LPIC-3 300 Objectives V1 - LPI Wiki
LPIC-3 300 Objectives V1
From LPI Wiki
Jump to navigation
Jump to search
Contents
Introduction
Version Information
Addenda
3.1
Version Release (Oct 1st, 2013)
Translations of Objectives
Objectives
5.1
Topic 390: OpenLDAP Configuration
5.1.1
390.1 OpenLDAP Replication (weight: 3)
5.1.2
390.2 Securing the Directory (weight: 3)
5.1.3
390.3 OpenLDAP Server Performance Tuning (weight: 2)
5.2
Topic 391: OpenLDAP as an Authentication Backend
5.2.1
391.1 LDAP Integration with PAM and NSS (weight: 2)
5.2.2
391.2 Integrating LDAP with Active Directory and Kerberos (weight: 2)
5.3
Topic 392: Samba Basics
5.3.1
392.1 Samba Concepts and Architecture (weight: 2)
5.3.2
392.2 Configure Samba (weight: 4)
5.3.3
392.3 Regular Samba Maintenance (weight: 2)
5.3.4
392.4 Troubleshooting Samba (weight: 2)
5.3.5
392.5 Internationalization (weight: 1)
5.4
Topic 393: Samba Share Configuration
5.4.1
393.1 File Services (weight: 4)
5.4.2
393.2 Linux File System and Share/Service Permissions (weight: 3)
5.4.3
393.3 Print Services (weight: 2)
5.5
Topic 394: Samba User and Group Management
5.5.1
394.1 Managing User Accounts and Groups (weight: 4)
5.5.2
394.2 Authentication, Authorization and Winbind (weight: 5)
5.6
Topic 395: Samba Domain Integration
5.6.1
395.1 Samba as a PDC and BDC (weight: 3)
5.6.2
395.2 Samba4 as an AD compatible Domain Controller (weight: 3)
5.6.3
395.3 Configure Samba as a Domain Member Server (weight: 3)
5.7
Topic 396: Samba Name Services
5.7.1
396.1 NetBIOS and WINS (weight: 3)
5.7.2
396.2 Active Directory Name Resolution (weight: 2)
5.8
Topic 397: Working with Linux and Windows Clients
5.8.1
397.1 CIFS Integration (weight: 3)
5.8.2
397.2 Working with Windows Clients (weight: 2)
Introduction
A complete description of the
LPIC-3 certification program
can be found
here
Version Information
These objectives are version 1.0.0.
They were partially formed from content in the
301
and
302
exams. This is also a
summary and detailed information
on the changes from those objectives to version 1 of these objectives.
Addenda
Version Release (Oct 1st, 2013)
released version 1.0.0
Translations of Objectives
The following translations of the objectives are available on this wiki:
French
Spanish
Objectives
Topic 390: OpenLDAP Configuration
390.1 OpenLDAP Replication (weight: 3)
Weight
Description
Candidates should be familiar with the server replication available with OpenLDAP.
Key Knowledge Areas:
Replication concepts
Configure OpenLDAP replication
Analyze replication log files
Understand replica hubs
LDAP referrals
LDAP sync replication
The following is a partial list of the used files, terms and utilities:
master / slave server
multi-master replication
consumer
replica hub
one-shot mode
referral
syncrepl
pull-based / push-based synchronization
refreshOnly and refreshAndPersist
replog
390.2 Securing the Directory (weight: 3)
Weight
Description
Candidates should be able to configure encrypted access to the LDAP directory, and restrict access at the firewall level.
Key Knowledge Areas:
Securing the directory with SSL and TLS
Firewall considerations
Unauthenticated access methods
User / password authentication methods
Maintanence of SASL user DB
Client / server certificates
The following is a partial list of the used files, terms and utilities:
SSL / TLS
Security Strength Factors (SSF)
SASL
proxy authorization
StartTLS
iptables
390.3 OpenLDAP Server Performance Tuning (weight: 2)
Weight
Description
Candidates should be capable of measuring the performance of an LDAP server, and tuning configuration directives.
Key Knowledge Areas:
Measure OpenLDAP performance
Tune software configuration to increase performance
Understand indexes
The following is a partial list of the used files, terms and utilities:
index
DB_CONFIG
Topic 391: OpenLDAP as an Authentication Backend
391.1 LDAP Integration with PAM and NSS (weight: 2)
Weight
Description
Candidates should be able to configure PAM and NSS to retrieve information from an LDAP directory.
Key Knowledge Areas:
Configure PAM to use LDAP for authentication
Configure NSS to retrieve information from LDAP
Configure PAM modules in various Unix environments
The following is a partial list of the used files, terms and utilities:
PAM
NSS
/etc/pam.d/
/etc/nsswitch.conf
391.2 Integrating LDAP with Active Directory and Kerberos (weight: 2)
Weight
Description
Candidates should be able to integrate LDAP with Active Directory Services.
Key Knowledge Areas:
Kerberos integration with LDAP
Cross platform authentication
Single sign-on concepts
Integration and compatibility limitations between OpenLDAP and Active Directory
The following is a partial list of the used files, terms and utilities:
Kerberos
Active Directory
single sign-on
DNS
Topic 392: Samba Basics
392.1 Samba Concepts and Architecture (weight: 2)
Weight
Description
Candidates should understand the essential concepts of Samba. As well, the major differences between Samba3 and Samba4 should be known.
