Red Hat Verzeichnis Dienste und Authentifizierung (423)

RH423 is aimed at senior Red Hat Enterprise Linux system administrators and other IT professionals who need to provide enterprise-wide authentication or information services or who desire training in the management of LDAP-based directory services and customization of Linux authentication using the Red Hat Directory Server.

RH423 requires RHCE-level skills. A current RHCE certification is recommended but not required for this course. Prerequisite skills can be shown by passing the RHCE Exam in either RH302 or RH300, or by taking RH253 Red Hat Linux Networking and Security Administration or by possessing comparable skills and knowledge.

Note: Persons should not enroll in RH423 without meeting the above prerequisites. All prospective course participants who do not possess RHCE certification are strongly advised to contact Red Hat Global Learning Services for a skills assessment when they enroll.

RH423 is designed to train people with RHCE competency on skills required to manage and deploy the Red Hat Directory Server on and for Red Hat Enterprise Linux systems. Gaining an understanding of the basic concepts, configuration, and management of LDAP-based services is central to this course. We will also look at PAM, the Pluggable Authentication Modules system, and how it is integrated with services that require authentication and authorization.

RHCE program provides fundamental skills and knowledge required by this course. Students will integrate standard network clients and services with the directory service in order to take advantage of its capabilites.

1. Introduction to Directory Services

• What is a directory?
• LDAP: models, schema, and attributes
• Object classes
• LDIF

2. The LDAP Naming Model

• Directory information trees and Distingued Names
• X.500 and "Internet" naming suffixes
• Planning the directory hierarchy

3. Red Hat Directory Server: Basic Configuration

• Installation and setup of Red Hat Directory Server
• Using the Red Hat Console
• Using logging to monitor Red Hat Directory Server activity
• Backing up and restoring the directory
• Basic performance tuning with indexes

4. Searching and Modifying the LDAP Directory

• Using command line utilities to search the directory
• Search filter syntax
• Updating the directory

5. Red Hat Directory Server: Authentication and Security

• Configuring TLS security
• Using access control instructions (ACI's)
• ACI's and the Red Hat Console

6. Linux User Authentication with NSS and PAM

• Understanding authentication and authorization
• Name service switch (NSS)
• Advanced pluggable authentication modules (PAM) configuration

7. Centralized User Authentication with LDAP

• Central account management with LDAP
• Using migration scripts to migrate existing data into an LDAP server
• LDAP user authentication

8. Kerberos and LDAP

• Introduction to Kerberos
• Configuring the Kerberos key distribution center (KDC) and clients
• Configuring LDAP to support Kerberos

9. Directory Referrals and Replication

• Referrals and replication
• Single master configuration
• Multiple master configuration
• Planning for directory server availability

10. Cross-Platform Centralized Identity Management

• Synchronizing Red Hat Directory Server with Active Directory
• Managing users with Winbind and LDAP
• Mapping attributes between Linux and Windows

11. Red Hat Enterprise IPA

• Understanding IPA
• IPA requirements
• Configuring IPA server
• Configuring IPA clients