Tanti Technology

My photo
Bangalore, karnataka, India
Multi-platform UNIX systems consultant and administrator in mutualized and virtualized environments I have 4.5+ years experience in AIX system Administration field. This site will be helpful for system administrator in their day to day activities.Your comments on posts are welcome.This blog is all about IBM AIX Unix flavour. This blog will be used by System admins who will be using AIX in their work life. It can also be used for those newbies who want to get certifications in AIX Administration. This blog will be updated frequently to help the system admins and other new learners. DISCLAIMER: Please note that blog owner takes no responsibility of any kind for any type of data loss or damage by trying any of the command/method mentioned in this blog. You may use the commands/method/scripts on your own responsibility. If you find something useful, a comment would be appreciated to let other viewers also know that the solution/method work(ed) for you.

Thursday, 31 October 2013

Filesystems in linux


Redhat Enterprise Linux supports the below type of filesystems.

1. Local or Disk based Filesystems such as ext2, ext3, ext4, xfs.
2. Memory based filesystems such as tmpfs, proc, ramfs.
2. Network based Filesystem such as nfs, cifs.
3. Shared Storage based Filesystem such asgfs1, gfs2.

Disk Based Filesystems:

Ext2 Filesystem :

The ext2 or second extended filesystem was used long back and now-a-days we don't create these type of filesystem because of size restrictions and slow performance.
A strange limitation of Ext2 is it supports only upto the date January 18, 2038.
Some limitations of ext2 are
Max File Size = 16GB-2TB
Max Filesystem Size = 2-32 TB

Ext3 Filesystem :

Ext3 filesystem has been the most commonly used filesystem. It is actually an journalled Ext2 filesystem.
Ext3 filesystems can be remounted as Ext2 filesystems without any conversion.
On high-end storage devices, Ext3 has some limitations in that it can only scale to a maximum of 16TB. On a 1TB S-ATA drive, the performance of the Ext3 filesystem repair utility (fsck), which
is used to verify and repair the filesystem after a crash, is extremely long. For many users that require high availability, the Ext3 filesystem typically supports close to 2-4TB of storage.

Ext4 Filesystem :

Ext4 is the fourth generation of the Ext filesystem family and is the default filesystem in Red Hat Enterprise Linux 6. Ext4 has been offered in test previews since Red Hat Enterprise Linux 5.4, giving customers confidence in its maturity. Some features of Ext4 are extent-based metadata, delayed allocation, large storage support, journal check-summing. Filesystem repair time (fsck) in Ext4 is much faster than in Ext2 and Ext3. Currently, Red Hat’s maximum supported size for Ext4 is 16TB in both Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 6

XFS Filesystem:

XFS is a robust and mature 64-bit journaling filesystem that supports very large files and filesystems on a single host. Red Hat’s maximum supported XFS filesystem image is 100TB. XFS is one of the highest performing filesystems on large systems with enterprise workloads.

Some features of XFS are

• delayed allocation
• dynamically allocated inodes
• b-tree indexing for scalability of free space management
• ability to support a large number of concurrent operations
• extensive run-time metadata consistency checking
• sophisticated metadata read-ahead algorithms
• tightly integrated backup and restore utilities
• online defragmentation
• online filesystem growing
• comprehensive diagnostics capabilities
• scalable and fast repair utilities

And also the other OS based filesystems (given below) are also supported in Redhat linux such as

UFS: Used in Solaris and early BSD operating systems. Linux provides read and write support is experimental.

FAT: Windows based filesystem.

NTFS: Windows NT based filesystem. Unlike FAT, it is a b-tree file system, meaning it has a performance and reliability advantage over FAT.

Which filesystem should I use ?
For large server/storage device, you can go for XFS.
Generally Ext3/Ext4 should be fine for most of the filesystems.
If your existing workload has performed well with Ext3, staying with Ext3 on Red Hat Enterprise Linux 5 or migrating to Ext4 on Red Hat Enterprise Linux 6 should provide you and your applications with a very familiar environment. Two key advantages of Ext4 over Ext3 on the same storage include faster filesystem check and repair times and higher streaming read and write performance on high-speed devices.

In general Ext3 or Ext4 is better if an application uses a single read/write thread and small files, while XFS shines when an application uses multiple read/write threads and bigger files.


Configuration Files:
1. /etx/fstab - You need to edit this file to automate the file system mounts:

2. /etc/mtab - An entry will be added/removed to this file every time a filesystem gets mounted/unmounted.


Now let us look at the commands to manage the filesystems.


Q. How to list current mounts:
A.
# mount
# cat /etc/mtab

Q. How to create an Ext4 filesystem on a disk/partition/LV :
A.
# mkfs -t ext4 /dev/sdb
# mkfs -t ext4 /dev/sdb1
# mkfs -t ext4 /dev/vg00/lvol1

Here mention the file system type after the flag 't'.

Above command can be used to create any type of file system
Whereas below commands are restricted to specific types only.

EXT2 : mke2fs or mkfs.ext2
EXT3 : mkfs.ext3
Reiserfs: mkfs.reiserfs
vfat : mkfs.vfat
xfs : mkfs.xfs
MSDos : mkdosfs or mkfs.msdos
minix : mkfs.minix
xiafs : mkfs.xiafs
NTFS : mkntfs

Q. How to run file system check ( you need unmount a filesystem before proceeding with fsck command) :
A. fsck -t ext2 /dev/sdb1

Q. How to check all file systems except the mounted ones:
A.
# fsck -m -A

File system specific fsck commands:
EXT2 : fsck.ext2 or e2fsck
Reiserfs: reiserfsck
JFS : fsck.jfs
xfs : fsck.xfs
xiafs : fsck.xiafs
minix : fsck.minix

Q. How to mount a ext2 file system:
A.
#mount -t ext2 /dev/sdb1 /mnt/usb

Q. How to mount all filesystems:
A.
# mount -a

Q. To mount all ext2 file systems:
A.
# mount -a -t ext2

Q. Unmount a file system:
A.
# umount /mnt/usb

Q. To unmount all the mounted filesystems (except / and currently used ones):
A. 
# umount -a

Q. To list open files on a mounted file system:
A.
# /usr/bin/lsof +D /mnt/usb

Q. To adjust tunable filesystem paramets on ext2/ext3 filesystems:
A.
# tune2fs /dev/sdb1

Q. To list the contents of the filesystem superblock:
A.  You can use any of the below commands.

# tune2fs -l /dev/sdb1
# dumpe2fs -b /dev/sdb1

Q. To extend /data filesystem (without unmounting) :
A.

# ext2online -v /data

Q. How to display the filesystem size, usage, free space, mount points, etc..
A:
# df -h 

Q. How to shrink a filesystem
A.  You can not do an online filesystem shrink. 
You need to unmount a filesystem before reducing its size.
Perform the following steps (1 to 7) to reduce a filesystem size.