Key Knowledge Areas:
Understand the roles of the Samba daemons and components
Understand key issues regarding heterogeneous networks
Identify key TCP/UDP ports used with SMB/CIFS
Knowledge of Samba3 and Samba4 differences
The following is a partial list of the used files, terms and utilities:
/etc/services
Samba daemons: smbd, nmbd, samba, winbindd
392.2 Configure Samba (weight: 4)
Weight
Description
Candidates should be able to configure the Samba daemons for a wide variety of purposes.
Key Knowledge Areas:
Knowledge of Samba server configuration file structure
Knowledge of Samba variables and configuration parameters
Troubleshoot and debug configuration problems with Samba
The following is a partial list of the used files, terms and utilities:
smb.conf
smb.conf parameters
smb.conf variables
testparm
secrets.tdb
392.3 Regular Samba Maintenance (weight: 2)
Weight
Description
Candidates should know about the various tools and utilities that are part of a Samba installation.
Key Knowledge Areas:
Monitor and interact with running Samba daemons
Perform regular backups of Samba configuration and state data
The following is a partial list of the used files, terms and utilities:
smbcontrol
smbstatus
tdbbackup
392.4 Troubleshooting Samba (weight: 2)
Weight
Description
Candidates should understand the structure of trivial database files and know how troubleshoot problems.
Key Knowledge Areas:
Configure Samba logging
Backup TDB files
Restore TDB files
Identify TDB file corruption
Edit / list TDB file content
The following is a partial list of the used files, terms and utilities:
/var/log/samba/
log level
debuglevel
smbpasswd
pdbedit
secrets.tdb
tdbbackup
tdbdump
tdbrestore
tdbtool
392.5 Internationalization (weight: 1)
Weight
Description
Candidates should be able to work with internationalization character codes and code pages.
Key Knowledge Areas:
Understand internationalization character codes and code pages
Understand the difference in the name space between Windows and Linux/Unix with respect to share, file and directory names in a non-English environment
Understand the difference in the name space between Windows and Linux/Unix with respect to user and group naming in a non-English environment
Understand the difference in the name space between Windows and Linux/Unix with respect to computer naming in a non-English environment
The following is a partial list of the used files, terms and utilities:
internationalization
character codes
code pages
smb.conf
dos charset, display charset and unix charset
Topic 393: Samba Share Configuration
393.1 File Services (weight: 4)
Weight
Description
Candidates should be able to create and configure file shares in a mixed environment.
Key Knowledge Areas:
Create and configure file sharing
Plan file service migration
Limit access to IPC$
Create scripts for user and group handling of file shares
Samba share access configuration parameters
The following is a partial list of the used files, terms and utilities:
smb.conf
[homes]
smbcquotas
smbsh
browseable, writeable, valid users, write list, read list, read only and guest ok
IPC$
mount, smbmount
393.2 Linux File System and Share/Service Permissions (weight: 3)
Weight
Description
Candidates should understand file permissions on a Linux file system in a mixed environment.
Key Knowledge Areas:
Knowledge of file / directory permission control
Understand how Samba interacts with Linux file system permissions and ACLs
Use Samba VFS to store Windows ACLs
The following is a partial list of the used files, terms and utilities:
smb.conf
chmod, chown
create mask, directory mask, force create mode, force directory mode
smbcacls
getfacl, setfacl
vfs_acl_xattr, vfs_acl_tdb and vfs objects
393.3 Print Services (weight: 2)
Weight
Description
Candidates should be able to create and manage print shares in a mixed environment.
Key Knowledge Areas:
Create and configure printer sharing
Configure integration between Samba and CUPS
Manage Windows print drivers and configure downloading of print drivers
Configure [print$]
Understand security concerns with printer sharing
Uploading printer drivers for Point'n'Print driver installation using 'Add Print Driver Wizard' in Windows
The following is a partial list of the used files, terms and utilities:
smb.conf
[print$]
CUPS
cupsd.conf
/var/spool/samba/
smbspool
rpcclient
net
Topic 394: Samba User and Group Management
394.1 Managing User Accounts and Groups (weight: 4)
Weight
Description
Candidates should be able to manage user and group accounts in a mixed environment.
Key Knowledge Areas:
Manager user and group accounts
Understand user and group mapping
Knowledge of user account management tools
Use of the smbpasswd program
Force ownership of file and directory objects
The following is a partial list of the used files, terms and utilities:
pdbedit
smb.conf
samba-tool user (with subcommands)
samba-tool group (with subcommands)
smbpasswd
/etc/passwd
/etc/group
force user, force group
idmap
394.2 Authentication, Authorization and Winbind (weight: 5)
Weight
Description
Candidates should understand the various authentication mechanisms and configure access control. Candidates should be able to install and configure the Winbind service.
