LPIC-301(FR)

From LPI Wiki
Revision as of 07:30, 6 March 2012 by EricDeschamps (Talk | contribs)

Jump to: navigation, search

Introduction

L’évaluation des besoins est l’art et la science de ne pas se retrouver à court de ressources dans un futur envisageable. On le fait généralement de façon informelle, en mesurant les ressources nécessaires pour un programme, souvent une fois qu’un problème de ressource est constaté.

Si vous faites un tableau avec les besoins en processeur, mémoire, bande passante d’entrées/sorties utilisés par un programme pour effectuer certaines tâches, vous pouvez évaluer ses besoins futurs pour une charge supérieure. Vous pouvez également utiliser ces mesures pour estimer les besoins matériels pour une nouvelle machine ou évaluer les besoins pour une machine pour renforcer d’autres programmes.

Les estimations par tableaur sont généralement suffisantes pour de simples études de besoins et la planification, mais ils n’ont aucune garantie d’exactitude et ils ne vous disent pas :

  • à quelle charge le programme atteindra la surcharge, ou ;
  • comment le temps de réponse du programme va évoluer avec la charge.

Pour cela, il faut utiliser l’un des programmes qui résout ce problème en utilisant la théorie des files d’attente. Certains programmes commerciaux le font sur Linux, mais il existe au moins un résolveur de files d’attente réseau libre et gratuit : Perl ::PDQ de Neil Gunther. Ces outils génèrent les modèles mathématiques appropriés, donc vous pouvez prévoir la performance d’un programme sous la charge et calculer la perte de performance si le programme est surchargé.



Informations de version

Ceci est la version 1.0.1 des objectifs.



Mises à jour

Mise à jour au 1er avril 2010

  • clarified C++ to mean C in development


Traductions des objectifs

Les traductions suivantes sont disponibles sur ce wiki :


Objectifs

Topic 301: Concepts, Architecture and Design

301.1 LDAP Concepts and Architecture

Valeur

3

Description

Candidates should be familiar with LDAP and X.500 concepts

Domaines de connaissance les plus importants :

  • LDAP and X.500 technical specification.
  • Attribute definitions.
  • Directory namespaces.
  • Distinguished names.
  • LDAP Data Interchange Format.
  • Meta-directories.
  • Changetype operations .

Liste partielle de termes, fichiers et utilitaires utilisés pour cet objectif :

  • LDIF.
  • Meta-directory.
  • changetype.
  • X.500.
  • /var/lib/ldap/*


301.2 Directory Design

Weight

2
Description

Candidates should be able to design an implement an LDAP directory, while planning an appropriate Directory Information Tree to avoid redundancy. Candidates should have an understanding of the types of data which are appropriate for storage in an LDAP directory

Key Knowledge Areas:

  • Define LDAP directory content
  • Organize directory
  • Planning appropriate Directory Information Trees

The following is a partial list of the used files, terms and utilities:

  • Class of Service
  • Directory Information Tree
  • Distinguished name
  • Container


301.3 Schemas

Weight 3
Description Candidates should be familiar with schema concepts, and the base schema files included with an OpenLDAP installation

Key Knowledge Areas:

  • LDAP schema concepts
  • Create and modify schemas
  • Attribute and object class syntax

The following is a partial list of the used files, terms and utilities:

  • Distributes schema
  • Extended schema
  • Object Identifiers
  • /etc/ldap/schema/*
  • Object class
  • Attribute
  • include directive



Topic 302: Installation and Development

302.1 Compiling and Installing OpenLDAP

Weight 3
Description Candidates should be able to compile and install OpenLDAP from source and from packages

Key Knowledge Areas:

  • Compile and configure OpenLDAP from source
  • Knowledge of OpenLDAP backend databases
  • Manage OpenLDAP daemons
  • Troubleshoot errors during installation

The following is a partial list of the used files, terms and utilities:

  • make
  • gpg
  • rpm
  • dpkg
  • bdb
  • slapd
  • slurpd


302.2 Developing for LDAP with Perl and C

Weight 1
Description Candidates should be able to write basic Perl scripts to interact with an LDAP directory

Key Knowledge Areas:

  • Syntax of Perl's Net::LDAP module
  • Write Perl scripts to bind, search, and modify directories

The following is a partial list of the used files, terms and utilities:

  • Net::LDAP
  • using Perl with Net::LDAP
  • using C with libldap



Topic 303: Configuration

303.1 placeholder

Weight 0
Description This objective dropped due to JTA results

Key Knowledge Areas:

  • N/A

The following is a partial list of the used files, terms and utilities:

  • N/A


303.2 Access Control Lists in LDAP

Weight 2
Description Candidates should be able to plan and implement access control lists

Key Knowledge Areas:

  • Plan LDAP access control lists
  • Grant and revoke LDAP access permissions
  • Access control syntax

The following is a partial list of the used files, terms and utilities:

  • ACL
  • slapd.conf
  • anonymous
  • users
  • self
  • none
  • auth
  • compare
  • search
  • read
  • write


303.3 LDAP Replication

Weight 5
Description Candidates should be familiar with the various replication strategies available with OpenLDAP

Key Knowledge Areas:

  • Replication concepts
  • Configure OpenLDAP replication
  • Execute and manage slurpd
  • Analyze replication log files
  • Understand replica hubs
  • LDAP referrals
  • LDAP sync replication

The following is a partial list of the used files, terms and utilities:

  • slurpd
  • slapd.conf
  • master / slave server
  • consumer
  • replica hub
  • one-shot mode
  • referral
  • syncrepl
  • pull-based / push-based synchronization
  • refreshOnly and refreshAndPersist
  • replog


303.4 Securing the Directory

Weight 4
Description Candidates should be able to configure encrypted access to the LDAP directory, and restrict access at the firewall level

Key Knowledge Areas:

  • Securing the directory with SSL and TLS
  • Firewall considerations
  • Unauthenticated access methods
  • User / password authentication methods
  • Maintanence of SASL user DB
  • Client / server certificates

The following is a partial list of the used files, terms and utilities:

  • SSL / TLS
  • Security Strength Factors (SSF)
  • SASL
  • proxy authorization
  • StartTLS
  • slapd.conf
  • iptables


303.5 LDAP Server Performance Tuning

Weight 2
Description Candidates should be capable of measuring the performance of an LDAP server, and tuning configuration directives

Key Knowledge Areas:

  • Measure LDAP performance
  • Tune software configuration to increase performance
  • Understand indexes

The following is a partial list of the used files, terms and utilities:

  • index
  • slapd.conf
  • DB_CONFIG


303.6 OpenLDAP Daemon Configuration

Weight 2
Description Candidates should have knowledge of the common slapd.conf configuration directives, and be familiar with the basic slapd command line options

Key Knowledge Areas:

  • slapd.conf configuration directives
  • slapd.conf database definitions
  • slapd and its command line options
  • Analyze slapd log files

The following is a partial list of the used files, terms and utilities:

  • slapd.conf
  • slapd
  • /var/lib/ldap/*
  • loglevel



Topic 304: Usage

304.1 Searching the Directory

Weight 2
Description Candidates should be able to use advanced options for search the LDAP directory

Key Knowledge Areas:

  • Use OpenLDAP search tools with basic options
  • Use OpenLDAP search tools with advanced options
  • Optimize LDAP search queries
  • Knowledge of search filters and their syntax

The following is a partial list of the used files, terms and utilities:

  • ldapsearch
  • index
  • search filter syntax
  • slapd.conf


304.2 LDAP Command Line Tools

Weight 1
Description Candidates should be familiar with the OpenLDAP command line tools

Key Knowledge Areas:

  • Use the ldap* tools to access and modify the directory
  • Use the slap* tools to access and modify the directory

The following is a partial list of the used files, terms and utilities:

  • ldap.conf
  • ldapsearch
  • ldapadd
  • ldapmodify
  • ldapdelete
  • ldapmodrdn
  • slapindex
  • slapadd
  • slapcat


304.3 Whitepages

Weight 1
Description Candidates should be able to build and maintain a whitepages service

Key Knowledge Areas:

  • Plan whitepages services
  • Configure whitepages services
  • Configure clients to retrieve data from whitepages services

The following is a partial list of the used files, terms and utilities:

  • whitepages
  • Outlook



Topic 305: Integration and Migration

305.1 LDAP Integration with PAM and NSS

Weight 2
Description Candidates should be able to configure PAM and NSS to retrieve information from an LDAP directory

Key Knowledge Areas:

  • Configure PAM to use LDAP for authentication
  • Configure NSS to retrieve information from LDAP
  • Configure PAM modules in various Unix environments