1. Unmount the filesystem
# umount /mntpoint

2. Do filesystem check
# e2fsck -f /dev/mapper/vgname-lvname

3. Reduce the filesystem to 25GB
# resize2fs /dev/mapper/vgname-lvname 25G

4. Reduce the logical volume 
# lvresize -L 25G /dev/mapper/vgname-lvname

5. Verify the LV Size
# lvdisplay /dev/vgname/lvname

6. Mount the filesystem
# mntpoint

7. Verify the filesystem size
# df -h /mntpoint

Disk Partitioning in linux


To list the current partitions:
# fdisk -l

To list the partitions on a disk:
# fdisk -l /dev/sdb

To create partition on a disk:
# fdisk /dev/sdb
-> type n
-> type 'e' for extended or
'p' for primary partition
-> Enter the first cylinder number
-> Enter the last cylinder or size in KB,MB or GB
-> Enter 'p' to verify the partition table
-> Finally save the partition table by entering 'w'

Command used to inform the kernel of partition table changes:
# partprobe

Networking in linux


To start network services:
# /etc/rc.d/init.d/network start

To stop network services:
# /etc/rc.d/init.d/network stop

To restart network services:
# /etc/rc.d/init.d/network restart

To view the network configuraiton:
# ifconfig [or]
# ip addr show

To configure an interface :
# ifconfig eth0 192.168.0.1 netmask 255.255.255.0 up
# Modify the file /etc/sysconfig/network-scripts/ifcfg-eth0

To configure alias on eth0 :
# ifconfig eth0:1 192.168.0.2 netmask 255.255.255.0 up

To list routing table :
# route

To add the default gateway to the routing table:
# route add default gw 192.168.0.15
[or]
# ip route add default via 192.168.0.5

To add a route for a specific host:
# route add -host 11.0.0.2 gw 192.168.0.115

To add a route for a specific network:
# route add -net 11.0.0.0 gw 192.168.0.115

Daemon used for dynamin routing/ Uses RIP: routed

Command to start routed daemon:
# rcrouted start

Configure a network card:
# ip link set mtu 9000 dev eth0

To show the network links:
# ip link show

To view ARP cache:
# arp -n

To remove an ARP entry:
# arp -d 192.168.1.1

To modifiy the host name resolution order, Modify the below file:
# cat /etc/host.conf
order hosts,bind

To modify the DNS server info:
# cat /etc/resolv.conf
search openna.com
nameserver 218.104.16.6
nameserver 218.104.16.12

To configure networking in Linux, modify the below file:
# cat /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=yes
HOSTNAME=myserver
GATEWAY=192.168.1.1
GATEWAYDEV=eth0

To enable IP Forwarding:

For RHEL 6.2,
a. Add the below lines to /etc/sysctl.conf file
# Enable packet forwarding
net.ipv4.ip_forward = 1

b. Restart network services
# /etc/rc.d/init.d/network restart

For RHEL version lesser than 6.2,
a. Modify /etc/sysconfig/network
b. Restart network services

System Monitoring in linux


File containing Boot messages:
/var/log/boot.msg

To view the content of current kernel buffer:
# dmesg

Few /proc files containing system info:

/proc/cpuinfo : View processor information
/proc/meminfo : View memory information
/proc/devices : View the devices configured on your linux machine
/pro/ioports : View the I/O ports
/pro/interrupts : View the IRQ assignments
/proc/dma : View the DMA channels
/proc/bus/pci/devices : View the PCI information
/proc/scsi/scsi : View the scsi information

Fiew Commands to view hardware details:

To display the list of hardware(devices) installed in your system:
# hwinfo

To display hard drive info and manage its paramets:
# hdparm

To list the current disk partitions:
# fdisk

To display the CPU and I/O statistics:
# iostat

To display the list of PCI buses and the devices connected to it:
# lspci

To collect the system information in HTML or ASCII format:
# siga

To prepare system information using Perl:
# sitar

To display the current time, system uptime, # of users on the system:
# uptime

To list the network ports and their offered services:
# netstat -patune

To display current kernel version:
# uname -a

To display the cpu, memory, swap usage :
# top

To display the system memory and swap usage:
# free

To display memory, swap, io, system and cpu usage:
# vmstat

To display the kernel type:
# getconf LONG_BIT

SuSE Linux - Quick Reference


SUSE Linux – Quick Reference
Note: All configuration files are kept under /etc/sysconfig directory. Changes made using yast tool will update all config file. But if you do any changes in the files manually, run /etc/SUSEconfig.

YASTYet Another Setup Tool is a system management tool available in SuSE Linux. This is like smitty in AIX , sam in HP-UX.

There are 2 versions available
a) yast - Text based like smitty
b) yast2 - GUI based like smit

Here are some fast paths available for yast

autoyast
backup
bootloader
ca_mgm
cd-creator
cdrom
common_cert
controller
dhcp-server
dirinstall
disk
dns
dns-server
dsl
fax
firewall
groups
heartbeat
host
http-server
hwinfo
idedma
inetd
inst_source
instserver
ipsec
isdn
kerberos-client
keyboard
lan
language
ldap
ldap-server
lvm_config
mail
modem
mouse
nfs
nfs_server
nis
nis_server
ntp-client
online_update
pci_id
power-management
powertweak
profile-manager
proxy
remote
restore
routing
runlevel
samba-client
security
slp
support
sw_single
sysconfig
tftp-server
timezone
update
users
vendor
wol
x11
you_server


For example, to manage users type
# yast users

------------------------------------------------------------------------------------------------

Security Management
Files/etc/passwd Contains user configuration
/etc/shadow Contains user password
/etc/group Contains group configuration
/etc/login.defs Contains default values for login
/etc/default/useradd Contains default values for new users
/etc/issue Contains initial message for users
/etc/motd Contains message of the day
/etc/sudoers Configuration file for sudo
/etc/ssh/sshd_config ssh configuration file
/etc/nologin

Commandsuseradd Creates user
usermod Modifies user’s attributes
userdel Deletes user
groupadd Creates a group
groupmod Modifies group’s attributes
groupdel Deletes a group
passwd Sets password for a user
passwd –l user1 Locks a user
passwd –u user1 Unlocks a user
passwd –S user1 Shows the status of user account
pwck Checks user config files
pwconv Corrects user config errors in /etc/passwd
and /etc/shadow files
id user1 Shows user info like uid, gids
finger user1 Shows additional info about the user
groups user1 Displays group membership of user1
chage –l user1 Displays passwd policy for user1
su - -c “grep user1 /etc/shadow” To execute a command as root user
newgrp dbagroup Changes effective GID
lastlog Shows the contents of /var/log/lastlog
faillog Shows the contents of /var/log/faillog
last Shows last logged in users
who Shows currently logged in users

