal to 128 for IPV6 addresses WARN_ACI_SYNTAX_PREFIX_NOT_NUMERIC_83=The provided Access Control \ Instruction (ACI) bind rule IP address expression failed to parse because the \ prefix part of the expression "%s" has an non-numeric value WARN_ACI_SYNTAX_INVALID_IPV4_FORMAT_84=The provided Access Control \ Instruction (ACI) bind rule IP address expression failed to parse because the \ the IPv4 address expression "%s" format was invalid WARN_ACI_SYNTAX_INVALID_IPV4_VALUE_85=The provided Access Control \ Instruction (ACI) bind rule IP address expression failed to parse because the \ IPv4 address expression "%s" contains an invalid value. All values of the \ address must be between 0 and 255 WARN_ACI_SYNTAX_IPV4_NOT_NUMERIC_86=The provided Access Control \ Instruction (ACI) bind rule IP address expression failed to parse because the \ the IPv4 address expression "%s" contains a non-numeric value WARN_ACI_SYNTAX_IPV6_WILDCARD_INVALID_87=The provided Access Control \ Instruction (ACI) bind rule IP address expression failed to parse because the \ the IPv6 address expression "%s" contains an illegal wildcard character. \ Wildcards are not supported when using IPv6 addresses in a IP bind rule \ expression WARN_ACI_SYNTAX_INVALID_IPV6_FORMAT_88=The provided Access Control \ Instruction (ACI) bind rule IP address expression "%s" failed to parse for \ the following reason: "%s" WARN_ACI_SYNTAX_INVALID_NETMASK_FORMAT_89=The provided Access Control \ Instruction (ACI) bind rule IP address expression failed to parse because the \ netmask part of the expression "%s" has an invalid format WARN_ACI_SYNTAX_INVALID_NETMASK_90=The provided Access Control \ Instruction (ACI) bind rule IP address expression failed to parse because the \ netmask part of the expression "%s" has an invalid value WARN_ACI_SYNTAX_INVALID_TARGETCONTROL_EXPRESSION_91=The provided \ Access Control Instruction (ACI) targetcontrol expression value "%s" is \ invalid. A valid targetcontrol keyword expression value requires one or more \ valid control OID strings in the following format: oid [|| oid1] ... [|| \ oidN] WARN_ACI_SYNTAX_ILLEGAL_CHAR_IN_NUMERIC_OID_92=The provided Access \ Control Instruction (ACI) targetcontrol OID value "%s" could not be parsed \ because the value contained an illegal character %c at position %d WARN_ACI_SYNTAX_DOUBLE_PERIOD_IN_NUMERIC_OID_93=The provided Access \ Control Instruction (ACI) targetcontrol OID value "%s" could not be parsed \ because the numeric OID contained two consecutive periods at position %d WARN_ACI_SYNTAX_INVALID_TARGEXTOP_EXPRESSION_95=The provided Access \ Control Instruction (ACI) extop expression value "%s" is invalid. A valid \ extop keyword expression value requires one or more valid extended operation \ request OID strings in the following format: oid [|| oid1] ... [|| oidN] WARN_ACI_ATTRIBUTE_NOT_INDEXED_96=Backend %s does not have a \ presence index defined for attribute type %s. Access control initialization \ may take a very long time to complete in this backend WARN_ACI_SYNTAX_INVALID_SSF_FORMAT_97=The provided Access Control \ Instruction (ACI) bind rule SSF expression "%s" failed to parse for \ the following reason: "%s" WARN_ACI_SYNTAX_INVALID_SSF_RANGE_98=The provided Access Control \ Instruction (ACI) bind rule ssf expression value "%s" is not in the \ valid range. A valid ssf value is in the range of 1 to 1024 WARN_ACI_SYNTAX_INVALID_TIMEOFDAY_FORMAT_99=The provided Access Control \ Instruction (ACI) bind rule timeofday expression "%s" failed to parse for \ the following reason: "%s"