LPIC -3: Mixed Environment Certification Guide

The LPIC-3 certification is the culmination of LPI’s multi-level professional certification program. LPIC-3 is designed for the enterprise-level Linux professional and represents the highest level of professional, distribution-neutral Linux certification within the industry. Three separate LPIC-3 specialty certifications are available. Passing any one of the three exams will grant the LPIC-3 certification for that specialty.

The LPIC-3 300: Mixed Environment certification covers the administration of Linux systems enterprise-wide in a mixed environment.

Current Version: 1.0 (Exam code 300-100)
Prerequisites: The candidate must have an active LPIC-2 certification to receive LPIC-3 certification, but the LPIC-2 and LPIC-3 exams may be taken in any order
Requirements: Passing exam 300
Validity Period: 5 years
Languages Support: English, Japanese.


Section 01: OpenLDAP Configuration

Section 02: OpenLDAP as an Authentication Backend

Section 03: Configure Samba

Section 04: Samba Share Configuration

Section 05: Samba User and Group Management

Section 06: Samba Domain Integration

Section 07: Samba Name Services

Section 08: Working with Linux and Windows Clients

Detailed Syllabus:

Section 01: OpenLDAP Configuration

OpenLDAP Replication

Replication concepts
Configure OpenLDAP replication
Analyze replication log files
Understand replica hubs
LDAP referrals
LDAP sync replication

Securing the Directory

Securing the directory with SSL and TLS
Firewall considerations
Unauthenticated access methods
User / password authentication methods
Maintenance of SASL user DB
Client / server certificates

OpenLDAP Server Performance Tuning

Measure OpenLDAP performance
Tune software configuration to increase performance
Understand indexes

Section 02: OpenLDAP as an Authentication Backend

LDAP Integration with PAM and NSS

Configure PAM to use LDAP for authentication
Configure NSS to retrieve information from LDAP
Configure PAM modules in various Unix environments

Integrating LDAP with Active Directory and Kerberos

Kerberos integration with LDAP
Cross platform authentication
Single sign-on concepts
Integration and compatibility limitations between OpenLDAP and Active Directory

Section 03: Configure Samba

Samba Concept and Architecture

Understand the roles of the Samba daemons and components
Understand key issues regarding heterogeneous network
Identify key TCP/UDP ports used with SMB/CIFS
Knowledge of Samba3 and Samba4 differences

Configure Samba

Knowledge of Samba server configuration file structure
Knowledge of Samba variables and configuration parameters
Troubleshoot and debug configuration problems with Samba

Regular Samba Maintenance

Monitor and interact with running Samba daemons
Perform regular backup of Samba configuration and state data

Troubleshooting Samba

Configure Samba logging
Backup TDB files
Restore TDB files
Identify TDB file corruption
Edit / List TDB file content


Understand internationalization character codes and code pages
Understand the difference in the name space between Windows and Linux/UNIX with respect to share, file and directory names in non-English environment
Understand the difference in the name space between Windows and Linux/UNIX with respect to user and group naming is non-English environment
Understand the difference in the name space between Windows and Linux/UNIX with respect to computer naming in non-English environment

Section 04: Samba Share Configuration

File Services

Create and configure file sharing
Plan file service migration
Limit access to IPC$
Create script for user and group handling of file shares
Samba share access configuration parameters

Linux File System and Share/Service Permissions

Knowledge of file / directory permission control
Understand how Samba interacts with Linux file system permissions and ACLs
Use Samba VFS to store Windows ACLs

Print Services

Create and configure printer sharing
Configure integration between Samba and CUPS
Manage Windows print drivers and configure downloading of print drivers
Configure [print$]
Understand security concerns with printer sharing
Uploading printer drivers for Point’n’Point driver installation using ‘Add Print Driver Wizard’ in Windows

Section 05: Samba User and Group Management

Managing User Accounts and Groups

Manager user and group accounts
Understand user and group mapping
Knowledge of user account management tools
Use of the smbpasswd program
Force ownership of file and directory objects

Authentication, Authorization and Winbind

Setup a local password database
Perform password synchronization
Knowledge of different passdb backends
Integrate Samba with LDAP
Configure Winbind service
Configure PAM and NSS

Section 06: Samba Domain Integration

Samba as a PDC and BDC

Understand and configure domain membership and trust relationships
Create and maintain a primary domain controller with Samba3 and Samba4
Create and maintain a backup domain controller with Samba3 and Samba4
Add computers to an existing domain configure logon scripts
Configure roaming profiles
Configure system policies

Samba4 as an AD compatible Domain Controller

Configure and test Samba4 as an AD DC
Using smbclient to confirm AD operation
Understand how Samba integrates with AD services: DNS, Kerberos, NTP, LDAP

Configure Samba as a Domain Member Server

Joining Samba to an existing NT4 domain
Joining Samba to an existing AD domain
Ability to obtain a TGT from KDC

Section 07: Samba Name Services


Understand VINS concepts
Understand NetBIOS concepts
Understand the role of a local master browser
Understand the role of a domain master browser
Understand the role of Samba as a WINS server
Understand name resolution
Configure Samba as a WINS server
Configure WINS replication
Understand NetBIOS browsing and browser elections
Understand NETBIOS name types

Active Directory Name Resolution

Understand and manage DNS for Samba4 as an AD Domain Controller
DNS forwarding with the internal DNS server of Samba4

Section 08: Working with Linux and Windows Clients

CIFS Integration

Understand SMB/CIFS concepts
Access and mount remote CIFS shares from a Linux client
Securely storing CIFS credentials
Understand features and benefits of CIFS
Understand permissions and file ownership of remote CIFS shares

Working with Windows Clients

Knowledge of Windows clients
Explore browse lists and SMB clients from Windows
Share file / print resources from Windows
Use of the smbclient program
Use of the Windows net utility

Related Articles