------------------------------------------------------------------------------------------------

BOOT

GRUB (Default Boot Loader)/boot/grub/menu.lst Boot menu configuration file
/etc/grub.conf GRUB configuration file
grub-install /dev/sda Re-installs the boot loaded

LILO/boot/message Boot menu configuration file
/etc/lilo.conf LILO configuration file

KERNEL
/boot/vmlinuz kernel image
/boot/initrd Initial RAM disk file
/lib/modules/version/kernel/ Location of kernel modules
lsmod Lists currently loaded modules
insmod module Loaded indicated module into kernel
rmmod module Unloads the indicated module from kernel
modprobe module Loads or unloads (with –r ) a particular module
modinfo module Displays information about a module
/etc/modprobe.conf Configuration file for kernel modules
/etc/modules.conf Affects how modules are loaded

LOG FILES
/var/log/boot.msg - Contains boot messages. Use dmesg command to view this file
/var/log/messages - Contains system messages

RUN LEVELS

Available Runlevels are

0 - System halt
S - Single user mode, from the boot prompt only
1 - Single user mode
2 - Local remote user mode without remote network like NFS
3 - Full multiuser mode with network
4 - Not used
5 - Full multiuser mode with network and X Display Manager (like KDM, GDM, XDM)
6 - System reboot

Commands
init 5 To goto runlevel 5
/etc/init.d/rc#.d Dir. Containing start/stop scripts used while changing run levels
/etc/init.d/rc Script runs with runlevel # as parameter while changing the run level
shutdown –h now Shuts down the server immediately


Device Configuration
hwinfo –scsi Lists all scsi devices
hdparam To view info about your hdisk and manage
certain hdisk parameters
fdisk Used to manage partition table
lspci Displays info on all pci buses
siga SUSE tool to gather h/w info

Some naming conventions …

/dev/sda - First SCSI hard disk
/dev/sdb - Second SCSI hard disk
/dev/sda1 - First partition in first SCSI hard disk
/dev/sda2 - Second partition in first SCSI hard disk
/dev/st0 - First SCSI tape drive
/dev/nst0 - First SCSI tape drive in no rewind mode


System and Process Info

top Like topas(aix), prstat(solaris)
uptime Shows system uptime
ps Shows process info
netstat -r Shows routing table
netstat –i Shows ip configuration
netstat –a Shows listening and non-listening sockets
iostat Shows cpu, I/O statistics
sar System Analysis reporter
vmstat Shows cpu, vm statistics
free Shows memory statistics
uname –r Shows kernel release
uname –m Shows hardware architecture
uname –p Shwos processor type
/etc/SuSE-release Contains OS version


Network Configuration
Configuration Files
/etc/sysconfig/network/ifcfg-* Files containing data specific to network device
/etc/hosts Contains IP to hostname mapping
/etc/host.conf Used for name resolution
/etc/nsswitch.conf Used for name resolution order
/etc/networks Contains network name and address
/etc/resolv.conf Contains domain server address and search
/etc/HOSTNAME Contains hostname w/o domain name attached
/etc/sysconfig/network/routes Contains static route information
/etc/sysconfig/network/config Contains general settings for the behavior of ifup, ifdown, if status
/etc/sysconfig/network/dhcp Contains settings for DHCP
/etc/sysconfig/network/wireless Contains settings for wireless
/etc/nscd.conf Config file for Name Service Cache Daemon

Start-up Scripts
/etc/init.d/network Configures network h/w & s/w during boot
/etc/init.d/inetd Starts internet daemon
/etc/init.d/portmap Starts portmapper
/etc/init.d/nfsserver Starts NFS server
/etc/init.d/sendmail Controls sendmail process
/etc/init.d/ypserv Starts NIS server
/etc/init.d/ypbind Starts NIS client

Additional Scripts
/etc/sysconfig/network/scripts/ifup-route Sets up a route
/etc/sysconfig/network/scripts/ifdown-route Disables a route
/etc/sysconfig/network/scripts/ifstatus-route Checks the status of a route
ifup Makes all network interfaces up
ifdown Makes all network interfaces up

------------------------------------------------------------------------------------------------------------

LVM

PV Commands
pvcreate /dev/sda Initialises a physical volume
pvscan Displays configured PVs
pvdisplay Displays PV properties
pvmove /dev/hdb /dev/hdc Moves pe’s to another pv
fdisk Used for creation of partitions on a PV

VG Commands
vgcreate myvg /dev/sda /dev/sdb Creates a volume group
vgdisplay Displays vg properties
vgextend myvg /dev/sda6 Extends a vg
vgreduce myvg /dev/sda5 Reduces a vg
vgchange –a y myvg Activates a vg
vgchange –a n myvg Deactivates a vg
vgexport myvg Exports a vg
vgimport myvg /dev/sda1 Imports a vg

LV Commands
lvcreate –L 10G –n homevol myvg Creates a logical volume
lvextend –L 12G /dev/myvg/homevol Extends a logical volume
lvremove /dev/myvg/homevol Removes a logical volume

------------------------------------------------------------------------------------------------------------

FS Commands

Available Types
ext2, ext3, reiserfs, jfs, xfs, nfs, ufs, ntfs

/etc/fstab Like /etc/filesystems in AIX, /etc/vfstab in Solaris
/etc/mtab Maintains the lsit of currently mounted file systems
df –h Shows filesystem table in human readable format
dumpe2fs Shows details about a ext2 or ext3 file system
tune2fs –f /dev/hda6 Converts ext2 to ext3 filesystem
mount /dev/sdc6 /space Mounts a file system
umount /space Unmount a file system
umount –f /space Forcibly unmounts a filesystem
fuser –xc /space To figureout why a file system is busy
lsof Lists open files


Creation
mkfs –t ext2 –v /dev/sda6 Creates a ext2 type filesystem in the 6th
partition of the 1st scsi hard disk
mke2fs /dev/myvg/homevol Creates a ext2 file system
mkreiserfs /dev/myvg/myvol Creates a reiserfs filesystem on myvol lv

File System Extension
resize2fs /dev/myvg/homevol Increases a ext2 file system
ext2resize /dev/myvg/homevol Increases a ext2 file system
resize_reiserfs –f /dev/myvg/homevol Increases a reiser file system
e2fsadm /dev/myvg/homevol –L+512M Extends a LV as well as FS

File System Checkfsck /dev/hda4 Checks a file system
e2fsck /dev/hda3 Checks a file system of type ext2
reiserfsck /dev/hda2 Checks a file system of type reiserfs
e2fsck -f -b 32768 /dev/hda1 Restores superblock from 32768th backup
location

