Chapter 11 begins with a discussion of DHCP, Dynamic Host Configuration Protocol, the method by which most computers receive an IP address on boot. In an IP network, each device needs a unique IP address. Assignment of these addresses takes some planning. First, there are two major approaches:
You may have to do this in a simulation for a certification test,
so you should know how to open the Windows Network and Sharing
Center, open the Status dialog of the Local Area Connection, open
the Properties of that connection, and the Properties of the IPv4
Dynamic Host Configuration Protocol (DHCP) service allows us to dynamically assign IP addresses to hosts on an IP network. You need to understand that, as far as IP is concerned, "host" means any device on the network. It can also set the subnet mask, the default gateway, and the DNS server. Three methods for assigning addresses:
It is good to know what you may see if a DHCP server fails. Automatic Private IP Addressing (APIPA) could be described as a Windows error condition, if you are using DHCP on your Windows-based network. The first clue may be that a workstation cannot reach the Internet, because APIPA does not set a default gateway. What it does is to set a private IP address instead of one that matches your network scheme. It will be in the range 169.254.0.0 - 169.254.255.254. APIPA is meant to be a fallback method of assigning addresses. It will result in communications failures if some of your workstations have APIPA addresses, and others have DHCP assigned addresses. The two groups will essentially be on two different networks. APIPA addressing can only happen if DHCP fails, and if your workstations are configured to use APIPA as a fallback solution.
If a Windows workstation is configured for DHCP, but has an address in the APIPA range, try opening a command line interface and entering two commands:
The first command tells the computer to let go of the lease it has (or thinks it has). The second command tells the computer to start a DHCP discover, offer, request, acknowledge sequence. These commands will have no effect if your DHCP server is not running, or is not reachable.
You should also know the Linux/UNIX/OS X version of these commands:
sudo ifconfig eth0 down
You may not need to type sudo.
The text spends several pages discussing how to install a DHCP server on a Linux system. On page 585, it explains that a DHCP server should be included in most Linux distros, and that the first installation step differs depending on the family of the distro you are using:
In the video shown below, the presenter performs an installation. From the notes above, we can tell which kind distro he is using.
Of course, this is Linux, so such instructions are addressing a moving target. Expect change.
The same page in the text mentions three DHCP client programs that can be installed on Linux workstations: Some names are easier to remember. The text explains that the dhclient package may be installed by default, and it may require no configuration. If it does, it will look a lot like a Windows configuration on distros with graphic interfaces.
Having learned this about the client software, you may be confused by being told to look in the /etc/dhcp folder on the server for a file called dhcpd.conf. Several settings are discussed on pages 586 and 587 that you need to configure for general operation and and for subnets. (Remember how to calculate subnet ranges?)
The chapter changes topics on page 591, discussing general authentication first, then moving into the concept of Pluggable Authentication Modules. Note: searching for videos on the subject, I found several links to proprietary technologies that their owners also call "PAM", and that have nothing to do with our topic. Always watch out for bait-and-switch links that lead you to things you never wanted. This video from the Urban Penguin is on target, if a little heavy at first.
So, PAM is a concept that manages authentication features. It can only be used with applications that are PAM aware. Follow that link to a TecMint article about PAM that is more readable and understandable than the chapter. So, the idea of using PAM for everything on your network is flawed. It is complicated, hard to use, and less useful than it might be.
The third topic in the chapter is LDAP, Lightweight Directory Access Protocol. LDAP was developed from the X.500 standard developed by the ITU and from Directory Access Protocol, which does more than LDAP. The text shows us a tree structure that starts at a root object, flows through country objects, organizational unit objects, then layers of organization objects, and finally to leaf objects. Leaf objects don't branch, but the others can. The thing about LDAP is that it can be used by workstations, but its bigger brother DAP can only run on servers.
The text tells us that OpenLDAP is a commonly used LDAP server on Linux machines. This link will take you to a tutorial on installing and setting up OpenLDAP. It should only take the rest of the week to do it. You will probably enjoy the video I have provided below more than that lesson.