Question No. 1

What is true about the container CN=Users in an Active Directory LDAP tree? (Choose two.)

AGPOs cannot be assigned to this container.

BUsers outside of this container cannot log into any member computer of the domain.

CThe container can only contain user object but no user groups.

DNew users are created here and must be moved to another container before they can log in.

ENew users are by default created in this container.

Show Answer

Correct Answer: A, E

CN=Users Container:

GPOs: Group Policy Objects (GPOs) cannot be linked to this container because it is not an Organizational Unit (OU). GPOs can only be applied to OUs.

Default Location: New users are created in the CN=Users container by default when using standard Active Directory tools unless specified otherwise.

Other Options:

Users outside this container can log in.

The container can contain both user objects and user groups.

Users created here do not need to be moved to log in.

Active Directory Containers and OUs

Question No. 2

Which parameters are available for samba-tool group add? (Choose two.)

A--default-gpo

B--groupou

C--login-script

D--sid

E--group-type

Show Answer

Correct Answer: D, E

The samba-tool group add command is used to add a new group to the Samba Active Directory. This command has several parameters to customize the group creation process. Two of the available parameters are --sid and --group-type.

--sid:

The --sid parameter allows you to specify a Security Identifier (SID) for the new group.

Example usage:

samba-tool group add mygroup --sid=S-1-5-21-1234567890-123456789-1234567890-1234

This command will create a new group named mygroup with the specified SID.

--group-type:

The --group-type parameter allows you to specify the type of the group being created. This can be a security group or a distribution group.

Example usage:

samba-tool group add mygroup --group-type=security

This command will create a new security group named mygroup.

Samba Official Documentation: samba-tool

Samba Active Directory Management: Managing Groups

Question No. 3

Which option in smb.conf defines the domain of which the server is a member?

Aad

Bmember domain

Cbasedn

Ddomain

Erealm

Show Answer

Correct Answer: E

In smb.conf, the realm option specifies the Kerberos realm for the Active Directory of which the server is a member. This option is crucial for integrating the Samba server into an AD environment.

Samba smb.conf man page - realm

Question No. 4

Which of the following sections is always present in sssd.conf?

A[krb5]

B[ad]

C[autn]

D[sssd]

E[local]

Show Answer

Correct Answer: D

The sssd.conf file is the configuration file for the System Security Services Daemon (SSSD). SSSD provides access to different identity and authentication providers. The configuration file typically contains multiple sections, but the [sssd] section is always present. This section provides global options that apply to all other sections of the file.

Example:

[sssd] config_file_version = 2 services = nss, pam domains = LDAP

SSSD Configuration

SSSD Man Pages

Question No. 5

Which parameter in a user object defines on which share the user's roaming profile is stored?

AautoMount

BlogonDrive

CprofilePath

DhomePath

EdriveMap

Show Answer

Correct Answer: C

The profilePath parameter in a user object specifies the path to the user's roaming profile. A roaming profile is a feature in Windows that allows user profile data to be stored on a network share so that users can access their profiles from any workstation within the network. By setting the profilePath, administrators can define where on the network the profile data is stored.

Roaming User Profiles

User Account Properties

Free LPI 300-300 Exam Actual Questions

The questions for 300-300 were last updated On Jan 19, 2025