Quotausrquota, grpquota Options used in /etc/fstab to define quota for filesystems
/etc/init.d/quota start Starts quota system
/etc/init.d/quota stop Stops quota system
/usr/bin/quotaon filesystem Starts quota system on a particular filesystem
/usr/bin/quotaoff filesystem Stops quota system on a particular filesystem
quotacheck Checks partitions having quota keyworks in /etc/fstab
edquota –u user For setting up user quota
edquota –u group For setting up group quota
eduota –p user1 user2 Copies quota of user1 to user2
repquota –aug Generates a quota report

------------------------------------------------------------------------------------------------------------

Software Management

Log Location /var/adm/inst-log/installation-*
Configuration File /usr/lib/rpm/rpmc
Database Files /var/lib/rpm/
Package Naming Convention name-version-release.architecture.rpm

RPM Commandsrpm –i pine-4.44-188.rpm Installs a package
rpm –U pine-4.44-188.rpm Upgrade a package
rpm –F pine-4.44-188.rpm Freshens a package
rpm –e pine-4.44-188.rpm Uninstalls a package
rpm –q pine Query for a package in the database
rpm –qf /sbin/fsck Finds out to which package file belongs to
rpm –ql pine-4.44-188.rpm Displays file list
rpm –qi pine-4.44-188.rpm Lists package information
rpm -qp --basedon Checks if the patch is suitable for the system
pine-4.44-224.i586.patch.rpm
rpm –checksig pine-4.44-188.rpm Checks the signature of the package
rpm –qpPl pine-4.44-224.i586.patch.rpm Displays the files affected by the rpm

------------------------------------------------------------------------------------------------------------

PROC Files

/proc/cpuinfo Contains Processor info
/proc/meminfo Contains memory info
/proc/uptime Contains system uptime
/proc/version Contains kernel version
/proc/filesystems Contains file systems compiled into kernel
/proc/swaps Definition of swap partitions
/proc/devices Lists major numbers and device groups
/proc/fs/nfs/exports Contains info similar to /etc/exports
/proc/ioports Lists of currently registered i/o ports
/proc/mounts Shows currently mounted file systems
/proc/net Contains various network pseudo files
/proc/partitions Lists partitions, their major/minor device nos.
/proc/pci Lists available pci devices
/proc/scsi Directory with scsi files and driver directories
/proc/sys Directory corresponding to kernel variables
/proc/sys/kernel/hostname Contains hostname
/proc/sys/kernel/domainname Contains domain name
/proc/sys/kernel/osrelease Contains os release
/proc/sys/kernel/ostype Contains type of os
/proc/sys/kernel/version Contains version


Note: You can use sysctl command for modifying kernel parameters

------------------------------------------------------------------------------------------------------------

Backup

mt –f /dev/st0 status Displays the status of first SCSI tape drive
tar Just like AIX/Solaris tar
dd Just like AIX/Solaris dd
gzip –l file1 Archives the binary file to a zip file named file1.gz
gzip –d file1.gz Uncompress the file file1.gz
bzip2 file1 Archives the binary file to a zip file named file1.bz2 using bzip2 utility
bzip2 –d file1.bz2 Uncompress the file file1.bz2

------------------------------------------------------------------------------------------------------------

Network Time Protocol

/etc/ntp.conf NTP Configuration File
rcxntpd start Starts xntp daemon
ntpq –p Sync and verifies ntp configuration/connection

------------------------------------------------------------------------------------------------------------

User Limit

ulimit Command used to control the user’s limitations on
system resources like memory, cpu, etc..
ulimit –m 98304 Limits physical memory usage to 96MB for the current user
ulimit –v 98304 Limits virtual memory usage to 96MB for the current user

------------------------------------------------------------------------------------------------------------

Log File Rotation

/etc/logrotate.conf NTP Configuration File

logrotate is controlled through cron and it is called daily by /etc/cron.daily/logrotate.

------------------------------------------------------------------------------------------------------------

Access Control List – ACL

getfacl /home/raja/mydir Lists the current acl for mydir

setfacl -m user:jane:rwx,group:oradba:rwx mydir
Provides rwx permissions for user jane and group oradba

------------------------------------------------------------------------------------------------------------

Secure Shell – SSH

Note: SuSE Linux installs the package OpenSSH by default. The programs ssh, scp,
and sftp are then available as alternatives to telnet, rlogin, rsh, rcp, and ftp.


ssh server1 "uptime; mkdir tmp" Runs commands in server2
ssh raja@server1 Establishes ssh connection to server1 as user “raja”
scp –r src/ server2:/backup/ Securely copies the entire directory of src to servers’s backup directory
sshd Server side daemon listens on port tcp/ip 22
ssh-keygen –t rsa Generates public, private keys
$HOME/.ssh/id_rsa File containing private key
$HOME/.ssh/id_rsa.pub File containing public key

NFS Server Interview Questions And Answers for linux admin




Q: - Explain this entry /shared 192.168.1.0/255.255.255.0(sync,rw)
allows all systems with 192.168.1.* IP addresses read-write access to the /shared/ directory:
Q: - What will happened if a space is given inbetween allowed_hosts and (options)

If a space is included, the options are applied to any and all IP addresses, which can be quite dangerous if write permission is granted. 
Q: - What is the role of "sync" option for NFS server

If sync is specified, the server waits until the request is written to disk before responding to the client. The sync option is recommended because it follows the NFS protocol.
Q: - How to retrieve a list of clients connected to the NFS server ?

To retrieve a list of clients connected to the NFS server, use the showmount command
from a shell prompt. To also show the directories the clients are connected to, use the
showmount -a command.
Q: - Name of Configuration file for NFS Server ?

/etc/exports
Q: - What is meaning of "no_root_squash" option ?

Treat remote root user as local root. Do not map requests from root to the anony-
mous user and group ID.
Q: - What is NFS ?

NFS stands for Network File System. NFS was originally developed by Sun Microsystems in the 1980's. NFS allows remote hosts to mount file systems over a network and interact with those file systems as though they are mounted locally. This enables system administrators to consolidate resources onto centralized servers on the network.
Q: - Which NFS versions are available ?

NFS Version 2
NFS Version 3
NFS Version 4
Q: - What is different between NFS Version 2 & 3 ?

nfs 2 default 8kb transfer rate,it did not check the authentication at the time connection.client wants to access unauthorized file it shows error messages like "write error","read error" nfs 3 32kb transfer rate. It check at the time connection- ACL Support
Q: - Can we grant access by Username and password for nfs share?
No, access is granted only for IP address.

Q: - What is the role of "all_squash" option?
Treat all client users as anonymous users. Map all user and group IDs to the anonymous user and group ID.

