LPI 300-300 Exam Practice Test Instant Access

Question 1

Which of the following statements about automount in a FreeIPA domain are true? (Choose two.)

AIn a FreeIPA domain, mount points for automount are always directories.

BThe command ipa automount up mounts all file systems handled by automount on a FreeIPA client.

CThe base configuration file for automount is /etc/auto.master.

DIn a FreeIPA domain, automount requires SSSD to be installed on each client.

EIn a FreeIPA domain, automount can only mount NFS shares from FreeIPA servers.

Answer : C, D

Automounting in a FreeIPA domain involves several key aspects:

Base Configuration File (/etc/auto.master): The auto.master file is the main configuration file for the automounter. It contains the master map which defines mount points and their corresponding maps. This file is crucial for setting up automount points.

Example entry in /etc/auto.master:

plaintext

Copy code

/home /etc/auto.home

SSSD Requirement: In a FreeIPA domain, automount requires the System Security Services Daemon (SSSD) to be installed and configured on each client. SSSD is used to retrieve automount maps from the FreeIPA server, enabling the automount feature to function correctly.

Example configuration in /etc/sssd/sssd.conf:

[sssd] services = nss, pam, autofs config_file_version = 2 domains = example.com [domain/example.com] autofs_provider = ipa ipa_server = _srv_

Automount Configuration

FreeIPA SSSD Integration

Question 2

Which of the following commands open NFSv4 ACLs in an editor? (Choose two.)

Anfs4_setfacl -e

Bnfs4_editfacl

Cnfs4_stat -e --acl

Dnfs4_chmod -i

Enfs4_conf

Answer : A, B

To open NFSv4 ACLs in an editor, the following commands can be used:

nfs4_setfacl -e: This command is used to set NFSv4 ACLs, and the -e option opens the ACLs in an editor for modification. The command usage is:

This opens the ACL editor where the user can modify the ACLs for the specified file.

nfs4_editfacl: This command is a more intuitive way to edit NFSv4 ACLs directly in an editor. It provides a user-friendly interface for managing ACLs.

NFSv4 ACL Tools Documentation

NFSv4 ACLs

Question 3

Given a proper network and name resolution setup, which of the following commands establishes a trust between a FreeIPA domain and an Active Directory domain?

Atrustmanager add --domain ad://addom --user Administrator -w

Bipa-ad --add-trust --account ADDOM\Administrator --query-password

Cnet ad ipajoin addom -U Administrator -p

Dipa trust-add --type ad addom --admin Administrator --password

Eipa ad join addom -U Administrator -W

Answer : D

To establish a trust between a FreeIPA domain and an Active Directory domain, the correct command is ipa trust-add. This command is used to add a trust relationship with an Active Directory (AD) domain. The --type ad specifies the type of the trust, addom is the domain name, --admin Administrator specifies the AD administrator account, and --password prompts for the administrator's password.

The complete command looks like this:

a trust-add --type ad addom --admin Administrator --password

This command will initiate the trust creation process, which involves providing the credentials of the AD administrator.

FreeIPA Trusts

FreeIPA Trust Management

Question 4

What is a correct statement about FreeIPA ID views?

AID views are used to modify sudo rules on a per host base.

BID views are the FreeIPA equivalent to Active Directory SIDs.

CID views specify new values for attributes of a POSIX user or group.

DID views provide a consecutive numberspace of UIDs and GIDs for FreeIPA users and groups.

EID views always manage IDs from 32768 to 65536.

Answer : C

In FreeIPA, ID views allow administrators to override default POSIX attributes for users and groups. This feature is useful when integrating with other identity management systems, enabling specific attribute values to be used on a per-host basis. This way, different POSIX attributes can be set for the same user or group in different contexts.

FreeIPA: ID Views

FreeIPA Documentation

Question 5

When logging into a windows workstation which is member of an Active Directory domain, which of the following user names refers to the local account bob instead of the domain-wide account bob?

Abob@local

B%bob%

C.\bob

D'bob'

Ebob$

Answer : C

When logging into a Windows workstation that is a member of an Active Directory domain, the .\ prefix is used to specify a local user account rather than a domain account. Therefore, to refer to the local account bob, you would use .\bob.

How to Log On to Your Computer if You Are a Domain User

Windows Logon Naming Conventions

Question 6

Which of the following commands connects to the share Share on the Windows Server 2012 R2 server fs1 using the SMB3 protocol?

Asmb3client //fs1/Share

Bsmbclient --max-protocol SMB3 //fs1/Share

Csmbclient --w2k12 //fs1/share

Dsmbclient -p 3 //fs1/Share

Ecifsclient //fs1/Share

Answer : B

To connect to a share on a Windows server using the SMB3 protocol, the smbclient command with the --max-protocol option should be used. The --max-protocol option allows you to specify the highest SMB protocol version that should be used. Therefore, the correct command is smbclient --max-protocol SMB3 //fs1/Share.

smbclient man page

Samba: smbclient Command Options

Question 7

Which parameter in a user object defines on which share the user's roaming profile is stored?

AautoMount

BlogonDrive

CprofilePath

DhomePath

EdriveMap

Answer : C

The profilePath parameter in a user object specifies the path to the user's roaming profile. A roaming profile is a feature in Windows that allows user profile data to be stored on a network share so that users can access their profiles from any workstation within the network. By setting the profilePath, administrators can define where on the network the profile data is stored.

Roaming User Profiles

User Account Properties

LPI 300-300 LPIC-3: Mixed Environments - Exam 300 - version 3.0 Exam Practice Test