Objectives
Topic 310: Concepts, Architecture and Design
310.1 Concepts (weight: 1)
Description:Candidates should be familiar with the fundamental concepts surrounding SMB/CIFS, file sharing and print services in a mixed environment
Key Knowledge Areas
Understand SMB/CIFS concepts
Understand file sharing concepts
Understand print services concepts
The following is a partial list of the used files, terms and utilities:
310.2 Samba Roles (weight: 1)
Description:Candidates should be aware of Samba's security modes, and the keys roles of the Samba daemons
Key Knowledge Areas
The following is a partial list of the used files, terms and utilities:
User Level Security
Share Level Security
Domain Security Mode
ADS Security Mode
smb.conf
smbd
nmbd
winbindd
smbcontrol
310.3 Trivial Database Files (weight: 2)
Description: Candidates should understand the structure of trivial database files and know how to troubleshoot problems
Key Knowledge Areas
The following is a partial list of the used files, terms and utilities:
pdbedit
secrets.tdb
tdbbackup
tdbdump
tdbtool
smbpasswd
Topic 311: Compile and Install Samba
311.1 Configure and Build From Source (weight: 1)
Description:Candidates should be able to compile Samba from source and resolve dependencies
Key Knowledge Areas
Identify key Samba packages and content
Indentify and resolve dependencies
Describe Samba software structure
Knowledge of common Samba compilation options
The following is a partial list of the used files, terms and utilities:
311.2 Install and Upgrade Samba (weight: 1)
Description: Candidates should be able to install and upgrade Samba from source and from packages
Key Knowledge Areas
The following is a partial list of the used files, terms and utilities:
Topic 312: Samba Configuration and Usage
312.1 Configure Samba (weight: 6)
Description: Candidates should be able to configure the Samba daemons for a wide variety of purposes
Key Knowledge Areas
Knowledge of Samba server configuration file structure
Knowledge of Samba variables and configuration parameters
Identify key TCP/UDP ports used with SMB/CIFS
Configure Samba logging
Troubleshoot and debug problems with Samba
The following is a partial list of the used files, terms and utilities:
smb.conf parameters
smb.conf variables
/etc/services
/var/log/samba/*
log level
debuglevel
testparm
smbtar
strace
312.2 File Services (weight: 4)
Description: Candidates should be able to create and configure file shares in a mixed environment
Key Knowledge Areas
Create and configure file sharing
Plan file service migration
Hide IPC$
Create scripts for user and group handling of file shares
smbcquotas
smbsh
The following is a partial list of the used files, terms and utilities:
312.3 Print Services (weight: 2)
Description: Candidates should be able to create and manage print shares in a mixed environment
Key Knowledge Areas
Create and configure printer sharing
Configure integration between Samba and CUPS
Manage Windows print drivers and configure downloading of print drivers
Configure [print$]
Understand security concerns with printer sharing
Setup and manage print accounting
The following is a partial list of the used files, terms and utilities:
smb.conf
[print$]
CUPS
cupsd.conf
/var/spool/samba
print accounting
smbprngenpdf
smbspool
312.4 Domain Control (weight: 4)
Description: Candidates should be able to setup and maintain primary and backup domain controllers, and manage Windows/Linux clients' access to the domain
Key Knowledge Areas
Understand domain membership
Create and maintain a primary domain controller
Create and maintain a backup domain controller
Add computers to an existing domain
Configure logon scripts
Configure roaming profiles
Configure system policies
The following is a partial list of the used files, terms and utilities:
312.5 SWAT Configuration (weight: 1)
Description: Candidates should be able to install and configure the Samba web administration tool, and be comfortable with configuring changes to Samba within it
Key Knowledge Areas
Knowledge of SWAT features
Install and configure SWAT
Configure the Samba server via the SWAT interface
The following is a partial list of the used files, terms and utilities:
smb.conf
/usr/sbin/swat
internationalization
SSL
SWAT wizard
312.6 Internationalization (weight: 1)
Description: Candidates should be able to work with internationalization character codes and code pages
Key Knowledge Areas
Understand internationalization character codes and code pages
Patch and build appropriate code conversion libraries
Understand the difference in the name space between Windows and Linux/Unix with respect to user and group naming in a non-English environment
Understand the difference in the name space between Windows and Linux/Unix with respect to computer naming in a non-English environment