Q: - What is the role of "root_squash" option?
All requests from the user root are translated or mapped as if they came from the user anonymous (default).
Q: - Explain option "all_squash"?
The UID and GID of exported files are mapped to the user anonymous. It is good for public directories.
Q: - Explain "exportfs" command?
The exportfs command is used to maintain the current table of exported file systems for NFS.
Q: - Explain command "/usr/sbin/exportfs -f"?
It will flush everything out of the kernels export table. Any clients that are active will get new entries added by mountd when they make their next request.
Q: - Which option is used with exportfs command to display the current export list, also displays the list of export options?
exportfs -v
Q: - Which option is used with exportfs command to re-export all directories?
exportfs -r
Q: - How you will export directory (/data) to host 192.168.1.51, allowing asynchronous writes without adding the entry in /etc/exports file?
 # exportfs -o async 192.168.1.51:/data
Q: - Is rpc.mountd daemon supports TCP_WRAPPERS?
Yes, The rpc.mountd daemon is protected by the tcp_wrappers. You have to give the clients access to rpc.mountd if they should be allowed to use NFS Server.
Q: - Explain "nfsstat" command?
The nfsstat command displays the statistics about NFS client and NFS server activity.
Q: - What do you understand by "nfsstat -o all -234" command?
It will Show all information about all versions of NFS.
Q: - What do you understand by "nfsstat --nfs --server -3" command?
It will show statistics for NFS version 3 server.
Q: - Can NFS share mounted on Window XP and Justify your answer?
No, Window XP operating system doesn’t support nfs protocol.
Q: - 192.168.1.51:/data is exported by NFS Server and i want to add this NFS share to client /etc/fstab file. How you will add this entry in /etc/fstab file?
# device                      mount-point     fs-type     options      dump   fsckorder
192.168.1.51:/data            /mnt           nfs               rw              0         0
Q: - Explain "Soft Mounting" option at NFS Client?

if a file request fails, the NFS client will report an error to the process on the client machine requesting the file access. if it cannot be satisfied (for example, the server is down), then it quits. This is called soft mounting.
Q: - Explain "Hard Mounting" option at NFS Client?
If a file request fails, the NFS client will report an error to the process on the client machine requesting the file access. if it cannot be satisfied, then it will not quit until the request is satisfied. This is called Hard mounting.
Q: - What is "portmap"?
The portmapper keeps a list of what services are running on what ports. This list is used by a connecting machine to see what ports it wants to talk to access certain services.
Q: - How you will check "portmap" service is running or not?
rpcinfo -p
Q: - I am unable to mount a NFS share. How will you trace out the reason?
Firstly, check that you have permissions to mount nfs share or not. Check /etc/exports file.
Secondly you can get RPC error: Program Not Registered (or another "RPC" error)
For this check your NFS server and portmap service running or not by "rpcinfo -p"
Q: - Can I modify export permissions without needing to remount clients in order to have them take effect?
Yes. The safest thing to do is edit /etc/exports and run "exportfs -r".

FTP Server Interview Questions And Answers for linux admin

Q: - How to deny specific users access to the FTP server ?

To deny specific users access to the FTP server, add their usernames to the /etc/vsftpd/
ftpusers file. By default, system users such as root and nobody are included in this list.



Q: - Can we create logs for ftp authenticated sessions ?

Yes, If the xferlog_enable directive in vsftpd.conf is set to YES, file transfers using the FTP protocol are logged to /var/log/xferlog. Information such as a time stamp, IP address of the client, the file being transferred, and the username of the person who authenticated the connection is included in the log entry.



Q: - What is meaning of max_clients parameter ?

Maximum number of clients that can connect at one time.
If set to 0, the number of clients is unlimited.



Q: - On which port VSFTP server works ?

FTP uses two ports, 20 and 21. By default, the FTP server listens for requests on port 21.
After a connection is established, the client sends commands to the server on port 21.
However, port 20 is used when the server sends data back to the client.



Q: - How to restart VSFTP server ?

service vsftpd restart



Q: - How to allow Anonymous FTP ?

Anonymous FTP is enabled by default by setting the anonymous_enable directive in
/etc/vsftpd/vsftpd.conf to YES.



Q: - What is FTP ?

FTP stands for File Transfer Protocol. An FTP server allows clients to connect to it either
anonymously or with a username and password combination. After successful authentication, files can be transferred back and forth between the server and client. The files are neither encrypted nor compressed.




Q: - For Redhat Linux or Fedora which package is required for FTP service ?

Red Hat Enterprise Linux 5 or FEDORA includes the vsftpd FTP service.
vsftpd-2.0.5-12.el5 (For Redhat)

Q: - Important Configuration file for vsftp server ?

The FTP server uses the /etc/vsftpd/vsftpd.conf configuration file. Using this file, you
can set options for displaying a custom banner message after users log in, setting the
default file permissions for uploaded files, and setting the port on which to listen for
incoming connections.

Q: - What is FTP ?

FTP client connects to the FTP server by establishing an FTP control connection to port 21 of the server. Your commands such as 'ls' and 'get' are sent over this connection. Whenever the client requests data over the control connection, the server initiates data transfer connections back to the client. The source port of these data transfer connections is always port 20 on the server, and the destination port is a high port (greater than 1024) on the client.

Q: - What is Passive mode?
Passive mode, like active mode, is initiated by the FTP client application. When requesting data from the server, the FTP client indicates it wants to access the data in passive mode and the server provides the IP address and a random, unprivileged port (greater than 1024) on the server. The client then connects to that port on the server to download the requested information.

Q: - Explain directive "session_support”?

When enabled, vsftpd attempts to maintain login sessions for each user through Pluggable Authentication Modules (PAM).
Q: - Is there any way to monitor clients connected to vsftpd?

Yes. We actually have two slightly different methods to monitor vsftpd clients. First, make sure you have enabled the config option, "setproctitle_enable=YES" like in our example above and restart your vsftpd server. Then run the command "watch ps -Cvsftpd -o user, pid, stime, cmd" to watch the processes including ip, username and actions like idle or data retrieval.
Q: - I want to copy multiple files with out prompting for any info, how can I do that one?
ftp -i ftpserver

Q: - Local users cannot log in. How to resolve this issue?

Check "local_enable=YES" in your /etc/vsftpd/vsftpd. conf to allow local users to log in.

Q: - How to change vsftpd default port?

Set "listen_port" option in "vsftpd.conf"

Q: - How to restrict some IP's not use my FTP server?
Use TCP_WRAPPERS

Q: - Does vsftpd support IPv6?

