300-100: LPIC-3 Mixed Environment (LPIC-3 300)

The LPIC-3 certification is the culmination of the multi-level professional certification program of the Linux Professional Institute (LPI). LPIC-3 is designed for the enterprise-level Linux professional and represents the highest level of professional, distribution-neutral Linux certification within the industry. Three separate LPIC-3 specialty certifications are available. Passing any one of the three exams will grant the LPIC-3 certification for that specialty.

The LPIC-3 Enterprise Mixed Environment certification covers the administration of Linux systems enterprise-wide in a mixed environment.

Try Sample Exam

Each objective is assigned a weighting value. The weights indicate the relative importance of each objective on the exam. Objectives with higher weights will be covered in the exam with more questions.

LPI LPIC-3 Exam Summary:

Exam Name	LPIC-3 Mixed Environment
Exam Code	300-100
Exam Price	$200 (USD)
Duration	90 Mins
Number of Questions	60
Passing Score	500 / 800
Sample Questions	LPI LPIC-3 Sample Questions
Practice Exam	LPI 300-100 Certification Practice Exam

LPI 300-100 Exam Syllabus Topics:

Topic	Details
OpenLDAP Configuration
OpenLDAP Replication	Description: Candidates should be familiar with the server replication available with OpenLDAP. Weight: 3 Key Knowledge Areas: ◉ Replication concepts ◉ Configure OpenLDAP replication ◉ Analyze replication log files ◉ Understand replica hubs ◉ LDAP referrals ◉ LDAP sync replication The following is a partial list of the used files, terms and utilities: ◉ master / slave server ◉ multi-master replication ◉ consumer ◉ replica hub ◉ one-shot mode ◉ referral ◉ syncrepl ◉ pull-based / push-based synchronization ◉ refreshOnly and refreshAndPersist ◉ replog
Securing the Directory	Description: Candidates should be able to configure encrypted access to the LDAP directory, and restrict access at the firewall level. Weight: 3 Key Knowledge Areas: ◉ Securing the directory with SSL and TLS ◉ Firewall considerations ◉ Unauthenticated access methods ◉ User / password authentication methods ◉ Maintanence of SASL user DB ◉ Client / server certificates Terms and Utilities: ◉ SSL / TLS ◉ Security Strength Factors (SSF) ◉ SASL ◉ proxy authorization ◉ StartTLS ◉ iptables
OpenLDAP Server Performance Tuning	Weight: 2 Description: Candidates should be capable of measuring the performance of an LDAP server, and tuning configuration directives. Key Knowledge Areas: ◉ Measure OpenLDAP performance ◉ Tune software configuration to increase performance ◉ Understand indexes Terms and Utilities: ◉ index ◉ DB_CONFIG
OpenLDAP as an Authentication Backend
LDAP Integration with PAM and NSS	Weight: 2 Description: Candidates should be able to configure PAM and NSS to retrieve information from an LDAP directory. Key Knowledge Areas: ◉ Configure PAM to use LDAP for authentication ◉ Configure NSS to retrieve information from LDAP ◉ Configure PAM modules in various Unix environments Terms and Utilities: ◉ PAM ◉ NSS ◉ /etc/pam.d/ ◉ /etc/nsswitch.conf
Integrating LDAP with Active Directory and Kerberos	Weight: 2 Description: Candidates should be able to integrate LDAP with Active Directory Services. Key Knowledge Areas: ◉ Kerberos integration with LDAP ◉ Cross platform authentication ◉ Single sign-on concepts ◉ Integration and compatibility limitations between OpenLDAP and Active Directory Terms and Utilities: ◉ Kerberos ◉ Active Directory ◉ single sign-on ◉ DNS
Samba Basics
Samba Concepts and Architecture	Weight: 2 Description: Candidates should understand the essential concepts of Samba. As well, the major differences between Samba3 and Samba4 should be known. Key Knowledge Areas: ◉ Understand the roles of the Samba daemons and components ◉ Understand key issues regarding heterogeneous networks ◉ Identify key TCP/UDP ports used with SMB/CIFS ◉ Knowledge of Samba3 and Samba4 differences The following is a partial list of the used files, terms and utilities: ◉ /etc/services ◉ Samba daemons: smbd, nmbd, samba, winbindd
Configure Samba	Weight: 4 Description: Candidates should be able to configure the Samba daemons for a wide variety of purposes. Key Knowledge Areas: ◉ Knowledge of Samba server configuration file structure ◉ Knowledge of Samba variables and configuration parameters ◉ Troubleshoot and debug configuration problems with Samba Terms and Utilities: ◉ smb.conf ◉ smb.conf parameters ◉ smb.conf variables ◉ testparm ◉ secrets.tdb
