LPI 300-300 Exam Practice Test Instant Access

Question 1

Which of the following names identify services within a SSSD configuration file? (Choose three.)

Akerberos

Bssh

Csmb

Dnss

Esudo

Answer : A, D, E

In the SSSD (System Security Services Daemon) configuration file, various services can be defined to handle different types of access and authentication. The services listed in the SSSD configuration file under the [sssd] section can include:

kerberos: This service allows SSSD to handle Kerberos authentication.

nss (Name Service Switch): This service provides name resolution and manages user and group information.

sudo: This service enables SSSD to provide sudo rules based on the identity provider.

These services are specified in the services attribute of the [sssd] section of the sssd.conf file.

Example:

[sssd] services = nss, pam, sudo domains = LDAP [nss] filter_users = root filter_groups = root [sudo] sudo_provider = ldap

SSSD Services

SSSD Man Pages

Question 2

Which of the following commands can be used to join the local Samba server as a member to the domain samba.private?

Asamba-tool member add samba.private

Bsamba-tool domjoin samba.private

Csamba-tool domain join samba.private member

Dsamba-tool join samba.private member

Esamba-tool node set-domain samba.private

Answer : C

Understanding Samba Domain Join: Joining a Samba server to a domain allows it to authenticate and provide resources to users of that domain.

Command Breakdown: The correct command format for joining a Samba server as a member of a domain involves the 'domain join' action followed by the domain name and the role. In this case, 'samba.private' is the domain name, and 'member' specifies the role.

Command

samba-tool domain join samba.private member:

samba-tool: A command-line utility for managing Samba.

domain join: Specifies the action of joining a domain.

samba.private: The domain to join.

member: The role within the domain.

Samba Wiki - Samba Tool

Question 3

The configuration of a Samba share contains the following line:

force directory mode = 0555

If a client creates a new directory with the permissions 0750, which permissions will the resulting directory have in the Samba server's file system?

A0755

B0750

C0750

D0555

E0777

Answer : D

force directory mode = 0555: This setting in Samba forces the permissions of any newly created directories to be 0555 regardless of what the client requests.

Client Request: If a client creates a directory with permissions 0750, Samba will override this and set the directory's permissions to 0555.

Permissions Breakdown:

0: No permissions for owner.

5: Read and execute permissions for the group.

5: Read and execute permissions for others.

Enforcement: Samba applies this mode strictly to ensure consistency and security as defined by the administrator.

Samba Force Directory Mode Documentation

Question 4

Which command creates a consistent copy of LDB files?

Atdbbackup

Bsamba-backup

Cldbbackup

Dsmbbackup

Eldbsync

Answer : C

Consistent Copy of LDB Files:

C . ldbbackup: The ldbbackup command is used to create a consistent copy of LDB files. LDB files are used by Samba to store data in a database format. The ldbbackup utility ensures that the data is copied in a consistent state, which is crucial for backup and recovery processes.

Samba documentation on ldbbackup

General LDB management guides

Question 5

Which of the following commands sets up Samba 4 as an Active Domain Directory Controller for a new domain?

Asamldap-domainadd

Bnet ads prepare domain

Csamba-tool domain provision

Dsmbcontrol dcpromo

Esamba-dcpromo

Answer : C

samba-tool domain provision: This command sets up Samba 4 as an Active Directory Domain Controller.

Process:

Run samba-tool domain provision to start the setup.

Follow the prompts to specify the domain name, administrator password, and other required information.

Outcome: This command initializes the Samba server as a new domain controller for a new domain, configuring the necessary services and databases.

Samba Active Directory Domain Controller

Question 6

Which of the following sections in the Kerberos configuration file may contain the option default_realm?

Adefaults

Bkrb5

Clibdefaults

Dglobal

Erealms

Answer : C

The Kerberos configuration file, typically located at /etc/krb5.conf, contains several sections, each with different settings that control the behavior of Kerberos. The libdefaults section is where default settings for Kerberos libraries are defined, and it may include the default_realm option.

Example:

[libdefaults] default_realm = EXAMPLE.COM dns_lookup_realm = false dns_lookup_kdc = true

Kerberos Configuration

Red Hat Kerberos Configuration

Question 7

The [homes] section of smb.conf contains the parameter browseable = no. What are the resulting consequences? (Choose two.)

AWhen browsing the Samba server, there is no visible share named after the current user.

BIf the Samba server is part of an Active Director/ Domain, only users in the qroup Se3rowsingUsers can browse the homes share.

CWhen browsing the Samba server, users can open the homes share but they cannot see the content of their home directories.

DThe homes share can be directly accessed by specifically opening this share by its UNC path.

EWhen browsing the Samba server, there is no visible share called homes.

Answer : A, D

When browseable = no is set in the [homes] section of smb.conf, it prevents the share from appearing in the list of available shares when users browse the server. However, users can still access their home directories if they specify the correct UNC path directly.

A . When browsing the Samba server, there is no visible share named after the current user.

The share will not appear in the list of shares visible to the user during browsing.

D . The homes share can be directly accessed by specifically opening this share by its UNC path.

Users can still access the share by directly typing the path in the form \\servername\username.

Samba Official Documentation - Home Directories

LPIC-3: Mixed Environments - Exam 300 - version 3.0 300-300 Exam Practice Test