Yes

DNS Server Interview Questions And Answers for linux admin


Q: - which are the important configuration files for DNS server ?
BIND uses /etc/named.conf as its main configuration file, the /etc/rndc.conf file as the
configuration file for name server control utility rndc, and the /var/named/ directory for zone files and the like.

Q: - What is BIND ?

BIND stands for Berkeley Internet Name Domain which is the most commonly used Domain Name System (DNS) server on the Internet.

Q: - On which version of bind u have worked ?

BIND 9

Q: - What is the role of DNS ?

A DNS server, or name server, is used to resolve an IP address to a hostname or vice versa.

Q: - On which port DNS server works ?

DNS servers use port 53 by default. Incoming and outgoing packets should be allowed on
port 53. Also allow connections on port 921 if you configure a lightweight resolver server.
The DNS control utility, rndc, connects to the DNS server with TCP port 953 by default. If
you are running rndc on the name server, connections on this TCP port from localhost
should be allowed. If you are running rndc on additional systems, allow connections to
port 953 (or whatever port you have chosen to configure) from these additional systems.
Q: - What is round robin DNS?

Round robin DNS is usually used for balancing the load of geographically distributed Web servers. For example, a company has one domain name and three identical home pages residing on three servers with three different IP addresses. When one user accesses the home page it will be sent to the first IP address. The second user who accesses the home page will be sent to the next IP address, and the third user will be sent to the third IP address. In each case, once the IP address is given out, it goes to the end of the list. The fourth user, therefore, will be sent to the first IP address, and so forth. 
Q: - What is Name Server?

A name server keeps information for the translation of domain names to IP addresses   and IP addresses to domain names. The name server is a program that performs the translation at the request of a resolver or another name server.
Q: - What is Primary name server or primary master server?

Primary name server/primary master is the main data source for the zone. It is the authoritative server for the zone. This server acquires data about its zone from databases saved on a local disk. The primary server must be published as an authoritative name server for the domain in the SOA resource record, while the primary master server does not need to be published.
Q: - What is Secondary name server/slave name server?

Secondary name server/slave name server acquires data about the zone by copying the data from the primary name server (respectively from the master server) at regular time intervals. It makes no sense to edit these databases on the secondary name servers, although they are saved on the local server disk because they will be rewritten during further copying.
Q: - what is Root name server?

Root name server is an authoritative name server for the root domain (for the dot). Each root name server is a primary server, which differentiates it from other name servers.
Q: - what is Stealth name server?

Stealth name server is a secret server. This type of name server is not published anywhere. It is only known to the servers that have its IP address statically listed in their configuration. It is an authoritative server. It acquires the data for the zone with the help of a zone transfer. It can be the main server for the zone. Stealth servers can be used as a local backup if the local servers are unavailable.

Q: - What do you mean by "Resource Records"?

Information on domain names and their IP addresses, as well as all the other information distributed via DNS is stored in the memory of name servers as Resource Records (RR). 

Q: - Explain "TTL"? 

Time to live. A 32-bit number indicating the time the particular RR can be kept valid in a server cache. When this time expires, the record has to be considered invalid. The value 0 keeps nonauthoritative servers from saving the RR to their cache memory.
Q: - Tell me 5 Types of DNS records?

A, NS, CNAME, SOA, PTR, MX.
Q:- explain "SOA Record"?

The Start of Authority (SOA) record determines the name server that is an authoritative source of information for the particular domain. There is always only one SOA record in the file, and it is placed at the beginning of the file of authoritative resource records. 
Q: - what is "A Record"

A (Address) records assign IP addresses to domain names of computers. The IP address cannot have a dot at the end.
Q: - Explain "CNAME Record"?

Synonyms to domain names can be created using CNAME records. This is often referred to as 'creating aliases for computer names'.
Q: - What are "HINFO and TXT Records"?

HINFO and TXT records are for information only. An HINFO record has two items in its data part. The first item is information about hardware, and the second one is information about software. A TXT record contains a general data string in its data part.
Example :
test.com IN SOA ...
...
mail IN A 192.1.1.2
IN HINFO My_Server UNIX
IN TXT my server
Q: - what are "MX Records"?

MX records specify the mailing server of the domain. An MX record shows to which computer a mail of a particular domain should be sent. The MX record also includes a priority number, which can be used to determine several computers where the mail for the domain can be sent. The first attempt is to deliver the mail to the computer with the highest priority (lowest value). If this attempt fails, the mail goes to the next computer (with a higher priority value), and so on.

test.com IN SOA ...
...
mail               IN        A         192.1.1.2
                       IN       HINFO    AlphaServer UNIX
                       IN        TXT       my  server
                       IN         MX   30    mail2.nextstep4it.com
                       IN         MX   20    mail3.nextstep4it.com
                       IN         MX   10    mail2.nextstep4it.com

Q: - Explain "PTR Records"?

A Pointer Record (PTR) is used to translate an IP address into a domain name.
Q: - What is Dynamic DNS?

Dynamic DNS a method of keeping a domain name linked to a changing IP address as not all computers use static IP addresses. Typically, when a user connects to the Internet, the user's ISP assigns an unused IP address from a pool of IP addresses, and this address is used only for the duration of that specific connection. This method of dynamically assigning addresses extends the usable pool of available IP addresses. A dynamic DNS service provider uses a special program that runs on the user's computer, contacting the DNS service each time the IP address provided by the ISP changes and subsequently updating the DNS database to reflect the change in IP address.
Q: - What is the role of "named-checkconf Utility"?

The named-checkconf utility checks the syntax of the named.conf configuration file.
Syntax: named-checkconf    [-t directory] [filename] 

Q: - what is the role of "named-checkzone Utility"?

The named-checkzone utility checks the syntax and consistency of the zone file.
Syntax:     named-checkzone [-dgv]   [-c class] zone   [filename]

SAMBA Server Interview Questions And Answers for linux admin


Q: - Which SELinux security context used for SAMBA ?
samba_share_t
Q: - On which ports SAMBA server works ?

- UDP port 137 for netbios-ns, the NETBIOS Name Service
- UDP port 138 for netbios-dgm, the NETBIOS Datagram Service
- TCP port 139 for netbios-ssn, the NETBIOS session service
- TCP port 445 for microsoft-ds, the Microsoft Domain Service
Q: - What are the Secrity or Authentication Mode for SAMBA server?

ADS
DOMAIN
SERVER
USER
SHARE
Q: - How to Manually Create Machine Trust Accounts ?
/usr/sbin/useradd -g machines -d /var/lib/nobody -c "machine nickname" -s /bin/false machine_name$
passwd -l machine_name$
Q: - What are the SAMBA server Types ?

- Primary Domain Controller (PDC)
- Backup Domain Controller (BDC)
- ADS Domain Controller
Q: - Which protocol SAMBA server uses ?

