LPIC-302 Objectives V1: Difference between revisions

The description of the entire LPIC-3 program is listed here.

These objectives are version 1.0.0.

The following translations of the objectives are available on this wiki:

• English
• Spanish

Weight	1
Description	Candidates should be familiar with the fundamental concepts surrounding SMB/CIFS, file sharing and print services in a mixed environment

Key Knowledge Areas:

• Understand SMB/CIFS concepts
• Understand file sharing concepts
• Understand print services concepts

The following is a partial list of the used files, terms and utilities:

• SMB
• CIFS
• smb.conf

Weight	1
Description	Candidates should be aware of Samba's security modes, and the keys roles of the Samba daemons

Key Knowledge Areas:

• Understand Samba security modes
• Identify roles of core Samba daemons
• Manage Samba daemons

The following is a partial list of the used files, terms and utilities:

• User Level Security
• Share Level Security
• Domain Security Mode
• ADS Security Mode
• smb.conf
• smbd
• nmbd
• winbindd
• smbcontrol

Weight	2
Description	Candidates should understand the structure of trivial database files and know how troubleshoot problems

Key Knowledge Areas:

• Backup TDB files
• Restore TDB files
• Identify TDB file corruption
• Edit / list TDB file content

The following is a partial list of the used files, terms and utilities:

• pdbedit
• secrets.tdb
• tdbbackup
• tdbdump
• tdbtool
• smbpasswd

Weight	1
Description	Candidates should be able to compile Samba from source and resolve dependencies

Key Knowledge Areas:

• Identify key Samba packages and content
• Indentify and resolve dependencies
• Describe Samba software structure
• Knowledge of common Samba compilation options

The following is a partial list of the used files, terms and utilities:

• gzip
• gpg
• make

Weight	1
Description	Candidates should be able to install and upgrade Samba from source and from packages

Key Knowledge Areas:

• Install Samba from packages
• Install Samba from source
• Upgrade Samba

The following is a partial list of the used files, terms and utilities:

• gpg
• dpkg
• rpm

Weight	6
Description	Candidates should be able to configure the Samba daemons for a wide variety of purposes

Key Knowledge Areas:

• Knowledge of Samba server configuration file structure
• Knowledge of Samba variables and configuration parameters
• Identify key TCP/UDP ports used with SMB/CIFS
• Configure Samba logging
• Troubleshoot and debug problems with Samba

The following is a partial list of the used files, terms and utilities:

• smb.conf parameters
• smb.conf variables
• /etc/services
• /var/log/samba/*
• log level
• debuglevel
• testparm
• smbtar
• strace

Weight	4
Description	Candidates should be able to create and configure file shares in a mixed environment

Key Knowledge Areas:

• Create and configure file sharing
• Plan file service migration
• Hide IPC$
• Create scripts for user and group handling of file shares
• smbcquotas
• smbsh

The following is a partial list of the used files, terms and utilities:

• smb.conf
• [homes]
• browseable, writeable, valid users
• IPC$
• mount, smbmount

Weight	2
Description	Candidates should be able to create and manage print shares in a mixed environment

Key Knowledge Areas:

• Create and configure printer sharing
• Configure integration between Samba and CUPS
• Manage Windows print drivers and configure downloading of print drivers
• Configure [print$]
• Understand security concerns with printer sharing
• Setup and manage print accounting

The following is a partial list of the used files, terms and utilities:

• smb.conf
• [print$]
• CUPS
• cupsd.conf
• /var/spool/samba
• print accounting
• smbprngenpdf
• smbspool

Weight	4
Description	Candidates should be able to setup and maintain primary and backup domain controllers, and manage Windows/Linux clients' access to the domain

Key Knowledge Areas:

• Understand domain membership
• Create and maintain a primary domain controller
• Create and maintain a backup domain controller
• Add computers to an existing domain
• Configure logon scripts
• Configure roaming profiles
• Configure system policies

The following is a partial list of the used files, terms and utilities:

• smb.conf
• primary domain controller
• backup domain controller
• domain membership
• roaming profiles
• system policies
• logon scripts
• Active Directory
• LDAP
• trust relationships

Weight	1
Description	Candidates should be able to install and configure the Samba web administration tool, and be comfortable with configuring changes to Samba within it

Key Knowledge Areas:

• Knowledge of SWAT features
• Install and configure SWAT
• Configure the Samba server via the SWAT interface

The following is a partial list of the used files, terms and utilities:

• smb.conf
• /usr/sbin/swat
• internationalization
• SSL
• SWAT wizard

Weight	1
Description	Candidates should be able to work with internationalization character codes and code pages

Key Knowledge Areas:

• Understand internationalization character codes and code pages
• Patch and build appropriate code conversion libraries
• Understand the difference in the name space between Windows and Linux/Unix with respect to user and group naming in a non-English environment
• Understand the difference in the name space between Windows and Linux/Unix with respect to computer naming in a non-English environment

The following is a partial list of the used files, terms and utilities:

• internationalization
• character codes
• code pages
• smb.conf
• code conversion libraries

Weight	4
Description	Candidates should be able to manage user and group accounts in a mixed environment

Key Knowledge Areas:

• Manager user and group accounts
• Understand user and group mapping
• Knowledge of user account management tools
• Use of the smbpasswd program
• Force ownership of file and directory objects

The following is a partial list of the used files, terms and utilities:

• smb.conf
• /usr/bin/smbpasswd
• /etc/passwd
• /etc/group
• force user, force group
• idmap

Weight	8
Description	Candidates should understand the various authentication mechanisms and configure access control

Key Knowledge Areas:

• Setup a local password database
• Knowledge of the smbpasswd file format
• Perform password synchronization
• Knowledge of alternative backend storage for passwords
• Integrate Samba with LDAP
• Understand access control lists

The following is a partial list of the used files, terms and utilities:

• smb.conf
• smbpasswd
• passdb backend
• security mask
• PAM
• NSS
• password synchronization
• LDAP

Weight	2
Description	Candidates should be able to install and configure the Winbind service

Key Knowledge Areas:

• Install Winbind
• Configure Winbind

The following is a partial list of the used files, terms and utilities:

• smb.conf
• winbindd
• PAM
• NSCD
• SID
• /etc/passwd
• /etc/group
• foreign SID

Weight	3
Description	Candidates should be confortable working with CIFS in a mixed environment

Key Knowledge Areas:

• Understand SMB/CIFS concepts
• Mount remote CIFS shares from a Linux client
• Understand features and benefits of CIFS

The following is a partial list of the used files, terms and utilities:

• SMB
• CIFS
• mount, smbmount
• smbclient
• smb.conf
• /etc/fstab

Weight	7
Description	Candidates should be familiar with NetBIOS/WINS concepts and understand network browsing

Key Knowledge Areas:

• Understand WINS concepts
• Understand NetBIOS concepts
• Understand the role of a local master browser
• Understand the role of a domain master browser
• Understand the role of Samba as a WINS server
• Understand name resolution
• Configure Samba as a WINS server
• Configure WINS replication
• Understand NetBIOS browsing, service announcements and elections

The following is a partial list of the used files, terms and utilities:

• NetBIOS
• WINS
• local master browser
• domain master browser
• service announcements
• elections
• node types
• smbclient
• findsmb
• name resolve order
• lmhosts
• smbtree

Weight	2
Description	Candidates should be able to integrate Linux servers into an environment where Active Directory is present

Key Knowledge Areas:

• List remove Active Directory / LDAP users
• Configure Samba in ADS security mode
• Knowledge of the DNS requirements for Active Directory

The following is a partial list of the used files, terms and utilities:

• Active Directory
• ADS Security Mode
• DNS
• LDAP
• Windows' net command
• Kerberos
• domain
• smb.conf
• smbcalcs

Weight	4
Description	Clients should be able to interact with remote Windows clients, and configure Windows workstations to access file and print services from Linux servers

Key Knowledge Areas:

• Knowledge of Windows clients
• Explore browse lists and SMB clients from Windows
• Share file / print resources from Windows
• Use of the smbclient program
• Use of the Windows net utility

The following is a partial list of the used files, terms and utilities:

• Windows' net command
• smbclient
• mount, smbmount
• control panel
• rdesktop
• workgroup
• smbget

Weight	3
Description	Candidates should understand file permissions on a Linux file system in a mixed environment

Key Knowledge Areas:

• Knowledge of file / directory permission control
• Understand how Samba interacts with Linux file system permissions

The following is a partial list of the used files, terms and utilities:

• smb.conf
• chmod
• chown
• mount, smbmount
• create mask
• directory mask

Weight	2
Description	Candidates should be able to secure Samba at both the firewall level, and the Samba daemons themselves

Key Knowledge Areas:

• Configure access to and from a Samba server at the firewall level
• Configure security relate parameters in the smb.conf file

The following is a partial list of the used files, terms and utilities:

• iptables
• smb.conf
• /etc/services
• security modes

Weight	1
Description	Candidates should be able to cluster services for load balancing and high availability purposes, and tune Samba settings for better server and network performance

Key Knowledge Areas:

• Measure Samba performance
• Optimize Samba memory usage
• Improve file transfer speed in a SMB/CIFS environment

The following is a partial list of the used files, terms and utilities:

• smb.conf
• 'max *' parameters
• netstat
• smbstatus
• socket options