Key Knowledge Areas:
Setup a local password database
Perform password synchronization
Knowledge of different passdb backends
Convert between Samba passdb backends
Integrate Samba with LDAP
Configure Winbind service
Configure PAM and NSS
The following is a partial list of the used files, terms and utilities:
smb.conf
smbpasswd, tdbsam, ldapsam
passdb backend
libnss_winbind
libpam_winbind
libpam_smbpass
wbinfo
getent
SID and foreign SID
/etc/passwd
/etc/group
Topic 395: Samba Domain Integration
395.1 Samba as a PDC and BDC (weight: 3)
Weight
Description
Candidates should be able to setup and maintain primary and backup domain controllers. Candidates should be able to manage Windows/Linux client access to the NT-Style domains.
Key Knowledge Areas:
Understand and configure domain membership and trust relationships
Create and maintain a primary domain controller with Samba3 and Samba4
Create and maintain a backup domain controller with Samba3 and Samba4
Add computers to an existing domain
Configure logon scripts
Configure roaming profiles
Configure system policies
The following is a partial list of the used files, terms and utilities:
smb.conf
security mode
server role
domain logons
domain master
logon script
logon path
NTConfig.pol
net
profiles
add machine script
profile acls
395.2 Samba4 as an AD compatible Domain Controller (weight: 3)
Weight
Description
Candidates should be able to configure Samba 4 as an AD Domain Controller.
Key Knowledge Areas:
Configure and test Samba 4 as an AD DC
Using smbclient to confirm AD operation
Understand how Samba integrates with AD services: DNS, Kerberos, NTP, LDAP
The following is a partial list of the used files, terms and utilities:
smb.conf
server role
samba-tool domain (with subcommands)
samba
395.3 Configure Samba as a Domain Member Server (weight: 3)
Weight
Description
Candidates should be able to integrate Linux servers into an environment where Active Directory is present.
Key Knowledge Areas:
Joining Samba to an existing NT4 domain
Joining Samba to an existing AD domain
Ability to obtain a TGT from a KDC
The following is a partial list of the used files, terms and utilities:
smb.conf
server role
server security
net command
kinit, TGT and REALM
Topic 396: Samba Name Services
396.1 NetBIOS and WINS (weight: 3)
Weight
Description
Candidates should be familiar with NetBIOS/WINS concepts and understand network browsing.
Key Knowledge Areas:
Understand WINS concepts
Understand NetBIOS concepts
Understand the role of a local master browser
Understand the role of a domain master browser
Understand the role of Samba as a WINS server
Understand name resolution
Configure Samba as a WINS server
Configure WINS replication
Understand NetBIOS browsing and browser elections
Understand NETBIOS name types
The following is a partial list of the used files, terms and utilities:
smb.conf
nmblookup
smbclient
name resolve order
lmhosts
wins support, wins server, wins proxy, dns proxy
domain master, os level, preferred master
396.2 Active Directory Name Resolution (weight: 2)
Weight
Description
Candidates should be familiar with the internal DNS server with Samba4.
Key Knowledge Areas:
Understand and manage DNS for Samba4 as an AD Domain Controller
DNS forwarding with the internal DNS server of Samba4
The following is a partial list of the used files, terms and utilities:
samba-tool dns (with subcommands)
smb.conf
dns forwarder
/etc/resolv.conf
dig, host
Topic 397: Working with Linux and Windows Clients
397.1 CIFS Integration (weight: 3)
Weight
Description
Candidates should be comfortable working with CIFS in a mixed environment.
Key Knowledge Areas:
Understand SMB/CIFS concepts
Access and mount remote CIFS shares from a Linux client
Securely storing CIFS credentials
Understand features and benefits of CIFS
Understand permissions and file ownership of remote CIFS shares
The following is a partial list of the used files, terms and utilities:
SMB/CIFS
mount, mount.cifs
smbclient
smbget
smbtar
smbtree
findsmb
smb.conf
smbcquotas
/etc/fstab
397.2 Working with Windows Clients (weight: 2)
Weight
Description
Candidates should be able to interact with remote Windows clients, and configure Windows workstations to access file and print services from Linux servers.
Key Knowledge Areas:
Knowledge of Windows clients
Explore browse lists and SMB clients from Windows
Share file / print resources from Windows
Use of the smbclient program
Use of the Windows net utility
The following is a partial list of the used files, terms and utilities:
Windows net command
smbclient
control panel
rdesktop
workgroup
Retrieved from "
Navigation menu
Page actions
Page
Discussion
Read
View source
History
Page actions
Page
Discussion
More
Tools
Personal tools
Exam Objectives
Linux Essentials v1.6
Linux Essentials v2.0
Security Essentials v1.0
Web Development Essentials v1.0
Open Source Essentials v1.0
LPIC-1 v5.0
LPIC-2 v4.5
300 Objectives v3.0
303 Objectives v3.0
305 Objectives v3.0
306 Objectives v3.0
DevOps Tools Engineer Objectives v1.0
DevOps Tools Engineer Objectives v2.0
BSD Specialist Objectives v1.0
Main page
Recent changes
LPI Website
Tools
What links here
Related changes
Printable version
Permanent link
Page information
This page was last edited on 5 December 2014, at 00:19.
About LPI Wiki
US