SMB, which stands for Server Message Block, is a protocol for sharing files, printers, serial ports, and communications abstractions such as named pipes and mail slots between computers.
Q: - How Does a Workstation find its Domain Controller?

There are two different mechanisms to locate a domain controller: one
method is used when NetBIOS over TCP/IP is enabled and the other when
it has been disabled in the TCP/IP network configuration. Where NetBIOS over TCP/IP is disabled, all name resolution involves the use of DNS, broadcast messaging over UDP, as well as Active Directory communication technologies.
Q: - Can Samba Be a Backup Domain Controller to an NT4 PDC?

No. The native NT4 SAM replication protocols have not yet been fully implemented.
Q: - How Do I Replicate the smbpasswd File?

Replication of the smbpasswd file is sensitive. It has to be done whenever
changes to the SAM are made. Every user's password change is done in
the smbpasswd file and has to be replicated to the BDC. So replicating the
smbpasswd file very often is necessary.As the smbpasswd file contains plaintext password equivalents, it must not be sent unencrypted over the wire. The best way to set up smbpasswd replication from the PDC to the BDC is to use the utility rsync. rsync can use ssh as a transport. ssh itself can be set up to accept only rsync transfer without requiring the user to type a password.As said a few times before, use of this method is broken and awed. Machine trust accounts will go out of sync, resulting in a broken domain. This method is not recommended. Try using LDAP instead.
Q: - Can Samba fully replace my Windows NT server that is not a Primary Domain Controller (PDC)?
Samba can completely serve files and printers to Windows, just as a Windows NT server would.
Q2 Can Samba replaces my Windows NT PDC?
 Not completely. Samba domain control capabilities for a Windows 9x client are
 solid and complete, and so these clients would probably never know the difference. The domain control support for Windows NT/2000 clients is still being developed. Currently, enough has been implemented to allow a Windows NT client to join a Samba-controlled domain, but there is more to domain control than that. The most conspicuous absence is the lack of support for Windows NT trust relationships and the SAM replication protocol used between NT PDCs and Backup Domain Controllers (BDCs).
Q3 What TCP and UDP ports required for NetBIOS over TCP/IP use?
The NBT name service uses port 137/udp, the NBT session service uses port
139/tcp, and the NBT datagram service uses port 138/udp.
Q: -  How SMB protocol works?
There will be three stages in creating an SMB connection between a client and a specific share on a server.
The first stage in connecting to an SMB share is to negotiate the SMB protocol dialect to use. In the request packet, the client sends a text listing of all the SMB dialects that it understands. The server selects the most advanced protocol that it knows and responds to the client, specifying the protocol number from the list. At this point, the client and server have agreed that SMB commands can be used for the remainder of the conversation.
The second stage is to create a session connection between the client and server. To do this, the client issues a session setup request, which includes a sername and some proof of validity, such as a password. The server attempts to validate requesting user. If successful, the server then returns a session UID to client. This UID is unique for each session and has no relation to the server internal representation of users.
The third stage before access to files on a remote share is allowed is for the client to make a successful tree connection to the shared resource. The client sends to the server a tree connect request, which includes the UID previously issued by the server. At this stage the server verifies that the authenticated user is authorized to access the requested resource. If the user has sufficient privileges to access the share, the client is issued a tree connection ID (TID). The TID is used in all requests to access files contained in the resource to which the TID refers.

In this way SMB protocol works.
Q: - How man sections samba configuration file (smb.conf) contains?
smb.conf file contains three sections.
1. [global] Contains settings that determine Samba overall behavior.
2. [homes] A default share for providing a home directory for all users.
3. [printers] A default share for exporting all printers on the host via CIFS.
Q: - If a netbios name is not defined in smb.conf, than what will be netbios name?
If a netbios name is not defined, Samba will use the IP hostname of the server by default.
Q: -  I want to use User level security for my samba server than what i have to add in smb.conf file?
security = user
Q: -  How you will verify that your smb.conf file doesn’t have any mistakes and misspellings?
"testparm " tool that verifies the syntax of a configuration file(smb.conf).
testparm -s smb.conf
Q: -  What is the use of "smbclient" command?
"smbclient" is used to display the list of shares on your server. This verifies that smbd is running and functioning correctly. The -L option instructs smbclient to enumerate the shares on the server rather than actually connecting to one. The   -N switch instructs smbclient to use an anonymous login rather than the login name of the current user.
 
smbclient -L localhost -N
Antother use of "smbclient" command to connect the samba share.
smbclient /// -U
Q: -  Explain "smbstatus" command?
The smbstatus utility displays information about connected users and currently locked files.
Q: - Is it possible for Samba to share file systems that have been mounted using NFS?
Yes. However, this can be problematic if the NFS server that provides the file system fails, causing the Samba server to hang. It is always safer to use Samba to share a local file system.
Q: - How many simultaneous connections can a Samba server support?
In theory, there is no limit. In practice, the limit is determined by the server’s hardware, specifically the total amount of available RAM and the CPU power. It might also depend on the amount of activity from the smbd processes.
Q: - Can Samba be a member of more than one workgroup at the same time?
No, Samba can be a member of only one workgroup.
Q: - What is SWAT?
SWAT is GUI Based administration tool for samba server.
Q: - I am trying to use SWAT, but I keep getting the message There was no response. The server could be down or not responding. What is the problem?
The most likely cause is that SWAT is not listening to connections, or you have used the wrong URL in trying to connect to SWAT. SWAT usually lives behind port 901, so the URL you should use is http://ID_ADDRESS_OF_SERVER:901/
: - Can i set empty password for samba user?
yes, If you want to set the value to an empty password, you must change
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
to
NOPASSWORDXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

