%
# Copyright (C) 2015 - present Instructure, Inc.
#
# This file is part of Canvas.
#
# Canvas is free software: you can redistribute it and/or modify it under
# the terms of the GNU Affero General Public License as published by the Free
# Software Foundation, version 3 of the License.
#
# Canvas is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
# A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
# details.
#
# You should have received a copy of the GNU Affero General Public License along
# with this program. If not, see .
%>
<% if aac.try(:last_timeout_failure).present? %>
<%= t :ldap_timeout_failure_help2,
"If Canvas times out too many times communicating with the LDAP server,"\
" it will block further login attempts from using that LDAP "\
"server for %{time}. Your LDAP server last timed out at %{timestamp}.",
time: distance_of_time_in_words(aac.failure_wait_time),
timestamp: datetime_string(aac.last_timeout_failure) %>
<%= t(:auth_filter_description,
"Use *%{placeholder}* as a placeholder for the username "\
"supplied by the user. \nFor example: "\
"*(sAMAccountName=%{placeholder})*",
placeholder: '{{login}}',
wrapper: '\1') %>
<%= t(:identifer_format_description,
"The LDAP attribute to use to look up the Canvas login. "\
"Leave blank to use the username supplied by the user.") %>
<%= t(:internal_ca_description,
"If your LDAP server presents a certificate issued by an untrusted, internal root CA, you *must* upload your root "\
"CA in order for Canvas to trust it when connecting.", wrapper: '\1') %>
<%= t(:internal_ca_warning,
"*Warning*: Using an internal root CA is less secure, and increases the risk of compromise. We strongly "\
"recommend using certificates issued by a trusted certificate authority, instead.", wrapper: '\1') %>
<%= t(:verify_tls_cert_opt_in_undated_description, "TLS certificate verification will be required soon, but you may enable it early to ensure your LDAP server is compliant.") %>
<%= t(:verify_tls_cert_opt_in_dated_description, "TLS certificate verification will be required on *%{enforcement_date}*, but you may enable it early to ensure your LDAP server is compliant.", enforcement_date: date_string(Time.at(Setting.get("ldap_validate_tls_cert_enforcement_date", 0).to_i)), wrapper: '\1') %>