The following is a partial list of the used files, terms and utilities:
Topic 313: User and Group Management
313.1 Managing User Accounts and Groups (weight: 4)
Description: Candidates should be able to manage user and group accounts in a mixed environment
Key Knowledge Areas
Manager user and group accounts
Understand user and group mapping
Knowledge of user account management tools
Use of the smbpasswd program
Force ownership of file and directory objects
The following is a partial list of the used files, terms and utilities:
smb.conf
/usr/bin/smbpasswd
/etc/passwd
/etc/group
force user, force group
idmap
313.2 Authentication and Authorization (weight: 8)
Description: Candidates should understand the various authentication mechanisms and configure access control
Key Knowledge Areas
Setup a local password database
Knowledge of the smbpasswd file format
Perform password synchronization
Knowledge of alternative backend storage for passwords
Integrate Samba with LDAP
Understand access control lists
The following is a partial list of the used files, terms and utilities:
smb.conf
smbpasswd
passdb backend
security mask
PAM
NSS
password synchronization
LDAP
313.3 Winbind (weight: 2)
Description: Candidates should be able to install and configure the Winbind service
Key Knowledge Areas
Install Winbind
Configure Winbind
The following is a partial list of the used files, terms and utilities:
smb.conf
winbindd
PAM
NSCD
SID
/etc/passwd
/etc/group
foreign SID
Topic 314: Working with CIFS, NetBIOS, and Active Directory
314.1 CIFS Integration (weight: 3)
Description: Candidates should be comfortable working with CIFS in a mixed environment
Key Knowledge Areas
Understand SMB/CIFS concepts
Mount remote CIFS shares from a Linux client
Understand features and benefits of CIFS
The following is a partial list of the used files, terms and utilities:
SMB
CIFS
mount, smbmount
smbclient
smb.conf
/etc/fstab
314.2 NetBIOS and WINS (weight: 7)
Description: Candidates should be familiar with NetBIOS/WINS concepts and understand network browsing
Key Knowledge Areas
Understand WINS concepts
Understand NetBIOS concepts
Understand the role of a local master browser
Understand the role of a domain master browser
Understand the role of Samba as a WINS server
Understand name resolution
Configure Samba as a WINS server
Configure WINS replication
Understand NetBIOS browsing, service announcements and elections
The following is a partial list of the used files, terms and utilities:
NetBIOS
WINS
local master browser
domain master browser
service announcements
elections
node types
smbclient
findsmb
name resolve order
lmhosts
smbtree
314.3 Integrating with Active Directory (weight: 2)
Description: Candidates should be able to integrate Linux servers into an environment where Active Directory is present
Key Knowledge Areas
List remove Active Directory / LDAP users
Configure Samba in ADS security mode
Knowledge of the DNS requirements for Active Directory
The following is a partial list of the used files, terms and utilities:
Active Directory
ADS Security Mode
DNS
LDAP
Windows' net command
Kerberos
domain
smb.conf
smbcalcs
314.4 Working with Windows Clients (weight: 4)
Description: Clients should be able to interact with remote Windows clients, and configure Windows workstations to access file and print services from Linux servers
Key Knowledge Areas
Knowledge of Windows clients
Explore browse lists and SMB clients from Windows
Share file / print resources from Windows
Use of the smbclient program
Use of the Windows net utility
The following is a partial list of the used files, terms and utilities:
Windows' net command
smbclient
mount, smbmount
control panel
rdesktop
workgroup
smbget
Topic 315: Security and Performance
315.1 Linux File System and Share/Service Permissions (weight: 3)
Description: Candidates should understand file permissions on a Linux file system in a mixed environment
Key Knowledge Areas
The following is a partial list of the used files, terms and utilities:
smb.conf
chmod
chown
mount, smbmount
create mask
directory mask
315.2 Samba Security (weight: 2)
Description: Candidates should be able to secure Samba at both the firewall level, and the Samba daemons themselves
Key Knowledge Areas
The following is a partial list of the used files, terms and utilities:
iptables
smb.conf
/etc/services
security modes
315.3 Performance Tuning (weight: 1)
Description: Candidates should be able to cluster services for load balancing and high availability purposes, and tune Samba settings for better server and network performance
Key Knowledge Areas
Measure Samba performance
Optimize Samba memory usage
Improve file transfer speed in a SMB/CIFS environment
The following is a partial list of the used files, terms and utilities:
smb.conf
'max *' parameters
netstat
smbstatus
socket options
