LPI 300-300 LPIC-3: Mixed Environments - Exam 300 - version 3.0 Exam Practice Test

Answer : C, D

Automounting in a FreeIPA domain involves several key aspects:

Base Configuration File (/etc/auto.master): The auto.master file is the main configuration file for the automounter. It contains the master map which defines mount points and their corresponding maps. This file is crucial for setting up automount points.

Example entry in /etc/auto.master:

plaintext

Copy code

/home /etc/auto.home

SSSD Requirement: In a FreeIPA domain, automount requires the System Security Services Daemon (SSSD) to be installed and configured on each client. SSSD is used to retrieve automount maps from the FreeIPA server, enabling the automount feature to function correctly.

Example configuration in /etc/sssd/sssd.conf:

[sssd] services = nss, pam, autofs config_file_version = 2 domains = example.com [domain/example.com] autofs_provider = ipa ipa_server = _srv_

Automount Configuration

FreeIPA SSSD Integration

Answer : A, B

To open NFSv4 ACLs in an editor, the following commands can be used:

nfs4_setfacl -e: This command is used to set NFSv4 ACLs, and the -e option opens the ACLs in an editor for modification. The command usage is:

This opens the ACL editor where the user can modify the ACLs for the specified file.

nfs4_editfacl: This command is a more intuitive way to edit NFSv4 ACLs directly in an editor. It provides a user-friendly interface for managing ACLs.

NFSv4 ACL Tools Documentation

NFSv4 ACLs

Answer : D

To establish a trust between a FreeIPA domain and an Active Directory domain, the correct command is ipa trust-add. This command is used to add a trust relationship with an Active Directory (AD) domain. The --type ad specifies the type of the trust, addom is the domain name, --admin Administrator specifies the AD administrator account, and --password prompts for the administrator's password.

The complete command looks like this:

a trust-add --type ad addom --admin Administrator --password

This command will initiate the trust creation process, which involves providing the credentials of the AD administrator.

FreeIPA Trusts

FreeIPA Trust Management

Answer : C

In FreeIPA, ID views allow administrators to override default POSIX attributes for users and groups. This feature is useful when integrating with other identity management systems, enabling specific attribute values to be used on a per-host basis. This way, different POSIX attributes can be set for the same user or group in different contexts.

FreeIPA: ID Views

FreeIPA Documentation

Answer : C

When logging into a Windows workstation that is a member of an Active Directory domain, the .\ prefix is used to specify a local user account rather than a domain account. Therefore, to refer to the local account bob, you would use .\bob.

How to Log On to Your Computer if You Are a Domain User

Windows Logon Naming Conventions

Answer : E

The effective permissions of a file created with the permissions 777 can be calculated considering the create mask and force create mode.

create mask = 711 implies that the permission bits are ANDed with 0711, i.e., only the owner can read, write, and execute.

force create mode = 750 implies that certain permission bits are always set, specifically 0750, i.e., read, write, and execute for the owner, and read and execute for the group.

The create mask reduces the permissions to 0711, and then force create mode adds the 0750 mask to the result.

Original permission: 777 AND with create mask (711): 711 OR with force create mode (750): 751

Thus, the effective permission is 751.

Samba smb.conf man page - create mask

Answer : C, D

To limit access to a Samba share, the valid users and valid groups options can be used. These directives specify which users or groups are allowed to access the share.

C . valid groups

This option restricts access to members of specified Unix groups.

D . valid users

This option restricts access to specified Unix users.

Samba smb.conf man page