Hi Sander,
1. Agree.
2. Agree, so this is what Bryan was saying since his first email to
convince us? :)
Bryan you win!! Just kidding.
ps: Adding topics to get a complete authentication exam including
LDAP, NIS, Kerberos will increase the task list. What is the idea, to
have one auth exam including everything or separate in a 301, 302 for
example ?
Felipe
On 7/13/06, Sander van Vugt <[EMAIL PROTECTED]> wrote:
Hi List,
After a call with Matt this afternoon, here are some remarks on the
current topics on the task list for the LPIC-3 Authentication (LDAP)
track.
1. Things that go too deep.
IMHO, on the list we should have items that don't require any
dependencies. For example, someone can be an excellent LDAP
administrator without knowing how to write a perl script. I think that
all items referring to programming languages and so on shouldn't be
there. Also, topics like "How to configure XXX so that it talks to LDAP"
are not ideal, I think these are interesting for the administrator of
XXX, not so much for the administrator of an LDAP Directory. I don't
think it's a good idea to test people on their knowledge of for example
MySQL and its connectivity options towards LDAP if we want to certify
them on LDAP.
2. Things we should add
As discussed with Matt, the exam should better be an authentication exam
instead of an LDAP exam. Authentication goes beyond just LDAP, currently
there are only LDAP items in it. Some more topics related to
authentication (please add on them to complete them):
* Tuning traditional Linux authentication
* Structure of /etc/passwd and /etc/shadow
* Setting secure passwords
* Tuning account settings with login.defs.
* Using PAM to configure authentication
* Structure of configuration files in /etc/pam.d/
* Working with /etc/pam.conf
* Default PAM modules and their use
* Tuning the working of a PAM module
* Adding new PAM modules
* The role of /etc/nsswitch.conf as related to PAM
* Working in a NIS environment (I know, legacy, but people still use
it!)
* Setting up a NIS environment
* Generating NIS maps
* Configuring NIS masters and slaves
* Configuring Kerberos
* Different Kerberos versions
* Configuring Kerberos: the server side
* Configuring Kerberos clients
* Setting up a PKI environment
(some authentication mechanisms do rely on public/private-key
authentication after all)
* Adding new authentication mechanisms
(sorry, no real ideas on how to complete this, but if we want to make
the exam on authentication in general, there should be something in
about for example how to set up smart-card authentication.
I am very aware that this short list is far from complete, just hope to
swing the exam development in the right direction.
Looking forward to your reactions on this,
Sander van Vugt
_______________________________________________
lpi-examdev mailing list
[email protected]
http://list.lpi.org/mailman/listinfo/lpi-examdev
_______________________________________________
lpi-examdev mailing list
[email protected]
http://list.lpi.org/mailman/listinfo/lpi-examdev