The following is a partial list of the used files, terms and utilities:

  • PAM
  • NSS
  • /etc/pam.d/*
  • /etc/nsswitch.conf


305.2 NIS to LDAP Migration

Weight 1
Description Candidates should be able to plan and implement a NIS migration strategy, including a NIS to LDAP gateway

Key Knowledge Areas:

  • Analyze NIS structure prior to migration to LDAP
  • Analyze NIS structure prior to integration with LDAP
  • Automate NIS to LDAP migration
  • Create a NIS to LDAP gateway

The following is a partial list of the used files, terms and utilities:

  • NIS
  • NIS to LDAP gateway
  • slapd.conf
  • /etc/yp/*


305.3 Integrating LDAP with Unix Services

Weight 1
Description Candidates should be able to integrate LDAP authentication with a number of common Unix services

Key Knowledge Areas:

  • Integrate SSH with LDAP
  • Integrate FTP with LDAP
  • Integrate HTTP with LDAP
  • Integrate FreeRADIUS with LDAP
  • Integrate print services with LDAP

The following is a partial list of the used files, terms and utilities:

  • sshd.conf
  • ftp
  • httpd.conf
  • radiusd.conf
  • cupsd.conf
  • ldap.conf


305.4 Integrating LDAP with Samba

Weight 1
Description Candidates should be able to integrate LDAP with Samba services

Key Knowledge Areas:

  • Migrate from smbpasswd to LDAP
  • Understand OpenLDAP Samba schema
  • Understand LDAP as a Samba password backend

The following is a partial list of the used files, terms and utilities:

  • smb.conf
  • smbpasswd
  • samba3.schema
  • slapd.conf


305.5 Integrating LDAP with Active Directory

Weight 2
Description Candidates should be able to integrate LDAP with Active Directory Services

Key Knowledge Areas:

  • Kerberos integration with LDAP
  • Cross platform authentication
  • Single sign-on concepts
  • Integration and compatibility limitations between OpenLDAP and Active Directory

The following is a partial list of the used files, terms and utilities:

  • Kerberos
  • Active Directory
  • single sign-on
  • DNS


305.6 Integrating LDAP with Email Services

Weight 1
Description Candidates should be able to integrate LDAP with email services

Key Knowledge Areas:

  • Plan LDAP schema structure for email services
  • Create email attributes in LDAP
  • Integrate Postfix with LDAP
  • Integrate Sendmail with LDAP

The following is a partial list of the used files, terms and utilities:

  • Postfix
  • Sendmail
  • schema
  • SASL
  • POP
  • IMAP



Topic 306: Capacity Planning

306.1 Measure Resource Usage

Weight 4
Description Candidates should be able to measure hardware resource and network bandwidth usage

Key Knowledge Areas:

  • Measure CPU usage
  • Measure memory usage
  • Measure disk I/O
  • Measure network I/O
  • Measure firewalling and routing throughput
  • Map client bandwidth usage

The following is a partial list of the used files, terms and utilities:

  • iostat
  • vmstat
  • pstree
  • w
  • lsof
  • top
  • uptime
  • sar


306.2 Troubleshoot Resource Problems

Weight 4
Description Candidates should be able to identify and troubleshoot resource problems

Key Knowledge Areas:

  • Match / correlate system symptoms with likely problems
  • Identify bottlenecks in a system

The following is a partial list of the used files, terms and utilities:

  • swap
  • processes blocked on I/O
  • blocks in
  • blocks out


306.3 Analyze Demand

Weight 2
Description Candidates should be able to analyze capacity demands

Key Knowledge Areas:

  • Identify capacity demands
  • Detail capacity needs of programs
  • Determine CPU / memory needs of programs
  • Assemble program needs into a complete analysis

The following is a partial list of the used files, terms and utilities:

  • PDQ
  • CPU usage
  • memory usage
  • appropriate measurement time
  • trend
  • model
  • what-if
  • validate
  • performance equation


306.4 Predict Future Resource Needs

Weight 1
Description Candidates should be able to monitor resource usage to predict future resource needs

Key Knowledge Areas:

  • Predict capacity break point of a configuration
  • Observe growth rate of capacity usage
  • Graph the trend of capacity usage

The following is a partial list of the used files, terms and utilities:

  • diagnose
  • predict growth
  • average
  • resource exhaustion