|
Objectives
Topic
310: Concepts, Architecture and Design
310.1
Concepts (weight: 1)
Description: Candidates should be familiar with the fundamental concepts
surrounding SMB/CIFS, file sharing and print services in a mixed
environment
Key
Knowledge Areas
-
Understand
SMB/CIFS concepts
-
Understand
file sharing concepts
-
Understand
print services concepts
The
following is a partial list of the used files, terms and utilities:
310.2
Samba Roles (weight: 1)
Description: Candidates should be aware of Samba's security modes, and the key
roles of the Samba daemons
Key
Knowledge Areas
The
following is a partial list of the used files, terms and utilities:
-
User
Level Security
-
Share
Level Security
-
Domain
Security Mode
-
ADS
Security Mode
-
smb.conf
-
smbd
-
nmbd
-
winbindd
-
smbcontrol
310.3
Trivial Database Files (weight: 2)
Description: Candidates should understand the structure of trivial database
files and know how to troubleshoot problems
Key
Knowledge Areas
The
following is a partial list of the used files, terms and utilities:
-
pdbedit
-
secrets.tdb
-
tdbbackup
-
tdbdump
-
tdbtool
-
smbpasswd
Topic
311: Compile and Install Samba
311.1
Configure and Build From Source (weight: 1)
Description:Candidates
should be able to compile Samba from source and resolve dependencies
Key
Knowledge Areas
-
Identify
key Samba packages and content
-
Identify
and resolve dependencies
-
Describe
Samba software structure
-
Knowledge
of common Samba compilation options
The
following is a partial list of the used files, terms and utilities:
311.2
Install and Upgrade Samba (weight: 1)
Description: Candidates should be able to install and upgrade Samba from
source and from packages
Key
Knowledge Areas
The
following is a partial list of the used files, terms and utilities:
Topic
312: Samba Configuration and Usage
312.1
Configure Samba (weight: 6)
Description: Candidates should be able to configure the Samba daemons for a
wide variety of purposes
Key
Knowledge Areas
-
Knowledge
of Samba server configuration file structure
-
Knowledge
of Samba variables and configuration parameters
-
Identify
key TCP/UDP ports used with SMB/CIFS
-
Configure
Samba logging
-
Troubleshoot
and debug problems with Samba
The
following is a partial list of the used files, terms and utilities:
-
smb.conf
parameters
-
smb.conf
variables
-
/etc/services
-
/var/log/samba/*
-
log
level
-
debuglevel
-
testparm
-
smbtar
-
strace
312.2
File Services (weight: 4)
Description: Candidates should be able to create and configure file shares in
a mixed environment
Key
Knowledge Areas
-
Create
and configure file sharing
-
Plan
file service migration
-
Hide
IPC$
-
Create
scripts for user and group handling of file shares
-
smbcquotas
-
smbsh
The
following is a partial list of the used files, terms and utilities:
312.3
Print Services (weight: 2)
Description: Candidates should be able to create and manage print shares in a
mixed environment
Key
Knowledge Areas
-
Create
and configure printer sharing
-
Configure
integration between Samba and CUPS
-
Manage
Windows print drivers and configure downloading of print drivers
-
Configure
[print$]
-
Understand
security concerns with printer sharing
-
Setup
and manage print accounting
The
following is a partial list of the used files, terms and utilities:
-
smb.conf
-
[print$]
-
CUPS
-
cupsd.conf
-
/var/spool/samba
-
print
accounting
-
smbprngenpdf
-
smbspool
312.4
Domain Control (weight: 4)
Description: Candidates should be able to setup and maintain primary and
backup domain controllers, and manage Windows/Linux clients' access
to the domain
Key
Knowledge Areas
-
Understand
domain membership
-
Create
and maintain a primary domain controller
-
Create
and maintain a backup domain controller
-
Add
computers to an existing domain
-
Configure
logon scripts
-
Configure
roaming profiles
-
Configure
system policies
The
following is a partial list of the used files, terms and utilities:
312.5
SWAT Configuration (weight: 1)
Description: Candidates should be able to install and configure the Samba web
administration tool, and be comfortable with configuring changes to
Samba within it
Key
Knowledge Areas
-
Knowledge
of SWAT features
-
Install
and configure SWAT
-
Configure
the Samba server via the SWAT interface
The
following is a partial list of the used files, terms and utilities:
-
smb.conf
-
/usr/sbin/swat
-
internationalization
-
SSL
-
SWAT
wizard
312.6
Internationalization (weight: 1)
Description: Candidates should be able to work with internationalization
character codes and code pages
Key
Knowledge Areas
-
Understand
internationalization character codes and code pages
-
Patch
and build appropriate code conversion libraries
-
Understand
the difference in the name space between Windows and Linux/Unix with
respect to user and group naming in a non-English environment
-
Understand
the difference in the name space between Windows and Linux/Unix with
respect to computer naming in a non-English environment
The
following is a partial list of the used files, terms and utilities:
Topic
313: User and Group Management
313.1
Managing User Accounts and Groups (weight: 4)
Description: Candidates should be able to manage user and group accounts in a
mixed environment
Key
Knowledge Areas
-
Manager
user and group accounts
-
Understand
user and group mapping
-
Knowledge
of user account management tools
-
Use
of the smbpasswd program
-
Force
ownership of file and directory objects
The
following is a partial list of the used files, terms and utilities:
-
smb.conf
-
/usr/bin/smbpasswd
-
/etc/passwd
-
/etc/group
-
force
user, force group
-
idmap
313.2
Authentication and Authorization (weight: 8)
Description: Candidates should understand the various authentication
mechanisms and configure access control
Key
Knowledge Areas
-
Setup
a local password database
-
Knowledge
of the smbpasswd file format
-
Perform
password synchronization
-
Knowledge
of alternative backend storage for passwords
-
Integrate
Samba with LDAP
-
Understand
access control lists
The
following is a partial list of the used files, terms and utilities:
-
smb.conf
-
smbpasswd
-
passdb
backend
-
security
mask
-
PAM
-
NSS
-
password
synchronization
-
LDAP
313.3
Winbind (weight: 2)
Description: Candidates should be able to install and configure the Winbind
service
Key
Knowledge Areas
-
Install
Winbind
-
Configure
Winbind
The
following is a partial list of the used files, terms and utilities:
-
smb.conf
-
winbindd
-
PAM
-
NSCD
-
SID
-
/etc/passwd
-
/etc/group
-
foreign
SID
Topic
314: Working with CIFS, NetBIOS, and Active Directory
314.1
CIFS Integration (weight: 3)
Description: Candidates should be comfortable working with CIFS in a mixed
environment
Key
Knowledge Areas
-
Understand
SMB/CIFS concepts
-
Mount
remote CIFS shares from a Linux client
-
Understand
features and benefits of CIFS
The
following is a partial list of the used files, terms and utilities:
-
SMB
-
CIFS
-
mount,
smbmount
-
smbclient
-
smb.conf
-
/etc/fstab
314.2
NetBIOS and WINS (weight: 7)
Description: Candidates should be familiar with NetBIOS/WINS concepts and
understand network browsing
Key
Knowledge Areas
-
Understand
WINS concepts
-
Understand
NetBIOS concepts
-
Understand
the role of a local master browser
-
Understand
the role of a domain master browser
-
Understand
the role of Samba as a WINS server
-
Understand
name resolution
-
Configure
Samba as a WINS server
-
Configure
WINS replication
-
Understand
NetBIOS browsing, service announcements and elections
The
following is a partial list of the used files, terms and utilities:
-
NetBIOS
-
WINS
-
local
master browser
-
domain
master browser
-
service
announcements
-
elections
-
node
types
-
smbclient
-
findsmb
-
name
resolve order
-
lmhosts
-
smbtree
314.3
Integrating with Active Directory (weight: 2)
Description: Candidates should be able to integrate Linux servers into an
environment where Active Directory is present
Key
Knowledge Areas
-
List
remove Active Directory / LDAP users
-
Configure
Samba in ADS security mode
-
Knowledge
of the DNS requirements for Active Directory
The
following is a partial list of the used files, terms and utilities:
-
Active
Directory
-
ADS
Security Mode
-
DNS
-
LDAP
-
Windows'
net command
-
Kerberos
-
domain
-
smb.conf
-
smbcalcs
314.4
Working with Windows Clients (weight: 4)
Description: Clients should be able to interact with remote Windows clients,
and configure Windows workstations to access file and print services
from Linux servers
Key
Knowledge Areas
-
Knowledge
of Windows clients
-
Explore
browse lists and SMB clients from Windows
-
Share
file / print resources from Windows
-
Use
of the smbclient program
-
Use
of the Windows net utility
The
following is a partial list of the used files, terms and utilities:
-
Windows'
net command
-
smbclient
-
mount,
smbmount
-
control
panel
-
rdesktop
-
workgroup
-
smbget
Topic
315: Security and Performance
315.1
Linux File System and Share/Service Permissions (weight: 3)
Description: Candidates should understand file permissions on a Linux file
system in a mixed environment
Key
Knowledge Areas
The
following is a partial list of the used files, terms and utilities:
-
smb.conf
-
chmod
-
chown
-
mount,
smbmount
-
create
mask
-
directory
mask
315.2
Samba Security (weight: 2)
Description: Candidates should be able to secure Samba at both the firewall
level, and the Samba daemons themselves
Key
Knowledge Areas
The
following is a partial list of the used files, terms and utilities:
-
iptables
-
smb.conf
-
/etc/services
-
security
modes
315.3
Performance Tuning (weight: 1)
Description: Candidates should be able to cluster services for load balancing
and high availability purposes, and tune Samba settings for better
server and network performance
Key
Knowledge Areas
-
Measure
Samba performance
-
Optimize
Samba memory usage
-
Improve
file transfer speed in a SMB/CIFS environment
The
following is a partial list of the used files, terms and utilities:
-
smb.conf
-
'max
*' parameters
-
netstat
-
smbstatus
-
socket
options
|
