Which of the following are valid Samba backends to store user and group information? (Choose two.)
B, C
Explanation:
smbpasswd: This backend uses the smbpasswd file to store user and group information. It is a simple
plaintext file format that holds password hashes and other account information.
ldapsam: This backend utilizes LDAP (Lightweight Directory Access Protocol) to store user and group
information. LDAP is a more scalable and flexible option suitable for larger environments.
Other Options:
sdb, krb, smb: These are not valid Samba backends for storing user and group information.
Reference:
Samba User and Group Database Backends
How is the Global Catalog of an Active Directory domain accessed?
A
Explanation:
Global Catalog: The Global Catalog is a distributed data repository that contains a searchable, partial
representation of every object in every domain in a multi-domain Active Directory forest.
Access Method: It is accessed through LDAP queries to specific ports:
Port 3268: For plain text (unencrypted) LDAP queries.
Port 3269: For LDAP queries encrypted with TLS.
Other Options:
GCS SMB share, GCS records, SRV records, CN=GC in LDAP: These do not provide the correct method
to access the Global Catalog.
Reference:
Microsoft Documentation on Active Directory Global Catalog
Which of the following Samba commands provides comprehensive information and status flags on
the user candidate?
C
Explanation:
pdbedit: This Samba command is used to manage the user accounts stored in the Samba password
database.
-v: The verbose option provides detailed information.
-u candidate: Specifies the user for which to display the information.
Other Commands:
smbpasswd, net sam show, samba-tool user list, getent smbpasswd: These commands do not
provide the same comprehensive information and status flags as pdbedit.
Reference:
Samba pdbedit Documentation
Which service unifies Linux and Windows account management by allowing a Linux system to
include Windows domain users in the Linux user database?
D
Explanation:
Winbind: This service is used to unify Linux and Windows account management by allowing a Linux
system to include Windows domain users in the Linux user database.
Functionality: Winbind enables Linux systems to retrieve user and group information from a
Windows NT-based domain or Active Directory.
Other Services:
smbpasswdd, sudo, NIS, OpenLDAP: These services do not provide the same functionality for
unifying account management between Linux and Windows.
Reference:
Samba Winbind Documentation
Which group of commands manages the directory replication in an active directory domain?
C
Explanation:
samba-tool drs: This set of commands is used to manage directory replication in an Active Directory
domain. DRS stands for Directory Replication Service.
Functionality: It provides various subcommands to monitor, manage, and troubleshoot replication
issues.
Other Commands:
samba-tool repl, directory, domain, sync: These do not specifically manage directory replication in
the same way as samba-tool drs.
Reference:
Samba DRS Command Documentation
FILL BLANK
Which sub command of net groups commands related to an AD membership, as in the following
example? (Specify ONLY the subcommand without any path or parameters.)
net ___ join
ads
Explanation:
The net command is used to administer Samba and Windows servers. The subcommand ads is used
in conjunction with the join command to join a Samba server to an Active Directory domain. The
correct subcommand that fits the pattern net ___ join is ads.
Reference:
Samba net command man page
Which option in smb.conf defines the domain of which the server is a member?
E
Explanation:
In smb.conf, the realm option specifies the Kerberos realm for the Active Directory of which the
server is a member. This option is crucial for integrating the Samba server into an AD environment.
Reference:
Samba smb.conf man page - realm
Which of the following groups exists by default in an Active Directory domain?
B
Explanation:
In an Active Directory domain, the Domain Users group exists by default. This group includes all user
accounts created in the domain and is commonly used for assigning permissions and rights to all
users.
Reference:
Microsoft Docs - Active Directory Default Groups
Which of the following FSMO roles exist? (Choose two.)
C
Explanation:
Flexible Single Master Operations (FSMO) roles, also known as operations master roles, are
specialized domain controller tasks in an Active Directory environment. The FSMO roles include:
C . PDC Emulator
The Primary Domain Controller (PDC) Emulator is responsible for synchronizing time and managing
password changes.
D . RID Master
The Relative ID (RID) Master allocates blocks of RIDs to each domain controller in the domain.
Reference:
Microsoft Docs - FSMO Roles
When using rsync to synchronize the SYSVOL share's contents between multiple Samba servers,
which of the following precautions should be taken? (Choose three.)
A, C, E
Explanation:
When using rsync to synchronize the SYSVOL share's contents between multiple Samba servers, it's
essential to ensure data consistency and avoid conflicts. The following precautions should be taken:
A . Synchronize from the domain controller which is the PDC emulator to the other domain
controllers.
The PDC emulator is typically the authoritative source for certain domain-wide operations, making it
the best source for SYSVOL synchronization.
C . Make the SYSVOL share read only on all domain controllers but the one used as synchronization
source.
This prevents changes on other domain controllers that could cause inconsistencies.
E . Make sure to make all changes to GPOs on the domain controller which is the replication source.
Ensuring that all Group Policy Objects (GPOs) changes are made on the source controller prevents
conflicts and ensures that all controllers have the latest configuration.
Reference:
Samba Documentation - SYSVOL Replication