Regular Samba Maintenance	Weight: 2 Description: Candidates should know about the various tools and utilities that are part of a Samba installation. Key Knowledge Areas: ◉ Monitor and interact with running Samba daemons ◉ Perform regular backups of Samba configuration and state data Terms and Utilities: ◉ smbcontrol ◉ smbstatus ◉ tdbbackup
Troubleshooting Samba	Weight: 2 Description: Candidates should understand the structure of trivial database files and know how troubleshoot problems. Key Knowledge Areas: ◉ Configure Samba logging ◉ Backup TDB files ◉ Restore TDB files ◉ Identify TDB file corruption ◉ Edit / list TDB file content Terms and Utilities: ◉ /var/log/samba/ ◉ log level ◉ debuglevel ◉ smbpasswd ◉ pdbedit ◉ secrets.tdb ◉ tdbbackup ◉ tdbdump ◉ tdbrestore ◉ tdbtool
Internationalization	Weight: 1 Description: Candidates should be able to work with internationalization character codes and code pages. Key Knowledge Areas: ◉ Understand internationalization character codes and code pages ◉ Understand the difference in the name space between Windows and Linux/Unix with respect to share, file and directory names in a non-English environment ◉ Understand the difference in the name space between Windows and Linux/Unix with respect to user and group naming in a non-English environment ◉ Understand the difference in the name space between Windows and Linux/Unix with respect to computer naming in a non-English environment Terms and Utilities: ◉ internationalization ◉ character codes ◉ code pages ◉ smb.conf ◉ dos charset, display charset and unix charset
Samba Share Configuration
File Services	Weight: 4 Description: Candidates should be able to create and configure file shares in a mixed environment. Key Knowledge Areas: ◉ Create and configure file sharing ◉ Plan file service migration ◉ Limit access to IPC$ ◉ Create scripts for user and group handling of file shares ◉ Samba share access configuration parameters Terms and Utilities: ◉ smb.conf ◉ [homes] ◉ smbcquotas ◉ smbsh ◉ browseable, writeable, valid users, write list, read list, read only and guest ok ◉ IPC$ ◉ mount, smbmount
Linux File System and Share/Service Permissions	Weight: 3 Description: Candidates should understand file permissions on a Linux file system in a mixed environment. Key Knowledge Areas: ◉ Knowledge of file / directory permission control ◉ Understand how Samba interacts with Linux file system permissions and ACLs ◉ Use Samba VFS to store Windows ACLs Terms and Utilities: ◉ smb.conf ◉ chmod, chown ◉ create mask, directory mask, force create mode, force directory mode ◉ smbcacls ◉ getfacl, setfacl ◉ vfs_acl_xattr, vfs_acl_tdb and vfs objects
Print Services	Weight: 2 Description: Candidates should be able to create and manage print shares in a mixed environment. Key Knowledge Areas: ◉ Create and configure printer sharing ◉ Configure integration between Samba and CUPS ◉ Manage Windows print drivers and configure downloading of print drivers ◉ Configure [print$] ◉ Understand security concerns with printer sharing ◉ Uploading printer drivers for Point’n’Print driver installation using ‘Add Print Driver Wizard’ in ◉ Windows Terms and Utilities: ◉ smb.conf ◉ [print$] ◉ CUPS ◉ cupsd.conf ◉ /var/spool/samba/. ◉ smbspool ◉ rpcclient ◉ net
Samba User and Group Management
Managing User Accounts and Groups	Weight: 4 Description: Candidates should be able to manage user and group accounts in a mixed environment. Key Knowledge Areas: ◉ Manager user and group accounts ◉ Understand user and group mapping ◉ Knowledge of user account management tools ◉ Use of the smbpasswd program ◉ Force ownership of file and directory objects Terms and Utilities: ◉ pdbedit ◉ smb.conf ◉ samba-tool user (with subcommands) ◉ samba-tool group (with subcommands) ◉ smbpasswd ◉ /etc/passwd ◉ /etc/group ◉ force user, force group. ◉ idmap
