RH423 Red Hat Enterprise Directory Services & Authentication

Overview:

RH423 Red Hat Enterprise Directory Services and Authentication is an intensive course that provides four days of instruction and labs on cross-platform integration of directory services to provide authentication or information service across the enterprise using the Red Hat Directory Server.

Description:

Goal:
RH423 is designed to train people with RHCE competency on skills required to manage and deploy the Red Hat Directory Server on and for Red Hat Enterprise Linux systems. Gaining an understanding of the basic concepts, configuration, and management of LDAP-based services is central to this course. We will also look at PAM, the Pluggable Authentication Modules system, and how it is integrated with services that require authentication and authorization.

RHCE program provides fundamental skills and knowledge required by this course. Students will integrate standard network clients and services with the directory service in order to take advantage of its capabilites.

Audience:
RH423 is aimed at senior Red Hat Enterprise Linux system administrators and other IT professionals who need to provide enterprise-wide authentication or information services or who desire training in the management of LDAP-based directory services and customization of Linux authentication using the Red Hat Directory Server.

Prerequisites:
RH423 requires RHCE-level skills. The RHCE certificate on Red Hat Linux 7.1 or later is recommended but not required. Prerequisite skills can be shown by passing the RHCE Exam in either RH302 or RH300, or by taking RH253 or by possessing comparable skills and knowledge.

Note: Persons should not enroll in RH423 without meeting the above prerequisites. All prospective course participants who do not possess RHCE certification are strongly advised to contact Red Hat Global Learning Services for a skills assessment when they enroll.

What you will learn:
Introduction to Directory Services
What is a directory?
LDAP: models, schema, and attributes
Object classes
LDIF
The LDAP Naming Model
Directory information trees and Distingued Names
X.500 and "Internet" naming suffixes
Planning the directory hierarchy
Red Hat Directory Server: Basic Configuration
Installation and setup of Red Hat Directory Server
Using the Red Hat Console
Using logging to monitor Red Hat Directory Server activity
Backing up and restoring the directory
Basic performance tuning with indexes
Red Hat Directory Server: Authentication and Security
Configuring TLS security
Using access control instructions (ACI's)
ACI's and the Red Hat Console
Searching and Modifying the LDAP Directory
Using command line utilities to search the directory
Search filter syntax
Updating the directory
Using graphical LDAP client utilities
Linux User Authentication with NSS and PAM
Understanding authentication and authorization
Name service switch (NSS)
Advanced pluggable authentication modules (PAM) configuration
Centralized User Authentication with LDAP
Central account management with LDAP
Using migration scripts to migrate existing data into an LDAP server
LDAP user authentication
Kerberos and LDAP
Introduction to Kerberos
Configuring the Kerberos key distribution center (KDC) and clients
Configuring LDAP to support Kerberos
Access control with Simple Authentication and Security Layer (SASL)
Directory Referrals and Replication
Referrals and replication
Single master configuration
Multiple master configuration
Planning for directory server availability
Authenticating Windows Clients
Windows networking overview
Configuring a Samba primary domain controller (PDC) using LDAP
Windows Domain Authentication and Linux Clients
Active Directory servers
Linux as a client
Active Directory and NSS
OpenLDAP
Winbind