in your smbpasswd file.
Note: - if you have edited the smbpasswd file by hand, make sure that the LAN Manager and NT password fields contain exactly 32 characters, no more and no fewer. If these fields do not have exactly 32 characters, Samba will not be able to correctly read the entry.
or You can modify by "smbpasswd" command.
smbpasswd -n USER_NAME
Also you have to set the null passwords parameter to yes in the [global] section of smb.conf:
null passwords = yes
Q: - Does Samba support PAM?
Yes
Q: - What is role of "NTLM"?
The challenge/response authentication protocol available to Windows clients and servers for validating connection requests.
Q: - Explain "force group" parameter used in smb.conf?
It will define the group id to be used for all file access in the place of the user’s primary group.
Q: - Explain "force user" parameter used in smb.conf?
It will define the user id to be used for all file access.
Q: - Explain "write list" parameter used in smb.conf?
A list of users and/or groups that should be given write access even if the read only parameter has been enabled.
Q: - My clients are getting the error message that the Disk is Full when trying to print to my Samba server, but there is plenty of space. What is the problem?
If smbd is unable to write the spooled file to the directory defined by the path parameter for a printer if the write permission were denied, for example it would respond to the client with the message, Disk is Full. Samba will also return this error message if the amount of free disk space in the spool directory has fallen below the value specified by the min print space parameter.
Q: - When I click on my Samba server in the network neighborhood, I am continually prompted for a password to the IPC$ share no matter what I enter.
The Windows client is attempting to use encrypted passwords. However, the Samba server is configured to support only clear-text passwords. You should either enable encrypted passwords on the server or enable clear-text passwords on the Windows client.
Q: - Why is security = domain better than security = server?
There are three reasons why security = domain is better. The first is because this method enables the Samba server to participate in domain trust relationships. This is impossible with server-level security. The second reason is that, under server-level security, each smbd process must keep an open connection with the authentication server. This can drain a Windows NT PDC quickly. Under domain-level security, this connection is maintained only long enough to perform the validation, thus conserving valuable resources. The final reason is that, as a domain member, the Samba server has access to much more information about user accounts, which can be used to automate the creation and deletion of user accounts upon demand.
Q: - what is nmbd daemon?
This daemon handles all name registration and resolution requests. It is the primary vehicle involved in network browsing. It handles all UDP-based protocols. The nmbd daemon should be the first command started as part of the Samba startup process.
Q: - What is smdb daemon?
This daemon handles all TCP/IP-based connection services for file- and print-based operations. It also manages local authentication. It should be started immediately following the startup of nmbd.
Q: - What is winbindd daemon?
This daemon should be started when Samba is a member of a Windows NT4 or ADS domain. It is also needed when Samba has trust relationships with another domain. The winbindd daemon will check the smb.conf file for the presence of the idmap uid and idmap gid  parameters. If they are found, winbindd will use the values specified for UID and GID allocation. If these parameters are not specified, winbindd  will start but it will not be able to allocate UIDs or GIDs.
Q: - Explain the parameter "wins support = Yes" used in smb.conf?
If the Samba server was configured to provide WINS support ("wins support = Yes"), then the WINS server is able to provide name resolution for all of the hosts that are not listed in the /etc/hosts file or within the DNS. Making this adjustment in the Name Service Switch configuration file (/etc/nsswitch.conf) allows the Linux system to query the WINS server for local name resolution. This saves manual adjustments to host files.
Q: - How to automate SMB share mounting during system startup?
Add smb share entry in /etc/fstab file.
//IP_ADDRESS_OF_SERVER/Shared   /shared    smbfs    noauto,defaults  0  0
Q: - how to start and stop samba server?
/etc/init.d/smb  restart

LDAP Server Interview Questions And Answers for linux admin


Q: - Is there Graphical editors for LDAP ?
Yes, Following are some GUI based tools for LDAP
- GQ
- Java LDAP Browser/Editor
- Softerra LDAP Browser



Q: - What can i do if my application doesn't speak to LDAP ?

Gateway that translate one directory access protocol into another.



Q: - How can i join information contained in different directories ?

Distributed, Multivendor directories glued together by referrals and references.



Q: - What is "LDIF" ?

The LDAP Interchange Format (LDIF) is a standard text file format for storing LDAP configuration information and directory contents. LDIF files are often used to import new data into your directory or make changes to existing data.



Q: - Name the object class types ?

- Structural Object class
- Auxiliary Object class
- Abstract object classes



Q: - What is the name of main configuration file name for LDAP server ?

slapd.conf





Q: - What is LDAP ?

LDAP stands for Lightweight Directory Access Protocol. In plain and simple terms, its a database whereby it has all the details of all of organizations, individuals, and other resources such as files and devices in a network, whether on the Internet or on corporate intranetand whether or not you know the domain name, IP address, or geographic whereabouts. An LDAP directory can be distributed among many servers on a network, then replicated and synchronized regularly. An LDAP server is also known as a Directory System Agent (DSA). Its a not a relational database. Outlook and other email programs uses LDAP to search for a recipient in an organization. 



Q: - Whats the relation ship between LDAP and JNDI?

JNDI has classes provided by SUN that will help ur appln interact with and LDAP server. JNDI appln work similarly to JDBC applns once and be free to use 'drivers' from different vendors. SUN provides the "driver" that will help interact with the LDAP server. Sun also provides "drivers" for other naming services (like CORBA). 



Q: - Why LDAP is called light weight?

LDAP (Lightweight Directory Access Protocol) is a protocol for communications between LDAP servers and LDAP clients.
LDAP servers store "directories" which are access by LDAP clients.
LDAP is called lightweight because it is a smaller and easier protocol which was derived from the X.500 DAP
(Directory Access Protocol) defined in the OSI network protocol stack.



Q: - what is SLAPD?

SLAPD stands for Stand-Alone LDAP.Clients connect to the server over the LDAP protocol, usually using a network-based connection (though SLAPD provides a UNIX socket listener).



Q: - Which daemons are required for LDAP server?

slapd and slurpd



Q: - Tell me the name of three LDAP Client utilities or Applications

ldapsearch
ldapadd
ldapmodify



Q: - Define Schemas?

Schemas provide definitions of the different object classes and attribute types that OpenLDAP should support. Using these, OpenLDAP can determine what entries it is allowed to store, whether any given entry is valid, and how entries should optimally be stored.



Q: - Explain modulepath directive?

The modulepath directive provides the full path to the directory where the  modules (the compiled libraries) are stored.





Q: - Explain moduleload directive?

The moduleload directive instructs OpenLDAP to load a particular module.



Q: - What is HDB?

HDB is the new generation storage mechanism for OpenLDAP. Like its predecessor, the BDB backend, HDB uses the Oracle BerkeleyDB database for storage, but HDB stores entries hierarchically, a perfect fit for LDAP's tree structure. The old BDB backend is still supported, and you can use it by specifying bdb instead of hdb in the database directive.



Q: - Which utility is used to Encrypt the password?

ldappasswd




Q: - How you will verify LDAP configuration file?

Use "slaptest" utility.
slaptest -v -f /etc/ldap/slapd.conf

Q: - Which configuration file is required for LDAP clients?

ldap.conf
Q: - Explain "SIZELIMIT" directive?

This directive indicates the upper limits on the number of records returned.
Q: - Explain "TIMELIMIT" directive?

This directive will give the information about the amount of time the client will wait for the server to respond.

Q: - Tell me the name of logical operators which are used  in ldap filters.

AND (&), OR (|), and NOT (!)
Q: - What Does slapadd Do?

The slapadd utility reads the slapd.conf file, loads the appropriate backend databases, and then reads LDIF data.
Q: - Which web based tool you have used for LDAP?

phpLDAPadmin