Authentication, Authorization and Winbind	Weight: 5 Description: Candidates should understand the various authentication mechanisms and configure access control. Candidates should be able to install and configure the Winbind service. Key Knowledge Areas: ◉ Setup a local password database ◉ Perform password synchronization ◉ Knowledge of different passdb backends ◉ Convert between Samba passdb backends ◉ Integrate Samba with LDAP ◉ Configure Winbind service ◉ Configure PAM and NSS Terms and Utilities: ◉ smb.conf ◉ smbpasswd, tdbsam, ldapsam ◉ passdb backend ◉ libnss_winbind ◉ libpam_winbind ◉ libpam_smbpass ◉ wbinfo ◉ getent ◉ SID and foreign SID ◉ /etc/passwd ◉ /etc/group
Samba Domain Integration
Samba as a PDC and BDC	Weight: 3 Description: Candidates should be able to setup and maintain primary and backup domain controllers. Candidates should be able to manage Windows/Linux client access to the NT-Style domains. Key Knowledge Areas: ◉ Understand and configure domain membership and trust relationships ◉ Create and maintain a primary domain controller with Samba3 and Samba4 ◉ Create and maintain a backup domain controller with Samba3 and Samba4 ◉ Add computers to an existing domain ◉ Configure logon scripts ◉ Configure roaming profiles ◉ Configure system policies Terms and Utilities: ◉ smb.conf ◉ security mode ◉ server role ◉ domain logons ◉ domain master ◉ logon script ◉ logon path ◉ NTConfig.pol ◉ net ◉ profiles ◉ add machine script ◉ profile acls
Samba4 as an AD compatible Domain Controller	Weight: 3 Description: Candidates should be able to configure Samba 4 as an AD Domain Controller. Key Knowledge Areas: ◉ Configure and test Samba 4 as an AD DC ◉ Using smbclient to confirm AD operation ◉ Understand how Samba integrates with AD services: DNS, Kerberos, NTP, LDAP Terms and Utilities: ◉ smb.conf ◉ server role ◉ samba-tool domain (with subcommands) ◉ samba
Configure Samba as a Domain Member Server	Weight: 3 Description: Candidates should be able to integrate Linux servers into an environment where Active Directory is present. Key Knowledge Areas: ◉ Joining Samba to an existing NT4 domain ◉ Joining Samba to an existing AD domain ◉ Ability to obtain a TGT from a KDC Terms and Utilities: ◉ smb.conf ◉ server role ◉ server security ◉ net command ◉ kinit, TGT and REALM
Samba Name Services
NetBIOS and WINS	Weight: 3 Description: Candidates should be familiar with NetBIOS/WINS concepts and understand network browsing. Key Knowledge Areas: ◉ Understand WINS concepts ◉ Understand NetBIOS concepts ◉ Understand the role of a local master browser ◉ Understand the role of a domain master browser ◉ Understand the role of Samba as a WINS server ◉ Understand name resolution ◉ Configure Samba as a WINS server ◉ Configure WINS replication ◉ Understand NetBIOS browsing and browser elections ◉ Understand NETBIOS name types Terms and Utilities: ◉ smb.conf ◉ nmblookup ◉ smbclient ◉ name resolve order ◉ lmhosts ◉ wins support, wins server, wins proxy, dns proxy ◉ domain master, os level, preferred master
Active Directory Name Resolution	Weight: 2 Description: Candidates should be familiar with the internal DNS server with Samba4. Key Knowledge Areas: ◉ Understand and manage DNS for Samba4 as an AD Domain Controller ◉ DNS forwarding with the internal DNS server of Samba4 Terms and Utilities: ◉ samba-tool dns (with subcommands) ◉ smb.conf ◉ dns forwarder ◉ /etc/resolv.conf ◉ dig, host
Working with Linux and Windows Clients
CIFS Integration	Weight: 3 Description: Candidates should be comfortable working with CIFS in a mixed environment. Key Knowledge Areas: ◉ Understand SMB/CIFS concepts ◉ Access and mount remote CIFS shares from a Linux client ◉ Securely storing CIFS credentials ◉ Understand features and benefits of CIFS ◉ Understand permissions and file ownership of remote CIFS shares Terms and Utilities: ◉ SMB/CIFS ◉ mount, mount.cifs ◉ smbclient ◉ smbget ◉ smbtar ◉ smbtree ◉ findsmb ◉ smb.conf ◉ smbcquotas ◉ /etc/fstab
Working with Windows Clients	Weight: 2 Description: Candidates should be able to interact with remote Windows clients, and configure Windows workstations to access file and print services from Linux servers. Key Knowledge Areas: ◉ Knowledge of Windows clients ◉ Explore browse lists and SMB clients from Windows ◉ Share file / print resources from Windows ◉ Use of the smbclient program ◉ Use of the Windows net utility Terms and Utilities: ◉ Windows net command ◉ smbclient ◉ control panel ◉ rdesktop ◉ workgroup

LPI Central